From 9bcce2ef3a3b7136c200f510a65e40c5e0a97267 Mon Sep 17 00:00:00 2001 From: Chih-Hung Hsieh Date: Mon, 7 Feb 2022 16:44:13 -0800 Subject: [PATCH] Disable tidy default DeprecatedOrUnsafeBufferHandling check This will suppress warning like: system/chre/chpp/app.c:637:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] Test: WITH_TIDY=1 CLANG_ANALYZER_CHECKS=1 make tidy-system-chre-chpp_subset Change-Id: I87a7bba31aa10260fc408317a8cd54bf80c03152 --- cc/config/tidy.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cc/config/tidy.go b/cc/config/tidy.go index fdc246cdf..ba1043b0d 100644 --- a/cc/config/tidy.go +++ b/cc/config/tidy.go @@ -62,8 +62,9 @@ func init() { }, ",") // clang-analyzer-* checks are too slow to be in the default for WITH_TIDY=1. // nightly builds add CLANG_ANALYZER_CHECKS=1 to run those checks. + // The insecureAPI.DeprecatedOrUnsafeBufferHandling warning does not apply to Android. if ctx.Config().IsEnvTrue("CLANG_ANALYZER_CHECKS") { - checks += ",clang-analyzer-*" + checks += ",clang-analyzer-*,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling" } return checks })