diff options
author | Ted Kremenek <kremenek@apple.com> | 2012-01-26 03:02:34 +0000 |
---|---|---|
committer | Ted Kremenek <kremenek@apple.com> | 2012-01-26 03:02:34 +0000 |
commit | 8ec2bc892605621063eb117b9346638a86f42483 (patch) | |
tree | c631feb74d46f979bb269019657c2a035a42ea9d /www | |
parent | 84b007fae6c0cd30fa07074d34fbe2bf61fa44f9 (diff) |
Post link to checker-260, which is checker-259 with some experimental checks enabled.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149032 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'www')
-rw-r--r-- | www/analyzer/latest_checker.html.incl | 2 | ||||
-rw-r--r-- | www/analyzer/release_notes.html | 16 |
2 files changed, 17 insertions, 1 deletions
diff --git a/www/analyzer/latest_checker.html.incl b/www/analyzer/latest_checker.html.incl index e47300a78d..2b5030a7bd 100644 --- a/www/analyzer/latest_checker.html.incl +++ b/www/analyzer/latest_checker.html.incl @@ -1 +1 @@ -<b><a href="http://bit.ly/zOWf1P">checker-259.tar.bz2</a></b> (built January 25, 2012) +<b><a href="http://bit.ly/wpAqVP">checker-260.tar.bz2</a></b> (built January 25, 2012) diff --git a/www/analyzer/release_notes.html b/www/analyzer/release_notes.html index 423e136f4b..b6a035923e 100644 --- a/www/analyzer/release_notes.html +++ b/www/analyzer/release_notes.html @@ -15,6 +15,22 @@ <h1>Release notes for <tt>checker-XXX</tt> builds</h1> +<h4 id="checker_260">checker-260</h4> + +<p><b>built: </b>January 25, 2012<br> +<b>download:</b> <a href="http://bit.ly/wpAqVP">checker-260.tar.bz2</a></p> +<p><b>highlights:</b></p> + +<p>This is essentially the same as checker-259, but enables the following <i>experimental</i> checkers (please provide feedback):</p> + +<ul> + <li>Warns about unsafe uses of CFArrayCreate, CFSetCreate, and CFDictionaryCreate</li> + <li>Warns about unsafe uses of getpw, gets, which are sources of buffer overflows</li> + <li>Warns about unsafe uses of mktemp and mktemps, which can lead to insecure temporary files</li> + <li>Warns about unsafe uses of vfork, which is <a href="https://www.securecoding.cert.org/confluence/display/seccode/POS33-C.+Do+not+use+vfork()">insecure</a> to use</li> + <li>Warns about not checking the return values of setuid, setgid, seteuid, setegid, setreuid, setregid (another security issue)</li> +</ul> + <h4 id="checker_259">checker-259</h4> <p><b>built: </b>January 25, 2012<br> |