Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Some possible defects in the source code
5 views
Skip to first unread message
suppor...@npo-echelon.ru
Aug 3, 2016, 6:38:44 AM8/3/16
to
Greetings!
We've checked your source code with static analyzer "AppChecker":https://npo-echelon.ru/en/solutions/appchecker.php and found some possible defects in your source code:
1)
File - src/usr.sbin/map-mbone/mapper.c, line 498
http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/map-mbone/mapper.c?rev=1.23
if (nb_i->addr == nb_n->addr) {
if (nb_i->metric != nb_n->metric
|| nb_i->threshold != nb_i->threshold)
nb_i->threshold is comparing with itself. I guess there should be nb_n
2)
File - src/sbin/pfctl/pfctl_optimize.c, line 1078
http://cvsweb/src/sbin/pfctl/pfctl_optimize.c?rev=1.35&content-type=text/x-cvsweb-markup
if (strcmp(a->dst.addr.v.ifname, b->dst.addr.v.ifname) != 0 ||
a->dst.addr.iflags != a->dst.addr.iflags ||
memcmp(&a->dst.addr.v.a.mask, &b->dst.addr.v.a.mask,
sizeof(a->dst.addr.v.a.mask)))
a->dst.addr.iflags is comparing with itself. I guess it should be b->
3)
File - src/sbin/pfctl/pfctl_optimize.c, line 1150
http://cvsweb/src/sbin/pfctl/pfctl_optimize.c?rev=1.35&content-type=text/x-cvsweb-markup
if (strcmp(a->src.addr.v.ifname, b->src.addr.v.ifname) != 0 ||
a->src.addr.iflags != a->src.addr.iflags ||
memcmp(&a->src.addr.v.a.mask, &b->src.addr.v.a.mask,
sizeof(a->src.addr.v.a.mask)))
a->src.addr.iflags is comparing with itself. I guess it should be b->
4)
File - src/usr.sbin/mtrace/mtrace.c, line 1060
http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/mtrace/mtrace.c?rev=1.35
if ((n->tr_inaddr != b->tr_inaddr) || (n->tr_inaddr != b->tr_inaddr))
(n->tr_inaddr != b->tr_inaddr) is checked twice
5)
File - src/usr.bin/infocmp/infocmp.c, line 631
http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.bin/infocmp/infocmp.c
if (strnames[i][0] == 'k' && strnames[i][0] == 'f')
strnames[i][0] can't be equal to 'k' and 'f' at the same time - so the expression is always false.
All these possible defects were found by Echelon team with AppChecker static analyzer.
We've checked your source code with static analyzer "AppChecker":https://npo-echelon.ru/en/solutions/appchecker.php and found some possible defects in your source code:
1)
File - src/usr.sbin/map-mbone/mapper.c, line 498
http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/map-mbone/mapper.c?rev=1.23
if (nb_i->addr == nb_n->addr) {
if (nb_i->metric != nb_n->metric
|| nb_i->threshold != nb_i->threshold)
nb_i->threshold is comparing with itself. I guess there should be nb_n
2)
File - src/sbin/pfctl/pfctl_optimize.c, line 1078
http://cvsweb/src/sbin/pfctl/pfctl_optimize.c?rev=1.35&content-type=text/x-cvsweb-markup
if (strcmp(a->dst.addr.v.ifname, b->dst.addr.v.ifname) != 0 ||
a->dst.addr.iflags != a->dst.addr.iflags ||
memcmp(&a->dst.addr.v.a.mask, &b->dst.addr.v.a.mask,
sizeof(a->dst.addr.v.a.mask)))
a->dst.addr.iflags is comparing with itself. I guess it should be b->
3)
File - src/sbin/pfctl/pfctl_optimize.c, line 1150
http://cvsweb/src/sbin/pfctl/pfctl_optimize.c?rev=1.35&content-type=text/x-cvsweb-markup
if (strcmp(a->src.addr.v.ifname, b->src.addr.v.ifname) != 0 ||
a->src.addr.iflags != a->src.addr.iflags ||
memcmp(&a->src.addr.v.a.mask, &b->src.addr.v.a.mask,
sizeof(a->src.addr.v.a.mask)))
a->src.addr.iflags is comparing with itself. I guess it should be b->
4)
File - src/usr.sbin/mtrace/mtrace.c, line 1060
http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/mtrace/mtrace.c?rev=1.35
if ((n->tr_inaddr != b->tr_inaddr) || (n->tr_inaddr != b->tr_inaddr))
(n->tr_inaddr != b->tr_inaddr) is checked twice
5)
File - src/usr.bin/infocmp/infocmp.c, line 631
http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.bin/infocmp/infocmp.c
if (strnames[i][0] == 'k' && strnames[i][0] == 'f')
strnames[i][0] can't be equal to 'k' and 'f' at the same time - so the expression is always false.
All these possible defects were found by Echelon team with AppChecker static analyzer.
Kenneth Westerback
Aug 4, 2016, 10:48:37 AM8/4/16
to
Fixes for all these issues are now commited. Thanks!
.... Ken
.... Ken
0 new messages