================ @@ -2,10 +2,13 @@ Taint Analysis Configuration ============================ -The Clang Static Analyzer uses taint analysis to detect security-related issues in code. -The backbone of taint analysis in the Clang SA is the `GenericTaintChecker`, which the user can access via the :ref:`alpha-security-taint-TaintPropagation` checker alias and this checker has a default taint-related configuration. -The built-in default settings are defined in code, and they are always in effect once the checker is enabled, either directly or via the alias. -The checker also provides a configuration interface for extending the default settings by providing a configuration file in `YAML <http://llvm.org/docs/YamlIO.html#introduction-to-yaml>`_ format. +The Clang Static Analyzer uses taint analysis to detect injection vulnerability related issues in code. +The backbone of taint analysis in the Clang SA is the ``TaintPropagation`` modeling checker. ---------------- steakhal wrote:
Personally, I'd prefer accepting modeling checkers as a thing and have configs for them. I'd rather not make this as an option to the analyzer itself. https://github.com/llvm/llvm-project/pull/98157 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
