Post link to checker-260, which is checker-259 with some experimental checks enabled.

llvm-svn: 149032
2012-01-26 03:02:34 +00:00 · 2012-01-26 03:02:34 +00:00 · 1ca6ce5a22
parent 34b49061aa
commit 1ca6ce5a22
2 changed files with 17 additions and 1 deletions
--- a/clang/www/analyzer/latest_checker.html.incl
+++ b/clang/www/analyzer/latest_checker.html.incl
@ -1 +1 @@
-<b><a href="http://bit.ly/zOWf1P">checker-259.tar.bz2</a></b> (built January 25, 2012)
+<b><a href="http://bit.ly/wpAqVP">checker-260.tar.bz2</a></b> (built January 25, 2012)
--- a/clang/www/analyzer/release_notes.html
+++ b/clang/www/analyzer/release_notes.html
@ -15,6 +15,22 @@

 <h1>Release notes for <tt>checker-XXX</tt> builds</h1>

+<h4 id="checker_260">checker-260</h4>
+
+<p><b>built: </b>January 25, 2012<br>
+<b>download:</b> <a href="http://bit.ly/wpAqVP">checker-260.tar.bz2</a></p>
+<p><b>highlights:</b></p>
+
+<p>This is essentially the same as checker-259, but enables the following <i>experimental</i> checkers (please provide feedback):</p>
+
+<ul>
+  <li>Warns about unsafe uses of CFArrayCreate, CFSetCreate, and CFDictionaryCreate</li>
+  <li>Warns about unsafe uses of getpw, gets, which are sources of buffer overflows</li>
+  <li>Warns about unsafe uses of mktemp and mktemps, which can lead to insecure temporary files</li>
+  <li>Warns about unsafe uses of vfork, which is <a href="https://www.securecoding.cert.org/confluence/display/seccode/POS33-C.+Do+not+use+vfork()">insecure</a> to use</li>
+  <li>Warns about not checking the return values of setuid, setgid, seteuid, setegid, setreuid, setregid (another security issue)</li>
+</ul>
+
 <h4 id="checker_259">checker-259</h4>

 <p><b>built: </b>January 25, 2012<br>