bugs in gn found by /analyze |
|||
Issue descriptionAfter hitting a format string bug in gn I ran /analyze on it (VC++ static analysis). It found the format string bug (yay!) and a few other minor issues: tools\gn\exec_process.cc(92) : warning C6335: Leaking process information handle 'temp_process_info.hProcess'. tools\gn\exec_process.cc(92) : warning C6335: Leaking process information handle 'temp_process_info.hThread'. Process and thread handles are leaked. For cleanliness they should be closed, but the OS will clean them up eventually. tools\gn\command_clean.cc(86) : warning C6303: Format string mismatch: wide character string passed as _Param_(2) when character string is required in call to 'StringPrintf' Actual type: 'const wchar_t *'. The bug that I found manually before! (crrev.com/2308113002) tools\gn\command_format.cc(332) : warning C6011: Dereferencing NULL pointer 'binop'. tools\gn\command_format.cc(875) : warning C6011: Dereferencing NULL pointer 'end'. In both these cases the code checks for nullptr in some cases but not in others. If the existing checks are needed then more checks are needed, and vice-versa. tools\gn\string_utils.cc(219) : warning C6330: 'const char' passed as _Param_(1) when 'unsigned char' is required in call to 'isxdigit'. tools\gn\string_utils.cc(220) : warning C6330: 'const char' passed as _Param_(1) when 'unsigned char' is required in call to 'isxdigit'. Passing signed char to isxdigit or its friends is not legal and can lead to undefined behavior. I don't know if it is a problem in practice.
,
Sep 29 2016
The CreateProcess handles are cleaned up by the ScopedProcessInformation object used right after the call. The static analyzer doesn't know about this. So the first warning is a false positive. The two null pointer dereferences are both pointers that don't need to be null checked. I'll remove the unnecessary checks that are confusing it.
,
Sep 29 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/e23e7021f9a06d621088bc13856db9ba93c328c0 commit e23e7021f9a06d621088bc13856db9ba93c328c0 Author: brettw <brettw@chromium.org> Date: Thu Sep 29 21:57:12 2016 Fix GN issues identified by MSVC static analysis. MSVC's /analyze identified two missing null checks because it noted that a pointer was null checked in one place but not another. After some study I determined that null checks are not necessary for these values so I removed them. Although isxdigit takes an int, the input must be an unsigned char or the behavior is undefined. I added the cast. I think this API is suboptimal. BUG= 643842 , 427616 Review-Url: https://codereview.chromium.org/2384493003 Cr-Commit-Position: refs/heads/master@{#421945} [modify] https://crrev.com/e23e7021f9a06d621088bc13856db9ba93c328c0/tools/gn/command_format.cc
,
Sep 29 2016
We decided not to address the isxdigit warnings which make the code less readable. |
|||
►
Sign in to add a comment |
|||
Comment 1 by bugdroid1@chromium.org
, Sep 6 2016