Post link to checker-260, which is checker-259 with some experimental checks enabled.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149032 91177308-0d34-0410-b5e6-96231b3b80d8

2 files changed, 17 insertions, 1 deletions

diff --git a/www/analyzer/latest_checker.html.incl b/www/analyzer/latest_checker.html.incl
index e47300a78d..2b5030a7bd 100644
--- a/www/analyzer/latest_checker.html.incl
+++ b/www/analyzer/latest_checker.html.incl
@@ -1 +1 @@
-<b><a href="http://bit.ly/zOWf1P">checker-259.tar.bz2</a></b> (built January 25, 2012)
+<b><a href="http://bit.ly/wpAqVP">checker-260.tar.bz2</a></b> (built January 25, 2012)
diff --git a/www/analyzer/release_notes.html b/www/analyzer/release_notes.html
index 423e136f4b..b6a035923e 100644
--- a/www/analyzer/release_notes.html
+++ b/www/analyzer/release_notes.html
@@ -15,6 +15,22 @@
 
 <h1>Release notes for <tt>checker-XXX</tt> builds</h1>
 
+<h4 id="checker_260">checker-260</h4>
+
+<p><b>built: </b>January 25, 2012<br>
+<b>download:</b> <a href="http://bit.ly/wpAqVP">checker-260.tar.bz2</a></p>
+<p><b>highlights:</b></p>
+
+<p>This is essentially the same as checker-259, but enables the following <i>experimental</i> checkers (please provide feedback):</p>
+
+<ul>
+  <li>Warns about unsafe uses of CFArrayCreate, CFSetCreate, and CFDictionaryCreate</li>
+  <li>Warns about unsafe uses of getpw, gets, which are sources of buffer overflows</li>
+  <li>Warns about unsafe uses of mktemp and mktemps, which can lead to insecure temporary files</li>
+  <li>Warns about unsafe uses of vfork, which is <a href="https://www.securecoding.cert.org/confluence/display/seccode/POS33-C.+Do+not+use+vfork()">insecure</a> to use</li>
+  <li>Warns about not checking the return values of setuid, setgid, seteuid, setegid, setreuid, setregid (another security issue)</li>
+</ul>
+
 <h4 id="checker_259">checker-259</h4>
 
 <p><b>built: </b>January 25, 2012<br>