[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CodeQL warning about returning stack-allocated memory in gettext.h
From: |
Eric Gallager |
Subject: |
CodeQL warning about returning stack-allocated memory in gettext.h |
Date: |
Tue, 14 Nov 2023 19:27:22 -0500 |
Hi, I have a project that uses gnulib's gettext.h, and also has CodeQL
scanning turned on in GitHub. In this project, CodeQL warns about the
"return translation;" statement on line 247 of gettext.h, saying that
it "May return stack-allocated memory from msg_ctxt_id."
The rule implementing this check can be found here:
https://github.com/github/codeql/blob/78fcbd07d654881d9d3395efc0ea371c392529de/cpp/ql/src/Likely%20Bugs/Memory%20Management/ReturnStackAllocatedMemory.ql
It also cross-references it against CWE-825:
https://cwe.mitre.org/data/definitions/825.html
Is this something worth fixing, or should I just dismiss the alert?
Thanks,
Eric Gallager
- CodeQL warning about returning stack-allocated memory in gettext.h,
Eric Gallager <=