bug-gnulib
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Coverity false positives triggered by gnulib's implementation of bas

From: Kamil Dudka
Subject: Re: Coverity false positives triggered by gnulib's implementation of base64
Date: Fri, 10 May 2019 16:32:16 +0200 
On Friday, May 10, 2019 4:11:45 PM CEST Bruno Haible wrote:
> Kamil Dudka wrote:
> > Thanks!  This also helps to suppress the false positives on cryptsetup
> > with Coverity Static Analysis version 2019.03.
> 
> Good! Since this is the approach that Paul prefers, I'm pushing this one:
> 
> 
> 2019-05-10  Bruno Haible  <address@hidden>
> 
>       base64: Avoid false positive warning from Coverity.
>       Reported by Kamil Dudka <address@hidden>.
>       Idea by Paul Eggert.
>       * lib/base64.c (base64_encode_fast, base64_encode): Add a no-op
>       '& 0x3f' to the array index expressions. This convinces Coverity that
>       there is no out-of-bounds array reference, regardless of the input.
> 
> diff --git a/lib/base64.c b/lib/base64.c
> index f3f7298..a00e0f4 100644
> --- a/lib/base64.c
> +++ b/lib/base64.c
> @@ -70,7 +70,7 @@ base64_encode_fast (const char *restrict in, size_t inlen,
> char *restrict out) {
>    while (inlen)
>      {
> -      *out++ = b64c[to_uchar (in[0]) >> 2];
> +      *out++ = b64c[(to_uchar (in[0]) >> 2) & 0x3f];
>        *out++ = b64c[((to_uchar (in[0]) << 4) + (to_uchar (in[1]) >> 4)) &
> 0x3f]; *out++ = b64c[((to_uchar (in[1]) << 2) + (to_uchar (in[2]) >> 6)) &
> 0x3f]; *out++ = b64c[to_uchar (in[2]) & 0x3f];
> @@ -103,7 +103,7 @@ base64_encode (const char *restrict in, size_t inlen,
> 
>    while (inlen && outlen)
>      {
> -      *out++ = b64c[to_uchar (in[0]) >> 2];
> +      *out++ = b64c[(to_uchar (in[0]) >> 2) & 0x3f];
>        if (!--outlen)
>          break;
>        *out++ = b64c[((to_uchar (in[0]) << 4)

Works for me.  Thanks to both of you!

Kamil
reply via email to
[Prev in Thread] Current Thread [Next in Thread]