I'm trying to make my clang-tidy to emit errors for unsafe API usage. My .clang-tidy looks as follows:
---
Checks:
'
*
,-abseil-*
,-altera-*
,-android-*
,-darwin-*
,-fuchsia-*
,-linuxkernel-*
,-llvm-*
,-llvmlibc-*
,-mpi-*
,-objc-*
,-openmp-*
,-zircon-*
,-modernize-use-trailing-return-type
,-readability-identifier-length
'
WarningsAsErrors: '
clang-analyzer-security*
'
HeaderFilterRegex: ''
AnalyzeTemporaryDtors: false
FormatStyle: none
User: user
CheckOptions:
...
When I invoke clang tidy I see list of enabled checks, which includes
clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling
According to documentation this should make clang-tidy warn me if I'm using unsafe functions like memcpy. The reality is that I don't get it neither as warning, nor as error. The file and the line gets checked for sure, since clang-tidy emits other warning on those memset calls:
cppcoreguidelines-pro-bounds-array-to-pointer-decay
But whatever I do, I'm unable to get DeprecatedOrUnsafeBufferHandling generated. Currently I'm observing that behavior on clang-tidy-14.
