From: Alexander Monakov <amonakov@ispras.ru>
To: musl@lists.openwall.com
Subject: Static analyzers results on musl
Date: Fri, 4 Oct 2013 21:51:25 +0400 (MSK) [thread overview]
Message-ID: <alpine.LNX.2.00.1310042102540.6178@monopod.intra.ispras.ru> (raw)
Hello,
From reading recent archives, it appeared to me there was some interest in
applying source code analysis tools to musl. My co-workers helped me run a
couple of tools on musl, so here are the results.
Szabolcs kindly assisted with hosting Clang Analyzer results at
http://port70.net/~nsz/musl/clang-2013-10-04/
The analyzer was run on today's sources (commit 38a0a4d). The build with
make -j4 was interrupted at some point during building PIC objects; I presume
at that point all non-PIC code was built, and the analyzer saw all source
code, except maybe some #ifdef SHARED sections.
My take on those:
- 2 sizeof mismatch warnings make sense
- 19+1 "dead code" warnings are helpful
- "Out-of-bound array access" in glob.c appears to be a false positive (?)
- There are many "garbage"/"undefined" warnings where the variable in
question is passed to a syscall by reference and expected to be initialized
there, unless error is signalled; it's quite unfortunate to have many false
positives like that
- I have not attempted to investigate "dereference of null" warnings
I also have results from another static analysis tool developed internally
were I work. Here's a few hand-picked additional warnings. I ran the tool
without updating git first, so the tree was from September 9 (commit ff4be70).
Sorry about that.
setenv.c:21 malloc return value not checked
getspnam_r.c I wonder if there's a window between opening the file and
pthread_cleanup_push where the handle would leak? (this is not what the tool
flagged)
vfprintf.c:664
vfwprint.c:354 va_end not called on error return path
regcomp.c:767
regcomp.c:807 sizeof mismatch; don't know why not flagged by clang
getifaddrs.c:92 the code trusts the kernel that the fifth token would not be
longer than IFNAMSIZ :)
There are a few warnings that return value of .*nl_langinfo.* is not checked
for NULL before use; presumably that is by design.
Hope that helps.
Alexander
next reply other threads:[~2013-10-04 17:51 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-10-04 17:51 Alexander Monakov [this message]
2013-10-04 18:18 ` Szabolcs Nagy
2013-10-04 20:21 ` Rich Felker
2013-10-04 21:10 ` Alexander Monakov
2013-10-04 21:32 ` Rich Felker
2013-10-04 21:39 ` Alexander Monakov
2013-10-05 2:01 ` Rich Felker
2013-10-10 16:06 ` Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.LNX.2.00.1310042102540.6178@monopod.intra.ispras.ru \
--to=amonakov@ispras.ru \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).