search

tlwg / libthai

GNU Lesser General Public License v2.1
71 stars 18 forks source link

Some issues reported by Coverity Scan #15

Open epico opened 3 years ago

epico commented 3 years ago

Here are some reports from Coverity Scan for libthai-0.1.28.

1. Defect type: GCC_ANALYZER_WARNING
1. libthai-0.1.28/src/thbrk/brk-maximal.c:0: scope_hint: In function 'best_brk_new'
2. libthai-0.1.28/src/thbrk/brk-maximal.c:642:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
#   640|   
#   641|   exit1:
#   642|->     free (best_brk);
#   643|       return NULL;
#   644|   }
2. Defect type: GCC_ANALYZER_WARNING
1. libthai-0.1.28/src/thbrk/brk-maximal.c:598:16: warning[-Wanalyzer-null-dereference]: dereference of NULL 'node'
18. libthai-0.1.28/src/thbrk/brk-maximal.c:36: included_from: Included from here.
20. libthai-0.1.28/src/thbrk/thbrk-utils.h:32:46: note: in definition of macro 'UNLIKELY'
22. libthai-0.1.28/src/thbrk/thbrk-utils.h:32:46: note: in definition of macro 'UNLIKELY'
26. libthai-0.1.28/src/thbrk/brk-maximal.c:36: included_from: Included from here.
28. libthai-0.1.28/src/thbrk/thbrk-utils.h:32:46: note: in definition of macro 'UNLIKELY'
51. libthai-0.1.28/src/thbrk/brk-maximal.c:31: included_from: Included from here.
#   596|   brk_pool_add (BrkPool *pool, BrkPool *node)
#   597|   {
#   598|->     node->next = pool;
#   599|       return node;
#   600|   }
3. Defect type: GCC_ANALYZER_WARNING
1. libthai-0.1.28/src/thbrk/brk-maximal.c:0: scope_hint: In function 'brk_recover_try'
2. libthai-0.1.28/src/thbrk/brk-maximal.c:598:16: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
19. libthai-0.1.28/src/thbrk/brk-maximal.c:36: included_from: Included from here.
21. libthai-0.1.28/src/thbrk/thbrk-utils.h:32:46: note: in definition of macro 'UNLIKELY'
23. libthai-0.1.28/src/thbrk/thbrk-utils.h:32:46: note: in definition of macro 'UNLIKELY'
29. libthai-0.1.28/src/thbrk/brk-maximal.c:36: included_from: Included from here.
31. libthai-0.1.28/src/thbrk/thbrk-utils.h:32:46: note: in definition of macro 'UNLIKELY'
53. libthai-0.1.28/src/thbrk/brk-maximal.c:31: included_from: Included from here.
#   596|   brk_pool_add (BrkPool *pool, BrkPool *node)
#   597|   {
#   598|->     node->next = pool;
#   599|       return node;
#   600|   }

Does the above defect mean some issue or just false alert?

thep commented 2 years ago

I don't quite understand what clues the scanning results give us. But I can see two places where brk_pool_add() could be passed NULL as node, one in brk_maximal_do_impl() and the other in brk_recover_try(), where the result of brk_pool_node_new() is not checked.

I'll try to handle these cases.