1 |
the newer fortify/security work in gcc provides some nice checks which portage |
2 |
doesnt currently flag. those are: |
3 |
": warning: array subscript is below array bounds$" |
4 |
": warning: array subscript is above array bounds$" |
5 |
": warning: attempt to free a non-heap object" |
6 |
": warning: .* called with .*bigger.* than .* destination buffer$" |
7 |
": warning: call to .* will always overflow destination buffer$" |
8 |
|
9 |
this should catch the kind of checks where people check for pointer math |
10 |
overflow but dont realize that gcc optimizes it away: |
11 |
": warning: assuming pointer wraparound does not occur when comparing " |
12 |
|
13 |
these tend to be typos in code: |
14 |
": warning: hex escape sequence out of range$" |
15 |
": warning: [^ ]*-hand operand of comma .*has no effect$" |
16 |
|
17 |
these too are typos/thinkos involving NULL instead of a value of 0, or |
18 |
misordering of arguments: |
19 |
": warning: converting to non-pointer type .* from NULL" |
20 |
": warning: NULL used in arithmetic$" |
21 |
": warning: passing NULL to non-pointer argument" |
22 |
|
23 |
these tend to be thinkos which result in incorrect behavior: |
24 |
": warning: the address of [^ ]* will always evaluate as" |
25 |
": warning: the address of [^ ]* will never be NULL" |
26 |
think "char foo[1234]" and later doing "if (foo) ..." |
27 |
|
28 |
i cant see this being valid: |
29 |
": warning: too few arguments for format" |
30 |
|
31 |
or trying to return addresses to function locals: |
32 |
": warning: reference to local variable .* returned" |
33 |
": warning: returning reference to temporary" |
34 |
": warning: function returns address of local variable" |
35 |
-mike |