Details
-
New Feature
-
Status: Closed (View Workflow)
-
Minor
-
Resolution: Fixed
-
3.1.6
-
All
Description
During covscan fixing I've ran into some IMHO false-possitives, and I need some verification from you, because I want to let covscan team know about them, so next time they are ignored.
You can find false-possitives in attached file.
Link on PR:
https://gitlab.cee.redhat.com/covscan/defect-blacklist/merge_requests/3
Thanks for cooperation
Lukas
Attachments
Activity
Yes it's internal repo, but I've attached the same file here so you can see it there
Also I would like to ask if I can add some coverity annotations in some specific cases. It will help next time, so covscan doesn't need to check those false-possitives
Also this one is no more needed:
Error: NO_EFFECT (CWE-398):
|
mariadb-connector-c-3.1.6-src/libmariadb/ma_stmt_codec.c:984: bad_memset: Function "memset" with fill value "'0'" (the zero character) in "memset((void *)buff, 48, field->length - length)".
|
mariadb-connector-c-3.1.6-src/libmariadb/ma_stmt_codec.c:984: remediation: Did you intend to use 0 (the value zero)?
|
# 982| ma_bmove_upp(buff + field->length, buff + length, length);
|
# 983| /* coverity [bad_memset] */
|
# 984|-> memset((void*) buff, (int) '0', field->length - length);
|
# 985| length= field->length;
|
# 986| }
|
|
|
#############################################
|
# IMHO this was intentional, so it's not bad
|
#############################################
|
There was a little mistake in annotation, there cannot be space between "coverity" and "["
It's fixed now
Yes I've noticed, also there are 2 more mistakes like that. And I've put a commit into mine covscan-fix PR on github already.
If you could review it, that would be awesome 
Link: https://github.com/mariadb-corporation/mariadb-connector-c/pull/126
Hi Lukas,
the link doesn't work for me.