[jira] Created: (ZOOKEEPER-310) Coverity report on issues in C client code

Wed, 11 Feb 2009 10:17:23 -0800 

Coverity report on issues in C client code
------------------------------------------

                 Key: ZOOKEEPER-310
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-310
             Project: Zookeeper
          Issue Type: Bug
          Components: c client
    Affects Versions: 3.1.0
            Reporter: Patrick Hunt
            Priority: Minor
             Fix For: 3.2.0


Coverity found the following issues in the c code thatwe should look at/resolve:

1) zookeeper.c

Event unterminated_case: This case (value 0) is not terminated by a 'break' 
statement.
717             case 0:
718                 errno = EHOSTDOWN;
Event fallthrough: The above case falls through to this one.
719             case -1:

Event unterminated_case: This case (value 0) is not terminated by a 'break' 
statement.
739             case 0:
740                 errno = EHOSTDOWN;
Event fallthrough: The above case falls through to this one.
741             case -1:

Event negative_return_fn: Called negative-returning function "socket(2, 1, 0)"
Event var_assign: NEGATIVE return value of "socket" assigned to signed variable 
"zh->fd"
1099                zh->fd = socket(PF_INET, SOCK_STREAM, 0);
Event negative_returns: Tracked variable "zh->fd" was passed to a negative sink.
1100                setsockopt(zh->fd, IPPROTO_TCP, TCP_NODELAY, &on, 
sizeof(int));

Event deref_ptr: Directly dereferenced pointer "cptr->buffer"
1308        cptr->buffer->curr_offset = get_buffer_len(oa);
Event check_after_deref: Pointer "cptr->buffer" dereferenced before NULL check
1309        if (!cptr->buffer) {


cli.c

Event returned_null: Function "strchr" returned NULL value (checked 4 out of 5 
times)
Event var_assigned: Variable "ptr" assigned to NULL return value from "strchr"
532                     char *ptr = strchr(buffer, '\n');
Event dereference: Dereferencing NULL value "ptr" 


recordio.c

Event alloc_fn: Called allocation function "malloc"
Event var_assign: Assigned variable "buff" to storage returned from 
"malloc(12U)"
284         struct buff_struct *buff = malloc(sizeof(struct buff_struct));
Event leaked_storage: Variable "buff" goes out of scope
At conditional (1): "!(ia != NULL)" taking true path 
285         if (!ia) return 0;

Event alloc_fn: Called allocation function "malloc"
Event var_assign: Assigned variable "buff" to storage returned from 
"malloc(12U)"
301         struct buff_struct *buff = malloc(sizeof(struct buff_struct));
Event leaked_storage: Variable "buff" goes out of scope
At conditional (1): "!(oa != NULL)" taking true path
302         if (!oa) return 0;



-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to