On 6/18/21 8:44 AM, Darren Kenny wrote:
It appears to be possible that the mctx->state_log field may be NULL
How so? I don't see the execution path that would do that.
If you can see how it could happen, please let us know. Otherwise, does
the attached patch pacify Coverity, and if not why not?
The DEBUG_ASSERT stuff does pacify GCC, as it tells GCC things that GCC
isn't smart enough to figure out on its own. I hope Coverity can use
similar advice.
diff --git a/lib/regexec.c b/lib/regexec.c
index 5e4eb497a..f25e00d83 100644
--- a/lib/regexec.c
+++ b/lib/regexec.c
@@ -1674,6 +1674,8 @@ build_sifted_states (const re_match_context_t *mctx, re_sift_context_t *sctx,
static reg_errcode_t
clean_state_log_if_needed (re_match_context_t *mctx, Idx next_state_log_idx)
{
+ DEBUG_ASSERT (mctx->state_log != NULL);
+
Idx top = mctx->state_log_top;
if ((next_state_log_idx >= mctx->input.bufs_len
