keylog: suppress -Wanalyzer-file-leak warnings

This workarounds the following warnings with gcc analyzer:

  kx.c:156:69: error: leak of FILE '<unknown>' [CWE-775] [-Werror=analyzer-file-leak]
    156 |                         _gnutls_bin2hex(session->security_parameters.
        |                                         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
    157 |                                         client_random, GNUTLS_RANDOM_SIZE,
        |                                         ~~~~~~~~~~~~~

This should be harmless because the keylog file pointer is closed in
the ELF destructor.

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/lib/kx.c b/lib/kx.c
index 9f3c14b6dbcec355398bf6163dd4df7f2da3b0f6..5d6420fd4bab6d361ab449426a7cd7cb999175a4 100644 (file)
--- a/lib/kx.c
+++ b/lib/kx.c
@@ -132,6 +132,10 @@ _gnutls_nss_keylog_func(gnutls_session_t session,
        return 0;
 }
 
+/* GCC analyzer doesn't like static FILE pointer */
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wanalyzer-file-leak"
+
 void _gnutls_nss_keylog_write(gnutls_session_t session,
                              const char *label,
                              const uint8_t *secret, size_t secret_size)
@@ -172,6 +176,8 @@ void _gnutls_nss_keylog_deinit(void)
        }
 }
 
+#pragma GCC diagnostic pop
+
 /* here we generate the TLS Master secret.
  */
 static int