From: Johannes Schindelin <Johannes.Schindelin@gmx.de>
To: Jeff King <peff@peff.net>
Cc: Johannes Sixt <j6t@kdbg.org>,
git@vger.kernel.org, Junio C Hamano <gitster@pobox.com>
Subject: Re: [PATCH 10/26] Check for EOF while parsing mails
Date: Fri, 28 Apr 2017 15:33:41 +0200 (CEST) [thread overview]
Message-ID: <alpine.DEB.2.20.1704281346480.3480@virtualbox> (raw)
In-Reply-To: <20170428112002.tjkcjjdfqenl2aie@sigill.intra.peff.net>
Hi Peff,
On Fri, 28 Apr 2017, Jeff King wrote:
> On Fri, Apr 28, 2017 at 12:41:02PM +0200, Johannes Schindelin wrote:
>
> > But then, I guess I misunderstood what Coverity complained about:
> > maybe the problem was not so much the isspace() call but that EOF is
> > not being handled correctly. We pass it, unchecked, to ungetc().
> >
> > It appears that I (or Coverity, if you will), missed another instance
> > where we simply passed EOF unchecked to ungetc().
>
> I think that is also fine according to the standard.
>
> Do you happen to have the exact error from Coverity?
Wow, that was unnecessarily hard. It is a major hassle to get to any
scan other than the latest one.
But I did it. Call me tenatious.
The report says this:
233 do {
2. negative_return_fn: Function mingw_fgetc(f) returns a negative number.
3. var_assign: Assigning: signed variable peek = mingw_fgetc.
234 peek = fgetc(f);
CID 1049734: Negative array index read (NEGATIVE_RETURNS)
4. negative_returns: Using variable peek as an index to array sane_ctype.
235 } while (isspace(peek));
236 ungetc(peek, f);
So part of the thing is that we use mingw_fgetc() instead of fgetc().
However, the return value is *still* the one from the "real" fgetc(), even
if we intercept what appears to be a Ctrl+C from an interactive console.
> I'm wondering if it is complaining about some aspect of our custom
> isspace() when used with EOF.
That would appear to be the real issue, yes, and I should have
double-checked the claim that POSIX isspace() handles EOF properly: we
override isspace() with our own version, after all:
#define isspace(x) sane_istest(x,GIT_SPACE)
where
#define sane_istest(x,mask) \
((sane_ctype[(unsigned char)(x)] & (mask)) != 0)
(rewrapped for readability)
As usual, EOF is defined as -1 in Git for Windows' context, meaning that
we look at the last entry of the sane_ctype array, which returns 0 for any
sane_istest(x,mask) test for x >= 0x80:
/* Nothing in the 128.. range */
So it would appear that it happens to work, but I doubt that it was
intentional.
Having said that, it is really curious why Coverity should get confused by
the code and not realize that casting a negative number to (unsigned char)
will make it valid as an index for the sane_ctype array.
I double-checked, and there is no override for the isspace() function in
what Coverity calls a "model file" (i.e. pseudo code intended to helping
Coverity realize where it can stop reporting false positives).
> > The next iteration will have it completely reworked: I no longer guard
> > the isspace() behind an `!= EOF` check, but rather handle an early EOF
> > as I think it should be handled. Extra eyes very welcome (this is the
> > fixup! patch):
>
> I do think handling EOF explicitly is probably a better strategy anyway,
> as it lets us tell when we have an empty patch.
I agree, I came to the same conclusion independently.
Ciao,
Dscho
next prev parent reply other threads:[~2017-04-28 13:36 UTC|newest]
Thread overview: 178+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-26 20:19 [PATCH 00/26] Address a couple of issues identified by Coverity Johannes Schindelin
2017-04-26 20:19 ` [PATCH 01/26] mingw: avoid memory leak when splitting PATH Johannes Schindelin
2017-04-26 20:19 ` [PATCH 02/26] winansi: avoid use of uninitialized value Johannes Schindelin
2017-04-26 20:19 ` [PATCH 03/26] winansi: avoid buffer overrun Johannes Schindelin
2017-04-26 20:19 ` [PATCH 04/26] add_commit_patch_id(): avoid allocating memory unnecessarily Johannes Schindelin
2017-04-26 20:19 ` [PATCH 05/26] git_config_rename_section_in_file(): avoid resource leak Johannes Schindelin
2017-04-26 20:19 ` [PATCH 06/26] get_mail_commit_oid(): " Johannes Schindelin
2017-04-26 21:06 ` Stefan Beller
2017-04-27 5:53 ` Junio C Hamano
2017-04-28 13:39 ` Johannes Schindelin
2017-04-27 6:14 ` Johannes Sixt
2017-04-28 10:02 ` Johannes Schindelin
2017-04-26 20:19 ` [PATCH 07/26] http-backend: avoid memory leaks Johannes Schindelin
2017-04-27 6:00 ` Junio C Hamano
2017-04-28 9:40 ` Johannes Schindelin
2017-05-01 1:19 ` Junio C Hamano
2017-05-01 19:05 ` Johannes Schindelin
2017-04-26 20:19 ` [PATCH 08/26] difftool: close file descriptors after reading Johannes Schindelin
2017-04-27 6:05 ` Junio C Hamano
2017-04-28 9:51 ` Johannes Schindelin
2017-04-26 20:19 ` [PATCH 09/26] status: close file descriptor after reading git-rebase-todo Johannes Schindelin
2017-04-26 20:20 ` [PATCH 10/26] Check for EOF while parsing mails Johannes Schindelin
2017-04-27 6:07 ` Junio C Hamano
2017-04-28 9:55 ` Johannes Schindelin
2017-04-27 6:20 ` Johannes Sixt
2017-04-28 10:41 ` Johannes Schindelin
2017-04-28 11:20 ` Jeff King
2017-04-28 13:33 ` Johannes Schindelin [this message]
2017-04-28 13:45 ` Jeff King
2017-04-27 6:21 ` Jeff King
2017-04-28 10:44 ` Johannes Schindelin
2017-04-28 11:08 ` Jeff King
2017-04-28 13:37 ` Johannes Schindelin
2017-04-26 20:20 ` [PATCH 11/26] cat-file: fix memory leak Johannes Schindelin
2017-04-27 6:10 ` Junio C Hamano
2017-04-28 9:59 ` Johannes Schindelin
2017-04-26 20:20 ` [PATCH 12/26] checkout: " Johannes Schindelin
2017-04-27 6:40 ` Junio C Hamano
2017-04-28 10:51 ` Johannes Schindelin
2017-04-26 20:20 ` [PATCH 13/26] split_commit_in_progress(): " Johannes Schindelin
2017-04-26 20:20 ` [PATCH 14/26] setup_bare_git_dir(): " Johannes Schindelin
2017-04-26 21:20 ` Stefan Beller
2017-04-27 22:54 ` Johannes Schindelin
2017-04-27 6:27 ` Johannes Sixt
2017-04-27 22:57 ` Johannes Schindelin
2017-04-26 20:20 ` [PATCH 15/26] setup_discovered_git_dir(): " Johannes Schindelin
2017-04-26 20:20 ` [PATCH 16/26] pack-redundant: plug " Johannes Schindelin
2017-04-26 20:21 ` [PATCH 17/26] mktree: plug memory leaks reported by Coverity Johannes Schindelin
2017-04-26 20:21 ` [PATCH 18/26] fast-export: avoid leaking memory in handle_tag() Johannes Schindelin
2017-04-27 16:39 ` Johannes Sixt
2017-04-28 10:58 ` Johannes Schindelin
2017-04-26 20:21 ` [PATCH 19/26] receive-pack: plug memory leak in update() Johannes Schindelin
2017-04-26 20:21 ` [PATCH 20/26] line-log: avoid memory leak Johannes Schindelin
2017-04-27 17:14 ` Johannes Sixt
2017-04-28 11:02 ` Johannes Schindelin
2017-04-26 20:21 ` [PATCH 21/26] shallow: " Johannes Schindelin
2017-04-26 20:21 ` [PATCH 22/26] add_reflog_for_walk: " Johannes Schindelin
2017-04-27 17:24 ` Johannes Sixt
2017-04-28 11:33 ` Johannes Schindelin
2017-04-26 20:21 ` [PATCH 23/26] remote: plug memory leak in match_explicit() Johannes Schindelin
2017-04-26 20:21 ` [PATCH 24/26] name-rev: avoid leaking memory in the `deref` case Johannes Schindelin
2017-04-26 20:21 ` [PATCH 25/26] show_worktree(): plug memory leak Johannes Schindelin
2017-04-26 20:22 ` [PATCH 26/26] submodule_uses_worktrees(): " Johannes Schindelin
2017-04-26 21:34 ` [PATCH 00/26] Address a couple of issues identified by Coverity Stefan Beller
2017-04-27 22:50 ` Johannes Schindelin
2017-04-28 18:05 ` Stefan Beller
2017-04-28 20:29 ` Automating Coverity, was " Johannes Schindelin
2017-05-01 11:22 ` Lars Schneider
2017-05-02 11:46 ` Johannes Schindelin
2017-05-05 20:30 ` Johannes Schindelin
2017-05-10 19:48 ` Johannes Schindelin
2017-05-10 19:54 ` Stefan Beller
2017-05-11 11:33 ` Johannes Schindelin
2017-04-27 17:36 ` Johannes Sixt
2017-04-28 11:36 ` Johannes Schindelin
2017-04-28 13:49 ` [PATCH v2 00/25] " Johannes Schindelin
2017-04-28 13:49 ` [PATCH v2 01/25] mingw: avoid memory leak when splitting PATH Johannes Schindelin
2017-04-28 13:49 ` [PATCH v2 02/25] winansi: avoid use of uninitialized value Johannes Schindelin
2017-04-28 13:49 ` [PATCH v2 03/25] winansi: avoid buffer overrun Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 04/25] add_commit_patch_id(): avoid allocating memory unnecessarily Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 05/25] git_config_rename_section_in_file(): avoid resource leak Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 06/25] get_mail_commit_oid(): " Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 07/25] difftool: address a couple of resource/memory leaks Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 08/25] status: close file descriptor after reading git-rebase-todo Johannes Schindelin
2017-04-28 14:02 ` [PATCH v2 09/25] mailinfo & mailsplit: check for EOF while parsing Johannes Schindelin
2017-05-02 4:11 ` Junio C Hamano
2017-05-02 13:57 ` Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 10/25] cat-file: fix memory leak Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 11/25] checkout: " Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 12/25] split_commit_in_progress(): " Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 13/25] setup_bare_git_dir(): help static analysis Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 14/25] setup_discovered_git_dir(): " Johannes Schindelin
2017-05-02 3:57 ` Junio C Hamano
2017-05-02 12:38 ` Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 15/25] pack-redundant: plug memory leak Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 16/25] mktree: plug memory leaks reported by Coverity Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 17/25] fast-export: avoid leaking memory in handle_tag() Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 18/25] receive-pack: plug memory leak in update() Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 19/25] line-log: avoid memory leak Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 20/25] shallow: " Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 21/25] add_reflog_for_walk: " Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 22/25] remote: plug memory leak in match_explicit() Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 23/25] name-rev: avoid leaking memory in the `deref` case Johannes Schindelin
2017-05-02 3:26 ` Junio C Hamano
2017-05-02 3:42 ` Junio C Hamano
2017-05-02 14:00 ` Johannes Schindelin
2017-05-04 4:22 ` Junio C Hamano
2017-04-28 14:04 ` [PATCH v2 24/25] show_worktree(): plug memory leak Johannes Schindelin
2017-05-02 3:22 ` Junio C Hamano
2017-04-28 14:04 ` [PATCH v2 25/25] submodule_uses_worktrees(): " Johannes Schindelin
2017-05-02 3:17 ` Junio C Hamano
2017-05-02 16:00 ` [PATCH v3 00/25] Address a couple of issues identified by Coverity Johannes Schindelin
2017-05-02 16:00 ` [PATCH v3 01/25] mingw: avoid memory leak when splitting PATH Johannes Schindelin
2017-05-03 19:48 ` René Scharfe
2017-05-04 10:29 ` Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 02/25] winansi: avoid use of uninitialized value Johannes Schindelin
2017-05-03 19:48 ` René Scharfe
2017-05-04 10:23 ` Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 03/25] winansi: avoid buffer overrun Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 04/25] add_commit_patch_id(): avoid allocating memory unnecessarily Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 05/25] git_config_rename_section_in_file(): avoid resource leak Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 06/25] get_mail_commit_oid(): " Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 07/25] difftool: address a couple of resource/memory leaks Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 08/25] status: close file descriptor after reading git-rebase-todo Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 09/25] mailinfo & mailsplit: check for EOF while parsing Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 10/25] cat-file: fix memory leak Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 11/25] checkout: " Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 12/25] split_commit_in_progress(): " Johannes Schindelin
2017-05-03 20:59 ` René Scharfe
2017-05-04 10:59 ` Johannes Schindelin
2017-05-06 17:13 ` René Scharfe
2017-05-09 13:39 ` Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 13/25] setup_bare_git_dir(): help static analysis Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 14/25] setup_discovered_git_dir(): plug memory leak Johannes Schindelin
2017-05-02 17:20 ` Stefan Beller
2017-05-02 18:15 ` Jeff King
2017-05-03 9:35 ` Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 15/25] pack-redundant: " Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 16/25] mktree: plug memory leaks reported by Coverity Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 17/25] fast-export: avoid leaking memory in handle_tag() Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 18/25] receive-pack: plug memory leak in update() Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 19/25] line-log: avoid memory leak Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 20/25] shallow: " Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 21/25] add_reflog_for_walk: " Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 22/25] remote: plug memory leak in match_explicit() Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 23/25] name-rev: avoid leaking memory in the `deref` case Johannes Schindelin
2017-05-02 16:03 ` [PATCH v3 24/25] show_worktree(): plug memory leak Johannes Schindelin
2017-05-02 16:03 ` [PATCH v3 25/25] submodule_uses_worktrees(): " Johannes Schindelin
2017-05-04 13:54 ` [PATCH v4 00/25] Address a couple of issues identified by Coverity Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 01/25] mingw: avoid memory leak when splitting PATH Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 02/25] winansi: avoid use of uninitialized value Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 03/25] winansi: avoid buffer overrun Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 04/25] add_commit_patch_id(): avoid allocating memory unnecessarily Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 05/25] git_config_rename_section_in_file(): avoid resource leak Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 06/25] get_mail_commit_oid(): " Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 07/25] difftool: address a couple of resource/memory leaks Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 08/25] status: close file descriptor after reading git-rebase-todo Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 09/25] mailinfo & mailsplit: check for EOF while parsing Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 10/25] cat-file: fix memory leak Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 11/25] checkout: " Johannes Schindelin
2017-05-06 17:14 ` René Scharfe
2017-05-08 0:41 ` Junio C Hamano
2017-05-09 13:42 ` Johannes Schindelin
2017-05-09 22:51 ` Junio C Hamano
2017-05-04 13:56 ` [PATCH v4 12/25] split_commit_in_progress(): simplify & " Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 13/25] setup_bare_git_dir(): help static analysis Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 14/25] setup_discovered_git_dir(): plug memory leak Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 15/25] pack-redundant: " Johannes Schindelin
2017-05-04 13:57 ` [PATCH v4 16/25] mktree: plug memory leaks reported by Coverity Johannes Schindelin
2017-05-04 13:57 ` [PATCH v4 17/25] fast-export: avoid leaking memory in handle_tag() Johannes Schindelin
2017-05-04 13:57 ` [PATCH v4 18/25] receive-pack: plug memory leak in update() Johannes Schindelin
2017-05-04 13:58 ` [PATCH v4 19/25] line-log: avoid memory leak Johannes Schindelin
2017-05-04 13:58 ` [PATCH v4 20/25] shallow: " Johannes Schindelin
2017-05-04 13:58 ` [PATCH v4 21/25] add_reflog_for_walk: " Johannes Schindelin
2017-05-04 13:59 ` [PATCH v4 22/25] remote: plug memory leak in match_explicit() Johannes Schindelin
2017-05-04 13:59 ` [PATCH v4 23/25] name-rev: avoid leaking memory in the `deref` case Johannes Schindelin
2017-05-04 13:59 ` [PATCH v4 24/25] show_worktree(): plug memory leak Johannes Schindelin
2017-05-04 13:59 ` [PATCH v4 25/25] submodule_uses_worktrees(): " Johannes Schindelin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.20.1704281346480.3480@virtualbox \
--to=johannes.schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=j6t@kdbg.org \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox