From: Olivier MATZ <olivier.matz@6wind.com>
To: "Mrzyglod, DanielX T" <danielx.t.mrzyglod@intel.com>,
"dev@dpdk.org" <dev@dpdk.org>
Subject: Re: [dpdk-dev] [PATCH] cmdline: fix unchecked return value
Date: Fri, 1 Jul 2016 09:19:01 +0200 [thread overview]
Message-ID: <a30fbabe-03db-b006-abb1-983e1277ac05@6wind.com> (raw)
In-Reply-To: <7ADD74816B4C8A45B56203CBA65FE5A63779734C@IRSMSX107.ger.corp.intel.com>
Hi Daniel,
>>> --- a/lib/librte_cmdline/cmdline_rdline.c
>>> +++ b/lib/librte_cmdline/cmdline_rdline.c
>>> @@ -377,7 +377,10 @@ rdline_char_in(struct rdline *rdl, char c)
>>> case CMDLINE_KEY_CTRL_K:
>>> cirbuf_get_buf_head(&rdl->right, rdl->kill_buf,
>> RDLINE_BUF_SIZE);
>>> rdl->kill_size = CIRBUF_GET_LEN(&rdl->right);
>>> - cirbuf_del_buf_head(&rdl->right, rdl->kill_size);
>>> +
>>> + if (cirbuf_del_buf_head(&rdl->right, rdl->kill_size) < 0)
>>> + return -EINVAL;
>>> +
>>> rdline_puts(rdl, vt100_clear_right);
>>> break;
>>>
>>
>> I wonder if a better way to fix wouldn't be to remove the checks
>> introduced in http://dpdk.org/browse/dpdk/commit/?id=ab971e562860
>>
>> There is no reason to check that in cirbuf_get_buf_head/tail():
>> if (!cbuf || !c)
>>
>> The function should never fail, it just returns the number of
>> copied chars. This is the responsibility of the caller to ensure
>> that the pointer to the circular buffer is not NULL.
>>
>> Also, rdline_char_in() is not expected to return -EINVAL, but
>> RDLINE_RES_* instead.
>>
>> So I think that partially revert ab971e562860 would fix the
>> coverity warning.
>>
>> Regards,
>> Olivier
>
> Removing checks probably will generate more Coverity errors somewhere.
> I see that only places where we test negative values are in unit tests.
>
> Reverting changes I think is overhead and maybe ignoring this patch and set is as false positive in Coverity is better idea ?
We can mark the warning as false positive because this cannot happen
right now (the calller checks the validity of cbuf/c).
But this is probably something I'll come back on with a patch since
there is no reason to check that pointers are not NULL in
cirbuf_get_buf_head/tail().
Regards,
Olivier
prev parent reply other threads:[~2016-07-01 7:19 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-14 13:01 Daniel Mrzyglod
2016-05-02 13:37 ` Olivier Matz
2016-06-28 9:49 ` Mrzyglod, DanielX T
2016-07-01 7:19 ` Olivier MATZ [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a30fbabe-03db-b006-abb1-983e1277ac05@6wind.com \
--to=olivier.matz@6wind.com \
--cc=danielx.t.mrzyglod@intel.com \
--cc=dev@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).