Open llvmbot opened 9 years ago
There are problems in GenericTaintChecker.cpp checker:
int main() { char buf[256]; scanf("%s", buf); FILE *f = fopen(buf, "r"); // buf is tainted but no warnings generate }
However in other situation checker works properly:
int main() { char buf[256]; scanf("%s", buf); FILE f = fopen((char )buf[0], "r"); // Warning: tainted! }
Buuut:
int main() { char buf[256]; scanf("%s", buf); FILE f = fopen((char )buf[1], "r"); // Not working again! }
Any ideas, except for taint pointers itself? :)
assigned to @tkremenek
llvmbot
commented
9 years ago llvmbot
commented
9 years ago
Extended Description
There are problems in GenericTaintChecker.cpp checker:
include
int main() { char buf[256]; scanf("%s", buf); FILE *f = fopen(buf, "r"); // buf is tainted but no warnings generate }
However in other situation checker works properly:
include
int main() { char buf[256]; scanf("%s", buf); FILE f = fopen((char )buf[0], "r"); // Warning: tainted! }
Buuut:
include
int main() { char buf[256]; scanf("%s", buf); FILE f = fopen((char )buf[1], "r"); // Not working again! }
Any ideas, except for taint pointers itself? :)