On 04.08.2016 09:54, Peter Krempa wrote: > On Thu, Aug 04, 2016 at 09:47:45 +0200, Michal Privoznik wrote: >> The virJSONValueArraySize() function return ssize_t (with >> possibly returning -1 if the passed json is not an array). >> Storing the return value into size_t is possibly dangerous then. > > Not in this case. All code paths calling this function guarantee that > the JSON object is an array, so it won't ever be negative. Not quite. We have the function exposed. So even though there currently isn't caller that passes non-array, it is still worth fixing IMO. > > Don't trust anything that coverity tells you. I'm not, that's why I've sent fixes just for true positives. Michal -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list