On July 13, 2020 12:27:02 PM PDT, Tom Rix <t...@redhat.com> wrote: > >On 7/12/20 3:21 PM, h...@zytor.com wrote: >> On July 12, 2020 8:12:43 AM PDT, Tom Rix <t...@redhat.com> wrote: >>> On 7/12/20 6:09 AM, H. Peter Anvin wrote: >>>> On 2020-07-12 05:59, t...@redhat.com wrote: >>>>> From: Tom Rix <t...@redhat.com> >>>>> >>>>> clang static analysis flags this error >>>>> >>>>> lib/decompress_bunzip2.c:671:13: warning: Result of 'malloc' is >>> converted >>>>> to a pointer of type 'unsigned int', which is incompatible with >>> sizeof >>>>> operand type 'int' [unix.MallocSizeof] >>>>> bd->dbuf = large_malloc(bd->dbufSize * sizeof(int)); >>>>> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >>>>> >>>>> Reviewing the bunzip_data structure, the element dbuf is type >>>>> >>>>> /* Intermediate buffer and its size (in bytes) */ >>>>> unsigned int *dbuf, dbufSize; >>>>> >>>>> So change the type in sizeof to 'unsigned int' >>>>> >>>> You must be kidding. >>>> >>>> If you want to change it, change it to sizeof(bd->dbuf) instead, >but >>> this flag >>>> is at least in my opinion a total joke. For sizeof(int) != >>> sizeof(unsigned >>>> int) is beyond bizarre, no matter how stupid the platform. >>> Using the actual type is more correct that using a type of the same >>> size. >>> >>> trix >>> >>>> -hpa >>>> >> "More correct?" All it is is more verbose. >> >> Using the sizeof of the actual object at least adds some actual >safety. > >Sorry, I am being pedantic, I mean anything that produces the correct >assembly is correct. But there are different path to being correct. >The path I was suggesting to follow the type of the element/final >pointer when allocating an memory. > >large_malloc(bd->dbufSize * sizeof(*bd->dbuf)) would also work > >I will respin. > >trix
This isn't Linux style, but in the NASM source I have been migrating to macros: nasm_new(ptr); nasm_newn(ptr,n); ... using sizeof() in exactly this manner. -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
