Hi Roman,
On Tue, Jul 2, 2024 at 9:41 AM Roman Smirnov <r.smirnov@xxxxxx> wrote:
>
> It is necessary to add a return value check.
>
> Found with the SVACE static analysis tool.
> ---
> src/gatt-database.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/src/gatt-database.c b/src/gatt-database.c
> index 5756eb9d1..99aa6b63a 100644
> --- a/src/gatt-database.c
> +++ b/src/gatt-database.c
> @@ -2625,6 +2625,7 @@ static int sock_io_send(struct io *io, const void *data, size_t len)
> {
> struct msghdr msg;
> struct iovec iov;
> + int fd;
>
> iov.iov_base = (void *) data;
> iov.iov_len = len;
> @@ -2633,7 +2634,13 @@ static int sock_io_send(struct io *io, const void *data, size_t len)
> msg.msg_iov = &iov;
> msg.msg_iovlen = 1;
>
> - return sendmsg(io_get_fd(io), &msg, MSG_NOSIGNAL);
> + fd = io_get_fd(io);
> + if (fd < 0) {
> + error("io_get_fd() returned %d\n", fd);
> + return fd;
> + }
> +
> + return sendmsg(fd, &msg, MSG_NOSIGNAL);
> }
So static analyzers are complaining that we pass a negative fd to the
likes of sendmsg? I assume that it was safe to pass it this way since
the sendmsg would check that fd is valid and return an error, anyway
it is valid point that if we catch it earlier than we can print a
specific error rather then depend on sendmsg return, just wondering
what is the static analyzer trying to do with respect to checking the
values passed to syscalls.
> static void att_disconnect_cb(int err, void *user_data)
> --
> 2.34.1
>
>
--
Luiz Augusto von Dentz
