Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use static analyzer to find potential memory bugs #28

Open
micro128390 opened this issue Aug 28, 2017 · 1 comment
Open

Use static analyzer to find potential memory bugs #28

micro128390 opened this issue Aug 28, 2017 · 1 comment
Assignees
@lpan
Labels
enhancement

Comments

@micro128390
Copy link

When writing C we must ensure we code safely, especially with memory functions, i.e. we don't use-after-free or double-free or null-dereference...

Tools to help discover these issues exist, e.g. splint, cppcheck, infer...

Here is a run of infer against your codebase:

$ infer run -- make
Capturing in make/cc mode...
Found 9 source files to analyze in /dir/viw/infer-out
Starting analysis...

legend:
  "F" analyzing a file
  "." analyzing a procedure

FFFFFFFF...............................F..............................................................................

Found 14 issues

src/buffer.c:40: error: NULL_DEREFERENCE
  pointer `ec` last assigned on line 36 could be null and is dereferenced at line 40, column 3
  38.     echar_t *prev = NULL;
  39.
  40. >   ec->c = c;
  41.     ec->prev = NULL;
  42.     ec->next = NULL;

src/buffer.c:113: error: NULL_DEREFERENCE
  pointer `buf` last assigned on line 111 could be null and is dereferenced at line 113, column 3
  111.     buffer_t *buf = malloc(sizeof(buffer_t));
  112.
  113. >   buf->num_rows = 0;
  114.     buf->head = NULL;
  115.     buf->last = NULL;

<...SNIP...>


Summary of the reports

  NULL_DEREFERENCE: 14

(Most issues detected by infer here are due to not checking if malloc failed, but there is one where a fopen is not checked either.)

I suggest you employ some static analyzers to help you check your code as part of your regular development process (and before accepting PRs). Good luck!

Links:
@lpan
Copy link
Owner

lpan commented Aug 29, 2017

Thank you so much! I will try to add it to this project in the near future 👍

@lpan lpan self-assigned this Aug 29, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lpan lpan

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lpan @micro128390