CodeQL warning about returning stack-allocated memory in gettext.h

bug-gnulib

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CodeQL warning about returning stack-allocated memory in gettext.h

From:	Eric Gallager
Subject:	CodeQL warning about returning stack-allocated memory in gettext.h
Date:	Tue, 14 Nov 2023 19:27:22 -0500

Hi, I have a project that uses gnulib's gettext.h, and also has CodeQL
scanning turned on in GitHub. In this project, CodeQL warns about the
"return translation;" statement on line 247 of gettext.h, saying that
it "May return stack-allocated memory from msg_ctxt_id."
The rule implementing this check can be found here:
https://github.com/github/codeql/blob/78fcbd07d654881d9d3395efc0ea371c392529de/cpp/ql/src/Likely%20Bugs/Memory%20Management/ReturnStackAllocatedMemory.ql
It also cross-references it against CWE-825:
https://cwe.mitre.org/data/definitions/825.html
Is this something worth fixing, or should I just dismiss the alert?
Thanks,
Eric Gallager

[Prev in Thread]

Current Thread

[Next in Thread]

CodeQL warning about returning stack-allocated memory in gettext.h, Eric Gallager <=
- Re: CodeQL warning about returning stack-allocated memory in gettext.h, Bruno Haible, 2023/11/14
  - Re: CodeQL warning about returning stack-allocated memory in gettext.h, Eric Gallager, 2023/11/14

Prev by Date: Re: random(3) in OpenBSD
Next by Date: Re: CodeQL warning about returning stack-allocated memory in gettext.h
Previous by thread: Re: random(3) in OpenBSD
Next by thread: Re: CodeQL warning about returning stack-allocated memory in gettext.h
Index(es):
- Date
- Thread