https://github.com/ojhunt requested changes to this pull request.
I don't think that this is the best approach, it requires a lot of duplicated checks, and those checks are significantly removed from the primary bound check. I think a better approach would be to instead change this code to record: * The true size of the destination object (i.e. ignore the explicitly stated size) * The true size of the source object (ditto) * The minimum requested operation size (e.g. size parameter in memcpy) * The maximum operation size (size in strl/strncpy) Then have a single set of tests at the end that verify the minimum size is <= to the source and destination buffers, and the destination size vs the stated maximum operation size, and when relevant the object sizes (e.g. `char foo[5]; strcpy(foo, "too long");`). Independently of all of this it might be nice to warn on `strncpy(buffer[5], "seven", 5)` due to the truncation of the null termination - again completely unrelated to this PR. https://github.com/llvm/llvm-project/pull/161737 _______________________________________________ cfe-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
