[Bug c/71219] Warn about (struct S*)malloc(n) where n < sizeof(struct S)
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71219 Sam James changed: What|Removed |Added Status|NEW |RESOLVED Target Milestone|--- |14.0 Resolution|--- |FIXED --- Comment #7 from Sam James --- Fixed for 14?
[Bug c/71219] Warn about (struct S*)malloc(n) where n < sizeof(struct S)
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71219 --- Comment #6 from CVS Commits --- The master branch has been updated by Martin Uecker : https://gcc.gnu.org/g:d880e093d92084f55b10626610ef059fd9194a6a commit r14-5059-gd880e093d92084f55b10626610ef059fd9194a6a Author: Martin Uecker Date: Thu Jul 27 13:36:05 2023 +0200 c: Add Walloc-size to warn about insufficient size in allocations [PR71219] Add option Walloc-size that warns about allocations that have insufficient storage for the target type of the pointer the storage is assigned to. Added to Wextra. PR c/71219 gcc: * doc/invoke.texi: Document -Walloc-size option. gcc/c-family: * c.opt (Walloc-size): New option. gcc/c: * c-typeck.cc (convert_for_assignment): Add warning. gcc/testsuite: * gcc.dg/Walloc-size-1.c: New test. * gcc.dg/Walloc-size-2.c: New test.
[Bug c/71219] Warn about (struct S*)malloc(n) where n < sizeof(struct S)
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71219 Martin Uecker changed: What|Removed |Added CC||muecker at gwdg dot de --- Comment #5 from Martin Uecker --- PATCH: https://gcc.gnu.org/pipermail/gcc-patches/2023-September/630817.html
[Bug c/71219] Warn about (struct S*)malloc(n) where n < sizeof(struct S)
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71219
Jonathan Wakely changed:
What|Removed |Added
Last reconfirmed|2016-05-26 00:00:00 |2020-11-10
--- Comment #4 from Jonathan Wakely ---
Complete testcase:
#include
struct S1 {
unsigned int x;
floaty;
struct S1 *z;
};
struct S1 *f1(void) {
struct S1 *p = malloc(sizeof(p)); // diagnostic required
return p;
}
It would probably make sense to not only warn for malloc, but also for other
functions with __attribute__((malloc)) and __attribute__((alloc_size(n))) where
n!=sizeof(*p). That would also help for xmalloc and similar wrappers in gcc and
glibc.
[Bug c/71219] Warn about (struct S*)malloc(n) where n < sizeof(struct S)
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71219 --- Comment #3 from Jonathan Wakely --- That example is just taken straight from the WG14 document I linked to. Maybe the compiler should also be able to presume that the allocation is intended for struct S1 if you do: struct S1 *p = malloc(sizeof(p)); but I wanted to suggest following exactly what the secure coding guidelines require.
[Bug c/71219] Warn about (struct S*)malloc(n) where n < sizeof(struct S)
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71219 nsz at gcc dot gnu.org changed: What|Removed |Added CC||nsz at gcc dot gnu.org --- Comment #2 from nsz at gcc dot gnu.org --- note that casting the return value of malloc is an anti-pattern in c and dangerous (unfortunately widespread due to c++). this effectively turns the type-checker off, which is an especially bad idea on a compiler that accepts implicitly declared function calls assuming int return type.
[Bug c/71219] Warn about (struct S*)malloc(n) where n < sizeof(struct S)
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71219 Martin Sebor changed: What|Removed |Added Status|UNCONFIRMED |NEW Last reconfirmed||2016-05-26 CC||msebor at gcc dot gnu.org Ever confirmed|0 |1 --- Comment #1 from Martin Sebor --- I agree. There's additional background on this rule in the CERT C Coding Standard guideline MEM35-C. Allocate sufficient memory for an object (https://www.securecoding.cert.org/confluence/x/2wE) Let me add it to the of list security-related issues to diagnose I've been working on.
