Re: CPPCheck found 24 high risk bugs in Git v.1.8.3.4 (fetch.c L588)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: "Philip Oakley" <philipoakley@xxxxxxx>
Sent: Monday, August 19, 2013 10:46 PM
From: "Koch, Rick (Subcontractor)" <Rick.Koch@xxxxxxx>

Ran CPPCheck 1.5.6 on Windows-XP.

Hi Rick,
Thank you for the clarification.
Normal practice on the list is to use Reply All, so everyone can participate in the discussion.

It looks like most of the reports are false positives. My bikeshedding thought would be that it is common in Git to inspect all the call sites such that they don't create the various problems, rather than protect against the problems within the various functions, which may be a cause of the reports (i.e. different philosophical approach to checking).


I have double checked the reported:
   "wrongPrintfScanfArgNum(CppCheck) \git-master\builtin\fetch.c
   fetch.c 588".

                       fprintf(stderr, " x %-*s %-*s -> %s\n",
                               TRANSPORT_SUMMARY(_("[deleted]")),
REFCOL_WIDTH, _("(none)"), prettify_refname(ref->name));


At first it did look like there were not enough parameters to satisfy the "%-*s" format strings, given that the second invocation has an obvious width. This is the only usage within the prune_refs function.

A little further looking shows that the "%-*s" format is used extensively in the wider fetch.c and that the TRANSPORT_SUMMARY(), macro returns two values as required by the fprintf.

Inaddition those other invocations aren't flagged showing that this is a false positive, and is a good example for feeding back to CPPCheck (If you wish Rick) as an example so they can see what went wrong.

Does CPPCheck give more details of 'why' it thinks the other faults are present? (e.g. the double pointer checks which can be tricky)

regards

Philip
---

v/r

Roderick (Rick) Koch
OSF - Information Assurance
Team Teledyne / Sentar Inc.
Work: 256-726-1253
Rick.Koch@xxxxxxx


-----Original Message-----
From: Philip Oakley [mailto:philipoakley@xxxxxxx]

From: "Koch, Rick (Subcontractor)" <Rick.Koch@xxxxxxx>
Sent: Monday, August 19, 2013 6:09 PM
I'm directing to this e-mail, as it seems to be the approved forum for
posting Git bugs. We ran CPPCheck against Git v.1.8.3.4 and found 24
high risk bugs. Please see the attachment xlsx.

Is there a method to post to the Git community to allow the community
to review and debunk as faults positive or develop patches to fix lists
code files?

v/r

Roderick (Rick) Koch
Information Assurance
Rick.Koch@xxxxxxx

What OS version / CPPCheck version was this checked on?

In case other readers don't have a .xlsx reader here is Rick's list in plain text (may be white space damaged).

I expect some will be false positives, and some will just be being too cautious.

Philip

description resourceFilePath fileName lineNumber
     nullPointer(CppCheck) \git-master\builtin\add.c add.c 286
wrongPrintfScanfArgNum(CppCheck) \git-master\builtin\fetch.c fetch.c 588

False positive.

     nullPointer(CppCheck) \git-master\builtin\ls-files.c ls-files.c
144
     nullPointer(CppCheck) \git-master\builtin\merge.c merge.c 1208
     doubleFree(CppCheck) \git-master\builtin\notes.c notes.c 275
     nullPointer(CppCheck) \git-master\builtin\reflog.c reflog.c 437
     uninitvar(CppCheck) \git-master\builtin\rev-list.c rev-list.c 342
     uninitvar(CppCheck) \git-master\builtin\rev-list.c rev-list.c 342
     uninitvar(CppCheck) \git-master\compat\regex\regcomp.c regcomp.c
2803
     uninitvar(CppCheck) \git-master\compat\regex\regcomp.c regcomp.c
2802
     uninitvar(CppCheck) \git-master\compat\regex\regcomp.c regcomp.c
2805
memleakOnRealloc(CppCheck) \git-master\compat\win32\syslog.c syslog.c 46

True report.

     uninitvar(CppCheck)
\git-master\contrib\examples\builtin-fetch--tool.c builtin-fetch--tool.c
419
     uninitvar(CppCheck) \git-master\fast-import.c fast-import.c 2917
     nullPointer(CppCheck) \git-master\line-log.c line-log.c 638
     nullPointer(CppCheck) \git-master\mailmap.c mailmap.c 156
uninitvar(CppCheck) \git-master\merge-recursive.c merge-recursive.c 1887
     uninitvar(CppCheck) \git-master\notes.c notes.c 805
     uninitvar(CppCheck) \git-master\notes.c notes.c 805
     deallocret(CppCheck) \git-master\pretty.c pretty.c 677
     resourceLeak(CppCheck) \git-master\refs.c refs.c 3041
     doubleFree(CppCheck) \git-master\sequencer.c sequencer.c 924
     nullPointer(CppCheck) \git-master\sha1_file.c sha1_file.c 125
     doubleFree(CppCheck) \git-master\shell.c shell.c 130


--
Philip
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]