public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "dmalcolm at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug analyzer/106003] New: RFE: -fanalyzer could complain about misuse of file-descriptors Date: Thu, 16 Jun 2022 15:21:25 +0000 [thread overview] Message-ID: <bug-106003-4@http.gcc.gnu.org/bugzilla/> (raw) https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003 Bug ID: 106003 Summary: RFE: -fanalyzer could complain about misuse of file-descriptors Product: gcc Version: 12.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: dmalcolm at gcc dot gnu.org Target Milestone: --- -fanalyzer could be extended to check POSIX file-descriptor APIs ("int" rather than FILE *). e.g. - check for FD leaks - check for double "close" of a FD (CWE-1341, I believe) - check for read/write of a closed descriptor - check for read/write of a descriptor opened for just writing/reading etc Immad Mir is looking at this for GSoC 2022. Example of a "double file-descriptor close" bug: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13351 albeit in C++.
next reply other threads:[~2022-06-16 15:21 UTC|newest] Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-06-16 15:21 dmalcolm at gcc dot gnu.org [this message] 2022-06-16 15:30 ` [Bug analyzer/106003] " dmalcolm at gcc dot gnu.org 2022-06-19 12:27 ` mir at gcc dot gnu.org 2022-07-02 16:45 ` cvs-commit at gcc dot gnu.org 2022-07-04 8:50 ` marxin at gcc dot gnu.org 2022-07-04 14:08 ` marxin at gcc dot gnu.org 2022-07-04 14:16 ` mir at gcc dot gnu.org 2022-07-23 17:40 ` dmalcolm at gcc dot gnu.org 2022-07-27 13:58 ` mir at gcc dot gnu.org 2022-08-02 18:03 ` mir at gcc dot gnu.org 2022-10-24 21:00 ` dmalcolm at gcc dot gnu.org 2022-11-03 14:58 ` dmalcolm at gcc dot gnu.org 2022-11-15 19:11 ` dmalcolm at gcc dot gnu.org 2022-11-15 19:13 ` dmalcolm at gcc dot gnu.org 2023-01-10 16:13 ` dmalcolm at gcc dot gnu.org
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-106003-4@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).