Tweak insecureAPI analyzer checks to have the ability to be individually disabled.
The solution is a bit inefficient: it creates N checkers, one for each check, and
each check does a dispatch on the function name. This is redundant, but we can fix
this once we have the proper ability to enable/disable subchecks.
Fixes <rdar://problem/11780180>.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159459 91177308-0d34-0410-b5e6-96231b3b80d8
diff --git a/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp b/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
index dde9071..053b83f 100644
--- a/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
+++ b/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
@@ -379,13 +379,6 @@
//===----------------------------------------------------------------------===//
void WalkAST::checkCall_mktemp(const CallExpr *CE, const FunctionDecl *FD) {
- if (!filter.check_mktemp) {
- // Fall back to the security check of looking for enough 'X's in the
- // format string, since that is a less severe warning.
- checkCall_mkstemp(CE, FD);
- return;
- }
-
const FunctionProtoType *FPT
= dyn_cast<FunctionProtoType>(FD->getType().IgnoreParens());
if(!FPT)
@@ -769,8 +762,9 @@
}
#define REGISTER_CHECKER(name) \
+namespace { class Checker_##name : public SecuritySyntaxChecker {}; }\
void ento::register##name(CheckerManager &mgr) {\
- mgr.registerChecker<SecuritySyntaxChecker>()->filter.check_##name = true;\
+ mgr.registerChecker<Checker_##name>()->filter.check_##name = true;\
}
REGISTER_CHECKER(gets)