diff options
author | Kristof Umann <dkszelethus@gmail.com> | 2019-02-11 13:46:43 +0000 |
---|---|---|
committer | Kristof Umann <dkszelethus@gmail.com> | 2019-02-11 13:46:43 +0000 |
commit | fc203a6b9b810343e64a8244a4a4bbb80092f529 (patch) | |
tree | 0a7cf95208387be944c76d659fa86bfa2d37b5a2 /docs/analyzer/checkers.rst | |
parent | f45bcabe027821fb7b12b63bb42134f6c2e7bfb2 (diff) |
[analyzer] New checker for detecting usages of unsafe I/O functions
There are certain unsafe or deprecated (since C11) buffer handling
functions which should be avoided in safety critical code. They
could cause buffer overflows. A new checker,
'security.insecureAPI.DeprecatedOrUnsafeBufferHandling' warns for
every occurrence of such functions (unsafe or deprecated printf,
scanf family, and other buffer handling functions, which now have
a secure variant).
Patch by Dániel Kolozsvári!
Differential Revision: https://reviews.llvm.org/D35068
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@353698 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'docs/analyzer/checkers.rst')
-rw-r--r-- | docs/analyzer/checkers.rst | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/analyzer/checkers.rst b/docs/analyzer/checkers.rst index c6fcfe4d5e..62f7f7bfc8 100644 --- a/docs/analyzer/checkers.rst +++ b/docs/analyzer/checkers.rst @@ -566,6 +566,17 @@ security.insecureAPI.vfork (C) vfork(); // warn } +security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C) +"""""""""""""""""""""""""""""" + Warn on occurrences of unsafe or deprecated buffer handling functions, which now have a secure variant: ``sprintf, vsprintf, scanf, wscanf, fscanf, fwscanf, vscanf, vwscanf, vfscanf, vfwscanf, sscanf, swscanf, vsscanf, vswscanf, swprintf, snprintf, vswprintf, vsnprintf, memcpy, memmove, strncpy, strncat, memset`` + +.. code-block:: c + + void test() { + char buf [5]; + strncpy(buf, "a", 1); // warn + } + .. _unix-checkers: unix |