"UB" stands for undefined behaviour. that's the reason why cppcheck is unhappy. how do that properly - that's the question :)
2018-03-20 10:48 GMT+05:00 Willy Tarreau <[email protected]>: > On Mon, Mar 19, 2018 at 06:55:46PM +0500, ???? ??????? wrote: > > (it's master) > > > > is it in purpose ? > > > > [src/ssl_sock.c:1553]: (warning) Invalid test for overflow > > 'msg+rec_len<msg'. Condition is always false unless there is overflow, > and > > overflow is UB. > > The code is : > > rec_len = (msg[0] << 8) + msg[1]; > msg += 2; > if (msg + rec_len > end || msg + rec_len < msg) > return; > > It's indeed an overflow check which was placed on purpose. What does > your tool propose as a better way to check for an overflow ? rec_len > being a size_t, it's unsigned so the overflow check is fine and > necessary in my opinion. > > Regards, > Willy >
