* [dpdk-dev] [PATCH] cmdline: fix unchecked return value
@ 2016-04-14 13:01 Daniel Mrzyglod
2016-05-02 13:37 ` Olivier Matz
0 siblings, 1 reply; 4+ messages in thread
From: Daniel Mrzyglod @ 2016-04-14 13:01 UTC (permalink / raw)
To: dev; +Cc: olivier.matz, Daniel Mrzyglod
This patch is for checking if error values occurs.
fix for coverity errors #13209 & #13195
If the function returns an error value, the error value may be mistaken
for a normal value.
In rdline_char_in: Value returned from a function is not checked for errors
before being used
Signed-off-by: Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>
---
lib/librte_cmdline/cmdline_rdline.c | 19 +++++++++++++++----
1 file changed, 15 insertions(+), 4 deletions(-)
diff --git a/lib/librte_cmdline/cmdline_rdline.c b/lib/librte_cmdline/cmdline_rdline.c
index 1ef2258..e75a556 100644
--- a/lib/librte_cmdline/cmdline_rdline.c
+++ b/lib/librte_cmdline/cmdline_rdline.c
@@ -377,7 +377,10 @@ rdline_char_in(struct rdline *rdl, char c)
case CMDLINE_KEY_CTRL_K:
cirbuf_get_buf_head(&rdl->right, rdl->kill_buf, RDLINE_BUF_SIZE);
rdl->kill_size = CIRBUF_GET_LEN(&rdl->right);
- cirbuf_del_buf_head(&rdl->right, rdl->kill_size);
+
+ if (cirbuf_del_buf_head(&rdl->right, rdl->kill_size) < 0)
+ return -EINVAL;
+
rdline_puts(rdl, vt100_clear_right);
break;
@@ -496,7 +499,10 @@ rdline_char_in(struct rdline *rdl, char c)
vt100_init(&rdl->vt100);
cirbuf_init(&rdl->left, rdl->left_buf, 0, RDLINE_BUF_SIZE);
cirbuf_init(&rdl->right, rdl->right_buf, 0, RDLINE_BUF_SIZE);
- cirbuf_add_buf_tail(&rdl->left, buf, strnlen(buf, RDLINE_BUF_SIZE));
+
+ if (cirbuf_add_buf_tail(&rdl->left, buf, strnlen(buf, RDLINE_BUF_SIZE)) < 0)
+ return -EINVAL;
+
rdline_redisplay(rdl);
break;
@@ -513,7 +519,10 @@ rdline_char_in(struct rdline *rdl, char c)
vt100_init(&rdl->vt100);
cirbuf_init(&rdl->left, rdl->left_buf, 0, RDLINE_BUF_SIZE);
cirbuf_init(&rdl->right, rdl->right_buf, 0, RDLINE_BUF_SIZE);
- cirbuf_add_buf_tail(&rdl->left, buf, strnlen(buf, RDLINE_BUF_SIZE));
+
+ if (cirbuf_add_buf_tail(&rdl->left, buf, strnlen(buf, RDLINE_BUF_SIZE)) < 0)
+ return -EINVAL;
+
rdline_redisplay(rdl);
break;
@@ -640,7 +649,9 @@ rdline_add_history(struct rdline * rdl, const char * buf)
rdline_remove_old_history_item(rdl);
}
- cirbuf_add_buf_tail(&rdl->history, buf, len);
+ if (cirbuf_add_buf_tail(&rdl->history, buf, len) < 0)
+ return -EINVAL;
+
cirbuf_add_tail(&rdl->history, 0);
return 0;
--
2.5.5
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [dpdk-dev] [PATCH] cmdline: fix unchecked return value
2016-04-14 13:01 [dpdk-dev] [PATCH] cmdline: fix unchecked return value Daniel Mrzyglod
@ 2016-05-02 13:37 ` Olivier Matz
2016-06-28 9:49 ` Mrzyglod, DanielX T
0 siblings, 1 reply; 4+ messages in thread
From: Olivier Matz @ 2016-05-02 13:37 UTC (permalink / raw)
To: Daniel Mrzyglod, dev
Hi Daniel,
On 04/14/2016 03:01 PM, Daniel Mrzyglod wrote:
> This patch is for checking if error values occurs.
> fix for coverity errors #13209 & #13195
>
> If the function returns an error value, the error value may be mistaken
> for a normal value.
>
> In rdline_char_in: Value returned from a function is not checked for errors
> before being used
>
> Signed-off-by: Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>
> ---
> lib/librte_cmdline/cmdline_rdline.c | 19 +++++++++++++++----
> 1 file changed, 15 insertions(+), 4 deletions(-)
>
> diff --git a/lib/librte_cmdline/cmdline_rdline.c b/lib/librte_cmdline/cmdline_rdline.c
> index 1ef2258..e75a556 100644
> --- a/lib/librte_cmdline/cmdline_rdline.c
> +++ b/lib/librte_cmdline/cmdline_rdline.c
> @@ -377,7 +377,10 @@ rdline_char_in(struct rdline *rdl, char c)
> case CMDLINE_KEY_CTRL_K:
> cirbuf_get_buf_head(&rdl->right, rdl->kill_buf, RDLINE_BUF_SIZE);
> rdl->kill_size = CIRBUF_GET_LEN(&rdl->right);
> - cirbuf_del_buf_head(&rdl->right, rdl->kill_size);
> +
> + if (cirbuf_del_buf_head(&rdl->right, rdl->kill_size) < 0)
> + return -EINVAL;
> +
> rdline_puts(rdl, vt100_clear_right);
> break;
>
I wonder if a better way to fix wouldn't be to remove the checks
introduced in http://dpdk.org/browse/dpdk/commit/?id=ab971e562860
There is no reason to check that in cirbuf_get_buf_head/tail():
if (!cbuf || !c)
The function should never fail, it just returns the number of
copied chars. This is the responsibility of the caller to ensure
that the pointer to the circular buffer is not NULL.
Also, rdline_char_in() is not expected to return -EINVAL, but
RDLINE_RES_* instead.
So I think that partially revert ab971e562860 would fix the
coverity warning.
Regards,
Olivier
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [dpdk-dev] [PATCH] cmdline: fix unchecked return value
2016-05-02 13:37 ` Olivier Matz
@ 2016-06-28 9:49 ` Mrzyglod, DanielX T
2016-07-01 7:19 ` Olivier MATZ
0 siblings, 1 reply; 4+ messages in thread
From: Mrzyglod, DanielX T @ 2016-06-28 9:49 UTC (permalink / raw)
To: Olivier Matz, dev
>From: Olivier Matz [mailto:olivier.matz@6wind.com]
>Sent: Monday, May 02, 2016 3:37 PM
>To: Mrzyglod, DanielX T <danielx.t.mrzyglod@intel.com>; dev@dpdk.org
>Subject: Re: [PATCH] cmdline: fix unchecked return value
>
>Hi Daniel,
>
>On 04/14/2016 03:01 PM, Daniel Mrzyglod wrote:
>> This patch is for checking if error values occurs.
>> fix for coverity errors #13209 & #13195
>>
>> If the function returns an error value, the error value may be mistaken
>> for a normal value.
>>
>> In rdline_char_in: Value returned from a function is not checked for errors
>> before being used
>>
>> Signed-off-by: Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>
>> ---
>> lib/librte_cmdline/cmdline_rdline.c | 19 +++++++++++++++----
>> 1 file changed, 15 insertions(+), 4 deletions(-)
>>
>> diff --git a/lib/librte_cmdline/cmdline_rdline.c
>b/lib/librte_cmdline/cmdline_rdline.c
>> index 1ef2258..e75a556 100644
>> --- a/lib/librte_cmdline/cmdline_rdline.c
>> +++ b/lib/librte_cmdline/cmdline_rdline.c
>> @@ -377,7 +377,10 @@ rdline_char_in(struct rdline *rdl, char c)
>> case CMDLINE_KEY_CTRL_K:
>> cirbuf_get_buf_head(&rdl->right, rdl->kill_buf,
>RDLINE_BUF_SIZE);
>> rdl->kill_size = CIRBUF_GET_LEN(&rdl->right);
>> - cirbuf_del_buf_head(&rdl->right, rdl->kill_size);
>> +
>> + if (cirbuf_del_buf_head(&rdl->right, rdl->kill_size) < 0)
>> + return -EINVAL;
>> +
>> rdline_puts(rdl, vt100_clear_right);
>> break;
>>
>
>I wonder if a better way to fix wouldn't be to remove the checks
>introduced in http://dpdk.org/browse/dpdk/commit/?id=ab971e562860
>
>There is no reason to check that in cirbuf_get_buf_head/tail():
> if (!cbuf || !c)
>
>The function should never fail, it just returns the number of
>copied chars. This is the responsibility of the caller to ensure
>that the pointer to the circular buffer is not NULL.
>
>Also, rdline_char_in() is not expected to return -EINVAL, but
>RDLINE_RES_* instead.
>
>So I think that partially revert ab971e562860 would fix the
>coverity warning.
>
>Regards,
>Olivier
Removing checks probably will generate more Coverity errors somewhere.
I see that only places where we test negative values are in unit tests.
Reverting changes I think is overhead and maybe ignoring this patch and set is as false positive in Coverity is better idea ?
Regards
Daniel
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [dpdk-dev] [PATCH] cmdline: fix unchecked return value
2016-06-28 9:49 ` Mrzyglod, DanielX T
@ 2016-07-01 7:19 ` Olivier MATZ
0 siblings, 0 replies; 4+ messages in thread
From: Olivier MATZ @ 2016-07-01 7:19 UTC (permalink / raw)
To: Mrzyglod, DanielX T, dev
Hi Daniel,
>>> --- a/lib/librte_cmdline/cmdline_rdline.c
>>> +++ b/lib/librte_cmdline/cmdline_rdline.c
>>> @@ -377,7 +377,10 @@ rdline_char_in(struct rdline *rdl, char c)
>>> case CMDLINE_KEY_CTRL_K:
>>> cirbuf_get_buf_head(&rdl->right, rdl->kill_buf,
>> RDLINE_BUF_SIZE);
>>> rdl->kill_size = CIRBUF_GET_LEN(&rdl->right);
>>> - cirbuf_del_buf_head(&rdl->right, rdl->kill_size);
>>> +
>>> + if (cirbuf_del_buf_head(&rdl->right, rdl->kill_size) < 0)
>>> + return -EINVAL;
>>> +
>>> rdline_puts(rdl, vt100_clear_right);
>>> break;
>>>
>>
>> I wonder if a better way to fix wouldn't be to remove the checks
>> introduced in http://dpdk.org/browse/dpdk/commit/?id=ab971e562860
>>
>> There is no reason to check that in cirbuf_get_buf_head/tail():
>> if (!cbuf || !c)
>>
>> The function should never fail, it just returns the number of
>> copied chars. This is the responsibility of the caller to ensure
>> that the pointer to the circular buffer is not NULL.
>>
>> Also, rdline_char_in() is not expected to return -EINVAL, but
>> RDLINE_RES_* instead.
>>
>> So I think that partially revert ab971e562860 would fix the
>> coverity warning.
>>
>> Regards,
>> Olivier
>
> Removing checks probably will generate more Coverity errors somewhere.
> I see that only places where we test negative values are in unit tests.
>
> Reverting changes I think is overhead and maybe ignoring this patch and set is as false positive in Coverity is better idea ?
We can mark the warning as false positive because this cannot happen
right now (the calller checks the validity of cbuf/c).
But this is probably something I'll come back on with a patch since
there is no reason to check that pointers are not NULL in
cirbuf_get_buf_head/tail().
Regards,
Olivier
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-07-01 7:19 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-04-14 13:01 [dpdk-dev] [PATCH] cmdline: fix unchecked return value Daniel Mrzyglod
2016-05-02 13:37 ` Olivier Matz
2016-06-28 9:49 ` Mrzyglod, DanielX T
2016-07-01 7:19 ` Olivier MATZ
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).