Doomhowl-Interactive/llvm-project
0
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity
Files
55b271ddc1fd9684b9b0a955e70cb4dafc2bc782
llvm-project/SECURITY.md
George Burgess IV 6f4661ce8f [SECURITY.md] add pointers to "what is a security issue" (#177372) 
Over the years, the security group has received a decent number of
reports of malicious input causing e.g., Clang to crash.

While these reports are valuable, it seems useful to clarify that many
of them are considered bugs, rather than security issues.
2026-01-22 17:19:09 -07:00

685 B
Raw Blame History

Reporting LLVM Security Issues

To report security issues in LLVM, please follow the steps outlined on the LLVM Security Group page.

Security Issue Scope

Many of LLVM's tools are explicitly not considered to be hardened against malicious input. Bugs in LLVM tools like buffer overreads or crashes are valuable to report as Issues, but aren't always seen as security vulnerabilities. Please see our documentation for a more precise definition of a security issue in this repository.

Reference in New Issue View Git Blame Copy Permalink