search

quickjs-ng / quickjs

QuickJS, the Next Generation: a mighty JavaScript engine
https://quickjs-ng.github.io/quickjs/
MIT License
965 stars 79 forks source link

Coverity issues #559

Open trufae opened 13 hours ago

trufae commented 13 hours ago

running it thru coverity i get the following issues, so i'm lazily reporting them in here ^^


scan-admin@coverity.com
19:45 (19 minutes ago)
to me

Hi,

Please find the latest report on new defect(s) introduced to radare2 found with Coverity Scan.

18 new defect(s) introduced to radare2 found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 18 of 18 defect(s)

** CID 1563181:  Memory - corruptions  (OVERRUN)

________________________________________________________________________________________________________
*** CID 1563181:  Memory - corruptions  (OVERRUN)
/shlr/qjs/src/quickjs.c: 47178 in js_set_union()
47172         for (;;) {
47173             item = JS_IteratorNext(ctx, iter, next, 0, NULL, &done);
47174             if (JS_IsException(item))
47175                 goto exception;
47176             if (done) // item is JS_UNDEFINED
47177                 break;
>>>     CID 1563181:  Memory - corruptions  (OVERRUN)
>>>     Overrunning struct type JSValue of 1 16-byte elements by passing it to a function which accesses it at element index 1 (byte offset 31).
47178             rv = js_map_set(ctx, newset, 1, &item, MAGIC_SET);
47179             JS_FreeValue(ctx, item);
47180             if (JS_IsException(rv))
47181                 goto exception;
47182             JS_FreeValue(ctx, rv);
47183         }

** CID 1563180:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/shlr/qjs/src/cutils.c: 768 in u64toa_radix()

________________________________________________________________________________________________________
*** CID 1563180:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
/shlr/qjs/src/cutils.c: 768 in u64toa_radix()
762         if (shift) {
763             if (n < base) {
764                 buf[0] = digits36[n];
765                 buf[1] = '\0';
766                 return 1;
767             }
>>>     CID 1563180:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
>>>     Potentially overflowing expression "1 << shift" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
768             uint64_t mask = (1 << shift) - 1;
769             size_t len = (64 - clz64(n) + shift - 1) / shift;
770             size_t last = n & mask;
771             char *end = buf + len;
772             n >>= shift;
773             *end-- = '\0';

** CID 1563179:  Error handling issues  (CHECKED_RETURN)
/libr/lang/p/qjs.c: 665 in qjs_r2pipe_open()

________________________________________________________________________________________________________
*** CID 1563179:  Error handling issues  (CHECKED_RETURN)
/libr/lang/p/qjs.c: 665 in qjs_r2pipe_open()
659                     if (JS_IsArray (ctx, argv[1])) {
660                             int i;
661                             RStrBuf *sb = r_strbuf_new ("");
662                             JSValue array = argv[1];
663                             ut32 array_length;
664                             JSValue v = JS_GetPropertyStr (ctx, array, "length");
>>>     CID 1563179:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "JS_ToUint32" without checking return value (as is done elsewhere 12 out of 15 times).
665                             JS_ToUint32 (ctx, &array_length, v);
666                             for (i = 0; i < array_length; i++) {
667                                     v = JS_GetPropertyUint32 (ctx, array, i);
668                                     size_t plen;
669                                     const char *n = JS_ToCStringLen2 (ctx, &plen, v, false);
670                                     r_strbuf_append (sb, n);

** CID 1563178:  Insecure data handling  (INTEGER_OVERFLOW)

________________________________________________________________________________________________________
*** CID 1563178:  Insecure data handling  (INTEGER_OVERFLOW)
/shlr/qjs/src/quickjs.c: 11435 in js_dtoa()
11429             exp = quo;
11430         }
11431         start[i] = (char)('0' + exp);
11432     
11433      done:
11434         start[-1] = '-';    /* prepend the sign if negative */
>>>     CID 1563178:  Insecure data handling  (INTEGER_OVERFLOW)
>>>     "len + sign", which might have underflowed, is passed to "js_new_string8_len(ctx, start - sign, len + sign)".
11435         return js_new_string8_len(ctx, start - sign, len + sign);
11436     }
11437     
11438     /* `js_dtoa_radix`: convert a floating point number using a specific base
11439        - `d` must be finite
11440        - `radix` must be in range 2..36

** CID 1563177:  Memory - illegal accesses  (INTEGER_OVERFLOW)
/shlr/qjs/src/quickjs.c: 40769 in js_string_toWellFormed()

________________________________________________________________________________________________________
*** CID 1563177:  Memory - illegal accesses  (INTEGER_OVERFLOW)
/shlr/qjs/src/quickjs.c: 40769 in js_string_toWellFormed()
40763         JS_FreeValue(ctx, str);
40764         if (JS_IsException(ret))
40765             return JS_EXCEPTION;
40766     
40767         p = JS_VALUE_GET_STRING(ret);
40768         for (i = 0, n = p->len; i < n; i++) {
>>>     CID 1563177:  Memory - illegal accesses  (INTEGER_OVERFLOW)
>>>     "i", which might have underflowed, is passed to "p->u.str16[i]".
40769             c = p->u.str16[i];
40770             if (!is_surrogate(c))
40771                 continue;
40772             if (is_lo_surrogate(c) || i + 1 == n) {
40773                 p->u.str16[i] = 0xFFFD;
40774                 continue;

** CID 1563176:    (TAINTED_SCALAR)
/shlr/qjs/src/quickjs.c: 34603 in JS_ReadFunctionBytecode()
/shlr/qjs/src/quickjs.c: 34604 in JS_ReadFunctionBytecode()
/shlr/qjs/src/quickjs.c: 34604 in JS_ReadFunctionBytecode()
/shlr/qjs/src/quickjs.c: 34603 in JS_ReadFunctionBytecode()

________________________________________________________________________________________________________
*** CID 1563176:    (TAINTED_SCALAR)
/shlr/qjs/src/quickjs.c: 34603 in JS_ReadFunctionBytecode()
34597         if (is_be())
34598             bc_byte_swap(bc_buf, bc_len);
34599     
34600         pos = 0;
34601         while (pos < bc_len) {
34602             op = bc_buf[pos];
>>>     CID 1563176:    (TAINTED_SCALAR)
>>>     Using tainted variable "(op >= OP_TEMP_START) ? op + 18 : op" as an index into an array "opcode_info".
34603             len = short_opcode_info(op).size;
34604             switch(short_opcode_info(op).fmt) {
34605             case OP_FMT_atom:
34606             case OP_FMT_atom_u8:
34607             case OP_FMT_atom_u16:
34608             case OP_FMT_atom_label_u8:
/shlr/qjs/src/quickjs.c: 34604 in JS_ReadFunctionBytecode()
34598             bc_byte_swap(bc_buf, bc_len);
34599     
34600         pos = 0;
34601         while (pos < bc_len) {
34602             op = bc_buf[pos];
34603             len = short_opcode_info(op).size;
>>>     CID 1563176:    (TAINTED_SCALAR)
>>>     Using tainted variable "(op >= OP_TEMP_START) ? op + 18 : op" as an index into an array "opcode_info".
34604             switch(short_opcode_info(op).fmt) {
34605             case OP_FMT_atom:
34606             case OP_FMT_atom_u8:
34607             case OP_FMT_atom_u16:
34608             case OP_FMT_atom_label_u8:
34609             case OP_FMT_atom_label_u16:
/shlr/qjs/src/quickjs.c: 34604 in JS_ReadFunctionBytecode()
34598             bc_byte_swap(bc_buf, bc_len);
34599     
34600         pos = 0;
34601         while (pos < bc_len) {
34602             op = bc_buf[pos];
34603             len = short_opcode_info(op).size;
>>>     CID 1563176:    (TAINTED_SCALAR)
>>>     Using tainted variable "(op >= OP_TEMP_START) ? op + 18 : op" as an index into an array "opcode_info".
34604             switch(short_opcode_info(op).fmt) {
34605             case OP_FMT_atom:
34606             case OP_FMT_atom_u8:
34607             case OP_FMT_atom_u16:
34608             case OP_FMT_atom_label_u8:
34609             case OP_FMT_atom_label_u16:
/shlr/qjs/src/quickjs.c: 34603 in JS_ReadFunctionBytecode()
34597         if (is_be())
34598             bc_byte_swap(bc_buf, bc_len);
34599     
34600         pos = 0;
34601         while (pos < bc_len) {
34602             op = bc_buf[pos];
>>>     CID 1563176:    (TAINTED_SCALAR)
>>>     Using tainted variable "(op >= OP_TEMP_START) ? op + 18 : op" as an index into an array "opcode_info".
34603             len = short_opcode_info(op).size;
34604             switch(short_opcode_info(op).fmt) {
34605             case OP_FMT_atom:
34606             case OP_FMT_atom_u8:
34607             case OP_FMT_atom_u16:
34608             case OP_FMT_atom_label_u8:

** CID 1563175:  Control flow issues  (DEADCODE)
/shlr/qjs/src/quickjs.c: 12226 in js_unary_arith_bigint()

________________________________________________________________________________________________________
*** CID 1563175:  Control flow issues  (DEADCODE)
/shlr/qjs/src/quickjs.c: 12226 in js_unary_arith_bigint()
12220         switch(op) {
12221         case OP_inc:
12222         case OP_dec:
12223             v = 2 * (op - OP_dec) - 1;
12224             ret = bf_add_si(r, a, v, BF_PREC_INF, BF_RNDZ);
12225             break;
>>>     CID 1563175:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "case OP_plus:".
12226         case OP_plus:
12227             ret = bf_set(r, a);
12228             break;
12229         case OP_neg:
12230             ret = bf_set(r, a);
12231             bf_neg(r);

** CID 1563174:  Insecure data handling  (TAINTED_SCALAR)
/shlr/qjs/src/libregexp.c: 2583 in lre_byte_swap()

________________________________________________________________________________________________________
*** CID 1563174:  Insecure data handling  (TAINTED_SCALAR)
/shlr/qjs/src/libregexp.c: 2583 in lre_byte_swap()
2577                 inplace_bswap32(&p[9]);
2578                 inplace_bswap32(&p[13]);
2579                 break;
2580             default:
2581                 abort();
2582             }
>>>     CID 1563174:  Insecure data handling  (TAINTED_SCALAR)
>>>     Using tainted variable "n" as an index to pointer "p".
2583             p = &p[n];
2584         }
2585     }
2586     
2587     #ifdef TEST
2588     

** CID 1563173:  Memory - illegal accesses  (OVERRUN)

________________________________________________________________________________________________________
*** CID 1563173:  Memory - illegal accesses  (OVERRUN)
/shlr/qjs/src/quickjs.c: 53785 in JS_IsEqual()
53779     }
53780     
53781     /* Equality comparisons and sameness */
53782     int JS_IsEqual(JSContext *ctx, JSValue op1, JSValue op2)
53783     {
53784         JSValue sp[2] = { js_dup(op1), js_dup(op2) };
>>>     CID 1563173:  Memory - illegal accesses  (OVERRUN)
>>>     Overrunning array of 32 bytes at byte offset 32 by dereferencing pointer "sp + 2UL".
53785         if (js_eq_slow(ctx, endof(sp), 0))
53786             return -1;
53787         return JS_VALUE_GET_BOOL(sp[0]);
53788     }
53789     
53790     JS_BOOL JS_IsStrictEqual(JSContext *ctx, JSValue op1, JSValue op2)

** CID 1563172:  Control flow issues  (DEADCODE)
/shlr/qjs/src/cutils.c: 672 in u64toa()

________________________________________________________________________________________________________
*** CID 1563172:  Control flow issues  (DEADCODE)
/shlr/qjs/src/cutils.c: 672 in u64toa()
666                 len = u07toa_shift(buf, n1, len);
667             } else {
668                 len = u7toa_shift(buf, n1);
669             }
670             return u07toa_shift(buf, n, len);
671         }
>>>     CID 1563172:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "return u7toa_shift(buf, n);".
672         return u7toa_shift(buf, n);
673     }
674     
675     size_t i32toa(char buf[minimum_length(12)], int32_t n)
676     {
677         if (likely(n >= 0))

** CID 1563171:  Resource leaks  (RESOURCE_LEAK)
/libr/lang/p/qjs.c: 615 in qjs_r2pipe_instance_cmd()

________________________________________________________________________________________________________
*** CID 1563171:  Resource leaks  (RESOURCE_LEAK)
/libr/lang/p/qjs.c: 615 in qjs_r2pipe_instance_cmd()
609             R2Pipe *r2p = JS_GetOpaque (this_val, 0);
610             size_t plen;
611             if (r2p) {
612                     const char *cmd = JS_ToCStringLen2 (ctx, &plen, argv[0], false);
613                     char *s = r2pipe_cmd (r2p, cmd);
614                     if (s) {
>>>     CID 1563171:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "s" going out of scope leaks the storage it points to.
615                             return QJS_STRING (s);
616                     }
617                     return JS_ThrowRangeError (ctx, "Empty command returns undefined");
618             }
619             return JS_ThrowRangeError (ctx, "Only one argument permitted");
620     }

** CID 1563170:  Control flow issues  (UNREACHABLE)
/shlr/qjs/src/quickjs.c: 30456 in resolve_variables()

________________________________________________________________________________________________________
*** CID 1563170:  Control flow issues  (UNREACHABLE)
/shlr/qjs/src/quickjs.c: 30456 in resolve_variables()
30450                         dbuf_putc(&bc_out, OP_source_loc);
30451                         dbuf_put_u32(&bc_out, line_num);
30452                         dbuf_put_u32(&bc_out, col_num);
30453                     }
30454                     break;
30455                 }
>>>     CID 1563170:  Control flow issues  (UNREACHABLE)
>>>     This code cannot be reached: "goto no_change;".
30456                 goto no_change;
30457     
30458             case OP_label:
30459                 {
30460                     int label;
30461                     LabelSlot *ls;

** CID 1563169:    (TAINTED_SCALAR)

________________________________________________________________________________________________________
*** CID 1563169:    (TAINTED_SCALAR)
/shlr/qjs/src/quickjs.c: 35566 in JS_ReadObject2()
35560             s->first_atom = JS_ATOM_END;
35561         else
35562             s->first_atom = 1;
35563         if (JS_ReadObjectAtoms(s)) {
35564             obj = JS_EXCEPTION;
35565         } else {
>>>     CID 1563169:    (TAINTED_SCALAR)
>>>     Passing tainted expression "*s->idx_to_atom" to "JS_ReadObjectRec", which uses it as an offset.
35566             obj = JS_ReadObjectRec(s);
35567         }
35568         if (psab_tab) {
35569             psab_tab->tab = s->sab_tab;
35570             psab_tab->len = s->sab_tab_len;
35571         } else {
/shlr/qjs/src/quickjs.c: 35574 in JS_ReadObject2()
35568         if (psab_tab) {
35569             psab_tab->tab = s->sab_tab;
35570             psab_tab->len = s->sab_tab_len;
35571         } else {
35572             js_free(ctx, s->sab_tab);
35573         }
>>>     CID 1563169:    (TAINTED_SCALAR)
>>>     Passing tainted expression "*s->idx_to_atom" to "bc_reader_free", which uses it as an offset.
35574         bc_reader_free(s);
35575         return obj;
35576     }
35577     
35578     JSValue JS_ReadObject(JSContext *ctx, const uint8_t *buf, size_t buf_len,
35579                           int flags)

** CID 1563168:  Error handling issues  (CHECKED_RETURN)
/shlr/qjs/src/quickjs.c: 8425 in set_array_length()

________________________________________________________________________________________________________
*** CID 1563168:  Error handling issues  (CHECKED_RETURN)
/shlr/qjs/src/quickjs.c: 8425 in set_array_length()
8419                 p->u.array.count = len;
8420             }
8421             p->prop[0].u.value = js_uint32(len);
8422         } else {
8423             /* Note: length is always a uint32 because the object is an
8424                array */
>>>     CID 1563168:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "JS_ToUint32" without checking return value (as is done elsewhere 12 out of 15 times).
8425             JS_ToUint32(ctx, &cur_len, p->prop[0].u.value);
8426             if (len < cur_len) {
8427                 uint32_t d;
8428                 JSShape *sh;
8429                 JSShapeProperty *pr;
8430     

** CID 1563167:  Incorrect expression  (UNINTENDED_INTEGER_DIVISION)
/shlr/qjs/src/quickjs.c: 11491 in js_dtoa_radix()

________________________________________________________________________________________________________
*** CID 1563167:  Incorrect expression  (UNINTENDED_INTEGER_DIVISION)
/shlr/qjs/src/quickjs.c: 11491 in js_dtoa_radix()
11485                 digit = trunc(frac);
11486                 frac -= digit;
11487                 *ptr2++ = digits36[digit];
11488                 n0 = n0 * radix + digit;
11489                 prec -= log2_radix;
11490             }
>>>     CID 1563167:  Incorrect expression  (UNINTENDED_INTEGER_DIVISION)
>>>     Dividing integer expressions "radix" and "2", and then converting the integer quotient to type "double". Any remainder, or fractional part of the quotient, is ignored.
11491             if (frac * radix >= radix / 2) {
11492                 /* round up the string representation manually */
11493                 char nine = digits36[radix - 1];
11494                 while (ptr2[-1] == nine) {
11495                     /* strip trailing '9' or equivalent digits */
11496                     ptr2--;

** CID 1563166:  Error handling issues  (CHECKED_RETURN)
/libr/lang/p/qjs.c: 627 in qjs_r2pipe_instance_cmdj()

________________________________________________________________________________________________________
*** CID 1563166:  Error handling issues  (CHECKED_RETURN)
/libr/lang/p/qjs.c: 627 in qjs_r2pipe_instance_cmdj()
621     
622     static JSValue qjs_r2pipe_instance_cmdj(JSContext *ctx, JSValueConst this_val, int argc, JSValueConst *argv) {
623             JSValue arg0 = qjs_r2pipe_instance_cmd (ctx, this_val, argc, argv);
624             const char jp[] = "JSON.parse";
625             JSValue json_parse = JS_Eval (ctx, jp, strlen (jp), "-", JS_EVAL_TYPE_GLOBAL);
626             JSValue args = JS_NewArray (ctx);
>>>     CID 1563166:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "JS_SetPropertyUint32" without checking return value (as is done elsewhere 6 out of 7 times).
627             JS_SetPropertyUint32 (ctx, args, 0, arg0);
628             return JS_Call (ctx, json_parse, this_val, 1, &args);
629     }
630     
631     static JSValue qjs_r2pipe_instance_quit(JSContext *ctx, JSValueConst this_val, int argc, JSValueConst *argv) {
632             R2Pipe *r2p = JS_GetOpaque (this_val, 0);

** CID 1563165:    (DEADCODE)
/shlr/qjs/src/quickjs.c: 37478 in js_function_toString()
/shlr/qjs/src/quickjs.c: 37475 in js_function_toString()
/shlr/qjs/src/quickjs.c: 37481 in js_function_toString()

________________________________________________________________________________________________________
*** CID 1563165:    (DEADCODE)
/shlr/qjs/src/quickjs.c: 37478 in js_function_toString()
37472             case JS_FUNC_NORMAL:
37473                 pref = "function ";
37474                 break;
37475             case JS_FUNC_GENERATOR:
37476                 pref = "function *";
37477                 break;
>>>     CID 1563165:    (DEADCODE)
>>>     Execution cannot reach this statement: "case JS_FUNC_ASYNC:".
37478             case JS_FUNC_ASYNC:
37479                 pref = "async function ";
37480                 break;
37481             case JS_FUNC_ASYNC_GENERATOR:
37482                 pref = "async function *";
37483                 break;
/shlr/qjs/src/quickjs.c: 37475 in js_function_toString()
37469     
37470             switch(func_kind) {
37471             default:
37472             case JS_FUNC_NORMAL:
37473                 pref = "function ";
37474                 break;
>>>     CID 1563165:    (DEADCODE)
>>>     Execution cannot reach this statement: "case JS_FUNC_GENERATOR:".
37475             case JS_FUNC_GENERATOR:
37476                 pref = "function *";
37477                 break;
37478             case JS_FUNC_ASYNC:
37479                 pref = "async function ";
37480                 break;
/shlr/qjs/src/quickjs.c: 37481 in js_function_toString()
37475             case JS_FUNC_GENERATOR:
37476                 pref = "function *";
37477                 break;
37478             case JS_FUNC_ASYNC:
37479                 pref = "async function ";
37480                 break;
>>>     CID 1563165:    (DEADCODE)
>>>     Execution cannot reach this statement: "case JS_FUNC_ASYNC_GENERATOR:".
37481             case JS_FUNC_ASYNC_GENERATOR:
37482                 pref = "async function *";
37483                 break;
37484             }
37485             suff = "() {\n    [native code]\n}";
37486             name = JS_GetProperty(ctx, this_val, JS_ATOM_name);

** CID 1563164:    (TAINTED_SCALAR)
/shlr/qjs/src/quickjs.c: 33584 in bc_byte_swap()
/shlr/qjs/src/quickjs.c: 33583 in bc_byte_swap()
/shlr/qjs/src/quickjs.c: 33584 in bc_byte_swap()
/shlr/qjs/src/quickjs.c: 33583 in bc_byte_swap()

________________________________________________________________________________________________________
*** CID 1563164:    (TAINTED_SCALAR)
/shlr/qjs/src/quickjs.c: 33584 in bc_byte_swap()
33578         int pos, len, op, fmt;
33579     
33580         pos = 0;
33581         while (pos < bc_len) {
33582             op = bc_buf[pos];
33583             len = short_opcode_info(op).size;
>>>     CID 1563164:    (TAINTED_SCALAR)
>>>     Using tainted variable "(op >= OP_TEMP_START) ? op + 18 : op" as an index into an array "opcode_info".
33584             fmt = short_opcode_info(op).fmt;
33585             switch(fmt) {
33586             case OP_FMT_u16:
33587             case OP_FMT_i16:
33588             case OP_FMT_label16:
33589             case OP_FMT_npop:
/shlr/qjs/src/quickjs.c: 33583 in bc_byte_swap()
33577     {
33578         int pos, len, op, fmt;
33579     
33580         pos = 0;
33581         while (pos < bc_len) {
33582             op = bc_buf[pos];
>>>     CID 1563164:    (TAINTED_SCALAR)
>>>     Using tainted variable "(op >= OP_TEMP_START) ? op + 18 : op" as an index into an array "opcode_info".
33583             len = short_opcode_info(op).size;
33584             fmt = short_opcode_info(op).fmt;
33585             switch(fmt) {
33586             case OP_FMT_u16:
33587             case OP_FMT_i16:
33588             case OP_FMT_label16:
/shlr/qjs/src/quickjs.c: 33584 in bc_byte_swap()
33578         int pos, len, op, fmt;
33579     
33580         pos = 0;
33581         while (pos < bc_len) {
33582             op = bc_buf[pos];
33583             len = short_opcode_info(op).size;
>>>     CID 1563164:    (TAINTED_SCALAR)
>>>     Using tainted variable "(op >= OP_TEMP_START) ? op + 18 : op" as an index into an array "opcode_info".
33584             fmt = short_opcode_info(op).fmt;
33585             switch(fmt) {
33586             case OP_FMT_u16:
33587             case OP_FMT_i16:
33588             case OP_FMT_label16:
33589             case OP_FMT_npop:
/shlr/qjs/src/quickjs.c: 33583 in bc_byte_swap()
33577     {
33578         int pos, len, op, fmt;
33579     
33580         pos = 0;
33581         while (pos < bc_len) {
33582             op = bc_buf[pos];
>>>     CID 1563164:    (TAINTED_SCALAR)
>>>     Using tainted variable "(op >= OP_TEMP_START) ? op + 18 : op" as an index into an array "opcode_info".
33583             len = short_opcode_info(op).size;
33584             fmt = short_opcode_info(op).fmt;
33585             switch(fmt) {
33586             case OP_FMT_u16:
33587             case OP_FMT_i16:
33588             case OP_FMT_label16:
saghul commented 10 hours ago

Thanks! Is there any way we can run those tests?

trufae commented 4 minutes ago

I don’t think coverity accept new opensource projects for free. I was subscribed at the time and get free reports for all the dependencies i use in radare2.