From: Junio C Hamano <gitster@pobox.com>
To: "Theodore Ts'o" <tytso@mit.edu>
Cc: Johannes Schindelin <Johannes.Schindelin@gmx.de>,
Markus Vervier <markus.vervier@x41-dsec.de>,
git@vger.kernel.org
Subject: Re: Covierty Integration / Improvement
Date: Wed, 06 Apr 2022 13:20:10 -0700 [thread overview]
Message-ID: <xmqqfsmqx8ud.fsf@gitster.g> (raw)
In-Reply-To: <Yk3UAz3sn9KhMnyf@mit.edu> (Theodore Ts'o's message of "Wed, 6 Apr 2022 13:55:15 -0400")
"Theodore Ts'o" <tytso@mit.edu> writes:
> On Wed, Apr 06, 2022 at 05:08:37PM +0200, Johannes Schindelin wrote:
>> I have fixed Git for Windows' Coverity build and started to sift through
>> the 154 new defects reported as of v2.36.0-rc0.
>>
>> Sadly, there is now a new class of overwhelming false positives: Coverity
>> claims that "strbuf_addstr does not [NUL-]terminate", which is of course
>> false.
>
> It should be possible to suppress this by uploading a Coverity model
> file. See[1] for more details:
>
> [1] https://community.synopsys.com/s/article/practical-example-of-coverity-function-model
>
> I've suppressed a similar issue by using the attribute __nonstring,
> but I don't think that will work for git, because strbuf->buf really
> *is* a NUL-terminated string, where as in ext4 we have some fields
> which are designed to be NUL padded, but it is *not* guaranteed to be
> NUL-terminated:
That is very much expected from filesystem code, for which strncmp()
and friends were invented for ;-)
> (This is needed to suppress warnings by Clang as well.)
>
> Using __nonstring will result in attempts to use s_volume_name in "C"
> string context to give a warning, which is why this isn't right for
> strbuf->buf.
Indeed. We do aim to make reading .buf member as NUL-terminated
string safe, so it would make it very inconvenient to warn against
such uses.
Thanks.
next prev parent reply other threads:[~2022-04-06 21:23 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-01 20:49 Covierty Integration / Improvement Markus Vervier
2022-04-03 21:36 ` Junio C Hamano
2022-04-03 23:16 ` Theodore Ts'o
2022-04-04 10:14 ` Ævar Arnfjörð Bjarmason
2022-04-05 22:22 ` Johannes Schindelin
2022-04-05 22:17 ` Johannes Schindelin
2022-04-06 15:08 ` Johannes Schindelin
2022-04-06 17:55 ` Theodore Ts'o
2022-04-06 20:20 ` Junio C Hamano [this message]
2022-04-07 11:49 ` Johannes Schindelin
2022-04-07 7:21 ` Markus Vervier
2022-04-07 11:58 ` Johannes Schindelin
[not found] ` <CAJY0qZLwQJ_6Me1em4X6M=YJb0O2+7rSYeKisLFOGH7_BW3Lww@mail.gmail.com>
[not found] ` <CAJY0qZJaBvwA19PN=Gm4c5gSVqYYBOoVwgF=1mZTNEjmXFSc7A@mail.gmail.com>
2022-05-10 17:46 ` Derek Zimmer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqfsmqx8ud.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=markus.vervier@x41-dsec.de \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.