Re: Using Clang's static analyzer on bash

On 4/26/17 11:10 AM, Eduardo Bustamante wrote: > On Mon, Apr 24, 2017 at 10:13 AM, Chet Ramey wrote: > [...] >> I'd be interested in seeing the results. In my experience with similar >> tools, the false positive ratio is very high. > > Most of the "errors" identified are

Re: Using Clang's static analyzer on bash

On Wed, Apr 26, 2017 at 10:10 AM, Eduardo Bustamante wrote: [...] > #1 optimized_assignment in variables.c does not check if xrealloc was > successful (i.e. not NULL), so if it fails, strcpy will end up > dereferencing a null pointer. I just noticed that xrealloc will exit on

Re: Using Clang's static analyzer on bash

On 4/23/17 9:02 PM, Eduardo Bustamante wrote: > I built bash using scan-build > (https://clang-analyzer.llvm.org/scan-build.html) and I noticed that > it was able to detect the null pointer dereference reported earlier by > Jaren (https://lists.gnu.org/archive/html/bug-bash/2017-04/msg00100.html).