From 67fdd6e5f5b35b3152ae7489390f1f459bc58eb1 Mon Sep 17 00:00:00 2001 From: mtx Date: Thu, 13 Nov 2025 13:28:40 +0800 Subject: [PATCH 1/3] [NFC][analyzer] Add missing document for `decodeValueOfObjCType` --- clang/docs/analyzer/checkers.rst | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/clang/docs/analyzer/checkers.rst b/clang/docs/analyzer/checkers.rst index fd0b304cba0df..51ca5e112c6bd 100644 --- a/clang/docs/analyzer/checkers.rst +++ b/clang/docs/analyzer/checkers.rst @@ -198,7 +198,7 @@ as error. Specifically on x86/x86-64 target if the pointer address space is dereference is not defined as error. See `X86/X86-64 Language Extensions `__ for reference. - + If the analyzer option ``suppress-dereferences-from-any-address-space`` is set to true (the default value), then this checker never reports dereference of pointers with a specified address space. If the option is set to false, then @@ -1664,6 +1664,25 @@ Warn on uses of the 'bzero' function. bzero(ptr, n); // warn } +.. _security-insecureAPI-decodeValueOfObjCType: + +security.insecureAPI.decodeValueOfObjCType (C) +""""""""""""""""""""""""""""""""""""""" +Warn on uses of the Objective-C method ``-decodeValueOfObjCType:at:``. + +.. code-block:: objc + + void test(NSCoder *decoder) { + unsigned int x; + [decoder decodeValueOfObjCType:"I" at:&x]; // warn + } + +This diagnostic is emitted only on Apple platforms where the safer +``-decodeValueOfObjCType:at:size:`` alternative is available +( +iOS 11+, macOS 10.13+, tvOS 11+, watchOS 4.0+ +). + .. _security-insecureAPI-getpw: security.insecureAPI.getpw (C) From e6ebff654e6fadaf84076f9dd4ab04c259367198 Mon Sep 17 00:00:00 2001 From: mtx Date: Thu, 13 Nov 2025 13:36:37 +0800 Subject: [PATCH 2/3] ~ --- clang/docs/analyzer/checkers.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clang/docs/analyzer/checkers.rst b/clang/docs/analyzer/checkers.rst index 51ca5e112c6bd..de5b7be7912fa 100644 --- a/clang/docs/analyzer/checkers.rst +++ b/clang/docs/analyzer/checkers.rst @@ -1667,7 +1667,7 @@ Warn on uses of the 'bzero' function. .. _security-insecureAPI-decodeValueOfObjCType: security.insecureAPI.decodeValueOfObjCType (C) -""""""""""""""""""""""""""""""""""""""" +"""""""""""""""""""""""""""""""""""""""""""""" Warn on uses of the Objective-C method ``-decodeValueOfObjCType:at:``. .. code-block:: objc From 623a28af0f2b386cbae587f3d7e0b0089097e67d Mon Sep 17 00:00:00 2001 From: mitchell Date: Thu, 13 Nov 2025 21:13:02 +0800 Subject: [PATCH 3/3] Update clang/docs/analyzer/checkers.rst MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: DonĂ¡t Nagy --- clang/docs/analyzer/checkers.rst | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/clang/docs/analyzer/checkers.rst b/clang/docs/analyzer/checkers.rst index de5b7be7912fa..31edf9e99dc7d 100644 --- a/clang/docs/analyzer/checkers.rst +++ b/clang/docs/analyzer/checkers.rst @@ -1679,9 +1679,7 @@ Warn on uses of the Objective-C method ``-decodeValueOfObjCType:at:``. This diagnostic is emitted only on Apple platforms where the safer ``-decodeValueOfObjCType:at:size:`` alternative is available -( -iOS 11+, macOS 10.13+, tvOS 11+, watchOS 4.0+ -). +(iOS 11+, macOS 10.13+, tvOS 11+, watchOS 4.0+). .. _security-insecureAPI-getpw: