Coverity report on issues in C client code ------------------------------------------
Key: ZOOKEEPER-310 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-310 Project: Zookeeper Issue Type: Bug Components: c client Affects Versions: 3.1.0 Reporter: Patrick Hunt Priority: Minor Fix For: 3.2.0 Coverity found the following issues in the c code thatwe should look at/resolve: 1) zookeeper.c Event unterminated_case: This case (value 0) is not terminated by a 'break' statement. 717 case 0: 718 errno = EHOSTDOWN; Event fallthrough: The above case falls through to this one. 719 case -1: Event unterminated_case: This case (value 0) is not terminated by a 'break' statement. 739 case 0: 740 errno = EHOSTDOWN; Event fallthrough: The above case falls through to this one. 741 case -1: Event negative_return_fn: Called negative-returning function "socket(2, 1, 0)" Event var_assign: NEGATIVE return value of "socket" assigned to signed variable "zh->fd" 1099 zh->fd = socket(PF_INET, SOCK_STREAM, 0); Event negative_returns: Tracked variable "zh->fd" was passed to a negative sink. 1100 setsockopt(zh->fd, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(int)); Event deref_ptr: Directly dereferenced pointer "cptr->buffer" 1308 cptr->buffer->curr_offset = get_buffer_len(oa); Event check_after_deref: Pointer "cptr->buffer" dereferenced before NULL check 1309 if (!cptr->buffer) { cli.c Event returned_null: Function "strchr" returned NULL value (checked 4 out of 5 times) Event var_assigned: Variable "ptr" assigned to NULL return value from "strchr" 532 char *ptr = strchr(buffer, '\n'); Event dereference: Dereferencing NULL value "ptr" recordio.c Event alloc_fn: Called allocation function "malloc" Event var_assign: Assigned variable "buff" to storage returned from "malloc(12U)" 284 struct buff_struct *buff = malloc(sizeof(struct buff_struct)); Event leaked_storage: Variable "buff" goes out of scope At conditional (1): "!(ia != NULL)" taking true path 285 if (!ia) return 0; Event alloc_fn: Called allocation function "malloc" Event var_assign: Assigned variable "buff" to storage returned from "malloc(12U)" 301 struct buff_struct *buff = malloc(sizeof(struct buff_struct)); Event leaked_storage: Variable "buff" goes out of scope At conditional (1): "!(oa != NULL)" taking true path 302 if (!oa) return 0; -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.