https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115735
Bug ID: 115735
Summary: Analyzer misses trivial syslog() call in signal
handler
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: sjames at gcc dot gnu.org
Target Milestone: ---
Poking at this for obvious reasons (openssh CVE-2024-638;
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt).
-fanalyzer seems to miss a trivial syslog() call in a signal handler, not
emitting -Wanalyzer-unsafe-call-within-signal-handler:
```
#include <signal.h>
#include <stddef.h>
#include <stdio.h>
#include <stdlib.h>
#include <syslog.h>
void handle_the_signals() {
syslog(0, "Hello\n"); /* Expected
-Wanalyzer-unsafe-call-within-signal-handler */
}
int main(void) {
struct sigaction act = {0};
act.sa_sigaction = &handle_the_signals;
if (sigaction(SIGSEGV, &act, NULL) == -1) {
perror("sigaction");
exit(EXIT_FAILURE);
}
raise(SIGSEGV);
}
```
Am I missing something?
