https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107573
Bug ID: 107573
Summary: RFE: analyzer handling of strtok
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: dmalcolm at gcc dot gnu.org
CC: jamie.bainbridge at gmail dot com
Target Milestone: ---
Would be nice for -fanalyzer to check usage of strtok:
- complain about NULL passed as the string to the first call of strtok reached
from entry to "main" (I don't think there's a guarantee that strtok checks for
this).
- track the previous string passed to strtok, and complain about strtok (NULL,
delim) when the previous string is freed/out-of-scope, etc
- complain about passing a const buffer as the string, given that strtok will
write NUL terminators back to it if it finds a match
See:
https://en.cppreference.com/w/c/string/byte/strtok
https://man7.org/linux/man-pages/man3/strtok.3.html
