https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107648
Bug ID: 107648
Summary: RFE: add an attribute for indicating
security-sensitive data
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: dmalcolm at gcc dot gnu.org
Target Milestone: ---
-fanalyzer implements -Wanalyzer-exposure-through-output-file, but it's
currently just a proof-of-concept, where the only source of "sensitive" data is
hardcoded as the result of the getpass function.
Consider "explicit_bzero":
https://man7.org/linux/man-pages/man3/bzero.3.html
It would be nice to have an attribute for marking the argument to
explicit_bzero as being security-sensitive, and the analyzer could perhaps then
walk backwards from the callsite, checking that the contents of the buffer
don't get exposed anywhere.
Similarly, this could perhaps be used for annotating e.g. security APIs where
private keys are passed in.
