search

argtable / argtable3

A single-file, ANSI C, command-line parsing library that parses GNU-style command-line options.
http://www.argtable.org
Other
377 stars 65 forks source link

Static analyser: NULL pointer passing. #69

Closed 0xceed closed 3 years ago

0xceed commented 3 years ago

File: arg_dstr.c Line: 307.

See screenshot attached. Haven't checked if any other static analyser catches this, but still.

Screenshot 2021-07-01 at 01 31 49
0xceed commented 3 years ago

Also, lib version is 3.2.1

tomghuang commented 3 years ago

Hi @0xceed, I've checked the code and your screenshot, and found that the static analysis tool is wrong.

The static analysis tool assumes that total_space could be < ds->append_data_size. However, it is impossible. When ds->append_data_size > 500, we not only set ds->append_data to NULL, but also set ds->append_data_size to 0. Therefore, total_space should always be >= ds->append_data_size.

        if (ds->append_data_size > 500) {
            xfree(ds->append_data);
            ds->append_data = NULL;
            ds->append_data_size = 0;
        }

You may need to use some mechanism to skip this logic error in the static analysis tool. Thanks.

0xceed commented 3 years ago

Thank you a bunch, sure thing, I haven't checked it's correctness; just wondered if this real bug.