[Bug analyzer/105890] RFE: -fanalyzer should complain about mkstemp with not enough "X"s in format string

egallager at gcc dot gnu.org via Gcc-bugs Wed, 08 Jun 2022 10:22:47 -0700

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105890


Eric Gallager <egallager at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |egallager at gcc dot gnu.org
   Last reconfirmed|                            |2022-06-08
             Blocks|                            |87403
     Ever confirmed|0                           |1
           Keywords|                            |diagnostic
             Status|UNCONFIRMED                 |NEW

--- Comment #1 from Eric Gallager <egallager at gcc dot gnu.org> ---
(In reply to David Malcolm from comment #0)
> https://clang.llvm.org/docs/analyzer/checkers.html#security-insecureapi-
> mkstemp-c
> "Warn when ‘mkstemp’ is passed fewer than 6 X’s in the format string."
> 
> Seems fairly easy to implement.  Maybe a frontend warnning, rather than
> -fanalyzer?

Yeah seems like it would be a new subflag to -Wformat (and, as I've mentioned
elsewhere, more evidence that there should be a -Wformat=3 as more of these get
added)


Referenced Bugs:

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87403
[Bug 87403] [Meta-bug] Issues that suggest a new warning

[Bug analyzer/105890] RFE: -fanalyzer should complain about mkstemp with not enough "X"s in format string

Reply via email to