[master] 4fba40baf flexelinting
Nils Goroll
nils.goroll at uplex.de
Mon Oct 4 16:31:06 UTC 2021
commit 4fba40baff97cdce324fc8be9ab53bdfec568172
Author: Nils Goroll <nils.goroll at uplex.de>
Date: Mon Oct 4 18:24:25 2021 +0200
flexelinting
Info 776 (Possible truncation of addition): I found no better way than
using an additional size_t argument. This triggered a subsequent
warning about an out-of-bounds access, which could be silenced with
additional assertions on nac to be large anough such that av[ac] was
not out of bounds.
Warning 429: Custodial pointer 'av' (line 60) has not been freed or
returned:
In other cases, the argument vector comes from VAV_Parse() which
flexelint apparently can't follow along, yet memory for a VAV is also
allocated and never freed (see also bottom of STV_Config()).
In this case I found no better way than to silence flexelint.
diff --git a/bin/varnishd/storage/storage_debug.c b/bin/varnishd/storage/storage_debug.c
index ad069ef5f..9086ebd0f 100644
--- a/bin/varnishd/storage/storage_debug.c
+++ b/bin/varnishd/storage/storage_debug.c
@@ -57,7 +57,8 @@ smd_init(struct stevedore *parent, int aac, char * const *aav)
struct obj_methods *methods;
const char *ident;
int i, ac = 0;
- char **av;
+ size_t nac;
+ char **av; //lint -e429
ident = parent->ident;
memcpy(parent, &sma_stevedore, sizeof *parent);
@@ -69,7 +70,10 @@ smd_init(struct stevedore *parent, int aac, char * const *aav)
memcpy(methods, &SML_methods, sizeof *methods);
parent->methods = methods;
- av = calloc(aac + 1, sizeof *av);
+ assert(aac >= 0);
+ nac = aac;
+ nac++;
+ av = calloc(nac, sizeof *av);
AN(av);
for (i = 0; i < aac; i++) {
if (aav[i] != NULL && ! strcmp(aav[i], "lessspace")) {
@@ -79,6 +83,8 @@ smd_init(struct stevedore *parent, int aac, char * const *aav)
REPLACE(av[ac], aav[i]);
ac++;
}
+ assert(ac >= 0);
+ assert(ac < (int)nac);
AZ(av[ac]);
sma_stevedore.init(parent, ac, av);
More information about the varnish-commit
mailing list