aaron.ballman added inline comments.
================ Comment at: clang-tools-extra/clang-tidy/cert/PutenvWithAutoCheck.cpp:27 + hasAutomaticStorageDuration(), + unless(hasDescendant(callExpr(callee(functionDecl(hasAnyName( + "::alloc", "::malloc", "::realloc", "::calloc"))))))))))) ---------------- I don't know that this is sufficient for the check, and I sort of think this may need to be implemented by the static analyzer rather than clang-tidy. The initialization of the variable is going to be control flow sensitive. Consider something like: ``` void foo(void) { char *buffer = "huttah!"; if (rand() % 2 == 0) { buffer = malloc(5); strcpy(buffer, "woot"); } putenv(buffer); } void bar(void) { char *buffer = malloc(5); strcpy(buffer, "woot"); if (rand() % 2 == 0) { free(buffer); buffer = "blah blah blah"; } putenv(buffer); } ``` ================ Comment at: clang-tools-extra/docs/clang-tidy/checks/cert-pos34-c.rst:4 +cert-pos34-c +===================== + ---------------- Underlining looks incorrect here. ================ Comment at: clang-tools-extra/docs/clang-tidy/checks/cert-pos34-c.rst:6 + +Finds calls of ``putenv`` function with automatic variable as the argument. + ---------------- Finds calls to the ``putenv`` function which pass a pointer to an automatic variable as the argument. ================ Comment at: clang-tools-extra/docs/clang-tidy/checks/cert-pos34-c.rst:23 + +This check corresponds to the CERT Standard rule +`POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument. ---------------- CERT Standard -> CERT C Coding Standard CHANGES SINCE LAST ACTION https://reviews.llvm.org/D70823/new/ https://reviews.llvm.org/D70823 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits