[libvirt] [PATCH 01/11] tlscontext: Make sure to get proper pointer to name

Eric Blake eblake at redhat.com
Thu Jan 31 20:59:09 UTC 2013 

On 01/31/2013 12:28 PM, John Ferlan wrote:
> On 01/31/2013 11:41 AM, Eric Blake wrote:
>> On 01/31/2013 03:44 AM, Osier Yang wrote:
>>> On 2013年01月31日 03:36, John Ferlan wrote:
>>>> The 'dname' string was only filled in within the loop when available;
>>>> however, the TRACE macros used it unconditionally and caused Coverity
>>>> to compain about BAD_SIZEOF.  Using a dnameptr keeps Coverity at bay and
>>
>> s/compain/complain/
>>

>>>> +    char *dnameptr = NULL;
>>
>> Would it be any simpler to just 0-initialize dname, as in:
>>
>> char dname[256] = "";
>>
>>
> 
> As Osier points out there is a memset(dname, 0, dnamesize) in the code

Okay, the memset() does the same thing as initializing would have done.

> 
> Changing the code to use the above still results in Coverity complaint
> for each PROBE:
> 
> 1062 	
> 
> (1) Event bad_sizeof: 	Taking the size of "dname", which is the address
> of an object, is suspicious. Did you intend the size of the object itself?
> 
> 1063 	    PROBE(RPC_TLS_CONTEXT_SESSION_ALLOW,
> 1064 	          "ctxt=%p sess=%p dname=%s",
> 1065 	          ctxt, sess, dname);

Lookin at the preprocessed source, it looks like Coverity is complaining
about this snippet of the expansion of PROBE():

__builtin_classify_type (((void *
)(intptr_t)(dname))) == 5) ? sizeof (void *) : sizeof (((void
*)(intptr_t)(dname))))

and yes, we really DO want to take the sizeof the address, not what it
points to, because the point of the PROBE() is to write the address at
which data starts.

So since it sounds like you were able to shut things up by having a
pointer instead of an array to begin with, the simplest solution is thus:

char dname[256];
char dnameptr = dname;

then PROBE(dnameptr)

No need to do PROBE(dnameptr ? dnameptr : "(unknown)").

All we are doing is handing Coverity a pointer instead of an array,
although both point to the same data, in order to shut up the false
positive.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 621 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20130131/35552860/attachment-0001.sig>

More information about the libvir-list mailing list