From f3f312b535f57b5773953746f6ad0d890ce09b88 Mon Sep 17 00:00:00 2001
From: David Malcolm <dmalcolm@redhat.com>
Date: Wed, 18 Nov 2020 15:53:36 -0500
Subject: analyzer: only use CWE-690 for unchecked return value [PR97893]

CWE-690 is only for dereferencing an unchecked return value; for
other kinds of NULL dereference, use the parent classification, CWE-476.

gcc/analyzer/ChangeLog:
	PR analyzer/97893
	* sm-malloc.cc (null_deref::emit): Use CWE-476 rather than
	CWE-690, as this isn't due to an unchecked return value.
	(null_arg::emit): Likewise.

gcc/testsuite/ChangeLog:
	PR analyzer/97893
	* gcc.dg/analyzer/malloc-1.c: Add CWE-690 and CWE-476 codes to
	expected output.
---
 gcc/analyzer/sm-malloc.cc | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'gcc/analyzer/sm-malloc.cc')

diff --git a/gcc/analyzer/sm-malloc.cc b/gcc/analyzer/sm-malloc.cc
index fd12a35..4c38738 100644
--- a/gcc/analyzer/sm-malloc.cc
+++ b/gcc/analyzer/sm-malloc.cc
@@ -675,9 +675,9 @@ public:
 
   bool emit (rich_location *rich_loc) FINAL OVERRIDE
   {
-    /* CWE-690: Unchecked Return Value to NULL Pointer Dereference.  */
+    /* CWE-476: NULL Pointer Dereference.  */
     diagnostic_metadata m;
-    m.add_cwe (690);
+    m.add_cwe (476);
     return warning_meta (rich_loc, m,
 			 OPT_Wanalyzer_null_dereference,
 			 "dereference of NULL %qE", m_arg);
@@ -723,10 +723,10 @@ public:
 
   bool emit (rich_location *rich_loc) FINAL OVERRIDE
   {
-    /* CWE-690: Unchecked Return Value to NULL Pointer Dereference.  */
+    /* CWE-476: NULL Pointer Dereference.  */
     auto_diagnostic_group d;
     diagnostic_metadata m;
-    m.add_cwe (690);
+    m.add_cwe (476);
 
     bool warned;
     if (zerop (m_arg))
-- 
cgit v1.1