1

Reading the GCC 6 Release Series Changes, New Features, and Fixes I find very interesting the new option -Wmisleading-indentation:

-Wmisleading-indentation warns about places where the indentation of the code
    gives a misleading idea of the block structure of the code to a human reader.
    For example, given CVE-2014-1266:

sslKeyExchange.c: In function 'SSLVerifySignedServerKeyExchange':
sslKeyExchange.c:631:8: warning: statement is indented as if it were guarded by... [-Wmisleading-indentation]
        goto fail;
        ^~~~
sslKeyExchange.c:629:4: note: ...this 'if' clause, but it is not
    if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
    ^~

I am just wondering how the option can recognize reliable these kind of misleading indentation when the tab space is "unknown" to gcc due to the fact it can be 4 or 8 or even what ever...

Peter VARGA
  • 1,012
  • 2
    https://gcc.gnu.org/gcc-6/porting_to.html "Source files with mixed tabs and spaces that don't use 8-space tabs may lead to warnings. [...]" – Mat Mar 01 '16 at 11:54
  • @Mat OK. I must admit I was a bit naive because I would expect in the option description a cross reference or at least a remark to this page. – Peter VARGA Mar 01 '16 at 11:56
  • It is also relatively seldom to have two consecutive lines, which are probably written by the same person, with different notation (space vs. hard tab). [I assume that such errors arrives on first write of the code, not when patching an other people code.] – Giacomo Catenazzi Mar 01 '16 at 13:22

1 Answers1

2

It can't. The developers state explicitly that it is based on a set of heuristics tuned to catch most misleading indentation without too much noise. As with other compiler warnings, there will be false positives and false negatives. Let current GCC loose on most any code with -Wall and weep.

vonbrand
  • 18,253
  • 1
    According to [Porting to GCC 6] (https://www.gnu.org/software/gcc/gcc-6/porting_to.html) tabs are interpreted by WmisleadingIndentation as 8 spaces, unless you add -ftabstop=4 to the compiler flags. This can eliminate some false-positives.

    But you're better off using tabs or spaces for indentation - not a mix of both in the same file. Once your code is clean in this manner, this warning flag will find both cosmetic issues (misleading indentation) as well as missing braces under an if or for. Its well worth the pain.

     – MikeOnline Oct 10 '18 at 20:46