checksrc: ban unsafe functions
The list of unsafe functions currently consists of sprintf, vsprintf, strcat, strncat and gets. Subsequently, some existing code needed updating to avoid warnings on this.
This commit is contained in:
Daniel Stenberg
@@ -6,7 +6,7 @@
|
||||
# | (__| |_| | _ <| |___
|
||||
# \___|\___/|_| \_\_____|
|
||||
#
|
||||
# Copyright (C) 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
# Copyright (C) 2011 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
#
|
||||
# This software is licensed as described in the file COPYING, which
|
||||
# you should have received as part of this distribution. The terms
|
||||
@@ -153,6 +153,12 @@ sub scanfile {
|
||||
checkwarn($line, length($1)+1, $file, $l, "missing space after close paren");
|
||||
}
|
||||
|
||||
# scan for use of banned functions
|
||||
if($l =~ /^(.*\W)(sprintf|vsprintf|strcat|strncat|gets)\s*\(/) {
|
||||
checkwarn($line, length($1), $file, $l,
|
||||
"use of $2 is banned");
|
||||
}
|
||||
|
||||
# check for open brace first on line but not first column
|
||||
# only alert if previous line ended with a close paren and wasn't a cpp
|
||||
# line
|
||||
|
||||
Reference in New Issue
Block a user