public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug analyzer/95026] New: "leak of FILE" false positive [CWE-775] [-Wanalyzer-file-leak]
@ 2020-05-09 21:25 vincent-gcc at vinc17 dot net
2020-08-13 20:35 ` [Bug analyzer/95026] " dmalcolm at gcc dot gnu.org
0 siblings, 1 reply; 2+ messages in thread
From: vincent-gcc at vinc17 dot net @ 2020-05-09 21:25 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95026
Bug ID: 95026
Summary: "leak of FILE" false positive [CWE-775]
[-Wanalyzer-file-leak]
Product: gcc
Version: 10.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: vincent-gcc at vinc17 dot net
Target Milestone: ---
On the following program (obtained after simplifying Mutt's imap/message.c)
struct _IO_FILE;
typedef struct _IO_FILE FILE;
typedef struct _message
{
FILE *fp;
} MESSAGE;
extern FILE *fopen (const char *__restrict __filename,
const char *__restrict __modes);
FILE *f (void);
int imap_fetch_message (int i, MESSAGE *msg, char *p)
{
if ((msg->fp = i ? 0 : f ()))
return 0;
if (p)
msg->fp = fopen (p, "r");
return -1;
}
I get:
zira:~> gcc-10 -c -O2 -fanalyzer tst.i
In function ‘imap_fetch_message’:
tst.i:15:13: warning: leak of FILE ‘<unknown>’ [CWE-775] [-Wanalyzer-file-leak]
15 | msg->fp = fopen (p, "r");
| ~~~~~~~~^~~~~~~~~~~~~~~~
‘imap_fetch_message’: events 1-6
|
| 12 | if ((msg->fp = i ? 0 : f ()))
| | ^
| | |
| | (1) following ‘false’ branch...
| 13 | return 0;
| 14 | if (p)
| | ~
| | |
| | (2) ...to here
| | (3) following ‘true’ branch (when ‘p’ is non-NULL)...
| 15 | msg->fp = fopen (p, "r");
| | ~~~~~~~~~~~~~~~~~~~~~~~~
| | | |
| | | (4) ...to here
| | | (5) opened here
| | (6) ‘<unknown>’ leaks here; was opened at (5)
|
Tested with: gcc-10 (Debian 10.1.0-1) 10.1.0
Note: if I replace the return value -1 by 0, then the warning disappears!
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-08-13 20:35 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-09 21:25 [Bug analyzer/95026] New: "leak of FILE" false positive [CWE-775] [-Wanalyzer-file-leak] vincent-gcc at vinc17 dot net
2020-08-13 20:35 ` [Bug analyzer/95026] " dmalcolm at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).