[dvblast-devel] clang static checker results (8 errors)

[Christophe Massiot]

Hello,

> On 01 Feb 2015, at 00:05, Georgi Chorbadzhiyski <gf at unixsol.org> wrote:
> 
> I've run clang static checker on dvblast and the results are attached. It shows
> some disturbing errors which to me look like they're real.
> 
> Can somebody more familiar with the code please take a look?

Err, that probably means me ;).

> Errors summary:
>  Logic error
>    Branch condition evaluates to a garbage value             3
>    Uninitialized argument value                              1
>  Unix API
>    Allocator sizeof operand mismatch                         2
>    Undefined allocation of 0 bytes (CERT MEM04-C; CWE-131)   2
> 
> The logic errors are the ones that bother me most also the possible zero
> size allocations. The sizeof() ones looks harmless.

I don't understand the "branch condition evaluates to a garbage value" -> in all cases we check if the pointer is NULL or not (if there are some blocks afterwards in p_next). Maybe add an explicit != NULL. Uninitalized argument value seems related. p_block->p_next is initialized to NULL so it should never be undefined. For sizeof stuff, try replacing void ** with char * in TAB_APPEND. It shouldn't make a difference though.

Finally, the zero-size allocation is probably the biggest error in theory, because if i_nb_pids == 0, malloc may return NULL, and then the subsequent memcpy has an invalid pointer, which is illegal even though size == 0. I don't think the current libc implementations break on this though.