Tíquete #47751

S3_1 load_ruleset_veteran() clang analyzer warning

: 2023-04-03 12:42 Última Atualização: 2023-04-05 17:51

Relator:
Dono:
Tipo:
Estado:
Fechado
Componente:
Prioridade:
5 - Medium
Gravidade:
5 - Medium
Resolução:
Fixed
Arquivo:
1

Details

S3_1:

---

../../../src/server/ruleset.c:2010:26: warning: Array access (from variable 'vlist_raise') results in a null pointer dereference [core.NullDereference]
(vlist_raise[i] < 0), vlist_raise[i] = 0);
../../../src/server/ruleset.c:1998:7: note: expanded from macro 'rs_sanity_veteran'
if (_condition) {

---

That it warns only about vlist_raise, and not about the other arrays hints that the problem is with the compat handling in S3_1 (update from 3.0 to 3.1). I don't see real bug there, as 'count_raise' will be set to zero by secfile_lookup_int_vec() when ever it returns NULL. Compiler just doesn't know it, but seeing that check against NULL only in compat mode makes it think that NULL might live on in non-compat mode.

Ticket History (3/4 Histories)

2023-04-03 12:42 Updated by: cazfi
  • New Ticket "S3_1 load_ruleset_veteran() clang analyzer warning" created
2023-04-03 13:22 Updated by: cazfi
  • Dono Update from (Nenhum) to cazfi
  • Resolução Update from Nenhum to Accepted
Comentário

But those lines had another bug - namely that compatibility mode check was not strict enough.

Patch for S3_1 attached.

2023-04-05 17:51 Updated by: cazfi
  • Estado Update from Aberto to Fechado
  • Resolução Update from Accepted to Fixed

Editar

Please login to add comment to this ticket » Login