[PATCH] D35068: [analyzer] Detect usages of unsafe I/O functions

Daniel Kolozsvari via Phabricator via cfe-commits Mon, 05 Mar 2018 05:25:47 -0800

koldaniel added inline comments.


================
Comment at: lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp:618
+  StringRef Name = FD->getIdentifier()->getName();
+  int ArgIndex = llvm::StringSwitch<int>(Name)
+                     .Case("sprintf", 1)
----------------
george.karpenkov wrote:
> That's a lot of duplication of 1/0/-1.
> 
> 
> And also 1/0/-1 are cryptic symbols, why not use an enum with a descriptive 
> name?
> Maybe use
> `.Cases("sprintf", "vsprintf", "vfscanf", WARN_UNSAFE)` ?
The duplications will be solved by using .Cases, but is using enum necessary? 1 
and 0 refers to the index of the argument which could be a format string. -1 
means there is no need to look for a string like this.


https://reviews.llvm.org/D35068



_______________________________________________
cfe-commits mailing list
[email protected]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D35068: [analyzer] Detect usages of unsafe I/O functions

Reply via email to