On 4/26/17 11:10 AM, Eduardo Bustamante wrote:
> On Mon, Apr 24, 2017 at 10:13 AM, Chet Ramey wrote:
> [...]
>> I'd be interested in seeing the results. In my experience with similar
>> tools, the false positive ratio is very high.
>
> Most of the "errors" identified are due to unused variables.
On Wed, Apr 26, 2017 at 10:10 AM, Eduardo Bustamante wrote:
[...]
> #1 optimized_assignment in variables.c does not check if xrealloc was
> successful (i.e. not NULL), so if it fails, strcpy will end up
> dereferencing a null pointer.
I just noticed that xrealloc will exit on failure, so this is
On Mon, Apr 24, 2017 at 10:13 AM, Chet Ramey wrote:
[...]
> I'd be interested in seeing the results. In my experience with similar
> tools, the false positive ratio is very high.
Most of the "errors" identified are due to unused variables. It does
have some interesting reports though:
#1 optimi
On 4/23/17 9:02 PM, Eduardo Bustamante wrote:
> I built bash using scan-build
> (https://clang-analyzer.llvm.org/scan-build.html) and I noticed that
> it was able to detect the null pointer dereference reported earlier by
> Jaren (https://lists.gnu.org/archive/html/bug-bash/2017-04/msg00100.html).
I built bash using scan-build
(https://clang-analyzer.llvm.org/scan-build.html) and I noticed that
it was able to detect the null pointer dereference reported earlier by
Jaren (https://lists.gnu.org/archive/html/bug-bash/2017-04/msg00100.html).
dualbus@debian:~/src/gnu/bash$ scan-build-3.9 make
sc
