[
https://issues.apache.org/jira/browse/TS-2959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14205029#comment-14205029
]
James Peach commented on TS-2959:
---------------------------------
I think the compiler's analysis is reasonable. {{MultiCacheHeader::levels}} is
a public instance variable, so in principle it's value can be anything. The
unchecked use of {{level}} parameters throughout this file is dangerous and
easily fixed.
We should make the {{level}} parameter and member variable unsigned, since
there's no rationale for a negative level. In {{MultiCacheBase::initialize}},
we should check the {{alevels}} variable against {{MULTI_CACHE_MAX_LEVELS}}. In
the various {{MultiCache}} methods we should check that the {{level}} parameter
is < {{MULTI_CACHE_MAX_LEVELS}}. I'm not sure how we can tell the cimpiler
about the invariant that {{MultiCacheHeader::levels}} should always be <
{{MULTI_CACHE_MAX_LEVELS}}, but it would be nice to be able to do so.
> Compiler warnings from gcc 4.9.1
> --------------------------------
>
> Key: TS-2959
> URL: https://issues.apache.org/jira/browse/TS-2959
> Project: Traffic Server
> Issue Type: Bug
> Components: Core, DNS
> Reporter: Leif Hedstrom
> Assignee: Susan Hinrichs
> Fix For: 5.2.0
>
> Attachments: ts-2959.diff
>
>
> We get:
> {code}
> In file included from ../../iocore/hostdb/P_HostDB.h:47:0,
> from ../../proxy/Main.cc:63:
> ../../iocore/hostdb/P_MultiCache.h: In member function ‘void
> MultiCache<C>::rebuild_element(int, char*, RebuildMC&) [with C = HostDBInfo]’:
> ../../iocore/hostdb/P_MultiCache.h:468:23: error: array subscript is above
> array bounds [-Werror=array-bounds]
> char *offset = data + level_offset[level] + bucketsize[level] * bucket;
> ^
> ../../iocore/hostdb/P_MultiCache.h:468:65: error: array subscript is above
> array bounds [-Werror=array-bounds]
> char *offset = data + level_offset[level] + bucketsize[level] * bucket;
> ^
> ../../iocore/hostdb/P_MultiCache.h:487:29: error: array subscript is above
> array bounds [-Werror=array-bounds]
> for (block = b; block < b + elements[level]; block++) {
> ^
> ../../iocore/hostdb/P_MultiCache.h:509:39: error: array subscript is above
> array bounds [-Werror=array-bounds]
> if (hits > ((max_hits / 2) + 1) * elements[level])
> ^
> ../../iocore/hostdb/P_MultiCache.h:511:33: error: array subscript is above
> array bounds [-Werror=array-bounds]
> for (block = b; block < b + elements[level]; block++) {
> ^
> ../../iocore/hostdb/P_MultiCache.h:468:23: error: array subscript is above
> array bounds [-Werror=array-bounds]
> char *offset = data + level_offset[level] + bucketsize[level] * bucket;
> ^
> ../../iocore/hostdb/P_MultiCache.h:468:65: error: array subscript is above
> array bounds [-Werror=array-bounds]
> char *offset = data + level_offset[level] + bucketsize[level] * bucket;
> ^
> ../../iocore/hostdb/P_MultiCache.h:487:29: error: array subscript is above
> array bounds [-Werror=array-bounds]
> for (block = b; block < b + elements[level]; block++) {
> ^
> ../../iocore/hostdb/P_MultiCache.h:509:39: error: array subscript is above
> array bounds [-Werror=array-bounds]
> if (hits > ((max_hits / 2) + 1) * elements[level])
> ^
> ../../iocore/hostdb/P_MultiCache.h:511:33: error: array subscript is above
> array bounds [-Werror=array-bounds]
> for (block = b; block < b + elements[level]; block++) {
> ^
> ../../iocore/hostdb/P_MultiCache.h:552:31: error: array subscript is above
> array bounds [-Werror=array-bounds]
> for (block = b; block < b + elements[level]; block++) {
> ^
> ../../iocore/hostdb/P_MultiCache.h:558:31: error: array subscript is above
> array bounds [-Werror=array-bounds]
> for (block = b; block < b + elements[level]; block++)
> ^
> ../../iocore/hostdb/P_MultiCache.h:552:31: error: array subscript is above
> array bounds [-Werror=array-bounds]
> for (block = b; block < b + elements[level]; block++) {
> ^
> ../../iocore/hostdb/P_MultiCache.h:558:31: error: array subscript is above
> array bounds [-Werror=array-bounds]
> for (block = b; block < b + elements[level]; block++)
> ^
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
