Re: New Defects reported by Coverity Scan for git

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, Jul 31, 2015 at 4:24 AM, Duy Nguyen <pclouds@xxxxxxxxx> wrote:
> Jeff, I suppose you are the admin of git on scan.coverity, or knows
> him/her, perhaps we can add a model for xmalloc to suppress these
> "null pointer deferences" reports? We are sure xmalloc() never returns
> NULL. Qemu did it [1] and it looks simple.. I think something like
> this would do
>
> void *xmalloc(size_t size)
> {
>    void *mem = malloc(size);
>    if (!mem) __coverity_panic__();
>    return mem;
> }
>
> [1] http://git.qemu.org/?p=qemu.git;a=blob;f=scripts/coverity-model.c;h=4c99a85cfc292caa9edd9d041e2683ee53490a8d;hb=e40cdb0e6efb795e4d19368987d53e3e4ae19cf7#l104
>

Taking just that excerpt doesn't work. Upload fails with
"modeling_file.c", line 12: error #20:
          identifier "malloc" is undefined
  void *mem = malloc(size);

I'll look into your reference[1] a bit more and try to follow it as a guidance.


>
> ---------- Forwarded message ----------
> From:  <scan-admin@xxxxxxxxxxxx>
> Date: Fri, Jul 31, 2015 at 5:54 PM
> Subject: New Defects reported by Coverity Scan for git
> To: pclouds@xxxxxxxxx
>
> _______________________________________________________________________________________________________
> *** CID 1313836:  Null pointer dereferences  (FORWARD_NULL)
> /rerere.c: 150 in find_rerere_dir()
> 144                     return NULL; /* BUG */
> 145             pos = sha1_pos(sha1, rerere_dir, rerere_dir_nr,
> rerere_dir_sha1);
> 146             if (pos < 0) {
> 147                     rr_dir = xmalloc(sizeof(*rr_dir));
> 148                     hashcpy(rr_dir->sha1, sha1);
> 149                     rr_dir->status_nr = rr_dir->status_alloc = 0;
>>>>     CID 1313836:  Null pointer dereferences  (FORWARD_NULL)
>>>>     Assigning: "rr_dir->status" = "NULL".
> 150                     rr_dir->status = NULL;
> 151                     pos = -1 - pos;
> 152
> 153                     /* Make sure the array is big enough ... */
> 154                     ALLOC_GROW(rerere_dir, rerere_dir_nr + 1,
> rerere_dir_alloc);
> 155                     /* ... and add it in. */
>
> ** CID 1313835:  Null pointer dereferences  (FORWARD_NULL)
> /builtin/fetch.c: 795 in prune_refs()
> --
> Duy
> --
> To unsubscribe from this list: send the line "unsubscribe git" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]