Hi Sam, John and Jeff,
I'm writing to you, as you're listed as the
administrator of the git.git project
on scan.coverity.com
We're currently seeing lots of false positives
as the xmalloc/xrealloc function is handled not properly
by coverity. There are lots of errors "Allocation too small for type"
Quoting (starting linenumbers are code) from some xrealloc ocurrence:
95void *xrealloc(void *ptr, size_t size)
96{
97 void *ret;
98
99 memory_limit_check(size);
100 ret = realloc(ptr, size);
1. Condition "!ret", taking true branch
2. Condition "!size", taking true branch
101 if (!ret && !size)
3. buffer_alloc: "realloc(void *, size_t)" which allocates 1 bytes based on "1UL".
4. var_assign: Assigning: "ret" = storage allocated by "realloc(ptr, 1UL)".
102 ret = realloc(ptr, 1);
5. Condition "!ret", taking false branch
103 if (!ret) {
104 try_to_free_routine(size);
105 ret = realloc(ptr, size);
106 if (!ret && !size)
107 ret = realloc(ptr, 1);
108 if (!ret)
109 die("Out of memory, realloc failed");
110 }
6. return_dbuffer: Returning allocated array "ret".
111 return ret;
112}
However I have reviewed the function and I'd be pretty sure it would work as expected.
According to https://scan.coverity.com/tune we can upload a modelling file,
which will allow us to supress such false positive errors.
I believe we'd need to put in the modelling file something like:
// coverity[+alloc]
void *xrealloc(void *ptr, size_t size);
and that should do. We'd not need to modify the git.git sources,
but just add such a declaration to the modelling file.
Does anyone of you administrators want to experiment with that?
Cheers,
Stefan
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html