projects / platform / upstream / llvm.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 047186c) | patch
[analyzer] Add a syntactic security check for ObjC NSCoder API.
authorArtem Dergachev <artem.dergachev@gmail.com>
Thu, 19 Dec 2019 22:21:02 +0000 (14:21 -0800)
committerArtem Dergachev <artem.dergachev@gmail.com>
Thu, 19 Dec 2019 22:54:29 +0000 (14:54 -0800)
commitb284005072122fe4af879725e3c8090009f89ca0
tree1cb978a8a8fbd7c92f247812d293f478bba5a1f1tree | snapshot
parent047186cc986f5bb53ce716dfe363ba517b7d0ed8commit | diff
[analyzer] Add a syntactic security check for ObjC NSCoder API.

Method '-[NSCoder decodeValueOfObjCType:at:]' is not only deprecated
but also a security hazard, hence a loud check.

Differential Revision: https://reviews.llvm.org/D71728
clang/include/clang/StaticAnalyzer/Checkers/Checkers.td diff | blob | history
clang/lib/Driver/ToolChains/Clang.cpp diff | blob | history
clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp diff | blob | history
clang/test/Analysis/security-syntax-checks-nscoder.m [new file with mode: 0644] blob
clang/www/analyzer/available_checks.html diff | blob | history
Domain: System / Toolchain;