[clang][analyzer] Add ReportInC99AndEarlier option to DeprecatedOrUnsafeBuf… #168704
Conversation
llvmbot added clang 
| @llvm/pr-subscribers-clang Author: Endre Fülöp (gamesh411) Changes…ferHandling checker The checker may report warnings for deprecated buffer handling functions (memcpy, memset, memmove, etc.) even when not compiling with C11 standard if the new option "AllowWithoutC11" is set to true. These functions are deprecated in C11, but may still be problematic in earlier C standards. Full diff: https://github.com/llvm/llvm-project/pull/168704.diff 6 Files Affected:
diff --git a/clang/docs/analyzer/checkers.rst b/clang/docs/analyzer/checkers.rst index fd0b304cba0df..8cb4f7ae285de 100644 --- a/clang/docs/analyzer/checkers.rst +++ b/clang/docs/analyzer/checkers.rst @@ -1768,6 +1768,13 @@ security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C) strncpy(buf, "a", 1); // warn } +The ``AllowWithoutC11`` option allows reporting warnings for these functions even when not compiling with C11 standard. These functions are deprecated in C11, but may still be problematic in earlier C standards. + +To enable this option, use: +``-analyzer-config security.insecureAPI.DeprecatedOrUnsafeBufferHandling:AllowWithoutC11=true``. + +By default, this option is set to *false*. + .. _security-MmapWriteExec: security.MmapWriteExec (C) diff --git a/clang/include/clang/StaticAnalyzer/Checkers/Checkers.td b/clang/include/clang/StaticAnalyzer/Checkers/Checkers.td index ffae3b9310979..310dac5340a18 100644 --- a/clang/include/clang/StaticAnalyzer/Checkers/Checkers.td +++ b/clang/include/clang/StaticAnalyzer/Checkers/Checkers.td @@ -901,12 +901,21 @@ def UncheckedReturn : Checker<"UncheckedReturn">, Dependencies<[SecuritySyntaxChecker]>, Documentation<HasDocumentation>; -def DeprecatedOrUnsafeBufferHandling : - Checker<"DeprecatedOrUnsafeBufferHandling">, - HelpText<"Warn on uses of unsecure or deprecated buffer manipulating " - "functions">, - Dependencies<[SecuritySyntaxChecker]>, - Documentation<HasDocumentation>; +def DeprecatedOrUnsafeBufferHandling + : Checker<"DeprecatedOrUnsafeBufferHandling">, + HelpText<"Warn on uses of unsecure or deprecated buffer manipulating " + "functions">, + Dependencies<[SecuritySyntaxChecker]>, + CheckerOptions< + [CmdLineOption< + Boolean, "AllowWithoutC11", + "Allow reporting deprecated or unsafe buffer handling " + "functions even when not compiling with C11 standard. " + "These functions are deprecated in C11, but may still be " + "problematic in earlier C standards.", + "false", Released>, +]>, + Documentation<HasDocumentation>; def decodeValueOfObjCType : Checker<"decodeValueOfObjCType">, HelpText<"Warn on uses of the '-decodeValueOfObjCType:at:' method">, diff --git a/clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp b/clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp index 5e75c1c4a3abd..e07c9dcbad9fe 100644 --- a/clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp @@ -50,6 +50,8 @@ struct ChecksFilter { bool check_UncheckedReturn = false; bool check_decodeValueOfObjCType = false; + bool allowDeprecatedOrUnsafeBufferHandlingWithoutC11 = false; + CheckerNameRef checkName_bcmp; CheckerNameRef checkName_bcopy; CheckerNameRef checkName_bzero; @@ -754,7 +756,8 @@ void WalkAST::checkDeprecatedOrUnsafeBufferHandling(const CallExpr *CE, if (!filter.check_DeprecatedOrUnsafeBufferHandling) return; - if (!BR.getContext().getLangOpts().C11) + if (!(BR.getContext().getLangOpts().C11 || + filter.allowDeprecatedOrUnsafeBufferHandlingWithoutC11)) return; // Issue a warning. ArgIndex == -1: Deprecated but not unsafe (has size @@ -1113,5 +1116,20 @@ REGISTER_CHECKER(rand) REGISTER_CHECKER(vfork) REGISTER_CHECKER(FloatLoopCounter) REGISTER_CHECKER(UncheckedReturn) -REGISTER_CHECKER(DeprecatedOrUnsafeBufferHandling) + +void ento::registerDeprecatedOrUnsafeBufferHandling(CheckerManager &mgr) { + SecuritySyntaxChecker *checker = mgr.getChecker<SecuritySyntaxChecker>(); + checker->filter.check_DeprecatedOrUnsafeBufferHandling = true; + checker->filter.checkName_DeprecatedOrUnsafeBufferHandling = + mgr.getCurrentCheckerName(); + checker->filter.allowDeprecatedOrUnsafeBufferHandlingWithoutC11 = + mgr.getAnalyzerOptions().getCheckerBooleanOption( + mgr.getCurrentCheckerName(), "AllowWithoutC11"); +} + +bool ento::shouldRegisterDeprecatedOrUnsafeBufferHandling( + const CheckerManager &mgr) { + return true; +} + REGISTER_CHECKER(decodeValueOfObjCType) diff --git a/clang/test/Analysis/Inputs/system-header-simulator.h b/clang/test/Analysis/Inputs/system-header-simulator.h index fadc09f65d536..e048a6a892c48 100644 --- a/clang/test/Analysis/Inputs/system-header-simulator.h +++ b/clang/test/Analysis/Inputs/system-header-simulator.h @@ -82,6 +82,7 @@ char *strcpy(char *restrict, const char *restrict); char *strncpy(char *restrict dst, const char *restrict src, size_t n); char *strsep(char **restrict stringp, const char *restrict delim); void *memcpy(void *restrict dst, const void *restrict src, size_t n); +void *memmove(void *dst, const void *src, size_t n); void *memset(void *s, int c, size_t n); typedef unsigned long __darwin_pthread_key_t; diff --git a/clang/test/Analysis/analyzer-config.c b/clang/test/Analysis/analyzer-config.c index 7936273415ad4..60ca162fb3f24 100644 --- a/clang/test/Analysis/analyzer-config.c +++ b/clang/test/Analysis/analyzer-config.c @@ -121,6 +121,7 @@ // CHECK-NEXT: region-store-small-struct-limit = 2 // CHECK-NEXT: report-in-main-source-file = false // CHECK-NEXT: security.cert.env.InvalidPtr:InvalidatingGetEnv = false +// CHECK-NEXT: security.insecureAPI.DeprecatedOrUnsafeBufferHandling:AllowWithoutC11 = false // CHECK-NEXT: serialize-stats = false // CHECK-NEXT: silence-checkers = "" // CHECK-NEXT: stable-report-filename = false diff --git a/clang/test/Analysis/security-deprecated-buffer-handling-allow-without-c11.c b/clang/test/Analysis/security-deprecated-buffer-handling-allow-without-c11.c new file mode 100644 index 0000000000000..880e4bbf81302 --- /dev/null +++ b/clang/test/Analysis/security-deprecated-buffer-handling-allow-without-c11.c @@ -0,0 +1,48 @@ +// Test 1: Without C11 and without flag - should NOT warn +// RUN: %clang_analyze_cc1 %s -verify -std=gnu99 \ +// RUN: -analyzer-checker=security.insecureAPI.DeprecatedOrUnsafeBufferHandling \ +// RUN: -DEXPECT_NO_WARNINGS + +// Test 2: Without C11 but with flag enabled - should warn +// RUN: %clang_analyze_cc1 %s -verify -std=gnu99 \ +// RUN: -analyzer-checker=security.insecureAPI.DeprecatedOrUnsafeBufferHandling \ +// RUN: -analyzer-config security.insecureAPI.DeprecatedOrUnsafeBufferHandling:AllowWithoutC11=true \ +// RUN: -DEXPECT_WARNINGS + +// Test 3: With C11 - should warn (existing behavior) +// RUN: %clang_analyze_cc1 %s -verify -std=gnu11 \ +// RUN: -analyzer-checker=security.insecureAPI.DeprecatedOrUnsafeBufferHandling \ +// RUN: -DEXPECT_WARNINGS + +#include "Inputs/system-header-simulator.h" + +extern char buf[128]; +extern char src[128]; + +void test_memcpy(void) { + memcpy(buf, src, 10); +#ifdef EXPECT_WARNINGS + // expected-warning@-2{{Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard}} +#else + // expected-no-diagnostics +#endif +} + +void test_memset(void) { + memset(buf, 0, 10); +#ifdef EXPECT_WARNINGS + // expected-warning@-2{{Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard}} +#else + // expected-no-diagnostics +#endif +} + +void test_memmove(void) { + memmove(buf, src, 10); +#ifdef EXPECT_WARNINGS + // expected-warning@-2{{Call to function 'memmove' is insecure as it does not provide security checks introduced in the C11 standard}} +#else + // expected-no-diagnostics +#endif +} + |
| @llvm/pr-subscribers-clang-static-analyzer-1 Author: Endre Fülöp (gamesh411) Changes…ferHandling checker The checker may report warnings for deprecated buffer handling functions (memcpy, memset, memmove, etc.) even when not compiling with C11 standard if the new option "AllowWithoutC11" is set to true. These functions are deprecated in C11, but may still be problematic in earlier C standards. Full diff: https://github.com/llvm/llvm-project/pull/168704.diff 6 Files Affected:
diff --git a/clang/docs/analyzer/checkers.rst b/clang/docs/analyzer/checkers.rst index fd0b304cba0df..8cb4f7ae285de 100644 --- a/clang/docs/analyzer/checkers.rst +++ b/clang/docs/analyzer/checkers.rst @@ -1768,6 +1768,13 @@ security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C) strncpy(buf, "a", 1); // warn } +The ``AllowWithoutC11`` option allows reporting warnings for these functions even when not compiling with C11 standard. These functions are deprecated in C11, but may still be problematic in earlier C standards. + +To enable this option, use: +``-analyzer-config security.insecureAPI.DeprecatedOrUnsafeBufferHandling:AllowWithoutC11=true``. + +By default, this option is set to *false*. + .. _security-MmapWriteExec: security.MmapWriteExec (C) diff --git a/clang/include/clang/StaticAnalyzer/Checkers/Checkers.td b/clang/include/clang/StaticAnalyzer/Checkers/Checkers.td index ffae3b9310979..310dac5340a18 100644 --- a/clang/include/clang/StaticAnalyzer/Checkers/Checkers.td +++ b/clang/include/clang/StaticAnalyzer/Checkers/Checkers.td @@ -901,12 +901,21 @@ def UncheckedReturn : Checker<"UncheckedReturn">, Dependencies<[SecuritySyntaxChecker]>, Documentation<HasDocumentation>; -def DeprecatedOrUnsafeBufferHandling : - Checker<"DeprecatedOrUnsafeBufferHandling">, - HelpText<"Warn on uses of unsecure or deprecated buffer manipulating " - "functions">, - Dependencies<[SecuritySyntaxChecker]>, - Documentation<HasDocumentation>; +def DeprecatedOrUnsafeBufferHandling + : Checker<"DeprecatedOrUnsafeBufferHandling">, + HelpText<"Warn on uses of unsecure or deprecated buffer manipulating " + "functions">, + Dependencies<[SecuritySyntaxChecker]>, + CheckerOptions< + [CmdLineOption< + Boolean, "AllowWithoutC11", + "Allow reporting deprecated or unsafe buffer handling " + "functions even when not compiling with C11 standard. " + "These functions are deprecated in C11, but may still be " + "problematic in earlier C standards.", + "false", Released>, +]>, + Documentation<HasDocumentation>; def decodeValueOfObjCType : Checker<"decodeValueOfObjCType">, HelpText<"Warn on uses of the '-decodeValueOfObjCType:at:' method">, diff --git a/clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp b/clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp index 5e75c1c4a3abd..e07c9dcbad9fe 100644 --- a/clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp @@ -50,6 +50,8 @@ struct ChecksFilter { bool check_UncheckedReturn = false; bool check_decodeValueOfObjCType = false; + bool allowDeprecatedOrUnsafeBufferHandlingWithoutC11 = false; + CheckerNameRef checkName_bcmp; CheckerNameRef checkName_bcopy; CheckerNameRef checkName_bzero; @@ -754,7 +756,8 @@ void WalkAST::checkDeprecatedOrUnsafeBufferHandling(const CallExpr *CE, if (!filter.check_DeprecatedOrUnsafeBufferHandling) return; - if (!BR.getContext().getLangOpts().C11) + if (!(BR.getContext().getLangOpts().C11 || + filter.allowDeprecatedOrUnsafeBufferHandlingWithoutC11)) return; // Issue a warning. ArgIndex == -1: Deprecated but not unsafe (has size @@ -1113,5 +1116,20 @@ REGISTER_CHECKER(rand) REGISTER_CHECKER(vfork) REGISTER_CHECKER(FloatLoopCounter) REGISTER_CHECKER(UncheckedReturn) -REGISTER_CHECKER(DeprecatedOrUnsafeBufferHandling) + +void ento::registerDeprecatedOrUnsafeBufferHandling(CheckerManager &mgr) { + SecuritySyntaxChecker *checker = mgr.getChecker<SecuritySyntaxChecker>(); + checker->filter.check_DeprecatedOrUnsafeBufferHandling = true; + checker->filter.checkName_DeprecatedOrUnsafeBufferHandling = + mgr.getCurrentCheckerName(); + checker->filter.allowDeprecatedOrUnsafeBufferHandlingWithoutC11 = + mgr.getAnalyzerOptions().getCheckerBooleanOption( + mgr.getCurrentCheckerName(), "AllowWithoutC11"); +} + +bool ento::shouldRegisterDeprecatedOrUnsafeBufferHandling( + const CheckerManager &mgr) { + return true; +} + REGISTER_CHECKER(decodeValueOfObjCType) diff --git a/clang/test/Analysis/Inputs/system-header-simulator.h b/clang/test/Analysis/Inputs/system-header-simulator.h index fadc09f65d536..e048a6a892c48 100644 --- a/clang/test/Analysis/Inputs/system-header-simulator.h +++ b/clang/test/Analysis/Inputs/system-header-simulator.h @@ -82,6 +82,7 @@ char *strcpy(char *restrict, const char *restrict); char *strncpy(char *restrict dst, const char *restrict src, size_t n); char *strsep(char **restrict stringp, const char *restrict delim); void *memcpy(void *restrict dst, const void *restrict src, size_t n); +void *memmove(void *dst, const void *src, size_t n); void *memset(void *s, int c, size_t n); typedef unsigned long __darwin_pthread_key_t; diff --git a/clang/test/Analysis/analyzer-config.c b/clang/test/Analysis/analyzer-config.c index 7936273415ad4..60ca162fb3f24 100644 --- a/clang/test/Analysis/analyzer-config.c +++ b/clang/test/Analysis/analyzer-config.c @@ -121,6 +121,7 @@ // CHECK-NEXT: region-store-small-struct-limit = 2 // CHECK-NEXT: report-in-main-source-file = false // CHECK-NEXT: security.cert.env.InvalidPtr:InvalidatingGetEnv = false +// CHECK-NEXT: security.insecureAPI.DeprecatedOrUnsafeBufferHandling:AllowWithoutC11 = false // CHECK-NEXT: serialize-stats = false // CHECK-NEXT: silence-checkers = "" // CHECK-NEXT: stable-report-filename = false diff --git a/clang/test/Analysis/security-deprecated-buffer-handling-allow-without-c11.c b/clang/test/Analysis/security-deprecated-buffer-handling-allow-without-c11.c new file mode 100644 index 0000000000000..880e4bbf81302 --- /dev/null +++ b/clang/test/Analysis/security-deprecated-buffer-handling-allow-without-c11.c @@ -0,0 +1,48 @@ +// Test 1: Without C11 and without flag - should NOT warn +// RUN: %clang_analyze_cc1 %s -verify -std=gnu99 \ +// RUN: -analyzer-checker=security.insecureAPI.DeprecatedOrUnsafeBufferHandling \ +// RUN: -DEXPECT_NO_WARNINGS + +// Test 2: Without C11 but with flag enabled - should warn +// RUN: %clang_analyze_cc1 %s -verify -std=gnu99 \ +// RUN: -analyzer-checker=security.insecureAPI.DeprecatedOrUnsafeBufferHandling \ +// RUN: -analyzer-config security.insecureAPI.DeprecatedOrUnsafeBufferHandling:AllowWithoutC11=true \ +// RUN: -DEXPECT_WARNINGS + +// Test 3: With C11 - should warn (existing behavior) +// RUN: %clang_analyze_cc1 %s -verify -std=gnu11 \ +// RUN: -analyzer-checker=security.insecureAPI.DeprecatedOrUnsafeBufferHandling \ +// RUN: -DEXPECT_WARNINGS + +#include "Inputs/system-header-simulator.h" + +extern char buf[128]; +extern char src[128]; + +void test_memcpy(void) { + memcpy(buf, src, 10); +#ifdef EXPECT_WARNINGS + // expected-warning@-2{{Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard}} +#else + // expected-no-diagnostics +#endif +} + +void test_memset(void) { + memset(buf, 0, 10); +#ifdef EXPECT_WARNINGS + // expected-warning@-2{{Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard}} +#else + // expected-no-diagnostics +#endif +} + +void test_memmove(void) { + memmove(buf, src, 10); +#ifdef EXPECT_WARNINGS + // expected-warning@-2{{Call to function 'memmove' is insecure as it does not provide security checks introduced in the C11 standard}} +#else + // expected-no-diagnostics +#endif +} + |
clang/docs/analyzer/checkers.rst Outdated
| The ``AllowWithoutC11`` option allows reporting warnings for these functions even when not compiling with C11 standard. These functions are deprecated in C11, but may still be problematic in earlier C standards. | ||
| To enable this option, use: | ||
| ``-analyzer-config security.insecureAPI.DeprecatedOrUnsafeBufferHandling:AllowWithoutC11=true``. | ||
| By default, this option is set to *false*. | ||
There was a problem hiding this comment.
The current phrasing is problematic because it's not clear from reading AllowWithoutC11 what it enables. By judging the description of the flag, I think something like ReportInC99AndEarlier would be more appropriate.
But I wonder if we should just switch this behaviour and report these all the time, and have a flag for opting in to the current behaviour. WDYT?
There was a problem hiding this comment.
I agree that the naming is probably better if we use the "reporting when" pattern for the flag name. I'll go with your suggestion.
I have 2 minor concerns with making this on by default. One is the potential new finding that the users will find surprising. This is a lesser issue when compared to the next. Looking at the public opinion shows that Annex K and these _s suffix variants are under scrutiny and not widely implemented.
So if we want to move in this direction, I have a suggestion of making this checker enabled not based on the detection of the C11 standard, but rather the availability of the macro symbol __STDC_LIB_EXT1__, as these warnings are only actionable when this is the case. (Take this last suggestion with a grain of salt; I may not be qualified to form an opinion about this.)
@steakhal What is your opinion?
There was a problem hiding this comment.
[...] One is the potential new finding that the users will find surprising.
IMO this is an improvement. I've received thank you notes in the past.
[...] Annex K and these _s suffix variants are under scrutiny and not widely implemented
Yes, this is a valid concern. Correct me if I'm wrong, but I thought that all the rest of the functions this checker warns fall into the same bucket, right? If so, then the same concern applied in the past to those, so the flag still doesn't make much sense. If no, then the flag should be named appropriately, something resembling Annex K.
[...] So if we want to move in this direction, I have a suggestion of making this checker enabled not based on the detection of the C11 standard, but rather the availability of the macro symbol STDC_LIB_EXT1, as these warnings are only actionable when this is the case.
I don't exactly know the contract. If I recall, to use the Annex K extensions, you would need to define some macro and only then include the given header, which would define another magic macro if Annex K was actually present. So it's a two-ways contract: one needs to ask for it, and the library needs to expose it.
I'd say it's pretty likely that some other code already checks the presence of Annex K somehow.
I'm open for this path. I think it also makes sense.
There was a problem hiding this comment.
IMHO, It would be best to have a discourse to collect our thoughts there, and I have created one:
https://discourse.llvm.org/t/rfc-report-modes-for-unsafe-function-reporting/88971
@steakhal Should we wait for the discussion to settle and potentially repurpose this PR, or should we land it with this name and logic and handle the results of that discussion later with a new patch if necessary?
There was a problem hiding this comment.
Either works. It mainly depends if you want to / can keep this PR open.
I'm flexible with this regard.
clang/test/Analysis/security-deprecated-buffer-handling-allow-without-c11.c Outdated Show resolved Hide resolved
🐧 Linux x64 Test Results
|
gamesh411 force-pushed the deprecated-buffer-handling-allow-without-c11 branch from fe09888 to abc7812 Compare clang/test/Analysis/security-deprecated-buffer-handling-allow-without-c11.c Outdated Show resolved Hide resolved
gamesh411 changed the title 
…afeBufferHandling checker The checker may report warnings for deprecated buffer handling functions (memcpy, memset, memmove, etc.) even when not compiling with C11 standard if the new option "ReportInC99AndEarlier" is set to true. These functions became deprecated in C11, but may still be problematic in earlier C standards.
not quite as suggested, but I think this is expressive now without being too complicated
gamesh411 force-pushed the deprecated-buffer-handling-allow-without-c11 branch from 4a91e20 to baf884d Compare 
| Note: just reworded the commit message with the last FP. |
| } | ||
| | ||
| bool ento::shouldRegisterDeprecatedOrUnsafeBufferHandling( | ||
| const CheckerManager &mgr) { |
There was a problem hiding this comment.
| const CheckerManager &mgr) { | |
| const CheckerManager &) { |
| checker->filter.allowDeprecatedOrUnsafeBufferHandlingWithoutC11 = | ||
| mgr.getAnalyzerOptions().getCheckerBooleanOption( | ||
| mgr.getCurrentCheckerName(), "ReportInC99AndEarlier"); |
There was a problem hiding this comment.
Looking at this, I feel like there is a mismatch in the name of the flag and the variable holing its value.
Namely: ReportInC99AndEarlier and allowDeprecatedOrUnsafeBufferHandlingWithoutC11
Do you think it would be better to have these share a common name?
I think that would make the code more relatable and searchable.
WDYT?
There was a problem hiding this comment.
You are right: the variable name came from the flag name, and when replacing the latter, I overlooked the former.
Renaming the variable as well.
| REGISTER_CHECKER(UncheckedReturn) | ||
| REGISTER_CHECKER(DeprecatedOrUnsafeBufferHandling) | ||
| | ||
| void ento::registerDeprecatedOrUnsafeBufferHandling(CheckerManager &mgr) { |
There was a problem hiding this comment.
| void ento::registerDeprecatedOrUnsafeBufferHandling(CheckerManager &mgr) { | |
| void ento::registerDeprecatedOrUnsafeBufferHandling(CheckerManager &Mgr) { |
| REGISTER_CHECKER(DeprecatedOrUnsafeBufferHandling) | ||
| | ||
| void ento::registerDeprecatedOrUnsafeBufferHandling(CheckerManager &mgr) { | ||
| SecuritySyntaxChecker *checker = mgr.getChecker<SecuritySyntaxChecker>(); |
There was a problem hiding this comment.
| SecuritySyntaxChecker *checker = mgr.getChecker<SecuritySyntaxChecker>(); | |
| SecuritySyntaxChecker *Checker = mgr.getChecker<SecuritySyntaxChecker>(); |
| @@ -0,0 +1,35 @@ | |||
| // Test 1: Without C11 and without flag - should NOT warn | |||
| // RUN: %clang_analyze_cc1 %s -verify=c99-noflag -std=gnu99 \ | |||
There was a problem hiding this comment.
So we use gnu99; couldn't we use the standard c99 language flavour instead?
I think the gnu variant allows the gnu extensions, which leads to a strictly broader l language flavour than standard C. Is this intentional?
There was a problem hiding this comment.
According to the User manual Differences between various standard modes, GNU variants are the default, not the simple C variants, so that seems to be the more widespread default mode. I had no other considerations.
I didn't understand this. You can edit the commit message when you click on the squash-merge button on the UI. |
3 participants
…ferHandling checker
The checker may report warnings for deprecated buffer handling functions (memcpy, memset, memmove, etc.) even when not compiling with C11 standard if the new option "ReportInC99AndEarlier" is set to true.
These functions are deprecated in C11, but may still be problematic in earlier C standards.