-
Notifications
You must be signed in to change notification settings - Fork 116
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
lib/checkers/cwe476: use function signatures for in-binary calls
Currently, we only emit warnings for function calls if `strict_call_policy` is set. However, enabling this can cause many FPs since warnings are emitted as soon as any parameter may contain taint, or point to a tainted, value. For nested parameters it may also lead to FNs since only one level of nesting is considered. Use function summaries to make a more accurate decision whether or not a callee may dereference a potential NULL pointer that is made available to them. Signed-off-by: Valentin Obst <[email protected]>
- Loading branch information
Valentin Obst
committed
Apr 11, 2024
1 parent
530c1f0
commit f6ab489
Showing
2 changed files
with
40 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters