Coverity doing scans of Wine codebase!

James Hawkins truiken at gmail.com
Thu Apr 6 19:44:53 CDT 2006


On 4/6/06, Mike Hearn <mike at plan99.net> wrote:
>
> OK, that was a bit over-enthusiastic. A few of these are more tricky. EG:
>

Of the possible bugs I've seen so far, most of them are valid and
worth fixing, but the checker stumbles over WideCharToMultiByte.  The
checker reports two errors for (most) calls to WideCharToMultibyte:

* Passing a negative value for the length of the source string.

The checker doesn't pick up on this line:

if (srclen < 0) srclen = strlenW(src) + 1;

so we never access the string with a negative index.

* Negative value can be returned and we don't check for it.

The return type of WideCharToMultiByte is int, but the function is
only supposed to return string lengths or 0 on error, and AFAIK no
negative value is ever returned.  You would think the checker would
pick up on that fact.

The problem is that we call WideCharToMultiByte quite a few times
throughout the wine codebase, so we have a lot of false positives with
that one.

--
James Hawkins



More information about the wine-devel mailing list