Pclose double freed not been catched

SonarQube Version 8.9

Hi all,
I compiled an image with ASAN(AddressSanitizer) for our arm machine, the source code with structure showed below passed compiling and has no error in SonarQube analysis.
But, in fact, the code caused issues when executing on the arm machine,
pclose will not set a FILE pointer to null, thus this code pclose a FILE pointer twice and caused a double freed issues on the machine, and caught by ASAN.
Shouldn’t this kind of error be caught by SonarQube?

void function()
    FILE *fd;
    fd = popen(MY_PATH, "r");
    if (fgets(SOME_CHAR_ARRAY, 256, fd) == NULL)
        goto end;
    if (fd) pclose(fd);

Wonder if I misunderstand the issue or it’s a bug in SonarQube.

Hello @deron.chen ,

We do not raise any issue in your case because we do not support the POSIX function pclose. The rule you’re mentioning (RSPEC-3588) only supports fclose.
I created this ticket to handle that.

Thank you

1 Like

Hi Amelie,

Thanks for replying and help, appreciate that.

Best Regards,

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.