• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag
 

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Latest SQLite vs. Xcode's Analyze : 61 issues
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Latest SQLite vs. Xcode's Analyze : 61 issues

  • Subject: Re: Latest SQLite vs. Xcode's Analyze : 61 issues
  • From: Tom Davie <email@hidden>
  • Date: Wed, 12 Sep 2012 22:42:55 +0100
On 12 Sep 2012, at 22:33, Jerry Krinock <email@hidden> wrote:

>
> I just performed an *Analyze* on the latest version of sqlite, version 3.7.14, downloaded from http://sqlite.org.  61 issues
> were found.  I've pasted in several representative issues below.  I can understand what's going on with some of them, but as a practical matter, how should one deal with this?

One should fix them.

> // Issue 1 **************************
> static int sqlite3OsRandomness(sqlite3_vfs *pVfs, int nByte, char *zBufOut){
>  return pVfs->xRandomness(pVfs, nByte, zBufOut);
> }
> // Issue: Access to field 'xRandomness' results in a dereference of a null pointer (loaded from variable 'pVfs')

This is saying "you have no guarantee that pVfs is not NULL" – assert that it's not, and it should disappear.

> // Issue 2 **************************
>  PgHdr1 *pPage = 0;
>  if( pPage ){
>    unsigned int h = iKey % pCache->nHash;
> // Issue: Division by 0

Pretty obvious, pCache->nHash might be 0.  Check!

> // Issue 3 **************************
> static void ptrmapPut(BtShared *pBt, Pgno key, u8 eType, Pgno parent, int *pRC){
>  DbPage *pDbPage;  /* The pointer map page */
>  ...
>  rc = sqlite3PagerGet(pBt->pPager, iPtrmap, &pDbPage);
>  ...
>  pPtrmap = (u8 *)sqlite3PagerGetData(pDbPage);
> // Issue: Function call argument is an uninitialised value

So… initialise it, or convince CSA that it will always be initialised no matter what code path is taken.  Usually CSA will highlight a code path that results in it not being initialised if you click on the message.

> // Issue 4 **************************
> static int sqlite3AuthCheck(
>  Parse *pParse,
>  ...
> ){
>  sqlite3 *db = pParse->db;
>  ...
>  if( db->init.busy || IN_DECLARE_VTAB ){
> //  Issue: Dereference of null pointer
So db might be null at this point, make sure it's not first.

Bob
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Latest SQLite vs. Xcode's Analyze : 61 issues
      • From: Jens Alfke <email@hidden>
    • Re: Latest SQLite vs. Xcode's Analyze : 61 issues
      • From: Jerry Krinock <email@hidden>
References: 
 >Latest SQLite vs. Xcode's Analyze : 61 issues (From: Jerry Krinock <email@hidden>)

  • Prev by Date: Latest SQLite vs. Xcode's Analyze : 61 issues
  • Next by Date: Re: Latest SQLite vs. Xcode's Analyze : 61 issues
  • Previous by thread: Latest SQLite vs. Xcode's Analyze : 61 issues
  • Next by thread: Re: Latest SQLite vs. Xcode's Analyze : 61 issues
  • Index(es):
    • Date
    • Thread