[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-gettext] Coverity/ShellCheck scanning?
|
From: |
Bruno Haible |
|
Subject: |
Re: [bug-gettext] Coverity/ShellCheck scanning? |
|
Date: |
Sat, 13 Oct 2018 12:29:19 +0200 |
|
User-agent: |
KMail/5.1.3 (Linux/4.4.0-137-generic; KDE/5.18.0; x86_64; ; ) |
Hi Pavel,
Thanks for the reports and logs.
> I'm curious whether anyone checks static analysis tools' results for gettext,
> we've re-run Coverity/ShellCheck and there's a list of potential
> RESOURCE_LEAKS, etc (attached).
You are the first one to report ShellCheck findings.
Regarding Coverity, I make good use of it in Gnulib. For Gettext, we have a
project at https://scan.coverity.com/projects/gnu-gettext , but we haven't
done the effort so far, in particular because most C code in Gettext is for
programs that run in a small time and consume little input, therefore for
these programs memory leaks are not serious for the end user. (Note that
this is not true for libgettextpo.)
> 0001-shellcheck-redirect-both-stdout-and-stderr.patch
These are real findings. But instead of silencing stderr, it is generally
better to report errors.
> 0002-gettext.sh-use-the-echo-variable.patch
No, we don't need to use $echo here. gettext.sh is a shell function library,
not a shell script. $echo is meant to be used by the user's script, see
https://www.gnu.org/software/gettext/manual/html_node/gettext_002esh.html
Bruno