This is the mail archive of the cygwin-developers mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Coverity: Update to version 7.6.0


On Apr 30 00:01, David Stacey wrote:
> On 29/04/2015 19:13, Corinna Vinschen wrote:
> >On Apr 29 18:58, David Stacey wrote:
> >>If there are no objections, I'd like to update our weekly Coverity scan to
> >>use Coverity Analysis 7.6.0 (presently we're using 7.5.0). There should be
> >>fewer false positives this week, but there might be some new coding defects
> >>picked up also.
> >No worries here.  Just go ahead.
> 
> Thanks. I'm running the analysis now using the same source code as last
> week. So any differences we see in the analysis results will be down to
> changes between Coverity Analysis 7.5.0 and 7.6.0. Results should be
> available on the Coverity Scan website in a couple of hours.
> 
> I'll take a look at any new warnings tomorrow evening. If you have time to
> take a look during the day then please let me know the numeric ID of any
> issues you fix (or mark them as 'fix submitted') so we don't duplicate
> effort.

Thanks.  I had a quick look and CID 109854 is certainly a false positive
because it counts wrongly in the wide character case:

  CHAR fmtbuf[10], *fmt = fmtbuf;

It knows wchar_t is 2 bytes at this point.  Three time ++ means, 14
bytes left.

  STRCPY (fmt, CQ(".*u"));

At this point, Coverity looks at the expression L".*u" and counts 4 bytes
per wide char in the string expression, which isn't true for us.  The
string takes 8 bytes only.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgpEJH5GnoPM1.pgp
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]