bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using Clang's static analyzer on bash


From: Chet Ramey
Subject: Re: Using Clang's static analyzer on bash
Date: Wed, 26 Apr 2017 11:48:09 -0400
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0

On 4/26/17 11:10 AM, Eduardo Bustamante wrote:
> On Mon, Apr 24, 2017 at 10:13 AM, Chet Ramey <address@hidden> wrote:
> [...]
>> I'd be interested in seeing the results.  In my experience with similar
>> tools, the false positive ratio is very high.
> 
> Most of the "errors" identified are due to unused variables. It does
> have some interesting reports though:
> 
> #1 optimized_assignment in variables.c does not check if xrealloc was
> successful (i.e. not NULL), so if it fails, strcpy will end up
> dereferencing a null pointer.

Not a problem; xrealloc aborts on error.

> #2 command_substitute in subst.c the value of old_pid is uninitialized
> when pipe() returns an error, so last_made_pid ends up being a garbage
> value. I modified the code to print the value of last_made_pid in
> `error_exit'. I don't know how last_made_pid is used, so I don't know
> if this is a problem or not.

If you can't create pipes or open files, you're not going to get very far,
but still worth moving the assignment above the call to pipe().

> | address@hidden:~/src/gnu/bash$ ./bash -c 'ulimit -n 3; $(:); echo hi'
> | ./bash: cannot make pipe for command substitution: Too many open files
> | last_made_pid = -1074209592
> | hi
> 
> #3 parameter_brace_expand_indir in subst.c the value of `v' (SHELL_VAR
> pointer) when var_is_special > 0 is not defined, so `legal_identifier
> (name) && v == 0' relies on undefined behavior.

When var_is_special == 1, legal_identifier(name) returns 0. `&&' is
evaluated left-to-right, and stops as soon as legal_identifier fails.

Chet

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    address@hidden    http://cnswww.cns.cwru.edu/~chet/



reply via email to

[Prev in Thread] Current Thread [Next in Thread]