From: Peter Stephenson <p.stephenson@samsung.com>
To: zsh-workers@zsh.org
Subject: Re: PATCH 16/17: compctl: Comparing array with 0 does nothing, check contents (should it be dropped instead?)
Date: Tue, 06 Jan 2015 10:20:32 +0000 [thread overview]
Message-ID: <20150106102032.35ba4a55@pwslap01u.europe.root.pri> (raw)
In-Reply-To: <1420521949-30483-17-git-send-email-mikachu@gmail.com>
On Tue, 6 Jan 2015 06:25:48 +0100
Mikael Magnusson <mikachu@gmail.com> wrote:
> Found by Coverity (Issue 1255780).
> ---
> Src/Zle/compctl.c | 2 +-
> Src/jobs.c | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/Src/Zle/compctl.c b/Src/Zle/compctl.c
> index 96ad6a2..2a80e6c 100644
> --- a/Src/Zle/compctl.c
> +++ b/Src/Zle/compctl.c
> @@ -3685,7 +3685,7 @@ makecomplistflags(Compctl cc, char *s, int incmd, int compadd)
>
> for (i = 0; i <= maxjob; i++)
> if ((jobtab[i].stat & STAT_INUSE) &&
> - jobtab[i].procs && jobtab[i].procs->text) {
> + jobtab[i].procs && jobtab[i].procs->text[0]) {
> int stopped = jobtab[i].stat & STAT_STOPPED;
>
> j = dupstring(jobtab[i].procs->text);
> diff --git a/Src/jobs.c b/Src/jobs.c
> index c6e1bce..295f4c9 100644
> --- a/Src/jobs.c
> +++ b/Src/jobs.c
> @@ -2718,7 +2718,7 @@ findjobnam(const char *s)
> for (jobnum = maxjob; jobnum >= 0; jobnum--)
> if (!(jobtab[jobnum].stat & (STAT_SUBJOB | STAT_NOPRINT)) &&
> jobtab[jobnum].stat && jobtab[jobnum].procs && jobnum != thisjob &&
> - jobtab[jobnum].procs->text && strpfx(s, jobtab[jobnum].procs->text))
> + jobtab[jobnum].procs->text[0] && strpfx(s, jobtab[jobnum].procs->text))
> return jobnum;
> return -1;
> }
This is because text is an array within the structure. I haven't looked
to see if we always sanitise the maximum length (including NULL) to
JOBTEXTSIZE; I don't know if Coverity would know about that. We
initialise it as
if (text)
strcpy(pn->text, text);
else
*pn->text = '\0';
So the change is fine but in the second case the remaining test might
not be needed: the strpfx() will fail unless s is also empty and if it is
also empty logically it should probably succeed (how useful that is is
another question). But probably not worth worrying about.
pws
next prev parent reply other threads:[~2015-01-06 10:20 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-06 5:25 Some valgrind patches Mikael Magnusson
2015-01-06 5:25 ` PATCH 01/17: emulate: Handle aborting from mixed -L/-c correctly Mikael Magnusson
2015-01-06 5:25 ` PATCH 02/17: Don't crash when writing out history if HOST is unset Mikael Magnusson
2015-01-06 5:25 ` PATCH 03/17: computil: Check for NULL before passing to strlen Mikael Magnusson
2015-01-06 5:25 ` PATCH 04/17: zle: size_t is unsigned, use int instead Mikael Magnusson
2015-01-06 5:25 ` PATCH 05/17: compcore: Fix size argument to zfree Mikael Magnusson
2015-01-06 5:25 ` PATCH 06/17: compctl: Remove pointless check Mikael Magnusson
2015-01-06 7:53 ` Bart Schaefer
2015-01-06 9:18 ` Mikael Magnusson
2015-01-06 9:43 ` Kamil Dudka
2015-01-06 11:09 ` Mikael Magnusson
2015-01-06 11:29 ` Kamil Dudka
2015-01-06 16:19 ` Ray Andrews
2015-01-06 5:25 ` PATCH 07/17: compresult: Remove unneeded NULL check Mikael Magnusson
2015-01-06 5:25 ` PATCH 08/17: subst: remove dead code Mikael Magnusson
2015-01-06 5:25 ` PATCH 09/17: complist: Fix leak of string in clnicezputs Mikael Magnusson
2015-01-06 5:25 ` PATCH 10/17: whence: use dupstring to not leak memory Mikael Magnusson
2015-01-06 5:25 ` PATCH 11/17: hist: use zhtricat instead of tricat Mikael Magnusson
2015-01-06 5:25 ` PATCH 12/17: typeset: fix leak of oldval Mikael Magnusson
2015-01-06 9:52 ` Peter Stephenson
2015-01-06 5:25 ` PATCH 13/17: anon funcs: don't leak shf when ctrl-c in () {:} =(sleep 1) Mikael Magnusson
2015-01-06 9:54 ` Peter Stephenson
2015-01-06 10:14 ` Mikael Magnusson
2015-01-06 10:34 ` Peter Stephenson
2015-01-06 11:06 ` Mikael Magnusson
2015-01-06 11:18 ` Peter Stephenson
2015-01-06 11:24 ` Mikael Magnusson
2015-01-06 5:25 ` PATCH 14/17: getsubsargs: free ptr1 before returning Mikael Magnusson
2015-01-06 10:03 ` Peter Stephenson
2015-01-06 5:25 ` PATCH 15/17: Don't leak ifs stuff Mikael Magnusson
2015-01-06 10:14 ` Peter Stephenson
2015-01-06 5:25 ` PATCH 16/17: compctl: Comparing array with 0 does nothing, check contents (should it be dropped instead?) Mikael Magnusson
2015-01-06 10:20 ` Peter Stephenson [this message]
2015-01-06 16:23 ` Ray Andrews
2015-01-06 16:30 ` İsmail Dönmez
2015-01-06 5:25 ` PATCH 17/17: check widthp before deref (is this okay, or should it be *swidep = buf + *widthp ? *widthp : 0; or something) Mikael Magnusson
2015-01-06 7:49 ` Bart Schaefer
2015-01-06 11:28 ` Mikael Magnusson
2015-01-06 11:30 ` Some valgrind patches Mikael Magnusson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150106102032.35ba4a55@pwslap01u.europe.root.pri \
--to=p.stephenson@samsung.com \
--cc=zsh-workers@zsh.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).