diff options
| author | Paul Eggert <eggert@cs.ucla.edu> | 2023-04-24 12:06:55 -0700 |
|---|---|---|
| committer | Paul Eggert <eggert@cs.ucla.edu> | 2023-04-24 12:07:40 -0700 |
| commit | 4bb14d69493fd3bbc328b86755420892a88d3fd8 (patch) | |
| tree | fc09f7a7eefc2cc077dc4b9bb4ce77961da52669 | |
| parent | b98993a1baaa2fc39b301676ecbd8bb29e1d9c96 (diff) | |
| download | gnulib-4bb14d69493fd3bbc328b86755420892a88d3fd8.tar.gz | |
fclose: pacify gcc -Wanalyzer-file-leak
Without this patch, building coreutils with
--enable-gcc-checking=expensive would fail with a message like
“lib/exclude.c:682:6: error: leak of FILE 'in' [CWE-775]
[-Werror=analyzer-file-leak]”, because Gnulib replaced fclose but
not fopen, and GCC saw a call to fopen followed by a call to
rpl_fclose. The patch causes GCC to instead see a call to
rpl_fopen followed by rpl_fclose.
* m4/fclose.m4 (gl_FUNC_FCLOSE): Replace fopen when replacing
fclose.
* modules/fclose (Depends-on): Add fopen.
(configure.ac): Replace fopen when replacing fclose.
| -rw-r--r-- | ChangeLog | 13 | ||||
| -rw-r--r-- | m4/fclose.m4 | 4 | ||||
| -rw-r--r-- | modules/fclose | 6 |
3 files changed, 23 insertions, 0 deletions
@@ -1,5 +1,18 @@ 2023-04-24 Paul Eggert <eggert@cs.ucla.edu> + fclose: pacify gcc -Wanalyzer-file-leak + Without this patch, building coreutils with + --enable-gcc-checking=expensive would fail with a message like + “lib/exclude.c:682:6: error: leak of FILE 'in' [CWE-775] + [-Werror=analyzer-file-leak]”, because Gnulib replaced fclose but + not fopen, and GCC saw a call to fopen followed by a call to + rpl_fclose. The patch causes GCC to instead see a call to + rpl_fopen followed by rpl_fclose. + * m4/fclose.m4 (gl_FUNC_FCLOSE): Replace fopen when replacing + fclose. + * modules/fclose (Depends-on): Add fopen. + (configure.ac): Replace fopen when replacing fclose. + unsetenv-tests: pacify -Wanalyzer-putenv-of-auto-var * tests/test-unsetenv.c (main): Make entry static. Even with this change, it’s unclear whether this test is portable POSIX code, but diff --git a/m4/fclose.m4 b/m4/fclose.m4 index dc021dd9f3..74b7df0a77 100644 --- a/m4/fclose.m4 +++ b/m4/fclose.m4 @@ -31,6 +31,10 @@ AC_DEFUN([gl_FUNC_FCLOSE], *) REPLACE_FCLOSE=1 ;; esac fi + + if test $REPLACE_FCLOSE = 1; then + REPLACE_FOPEN=1 + fi ]) dnl Determine whether fclose works on input streams. diff --git a/modules/fclose b/modules/fclose index 703de9e686..9a949e48b8 100644 --- a/modules/fclose +++ b/modules/fclose @@ -9,12 +9,18 @@ Depends-on: stdio close [test $REPLACE_FCLOSE = 1] fflush [test $REPLACE_FCLOSE = 1] +fopen [test $REPLACE_FCLOSE = 1] freading [test $REPLACE_FCLOSE = 1] lseek [test $REPLACE_FCLOSE = 1] msvc-inval [test $REPLACE_FCLOSE = 1] configure.ac: gl_FUNC_FCLOSE +if test $REPLACE_FCLOSE = 1; then + REPLACE_FOPEN=1 + AC_LIBOBJ([fopen]) + gl_PREREQ_FOPEN +fi gl_CONDITIONAL([GL_COND_OBJ_FCLOSE], [test $REPLACE_FCLOSE = 1]) gl_STDIO_MODULE_INDICATOR([fclose]) |