| 1 |
the newer fortify/security work in gcc provides some nice checks which portage |
| 2 |
doesnt currently flag. those are: |
| 3 |
": warning: array subscript is below array bounds$" |
| 4 |
": warning: array subscript is above array bounds$" |
| 5 |
": warning: attempt to free a non-heap object" |
| 6 |
": warning: .* called with .*bigger.* than .* destination buffer$" |
| 7 |
": warning: call to .* will always overflow destination buffer$" |
| 8 |
|
| 9 |
this should catch the kind of checks where people check for pointer math |
| 10 |
overflow but dont realize that gcc optimizes it away: |
| 11 |
": warning: assuming pointer wraparound does not occur when comparing " |
| 12 |
|
| 13 |
these tend to be typos in code: |
| 14 |
": warning: hex escape sequence out of range$" |
| 15 |
": warning: [^ ]*-hand operand of comma .*has no effect$" |
| 16 |
|
| 17 |
these too are typos/thinkos involving NULL instead of a value of 0, or |
| 18 |
misordering of arguments: |
| 19 |
": warning: converting to non-pointer type .* from NULL" |
| 20 |
": warning: NULL used in arithmetic$" |
| 21 |
": warning: passing NULL to non-pointer argument" |
| 22 |
|
| 23 |
these tend to be thinkos which result in incorrect behavior: |
| 24 |
": warning: the address of [^ ]* will always evaluate as" |
| 25 |
": warning: the address of [^ ]* will never be NULL" |
| 26 |
think "char foo[1234]" and later doing "if (foo) ..." |
| 27 |
|
| 28 |
i cant see this being valid: |
| 29 |
": warning: too few arguments for format" |
| 30 |
|
| 31 |
or trying to return addresses to function locals: |
| 32 |
": warning: reference to local variable .* returned" |
| 33 |
": warning: returning reference to temporary" |
| 34 |
": warning: function returns address of local variable" |
| 35 |
-mike |
Archives