https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105894
Bug ID: 105894 Summary: RFE: -fanalyzer could complain about misuse of functions that return pointers to a static buffer Product: gcc Version: 12.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: dmalcolm at gcc dot gnu.org Blocks: 105887 Target Milestone: --- See https://clang.llvm.org/docs/analyzer/checkers.html#alpha-security-cert-env-invalidptr and SEI CERT Rule ENV34-C. Perhaps we could add an attribute that says "this function returns a pointer to a static buffer that becomes invalid on successive calls" and complain if such pointers are misused. The analyzer's region model might make this fairly easy to implement. Referenced Bugs: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105887 [Bug 105887] RFE: clang analyzer warnings that GCC's -fanalyzer could implement