SecureCoding-5.15

Escaping of the address of an automatic object

Required inputs: IR

Rule description is currently unavailable for legal reasons.

Possible Messages

Key	Text	Severity	Disabled
possibly_leaking_reference_to_local_variable	Potentially leaking reference/pointer to local variable.	None	False

Options

• This rule shares the following common options: exclude_in_macros, exclude_messages_in_system_headers, excludes, extend_exclude_to_macro_invocations, includes, justification_checker, languages, post_processing, provider, report_at, severity

• The following places define options that affect this rule: Stylechecks, Analysis-GlobalOptions

additional_pointer_returns

additional_pointer_returns : set[str] = set()

Set of qualified names of member functions that are considered to return a reference or pointer to this or a subobject thereof. For this option to have effect, consider_pointer_returns has to be enabled, too.

 

allow_longer_living_local

allow_longer_living_local : bool = False

Whether assignment to a longer-living local variable should be accepted.

 

consider_constructors_as_capturing

consider_constructors_as_capturing : bool = False

Whether passing a reference or pointer to a local variable into a constructor should be considered as capturing. If the constructed object is assigned to some nonlocal object, a message is issued. If set to False, passing references or pointers into a constructor call has no effect on the analysis.

 

consider_pointer_returns

consider_pointer_returns : bool = False

Whether the return value of a function that returns a reference or pointer to its argument or to an object owned by its argument should be considered, when called on a local variable. E.g., std::string::data

 

consider_std_addressof

consider_std_addressof : bool = True

Consider a call to std::addressof as an address-taking operation.