[Bug analyzer/105890] RFE: -fanalyzer should complain about mkstemp with not enough "X"s in format string

Tue, 28 Apr 2026 16:13:31 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105890

--- Comment #4 from GCC Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by David Malcolm <[email protected]>:

https://gcc.gnu.org/g:aa34ed4b6a11f40bd9fbdb816095995f5733b6e7

commit r17-176-gaa34ed4b6a11f40bd9fbdb816095995f5733b6e7
Author: Tomás Ortín Fernández <[email protected]>
Date:   Thu Mar 12 08:58:42 2026 +0100

    analyzer: new warnings -Wanalyzer-mkstemp-missing-suffix and
-Wanalyzer-mkstemp-of-string-literal [PR105890]

    This patch adds two new analyzer warnings for misuse of mkstemp(3):

      -Wanalyzer-mkstemp-of-string-literal warns when a string literal is
      passed to mkstemp.  Since mkstemp modifies its argument in place,
      passing a string literal is undefined behavior (SEI CERT C rule
      STR30-C).  The diagnostic suggests using a writable character array
      instead.

      -Wanalyzer-mkstemp-missing-suffix warns when the template argument
      does not end with the required "XXXXXX" suffix.  This addresses PR
      analyzer/105890.

    Both warnings are enabled by default under -fanalyzer.

    The checks are in the analyzer rather than -Wformat because mkstemp
    does not use a format attribute.  Placing the checks in the analyzer
    could also allow interprocedural analysis in the future, once the
    analyzer can fully track string contents across function calls.

    Bootstrapped and tested on x86_64-pc-linux-gnu.

    gcc/analyzer/ChangeLog:

            PR analyzer/105890
            * analyzer.opt: Add -Wanalyzer-mkstemp-missing-suffix and
            -Wanalyzer-mkstemp-of-string-literal.
            * analyzer.opt.urls: Add URL entries for the new warnings.
            * kf.cc (class mkstemp_of_string_literal): New diagnostic class
            for mkstemp called on a string literal.
            (class mkstemp_missing_suffix): New diagnostic class for mkstemp
            called with a template missing the "XXXXXX" suffix.
            (class kf_mkstemp): New known_function handler for mkstemp.
            (register_known_functions): Register kf_mkstemp.

    gcc/ChangeLog:

            PR analyzer/105890
            * doc/invoke.texi: Add -Wanalyzer-mkstemp-missing-suffix and
            -Wanalyzer-mkstemp-of-string-literal.

    gcc/testsuite/ChangeLog:

            PR analyzer/105890
            * gcc.dg/analyzer/mkstemp-1.c: New test.

    Signed-off-by: Tomas Ortin Fernandez (quanrong) <[email protected]>

Reply via email to