NoQ accepted this revision.
NoQ added a comment.
This revision is now accepted and ready to land.
Cool! I don't have a strong preference with respect to whitelist vs. blacklist;
your approach is safer but listing functions that don't immediately invalidate
the buffer would allow us to avoid hard-to-detect false negatives while
pretending that our users would notice and report easy-to-fix false positives
for us. Also we rarely commit to adding a test for every single supported API
function; bonus points for that, but usually 2-3 functions from a series of
similar functions is enough :)
================
Comment at:
lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp:112-124
+ if (const auto *MemOpCall = dyn_cast<CXXMemberOperatorCall>(&Call)) {
+ OverloadedOperatorKind Opc = MemOpCall->getOriginExpr()->getOperator();
+ if (Opc == OO_Equal || Opc == OO_PlusEqual)
+ return true;
+ return false;
+ }
+ return (isa<CXXDestructorCall>(Call) || Call.isCalled(AppendFn) ||
----------------
That quote from the Standard would look great here.
Repository:
rC Clang
https://reviews.llvm.org/D49360
_______________________________________________
cfe-commits mailing list
[email protected]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
