[Bug analyzer/105890] New: RFE: -fanalyzer should complain about mkstemp with not enough "X"s in format string

Wed Jun 8 14:36:45 GMT 2022

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105890

            Bug ID: 105890
           Summary: RFE: -fanalyzer should complain about mkstemp with not
                    enough "X"s in format string
           Product: gcc
           Version: 12.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: analyzer
          Assignee: dmalcolm at gcc dot gnu.org
          Reporter: dmalcolm at gcc dot gnu.org
            Blocks: 105887
  Target Milestone: ---

https://clang.llvm.org/docs/analyzer/checkers.html#security-insecureapi-mkstemp-c
"Warn when ‘mkstemp’ is passed fewer than 6 X’s in the format string."

Seems fairly easy to implement.  Maybe a frontend warnning, rather than
-fanalyzer?

Referenced Bugs:

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105887
[Bug 105887] RFE: clang analyzer warnings that GCC's -fanalyzer could implement