Some possible defects in the source code

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Some possible defects in the source code

support.appc
Greetings!

We've checked your source code with static analyzer "AppChecker":https://npo-echelon.ru/en/solutions/appchecker.php and found some possible defects in your source code:

1)
File - src/usr.sbin/map-mbone/mapper.c, line 498
http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/map-mbone/mapper.c?rev=1.23

            if (nb_i->addr == nb_n->addr) {
                if (nb_i->metric != nb_n->metric
                || nb_i->threshold != nb_i->threshold)

nb_i->threshold is comparing with itself. I guess there should be nb_n

2)
File - src/sbin/pfctl/pfctl_optimize.c, line 1078
http://cvsweb/src/sbin/pfctl/pfctl_optimize.c?rev=1.35&content-type=text/x-cvsweb-markup

        if (strcmp(a->dst.addr.v.ifname, b->dst.addr.v.ifname) != 0 ||
            a->dst.addr.iflags != a->dst.addr.iflags ||
            memcmp(&a->dst.addr.v.a.mask, &b->dst.addr.v.a.mask,
            sizeof(a->dst.addr.v.a.mask)))


a->dst.addr.iflags is comparing with itself. I guess it should be b->

3)
File - src/sbin/pfctl/pfctl_optimize.c, line 1150
http://cvsweb/src/sbin/pfctl/pfctl_optimize.c?rev=1.35&content-type=text/x-cvsweb-markup

if (strcmp(a->src.addr.v.ifname, b->src.addr.v.ifname) != 0 ||
            a->src.addr.iflags != a->src.addr.iflags ||
            memcmp(&a->src.addr.v.a.mask, &b->src.addr.v.a.mask,
            sizeof(a->src.addr.v.a.mask)))


a->src.addr.iflags is comparing with itself. I guess it should be b->

4)
File - src/usr.sbin/mtrace/mtrace.c, line 1060
http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/mtrace/mtrace.c?rev=1.35

if ((n->tr_inaddr != b->tr_inaddr) || (n->tr_inaddr != b->tr_inaddr))

(n->tr_inaddr != b->tr_inaddr) is checked twice

5)
File - src/usr.bin/infocmp/infocmp.c, line 631
http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.bin/infocmp/infocmp.c

if (strnames[i][0] == 'k' && strnames[i][0] == 'f')

strnames[i][0] can't be equal to 'k' and 'f' at the same time - so the expression is always false.

All these possible defects were found by Echelon team with AppChecker static analyzer.



Reply | Threaded
Open this post in threaded view
|

Re: Some possible defects in the source code

kwesterback
Fixes for all these issues are now commited. Thanks!

.... Ken


On 3 August 2016 at 03:37,  <[hidden email]> wrote:

> Greetings!
>
> We've checked your source code with static analyzer "AppChecker":https://npo-echelon.ru/en/solutions/appchecker.php and found some possible defects in your source code:
>
> 1)
> File - src/usr.sbin/map-mbone/mapper.c, line 498
> http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/map-mbone/mapper.c?rev=1.23
>
>             if (nb_i->addr == nb_n->addr) {
>                 if (nb_i->metric != nb_n->metric
>                 || nb_i->threshold != nb_i->threshold)
>
> nb_i->threshold is comparing with itself. I guess there should be nb_n
>
> 2)
> File - src/sbin/pfctl/pfctl_optimize.c, line 1078
> http://cvsweb/src/sbin/pfctl/pfctl_optimize.c?rev=1.35&content-type=text/x-cvsweb-markup
>
>         if (strcmp(a->dst.addr.v.ifname, b->dst.addr.v.ifname) != 0 ||
>             a->dst.addr.iflags != a->dst.addr.iflags ||
>             memcmp(&a->dst.addr.v.a.mask, &b->dst.addr.v.a.mask,
>             sizeof(a->dst.addr.v.a.mask)))
>
>
> a->dst.addr.iflags is comparing with itself. I guess it should be b->
>
> 3)
> File - src/sbin/pfctl/pfctl_optimize.c, line 1150
> http://cvsweb/src/sbin/pfctl/pfctl_optimize.c?rev=1.35&content-type=text/x-cvsweb-markup
>
> if (strcmp(a->src.addr.v.ifname, b->src.addr.v.ifname) != 0 ||
>             a->src.addr.iflags != a->src.addr.iflags ||
>             memcmp(&a->src.addr.v.a.mask, &b->src.addr.v.a.mask,
>             sizeof(a->src.addr.v.a.mask)))
>
>
> a->src.addr.iflags is comparing with itself. I guess it should be b->
>
> 4)
> File - src/usr.sbin/mtrace/mtrace.c, line 1060
> http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/mtrace/mtrace.c?rev=1.35
>
> if ((n->tr_inaddr != b->tr_inaddr) || (n->tr_inaddr != b->tr_inaddr))
>
> (n->tr_inaddr != b->tr_inaddr) is checked twice
>
> 5)
> File - src/usr.bin/infocmp/infocmp.c, line 631
> http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.bin/infocmp/infocmp.c
>
> if (strnames[i][0] == 'k' && strnames[i][0] == 'f')
>
> strnames[i][0] can't be equal to 'k' and 'f' at the same time - so the expression is always false.
>
> All these possible defects were found by Echelon team with AppChecker static analyzer.
>
>
>