https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94640
Bug ID: 94640
Summary: false-positive leaking FILE pointer assigned to
function passed pointer
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: cgzones at googlemail dot com
Target Milestone: ---
Minimized code snippet:
```
#include <stdio.h>
int debug;
int opencfgfile(const char *cfgfile, FILE **fd)
{
if (cfgfile[0] != '\0') {
if ((*fd = fopen(cfgfile, "r")) != NULL) {
if (debug) // <-- this seems to trigger the fp
printf("Config file: --config\n");
}
}
return 2;
}
```
Original code:
https://github.com/vergoh/vnstat/blob/f98c27eaba27ebda703737f8a5539a77b891561e/src/cfg.c#L364
GCC analyzer output:
```
$ gcc-10 -c -Wall -Wextra -fanalyzer return_filepointer.c
return_filepointer.c: In function ‘opencfgfile’:
return_filepointer.c:10:8: warning: leak of FILE ‘<unknown>’ [CWE-775]
[-Wanalyzer-file-leak]
10 | if (debug)
| ^~~~~
‘opencfgfile’: events 1-7
|
| 7 | if (cfgfile[0] != '\0') {
| | ^
| | |
| | (1) following ‘true’ branch...
| 8 |
| 9 | if ((*fd = fopen(cfgfile, "r")) != NULL) {
| | ~ ~~~~~~~~~~~~~~~~~~~
| | | |
| | | (2) ...to here
| | | (3) opened here
| | (4) assuming ‘<unknown>’ is non-NULL
| | (5) following ‘true’ branch...
| 10 | if (debug)
| | ~~~~~
| | |
| | (6) ...to here
| | (7) ‘<unknown>’ leaks here; was opened at (3)
|
```
GCC version:
```
gcc-10 (Debian 10-20200411-1) 10.0.1 20200411 (experimental) [master revision
bb87d5cc77d:75961caccb7:f883c46b4877f637e0fa5025b4d6b5c9040ec566]
```
