================
@@ -576,8 +576,11 @@ ProgramStateRef
CStringChecker::CheckLocation(CheckerContext &C,
auto [StInBound, StOutBound] = state->assumeInBoundDual(*Idx, Size);
if (StOutBound && !StInBound) {
+ // FIXME: We detected a fatal error here, we should stop analysis even if
we
+ // chose not to emit a report here. However, as long as our out-of-bounds
+ // checker is in alpha, lets just pretend nothing happened.
if (!OutOfBounds.isEnabled())
----------------
steakhal wrote:
Ah, I was confused for a minute because the `security.ArrayBound` is no longer
alpha - but you were actually probably referring to
`alpha.unix.cstring.OutOfBounds` checker.
Maybe you could elaborate on what would be the impact of sinking the path when
it's an alpha checker to justify why it is not actually sinked here. This would
provide better context of the tradeoffs made here.
(If you decided to make edits, be sure to sync them across the copies of this
comment)
https://github.com/llvm/llvm-project/pull/186802
_______________________________________________
cfe-commits mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
