On Tue, 20 Dec 2011 12:48:28 +0100 Michal Hlavinka wrote: > we've used static code analyzer on ksh sources and it found following > problems (after obvious false possitives clean up). We've tested latest > version available (20110630), so because it's quite old now, some > problems can be no longer valid or on different possition. Do you plan > to release new (beta) version soon?
I just merged in dgk's changes for ksh and I did the -last and -lcmd ones except for these that are ok: OK lib/libast/disc/sfdcmore.c: * memory leak: more 324: if (!(more = (More_t*)malloc(sizeof(More_t) + n))) 368: return 0; but 'more' not free()d OK lib/libast/disc/sfkeyprintf.c: * possible null pointer dereference: a 147: char* a = 0; 190: if (i == ':' && fp->fmt.fmt == 's' && strlen(a) > 4 && !isalnum(*(a + 4))) OK lib/libast/misc/magic.c: * possible null pointer dereference: ep 2444: register Entry_t* rp = 0; 2490: ep = rp; 2491: ep->value.lab->mask = 1; OK lib/libast/port/lcgen.c: * resource leak 'hf' 300: if (!(hf = fopen(hdr, "w"))) 308: return 1; but 'hf' not closed OK lib/libast/sfio/sfvprintf.c: * va_end not called for: oargs 202: va_copy(oargs,args); OK lib/libast/string/tokscan.c: * va_end not called for: prv_ap 235: va_copy(prv_ap, ap); OK lib/libcmd/wclib.c: * result always true regardless of the values of its operand 453: while(mbc(c) && ((c|WC_ERR) || (c&7)==0)) (c|0x40L) is always 1/true _______________________________________________ ast-developers mailing list [email protected] https://mailman.research.att.com/mailman/listinfo/ast-developers
