[Cluster-devel] [coverity] config

cluster-devel.redhat.com archive mirror
 help / color / mirror / Atom feed

From: Fabio M. Di Nitto <fdinitto@redhat.com>
To: cluster-devel.redhat.com
Subject: [Cluster-devel] [coverity] config
Date: Tue, 25 Oct 2011 14:08:51 +0200	[thread overview]
Message-ID: <1319544550-18366-1-git-send-email-fdinitto@redhat.com> (raw)

Original errors/warnings:

Analysis summary report:
------------------------
Files analyzed                 : 21
Total LoC input to cov-analyze : 29195
Functions analyzed             : 170
Paths analyzed                 : 10405
New defects found              : 136 Total
                                   3 CHECKED_RETURN
                                   2 FORWARD_NULL
                                   4 NO_EFFECT
                                  83 NULL_RETURNS
                                   6 PW.INCLUDE_RECURSION
                                   1 PW.MAIN_WRONG_NUM_PARAMS
                                   1 PW.NOT_COMPATIBLE_WITH_PREVIOUS_DECL
                                  10 RESOURCE_LEAK
                                   2 REVERSE_INULL
                                  13 SECURE_CODING
                                   3 SECURE_TEMP
                                   2 STRING_SIZE
                                   1 TOCTOU
                                   5 UNINIT

After fixes:

Analysis summary report:
------------------------
Files analyzed                 : 21
Total LoC input to cov-analyze : 29313
Functions analyzed             : 169
Paths analyzed                 : 10512
New defects found              : 81 Total
                                 66 NULL_RETURNS
                                  6 PW.INCLUDE_RECURSION
                                  1 PW.NOT_COMPATIBLE_WITH_PREVIOUS_DECL
                                  2 SECURE_CODING
                                  1 TOCTOU
                                  5 UNINIT

NOTES:

66 NULL_RETURNS

can be safely ignored (Coverity doesn't understand errno correctly)

 6 PW.INCLUDE_RECURSION

generated by libxml headers

 1 PW.NOT_COMPATIBLE_WITH_PREVIOUS_DECL

coverity internal declaration mismatch

 2 SECURE_CODING

can't be fixed without a public API change and the requirements
for the API are documented (caller must provide enough buffer)
Fits in the category of *bad* but not bad enough to require an API change

 1 TOCTOU

triggered by a possible race condition in ccs edit functionality. Not
worth fixing as it doesn't affect runtime.

 5 UNINIT

can be safely ignored, triggered by FILE * struct not being completely
initialized by fdopen/fopen.

next             reply	other threads:[~2011-10-25 12:08 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-10-25 12:08 Fabio M. Di Nitto [this message]
2011-10-25 12:08 ` [Cluster-devel] [PATCH 01/19] libccs: check return code consistently Fabio M. Di Nitto
2011-10-25 12:08 ` [Cluster-devel] [PATCH 02/19] ccs_config_dump: remove unnecessary pointer to env Fabio M. Di Nitto
2011-10-25 12:08 ` [Cluster-devel] [PATCH 03/19] ccs_tool: improve error checking on ccs_connect Fabio M. Di Nitto
2011-10-25 12:08 ` [Cluster-devel] [PATCH 04/19] libccs: fix error checking Fabio M. Di Nitto
2011-10-25 12:08 ` [Cluster-devel] [PATCH 05/19] configxml: clear variable usage Fabio M. Di Nitto
2011-10-25 12:08 ` [Cluster-devel] [PATCH 06/19] libccs: remove duplicate checks Fabio M. Di Nitto
2011-10-25 12:08 ` [Cluster-devel] [PATCH 07/19] config: fix libccs return codes and errno handling Fabio M. Di Nitto
2011-10-25 12:08 ` [Cluster-devel] [PATCH 08/19] config: improve string error checking in tokenizer Fabio M. Di Nitto
2011-10-25 12:09 ` [Cluster-devel] [PATCH 09/19] config: fix possible memory leak in libccs fullxpath usage Fabio M. Di Nitto
2011-10-25 12:09 ` [Cluster-devel] [PATCH 10/19] config: fix extremely unlikely buffer overflow Fabio M. Di Nitto
2011-10-25 12:09 ` [Cluster-devel] [PATCH 11/19] config: fix a few theoretical buffer overflows Fabio M. Di Nitto
2011-10-25 12:09 ` [Cluster-devel] [PATCH 12/19] config: fix return checks in ldap loader Fabio M. Di Nitto
2011-10-25 12:09 ` [Cluster-devel] [PATCH 13/19] config: make sure error reporting does not overflow buffers Fabio M. Di Nitto
2011-10-25 12:09 ` [Cluster-devel] [PATCH 14/19] " Fabio M. Di Nitto
2011-10-25 12:09 ` [Cluster-devel] [PATCH 15/19] config: fix rng2ldif null reference Fabio M. Di Nitto
2011-10-25 12:09 ` [Cluster-devel] [PATCH 16/19] config: rng2ldif bug fixes Fabio M. Di Nitto
2011-10-25 12:09 ` [Cluster-devel] [PATCH 17/19] config: fix confdb2ldif secure coding Fabio M. Di Nitto
2011-10-25 12:09 ` [Cluster-devel] [PATCH 18/19] config: remove unused var in ccs_tool Fabio M. Di Nitto
2011-10-25 12:09 ` [Cluster-devel] [PATCH 19/19] config: fix a few checks in ccs_tool edit functionalities Fabio M. Di Nitto

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1319544550-18366-1-git-send-email-fdinitto@redhat.com \
    --to=fdinitto@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).