[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [libmicrohttpd] MHD and PVS-Studio Analysis
|
From: |
Christian Grothoff |
|
Subject: |
Re: [libmicrohttpd] MHD and PVS-Studio Analysis |
|
Date: |
Thu, 1 Feb 2018 10:11:45 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 |
Hi silvioprog,
One of the issues was clearly real (fixed in Git), the other three I
don't get. Looking at the code, the flag can clearly go in either
direction, and the incremented dest pointer cannot be NULL (was checked
just a few lines above).
Regardless, running such tools is always a good idea and generally
helpful, so I would definitively appreciate a full run and reports (or
patches, if the reports turn out to be well-founded).
Happy hacking!
Christian
On 01/31/2018 11:30 PM, silvioprog wrote:
> Hi dudes.
>
> PVS-Studio [1] <https://www.viva64.com/en/pvs-studio> is a Russian tool
> (Windows/Linux) for bug detection in the source code of programs written
> in C/C++.
>
> The tool have been issued bugs in many popular projects like LLVM/GCC,
> cURL, OpenSSL, Doxygen, OpenCV, GTK, glibc, tor etc. The full list is
> available at PVS-Studio's inspections page [2]
> <https://www.viva64.com/en/inspections>. It has helped the authors to
> fix the reported issues [3]
> <https://github.com/curl/curl/search?q=pvs&type=Issues>.
>
> I have been using the free version of PVS-Studio for analyzing open
> source projects I use, then it reported issues [4]
> <https://duallsistemas.com.br/download/pvs_mhd/fullhtml> in "Medium
> level" in four MHD files
> <https://duallsistemas.com.br/download/pvs_mhd/fullhtml>. The attached
> tar.gz contains a few pictures showing the testing result and text files
> containing respective links to access each issue explanation.
>
> If you agree with fixing those issues, I can run a full test in all MHD
> files and share all the reported issues (I fix the ones possible for me).
>
> [1] PVS-Studio page, < https://www.viva64.com/en/pvs-studio
> <https://www.viva64.com/en/pvs-studio> >
> [2] PVS-Studio inspections, < https://www.viva64.com/en/
> <https://www.viva64.com/en/>inspections
> <https://www.viva64.com/en/inspections> >
> [3] cURL fixes based on PVS-Studio issuing,
> < https://github.com/curl/curl/search?q=pvs&type=Issues
> <https://github.com/curl/curl/search?q=pvs&type=Issues> >
> [4] first MHD report using PVS-Studio free for open source projects,
> < https://duallsistemas.com.br/download/pvs_mhd/fullhtml
> <https://duallsistemas.com.br/download/pvs_mhd/fullhtml> >
>
> --
> Silvio Clécio
signature.asc
Description: OpenPGP digital signature
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [libmicrohttpd] MHD and PVS-Studio Analysis,
Christian Grothoff <=