courbet added a comment.

Hi Jonas,

In, @JonasToth wrote:

> Hi,
> my 2 cents:
> - On which codebases did you run the check?

A large repository of open-source code, plus internal code at google. External 
code includes e.g. code from ffmpeg, Eigen, R, Chromium, gnuplot, lua ,...

> - did you consider looking for `implicitCastExpr`? You can capture all 
> narrowing conversion with that and analyze them further. I think it is 
> possible to warn for the subset mentioned in the guidelines.

Yes, that's the version for which I have provided analysis.  I'll update the 
diff with that version.

> - you match for `binaryOperator("+=", "-")` maybe all assignments can be 
> looked at?  (`binaryOperator(isASsignmentOperator())`, defined in 
> clang-tidy/util/Matchers.h or similar) That includes all calculate-and-assign 
> operations. Those should be equally dangerous.

The "normal" assignments are covered by the implicitCastExpr() above.

  rCTE Clang Tools Extra

cfe-commits mailing list

Reply via email to