[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 02/10] gnulib/regexec: Fix possible null-dereference

From: Paul Eggert
Subject: Re: [PATCH v2 02/10] gnulib/regexec: Fix possible null-dereference
Date: Tue, 7 Dec 2021 14:38:58 -0800
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.3.0

On 12/7/21 09:38, Robbie Harwood wrote:

My*guess*  is that Coverity has noticed that `mctx->state_log` is
checked against NULL in many other places in that file, and was unable
to prove to itself that it couldn't be NULL there too.  If that's the
case, a DEBUG_ASSERT would presumably do the trick better.

Yes, I can see why Coverity can't deduce the code is safe.

I installed the attached patch into Gnulib; it adds a DEBUG_ASSERT which should be a reasonable prophylactic even if we don't use Coverity. I hope this also suffices to pacify Coverity.

I put the DEBUG_ASSERT in a different place, since we shouldn't need to worry about the assertion unless top < next_state_log_idx.

Attachment: 0001-regex-pacify-Coverity-clean_state_log_if_needed.patch
Description: Text Data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]