[Bug analyzer/105890] RFE: -fanalyzer should complain about mkstemp with not enough "X"s in format string
egallager at gcc dot gnu.org
gcc-bugzilla@gcc.gnu.org
Wed Jun 8 17:22:36 GMT 2022
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105890
Eric Gallager <egallager at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |egallager at gcc dot gnu.org
Last reconfirmed| |2022-06-08
Blocks| |87403
Ever confirmed|0 |1
Keywords| |diagnostic
Status|UNCONFIRMED |NEW
--- Comment #1 from Eric Gallager <egallager at gcc dot gnu.org> ---
(In reply to David Malcolm from comment #0)
> https://clang.llvm.org/docs/analyzer/checkers.html#security-insecureapi-
> mkstemp-c
> "Warn when ‘mkstemp’ is passed fewer than 6 X’s in the format string."
>
> Seems fairly easy to implement. Maybe a frontend warnning, rather than
> -fanalyzer?
Yeah seems like it would be a new subflag to -Wformat (and, as I've mentioned
elsewhere, more evidence that there should be a -Wformat=3 as more of these get
added)
Referenced Bugs:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87403
[Bug 87403] [Meta-bug] Issues that suggest a new warning
More information about the Gcc-bugs
mailing list