Apple Plans to Open-Source an LLVM Tool to Security Harden Large C++ Codebases
6 months ago
- #static-analysis
- #LLVM
- #C++
- Apple plans to open-source a tool for security hardening large C++ codebases.
- The tool uses static analysis methods for source code rewriting across entire projects.
- Apple aims to upstream this tool into LLVM and enhance the Clang Static Analyzer.
- The framework will support cross-translation-unit analysis for improved accuracy and reduced false positives.
- Apple's RFC outlines a scalable static analysis framework for large software projects.
- The framework includes new APIs, data formats, tools, and potential Clang enhancements.