search

ostreedev / ostree

Operating system and container binary deployment and upgrades
https://ostreedev.github.io/ostree/
Other
1.31k stars 300 forks source link

Coverity: Possible ARRAY_VS_SINGLETON - Invalid Dereference #3286

Open jmarrero opened 3 months ago

jmarrero commented 3 months ago

Found during Coverity scan. ARRAY_VS_SINGLETON @cgwalters looked at this during a meeting and it's not clear if it's a false positive or not, needs investigating.

1. Defect type: ARRAY_VS_SINGLETON
11. libostree-2024.7/src/libostree/ostree-repo-refs.c:651:15: address_of: Taking address with "&r" yields a singleton pointer.
12. libostree-2024.7/src/libostree/ostree-repo-refs.c:651:15: identity_transfer: Passing "&r" as argument 1 to function "g_steal_pointer", which returns that argument. [Note: The source code implementation of the function has been overridden by a user model.]
13. libostree-2024.7/src/libostree/ostree-repo-refs.c:651:15: assign: Assigning: "remote" = "(char *)g_steal_pointer(&r)".
35. libostree-2024.7/src/libostree/ostree-repo-refs.c:700:15: callee_ptr_arith: Passing "remote" to function "add_ref_to_set" which uses it as an array. This might corrupt or misinterpret adjacent memory locations.
#   698|                   return FALSE;
#   699|   
#   700|->               if (!add_ref_to_set (remote, NULL, prefix_dfd, ref_prefix, ret_all_refs, cancellable,
#   701|                                      error))
#   702|                   return FALSE;
2. Defect type: ARRAY_VS_SINGLETON
11. libostree-2024.7/src/libostree/ostree-repo-refs.c:651:15: address_of: Taking address with "&r" yields a singleton pointer.
12. libostree-2024.7/src/libostree/ostree-repo-refs.c:651:15: identity_transfer: Passing "&r" as argument 1 to function "g_steal_pointer", which returns that argument. [Note: The source code implementation of the function has been overridden by a user model.]
13. libostree-2024.7/src/libostree/ostree-repo-refs.c:651:15: assign: Assigning: "remote" = "(char *)g_steal_pointer(&r)".
38. libostree-2024.7/src/libostree/ostree-repo-refs.c:688:15: callee_ptr_arith: Passing "remote" to function "enumerate_refs_recurse" which uses it as an array. This might corrupt or misinterpret adjacent memory locations.
#   686|                   return FALSE;
#   687|   
#   688|->               if (!enumerate_refs_recurse (self, remote, flags, NULL, base_fd, base_path, base_fd,
#   689|                                              cut_prefix ? "." : ref_prefix, ret_all_refs, cancellable,
#   690|                                              error))

This code has not been touched in years.