[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

Tue, 31 Dec 2019 07:06:05 -0800 

NoQ added inline comments.


================
Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:385
+unsigned getNumArgs(const CallEvent &Call) {
+  return Call.getNumArgs() + static_cast<unsigned>(isa<CXXInstanceCall>(Call));
 }
----------------
steakhal wrote:
> I'm not sure why should we adjust (//workaround//) the number of arguments of 
> `CXXInstanceCall`s calls, can someone explain it to me?
> 
> The same question raised for `getArg` too. 
Remove this :)

I think this is about this inconsistency with operator calls where one of 
{decl, expr} treats `this` as an argument, but the other doesn't. `CallEvent` 
automatically accounts for that (see `getAdjustedParameterIndex()` and 
`getASTArgumentIndex()` as they're overridden in various sub-classes of 
`CallEvent`).


================
Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:459
           // TODO: Add support for vfscanf & family.
-          .Case("fdopen", TaintPropagationRule({}, {ReturnValueIndex}))
-          .Case("fopen", TaintPropagationRule({}, {ReturnValueIndex}))
-          .Case("freopen", TaintPropagationRule({}, {ReturnValueIndex}))
-          .Case("getch", TaintPropagationRule({}, {ReturnValueIndex}))
-          .Case("getchar", TaintPropagationRule({}, {ReturnValueIndex}))
-          .Case("getchar_unlocked",
-                TaintPropagationRule({}, {ReturnValueIndex}))
-          .Case("getenv", TaintPropagationRule({}, {ReturnValueIndex}))
-          .Case("gets", TaintPropagationRule({}, {0, ReturnValueIndex}))
-          .Case("scanf", TaintPropagationRule({}, {}, VariadicType::Dst, 1))
-          .Case("socket",
-                TaintPropagationRule({}, {ReturnValueIndex}, 
VariadicType::None,
-                                     InvalidArgIndex,
-                                     &TaintPropagationRule::postSocket))
-          .Case("wgetch", TaintPropagationRule({}, {ReturnValueIndex}))
+          .Case("fdopen", {{}, {ReturnValueIndex}})
+          .Case("fopen", {{}, {ReturnValueIndex}})
----------------
Pls eventually transform this into `CallDescriptionMap` ^.^


================
Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:590
+                                             CheckerContext &C) {
+  const auto *OCE = dyn_cast<CXXOperatorCallExpr>(Call.getOriginExpr());
   if (OCE) {
----------------
steakhal wrote:
> I'm not sure if this is the right way.
You might want to cast `Call` to `CXXMemberOperatorCall` but i'm not sure it 
saves you anything.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D72035/new/

https://reviews.llvm.org/D72035



_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Reply via email to