[master] 4fba40baf flexelinting

Nils Goroll nils.goroll at uplex.de
Mon Oct 4 16:31:06 UTC 2021


commit 4fba40baff97cdce324fc8be9ab53bdfec568172
Author: Nils Goroll <nils.goroll at uplex.de>
Date:   Mon Oct 4 18:24:25 2021 +0200

    flexelinting
    
    Info 776 (Possible truncation of addition): I found no better way than
    using an additional size_t argument. This triggered a subsequent
    warning about an out-of-bounds access, which could be silenced with
    additional assertions on nac to be large anough such that av[ac] was
    not out of bounds.
    
    Warning 429: Custodial pointer 'av' (line 60) has not been freed or
    returned:
    
    In other cases, the argument vector comes from VAV_Parse() which
    flexelint apparently can't follow along, yet memory for a VAV is also
    allocated and never freed (see also bottom of STV_Config()).
    
    In this case I found no better way than to silence flexelint.

diff --git a/bin/varnishd/storage/storage_debug.c b/bin/varnishd/storage/storage_debug.c
index ad069ef5f..9086ebd0f 100644
--- a/bin/varnishd/storage/storage_debug.c
+++ b/bin/varnishd/storage/storage_debug.c
@@ -57,7 +57,8 @@ smd_init(struct stevedore *parent, int aac, char * const *aav)
 	struct obj_methods *methods;
 	const char *ident;
 	int i, ac = 0;
-	char **av;
+	size_t nac;
+	char **av;	//lint -e429
 
 	ident = parent->ident;
 	memcpy(parent, &sma_stevedore, sizeof *parent);
@@ -69,7 +70,10 @@ smd_init(struct stevedore *parent, int aac, char * const *aav)
 	memcpy(methods, &SML_methods, sizeof *methods);
 	parent->methods = methods;
 
-	av = calloc(aac + 1, sizeof *av);
+	assert(aac >= 0);
+	nac = aac;
+	nac++;
+	av = calloc(nac, sizeof *av);
 	AN(av);
 	for (i = 0; i < aac; i++) {
 		if (aav[i] != NULL && ! strcmp(aav[i], "lessspace")) {
@@ -79,6 +83,8 @@ smd_init(struct stevedore *parent, int aac, char * const *aav)
 		REPLACE(av[ac], aav[i]);
 		ac++;
 	}
+	assert(ac >= 0);
+	assert(ac < (int)nac);
 	AZ(av[ac]);
 
 	sma_stevedore.init(parent, ac, av);


More information about the varnish-commit mailing list