From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 3D1BB38708E6; Sat, 9 May 2020 21:25:53 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 3D1BB38708E6 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1589059553; bh=mlfv0a5p9UJ0hOvf50/Z2rG0WDAB27AFMSQ68pANqxA=; h=From:To:Subject:Date:From; b=G6K7zBzRAbGdT/Y4Ie0r2upFPGnhxPn+2Nm4jlI/qM0DM9QkXSLVU3whlUQwMhVZc Tv+ry8L1Dy7R1UJXFi9R1DdcnvibRTNXophxxJrrmatEP6bLMuH2uT4uy409xyvzsF erih5nXU2rCDmpsvhtma0VVRheYtdiNgkA7MXizM= From: "vincent-gcc at vinc17 dot net" To: gcc-bugs@gcc.gnu.org Subject: [Bug analyzer/95026] New: "leak of FILE" false positive [CWE-775] [-Wanalyzer-file-leak] Date: Sat, 09 May 2020 21:25:53 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: analyzer X-Bugzilla-Version: 10.1.0 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: vincent-gcc at vinc17 dot net X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: dmalcolm at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter target_milestone Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: gcc-bugs@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-bugs mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 May 2020 21:25:53 -0000 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D95026 Bug ID: 95026 Summary: "leak of FILE" false positive [CWE-775] [-Wanalyzer-file-leak] Product: gcc Version: 10.1.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: vincent-gcc at vinc17 dot net Target Milestone: --- On the following program (obtained after simplifying Mutt's imap/message.c) struct _IO_FILE; typedef struct _IO_FILE FILE; typedef struct _message { FILE *fp; } MESSAGE; extern FILE *fopen (const char *__restrict __filename, const char *__restrict __modes); FILE *f (void); int imap_fetch_message (int i, MESSAGE *msg, char *p) { if ((msg->fp =3D i ? 0 : f ())) return 0; if (p) msg->fp =3D fopen (p, "r"); return -1; } I get: zira:~> gcc-10 -c -O2 -fanalyzer tst.i In function =E2=80=98imap_fetch_message=E2=80=99: tst.i:15:13: warning: leak of FILE =E2=80=98=E2=80=99 [CWE-775] [-= Wanalyzer-file-leak] 15 | msg->fp =3D fopen (p, "r"); | ~~~~~~~~^~~~~~~~~~~~~~~~ =E2=80=98imap_fetch_message=E2=80=99: events 1-6 | | 12 | if ((msg->fp =3D i ? 0 : f ())) | | ^ | | | | | (1) following =E2=80=98false=E2=80=99 branch... | 13 | return 0; | 14 | if (p) | | ~ | | | | | (2) ...to here | | (3) following =E2=80=98true=E2=80=99 branch (when =E2=80= =98p=E2=80=99 is non-NULL)... | 15 | msg->fp =3D fopen (p, "r"); | | ~~~~~~~~~~~~~~~~~~~~~~~~ | | | | | | | (4) ...to here | | | (5) opened here | | (6) =E2=80=98=E2=80=99 leaks here; was op= ened at (5) | Tested with: gcc-10 (Debian 10.1.0-1) 10.1.0 Note: if I replace the return value -1 by 0, then the warning disappears!=