Coverity doing scans of Wine codebase!
rob at codeweavers.com
Thu Apr 6 17:29:16 CDT 2006
Mike Hearn wrote:
>On Thu, 06 Apr 2006 20:39:00 +0100, Mike Hearn wrote:
>>Yes, this is awesome news, so far every one I have checked is a real bug.
>OK, that was a bit over-enthusiastic. A few of these are more tricky. EG:
>* One was wrong, it didn't track the fact that the given variable was
> initialized by a subroutine
>* Another (missing NULL ptr check in LoadTypeLibEx) is right, but, I don't
> think we want to add lots of missing NULL arg checks in the public API
> implementations. An application will never pass NULL to this function
> directly as otherwise it'd not work at all, so, a crash with a NULL arg
> here probably is revealing some other bug.
Both of these were detected by internal inconsistencies. For example:
void foo(char *str)
*str = '\0';
if (str) strcpy(str, "bar");
It is NOT assuming that every function could receive a NULL, although it
looks like it does analysis within the same file to see if the function
could be called with NULL.
>* It has identified a codepath through the server window station code
> where a struct desktop could be dereffed without being initialized.
> But I am not sure if this codepath is logically possible. Somebody
> more familiar with that code (eg Alexandre) would have to check if
> it could actually ever be taken or not.
I have a patch for this and yes it is logically possible. (Don't argue
with a computer over logic, it is far better than any human at it!)
More information about the wine-devel