Weekly cppcheck run against Aug 27 Git Tree
Mike Kaplinskiy
mike.kaplinskiy at gmail.com
Thu Aug 27 19:24:52 CDT 2009
On Thu, Aug 27, 2009 at 3:52 PM, chris ahrendt<celticht32 at yahoo.com> wrote:
> This is the result of running cppcheck 1.35 with the --all parm against
> the august 27th Git tree:
>
> [../wine-git/dlls/dbghelp/msc.c:88]: (possible error) Array index out of
> bounds
> [../wine-git/dlls/dbghelp/msc.c:89]: (possible error) Array index out of
> bounds
False positive, apparently the numbers are hardcoded as:
72 char msg[128];
88 msg[10 + 3 * 16] = ' '; // = 58<127
89 msg[10 + 3 * 16 + 1 + 16] = '\0'; // = 75<127
> [../wine-git/dlls/shell32/cpanelfolder.c:562]: (error) Possible null
> pointer dereference: rgfInOut
> [../wine-git/dlls/shell32/shfldr_desktop.c:437]: (error) Possible null
> pointer dereference: rgfInOut
> [../wine-git/dlls/shell32/shfldr_fs.c:577]: (error) Possible null
> pointer dereference: rgfInOut
> [../wine-git/dlls/shell32/shfldr_mycomp.c:474]: (error) Possible null
> pointer dereference: rgfInOut
> [../wine-git/dlls/shell32/shfldr_netplaces.c:352]: (error) Possible null
> pointer dereference: rgfInOut
It doesn't like the ternary operator? These lines are TRACE lines with
one of the args being ``rgfInOut ? *rgfInOut : 0''. False positive.
> [../wine-git/dlls/user32/tests/msg.c:63]: (error) Invalid number of
> character ({). Can't process file.
> [../wine-git/dlls/winealsa.drv/waveinit.c:745]: (possible error) Buffer
> overrun
739 char defaultpcmname[256];
745 sprintf(defaultpcmname, "default");
Something is wrong with cppcheck... False positive.
> [../wine-git/dlls/wined3d/arb_program_shader.c:907]: (possible error)
> Buffer overrun
> [../wine-git/dlls/wined3d/arb_program_shader.c:915]: (possible error)
> Buffer overrun
> [../wine-git/dlls/wined3d/glsl_shader.c:3416]: (possible error) Buffer
> overrun
> [../wine-git/dlls/wined3d/glsl_shader.c:3418]: (possible error) Buffer
> overrun
> [../wine-git/dlls/wined3d/glsl_shader.c:3519]: (possible error) Buffer
> overrun
> [../wine-git/dlls/wined3d/glsl_shader.c:3521]: (possible error) Buffer
> overrun
Not checking those - i don't even pretend to understand how modern
graphics works.
> [../wine-git/dlls/wineoss.drv/mixer.c:1458]: (possible error) Buffer overrun
So...it picks
1455 char name[32];
1458 sprintf(name, "/dev/mixer");
as an error, but not:
1460 sprintf(name, "/dev/mixer%d", i);
False positive.
> [../wine-git/dlls/wineps.drv/init.c:270]: (error) Possible null pointer
> dereference: dmW
This one is actually a bug, the null check is below this line. All the
callers check for nulls, though.
> [../wine-git/programs/oleview/pane.c:152]: (error) Possible null pointer
> dereference: hWndCreated
Also a bug, and a very real one. Coincidentally, the null check on the
next line is also wrong (should be if (!*hWndCreated) )
> [../wine-git/programs/winetest/main.c:114]: (possible error) Buffer overrun
> [../wine-git/programs/winetest/main.c:116]: (possible error) Buffer overrun
> [../wine-git/programs/winetest/main.c:119]: (possible error) Buffer overrun
> [../wine-git/programs/winetest/main.c:121]: (possible error) Buffer overrun
More of sprintf with just a string nonsense. False positive.
> [../wine-git/server/file.c:235]: (possible error) Buffer overrun
Also sprintf nonsense, but slightly more dangerous. The buffer is
declared with [16] and the string is of length 14+1, so a few more
bytes wouldn't hurt. :)
>
>
> Chris
>
If someone could send patches for the few bugs that would be nice.
Chris - cppcheck is clearly crazy about sprintf's and ternary
operators. You might want to report that.
Mike.
More information about the wine-devel
mailing list