PathDiagnosticLocation::createBegin(FS, BR.getSourceManager(), AC);
BR.EmitBasicReport(AC->getDecl(),
bugType, "Security", os.str(),
- FSLoc, ranges.data(), ranges.size());
+ FSLoc, ranges);
}
//===----------------------------------------------------------------------===//
return;
// Issue a warning.
- SourceRange R = CE->getCallee()->getSourceRange();
PathDiagnosticLocation CELoc =
PathDiagnosticLocation::createBegin(CE, BR.getSourceManager(), AC);
BR.EmitBasicReport(AC->getDecl(),
"Security",
"Call to function 'gets' is extremely insecure as it can "
"always result in a buffer overflow",
- CELoc, &R, 1);
+ CELoc, CE->getCallee()->getSourceRange());
}
//===----------------------------------------------------------------------===//
return;
// Issue a warning.
- SourceRange R = CE->getCallee()->getSourceRange();
PathDiagnosticLocation CELoc =
PathDiagnosticLocation::createBegin(CE, BR.getSourceManager(), AC);
BR.EmitBasicReport(AC->getDecl(),
"Security",
"The getpw() function is dangerous as it may overflow the "
"provided buffer. It is obsoleted by getpwuid().",
- CELoc, &R, 1);
+ CELoc, CE->getCallee()->getSourceRange());
}
//===----------------------------------------------------------------------===//
return;
// Issue a waring.
- SourceRange R = CE->getCallee()->getSourceRange();
PathDiagnosticLocation CELoc =
PathDiagnosticLocation::createBegin(CE, BR.getSourceManager(), AC);
BR.EmitBasicReport(AC->getDecl(),
"Call to function 'mktemp' is insecure as it always "
"creates or uses insecure temporary file. Use 'mkstemp' "
"instead",
- CELoc, &R, 1);
+ CELoc, CE->getCallee()->getSourceRange());
}
return;
// Issue a warning.
- SourceRange R = strArg->getSourceRange();
PathDiagnosticLocation CELoc =
PathDiagnosticLocation::createBegin(CE, BR.getSourceManager(), AC);
SmallString<512> buf;
out << ')';
BR.EmitBasicReport(AC->getDecl(),
"Insecure temporary file creation", "Security",
- out.str(), CELoc, &R, 1);
+ out.str(), CELoc, strArg->getSourceRange());
}
//===----------------------------------------------------------------------===//
return;
// Issue a warning.
- SourceRange R = CE->getCallee()->getSourceRange();
PathDiagnosticLocation CELoc =
PathDiagnosticLocation::createBegin(CE, BR.getSourceManager(), AC);
BR.EmitBasicReport(AC->getDecl(),
"provide bounding of the memory buffer. Replace "
"unbounded copy functions with analogous functions that "
"support length arguments such as 'strlcpy'. CWE-119.",
- CELoc, &R, 1);
+ CELoc, CE->getCallee()->getSourceRange());
}
//===----------------------------------------------------------------------===//
return;
// Issue a warning.
- SourceRange R = CE->getCallee()->getSourceRange();
PathDiagnosticLocation CELoc =
PathDiagnosticLocation::createBegin(CE, BR.getSourceManager(), AC);
BR.EmitBasicReport(AC->getDecl(),
"provide bounding of the memory buffer. Replace "
"unbounded copy functions with analogous functions that "
"support length arguments such as 'strlcat'. CWE-119.",
- CELoc, &R, 1);
+ CELoc, CE->getCallee()->getSourceRange());
}
//===----------------------------------------------------------------------===//
<< "' is obsolete because it implements a poor random number generator."
<< " Use 'arc4random' instead";
- SourceRange R = CE->getCallee()->getSourceRange();
PathDiagnosticLocation CELoc =
PathDiagnosticLocation::createBegin(CE, BR.getSourceManager(), AC);
BR.EmitBasicReport(AC->getDecl(), os1.str(), "Security", os2.str(),
- CELoc, &R, 1);
+ CELoc, CE->getCallee()->getSourceRange());
}
//===----------------------------------------------------------------------===//
return;
// Issue a warning.
- SourceRange R = CE->getCallee()->getSourceRange();
PathDiagnosticLocation CELoc =
PathDiagnosticLocation::createBegin(CE, BR.getSourceManager(), AC);
BR.EmitBasicReport(AC->getDecl(),
"Security",
"The 'random' function produces a sequence of values that "
"an adversary may be able to predict. Use 'arc4random' "
- "instead", CELoc, &R, 1);
+ "instead", CELoc, CE->getCallee()->getSourceRange());
}
//===----------------------------------------------------------------------===//
return;
// All calls to vfork() are insecure, issue a warning.
- SourceRange R = CE->getCallee()->getSourceRange();
PathDiagnosticLocation CELoc =
PathDiagnosticLocation::createBegin(CE, BR.getSourceManager(), AC);
BR.EmitBasicReport(AC->getDecl(),
"denial of service situations in the parent process. "
"Replace calls to vfork with calls to the safer "
"'posix_spawn' function",
- CELoc, &R, 1);
+ CELoc, CE->getCallee()->getSourceRange());
}
//===----------------------------------------------------------------------===//
<< "' is not checked. If an error occurs in '" << *FD
<< "', the following code may execute with unexpected privileges";
- SourceRange R = CE->getCallee()->getSourceRange();
PathDiagnosticLocation CELoc =
PathDiagnosticLocation::createBegin(CE, BR.getSourceManager(), AC);
BR.EmitBasicReport(AC->getDecl(), os1.str(), "Security", os2.str(),
- CELoc, &R, 1);
+ CELoc, CE->getCallee()->getSourceRange());
}
//===----------------------------------------------------------------------===//