https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71219
Bug ID: 71219
Summary: Warn about (struct S*)malloc(n) where n <
sizeof(struct S)
Product: gcc
Version: 7.0
Status: UNCONFIRMED
Keywords: diagnostic
Severity: enhancement
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: redi at gcc dot gnu.org
Target Milestone: ---
The change in http://www.open-std.org/jtc1/sc22/wg14/www/docs/n2010 for the
ISO/IEC TS 17961:2013 secure coding guidelines for C would make sense as a GCC
warning, even if the rest of the TS isn't supported.
struct S1 {
unsigned int x;
float y;
struct S1 *z;
};
struct S1 *f1(void) {
struct S1 *p = (struct S1*)malloc(sizeof(p)); // diagnostic required
return p;
}
The malloc call can be presumed to be for an object of type struct S1, as
implied by the cast and the variable it is used to initialize, so trying to
allocate fewer than sizeof(struct S1) bytes should be diagnosed.
This would issue a warning for some of the bugs shown in
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=25702#c3 which are not diagnosed
by -Wsizeof-pointer-memaccess
