Addressed several minor issues revealed by static analysis (coverity, clang). Mostly to do with extreme corner cases in which a null pointer would be dereferenced, or dereferencing a non-null (but non-initialized) pointer would result in garbage.

This commit is contained in:
Ward Fisher 2014-03-28 17:11:26 -06:00
parent b2831841f1
commit 76e5e0f1fa
8 changed files with 66 additions and 40 deletions

1
.gitignore vendored
View File

@ -16,3 +16,4 @@ scan-build
Makefile
.DS_Store
build-par
build_llvm

View File

@ -977,21 +977,22 @@ CHECK_INCLUDE_FILE("BaseTsd.h" HAVE_BASETSD_H)
CHECK_INCLUDE_FILE("stddef.h" HAVE_STDDEF_H)
# Type checks
CHECK_TYPE_SIZE("double" SIZEOF_DOUBLE)
CHECK_TYPE_SIZE("float" SIZEOF_FLOAT)
CHECK_TYPE_SIZE("int" SIZEOF_INT)
CHECK_TYPE_SIZE("long" SIZEOF_LONG)
CHECK_TYPE_SIZE("long long" SIZEOF_LONG_LONG)
CHECK_TYPE_SIZE("off_t" SIZEOF_OFF_T)
CHECK_TYPE_SIZE("off64_t" SIZEOF_OFF64_T)
CHECK_TYPE_SIZE("short" SIZEOF_SHORT)
CHECK_TYPE_SIZE("size_t" SIZEOF_SIZE_T)
CHECK_TYPE_SIZE("ssize_t" SIZEOF_SSIZE_T)
CHECK_TYPE_SIZE("char" SIZEOF_CHAR)
CHECK_TYPE_SIZE("double" SIZEOF_DOUBLE)
CHECK_TYPE_SIZE("float" SIZEOF_FLOAT)
CHECK_TYPE_SIZE("int" SIZEOF_INT)
CHECK_TYPE_SIZE("long" SIZEOF_LONG)
CHECK_TYPE_SIZE("long long" SIZEOF_LONG_LONG)
CHECK_TYPE_SIZE("off_t" SIZEOF_OFF_T)
CHECK_TYPE_SIZE("off64_t" SIZEOF_OFF64_T)
CHECK_TYPE_SIZE("short" SIZEOF_SHORT)
CHECK_TYPE_SIZE("size_t" SIZEOF_SIZE_T)
CHECK_TYPE_SIZE("ssize_t" SIZEOF_SSIZE_T)
# __int64 is used on Windows for large file support.
CHECK_TYPE_SIZE("__int64" SIZEOF___INT_64)
CHECK_TYPE_SIZE("uchar" SIZEOF_UCHAR)
CHECK_TYPE_SIZE("int64_t" SIZEOF_INT64_T)
CHECK_TYPE_SIZE("uint64_t" SIZEOF_UINT64_T)
CHECK_TYPE_SIZE("__int64" SIZEOF___INT_64)
CHECK_TYPE_SIZE("uchar" SIZEOF_UCHAR)
CHECK_TYPE_SIZE("int64_t" SIZEOF_INT64_T)
CHECK_TYPE_SIZE("uint64_t" SIZEOF_UINT64_T)
# On windows systems, we redefine off_t as __int64
# to enable LFS. This is true on 32 and 64 bit system.s

View File

@ -203,6 +203,8 @@ are set when opening a binary file on Windows. */
/* Define if we have filelengthi64. */
#cmakedefine HAVE_FILE_LENGTH_I64 @HAVE_FILE_LENGTH_I64@
/* The size of `char` as computed by sizeof. */
#cmakedefine SIZEOF_CHAR @SIZEOF_CHAR@
/* The size of `double` as computed by sizeof. */
#cmakedefine SIZEOF_DOUBLE @SIZEOF_DOUBLE@
/* The size of `float` as computed by sizeof. */

View File

@ -967,7 +967,7 @@ buildcdftreer(NCDAPCOMMON* nccomm, OCddsnode ocnode, CDFnode* container,
OCtype ocatomtype;
char* ocname = NULL;
NCerror ncerr = NC_NOERR;
CDFnode* cdfnode;
CDFnode* cdfnode = NULL;
oc_dds_class(nccomm->oc.conn,ocnode,&octype);
if(octype == OC_Atomic)
@ -1020,7 +1020,14 @@ buildcdftreer(NCDAPCOMMON* nccomm, OCddsnode ocnode, CDFnode* container,
case OC_Dimension:
default: PANIC1("buildcdftree: unexpect OC node type: %d",(int)octype);
}
}
/* Avoid a rare but perhaps possible null-dereference
of cdfnode. Not sure what error to throw, so using
NC_EDAP: generic DAP error. */
if(!cdfnode) {
return NC_EDAP;
}
#if 0
/* cross link */
assert(tree->root != NULL);
@ -1194,7 +1201,7 @@ defdimensions(OCddsnode ocnode, CDFnode* cdfnode, NCDAPCOMMON* nccomm, CDFtree*
OCddsnode ocdim;
char* ocname;
size_t declsize;
oc_dds_ithdimension(nccomm->oc.conn,ocnode,i,&ocdim);
oc_dimension_properties(nccomm->oc.conn,ocdim,&declsize,&ocname);

View File

@ -71,21 +71,26 @@ new_x_NC_var(
if(ndims != 0)
{
#ifdef MALLOCHACK
/*
* NOTE: lint may complain about the next 3 lines:
* "pointer cast may result in improper alignment".
* We use the M_RNDUP() macro to get the proper alignment.
*/
varp->dimids = (int *)((char *)varp + M_RNDUP(sizeof(NC_var)));
varp->shape = (size_t *)((char *)varp->dimids + o1);
varp->dsizes = (off_t *)((char *)varp->shape + o2);
/*
* NOTE: lint may complain about the next 3 lines:
* "pointer cast may result in improper alignment".
* We use the M_RNDUP() macro to get the proper alignment.
*/
varp->dimids = (int *)((char *)varp + M_RNDUP(sizeof(NC_var)));
varp->shape = (size_t *)((char *)varp->dimids + o1);
varp->dsizes = (off_t *)((char *)varp->shape + o2);
#else /*!MALLOCHACK*/
varp->dimids = (int*)malloc(o1);
varp->shape = (size_t*)malloc(o2);
varp->dsizes = (off_t*)malloc(o3);
varp->dimids = (int*)malloc(o1);
varp->shape = (size_t*)malloc(o2);
varp->dsizes = (off_t*)malloc(o3);
#endif /*!MALLOCHACK*/
} else {
varp->dimids = NULL;
varp->shape = NULL;
varp->dsizes=NULL;
}
varp->xsz = 0;
varp->len = 0;
varp->begin = 0;
@ -102,16 +107,16 @@ static NC_var *
new_NC_var(const char *uname, nc_type type,
size_t ndims, const int *dimids)
{
NC_string *strp;
NC_var *varp;
NC_string *strp = NULL;
NC_var *varp = NULL;
char *name = (char *)utf8proc_NFC((const unsigned char *)uname);
if(name == NULL)
return NULL;
strp = new_NC_string(strlen(name), name);
free(name);
if(strp == NULL)
return NULL;
return NULL;
varp = new_x_NC_var(strp, ndims);
if(varp == NULL )
@ -123,7 +128,9 @@ new_NC_var(const char *uname, nc_type type,
varp->type = type;
if( ndims != 0 && dimids != NULL)
(void) memcpy(varp->dimids, dimids, ndims * sizeof(int));
(void) memcpy(varp->dimids, dimids, ndims * sizeof(int));
return(varp);
}
@ -401,7 +408,7 @@ NC_var_shape(NC_var *varp, const NC_dimarray *dims)
varp->xsz = ncx_szof(varp->type);
if(varp->ndims == 0)
if(varp->ndims == 0 || varp->dimids == NULL)
{
goto out;
}
@ -537,7 +544,7 @@ NC3_def_var( int ncid, const char *name, nc_type type,
NC *nc;
NC3_INFO* ncp;
int varid;
NC_var *varp;
NC_var *varp = NULL;
status = NC_check_id(ncid, &nc);
if(status != NC_NOERR)

View File

@ -761,11 +761,14 @@ NC4_inq_var_all(int ncid, int varid, char *name, nc_type *xtypep,
{
if (!(fill_valuep = calloc(1, sizeof(char *))))
return NC_ENOMEM;
if ((retval = nc4_get_default_fill_value(var->type_info, (char **)fill_valuep)))
{
free(fill_valuep);
return retval;
}
} else {
free(fill_valuep);
}
}
else
{

View File

@ -272,7 +272,7 @@ dumpfield(size_t index, char* n8, int isxdr)
line[0] = '\0';
/* offset */
sprintf(tmp,"%6d",index);
sprintf(tmp,"%6zd",index);
addfield(tmp,line,5);
memcpy(form.cv,n8,4);

View File

@ -387,8 +387,13 @@ createtempfile(OCstate* state, OCtree* tree)
return stat;
fail:
if(name != NULL) free(name);
oclog(OCLOGERR,"oc_open: attempt to create tmp file failed: %s",name);
if(name != NULL) {
oclog(OCLOGERR,"oc_open: attempt to create tmp file failed: %s",name);
free(name);
} else {
oclog(OCLOGERR,"oc_open: attempt to create tmp file failed: NULL");
}
return stat;
}