Skip to content

Fix some Coverity warnings and false alarms #120155

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
vstinner opened this issue Jun 6, 2024 · 1 comment
Closed

Fix some Coverity warnings and false alarms #120155

vstinner opened this issue Jun 6, 2024 · 1 comment

Comments

@vstinner
Copy link
Member

vstinner commented Jun 6, 2024
edited by bedevere-app bot
Loading

I got access to a Coverity scan of Python 3.12.2 and there are about 67 warnings. Most of them seem to be false alarms, my team is still investigating the warnings.

I propose to make minor changes, when it makes sense, to make some false alarms quiet.

And propose fixes for real issues :-)

Linked PRs
vstinner added a commit to vstinner/cpython that referenced this issue Jun 6, 2024
@vstinner
pythongh-120155: Initialize variables in _tkinter.c
0582441 
Initialize variables in _tkinter.c to make static analyzers happy.
@bedevere-app bedevere-app bot mentioned this issue Jun 6, 2024
Merged
vstinner added a commit that referenced this issue Jun 6, 2024
@vstinner
gh-120155: Initialize variables in _tkinter.c (#120156)
78634cf 
Initialize variables in _tkinter.c to make static analyzers happy.
vstinner added a commit to vstinner/cpython that referenced this issue Jun 7, 2024
@vstinner
pythongh-120155: Fix copy/paste error in HAVE_SUBOFFSETS_IN_LAST_DIM()
e028d63 
Don't hardcode 'dest' in HAVE_SUBOFFSETS_IN_LAST_DIM() macro of
memoryobject.c, but use its 'view' parameter instead.
@bedevere-app bedevere-app bot mentioned this issue Jun 7, 2024
Merged
vstinner added a commit to vstinner/cpython that referenced this issue Jun 7, 2024
@vstinner
pythongh-120155: Fix optimize_and_assemble_code_unit() error handling
5682288 
Don't use 'g' before it's being initialized: don't use the 'error'
label if consts_dict_keys_inorder() failed.

Fix the Coverity issue:

Error: UNINIT (CWE-457):
Python-3.12.2/Python/compile.c:7670:5: skipped_decl: Jumping over declaration of ""g"".
Python-3.12.2/Python/compile.c:7714:5: uninit_use_in_call: Using uninitialized value ""g.g_block_list"" when calling ""_PyCfgBuilder_Fini"".
Python-3.12.2/Python/compile.c:7714:5: uninit_use_in_call: Using uninitialized value ""g.g_entryblock"" when calling ""_PyCfgBuilder_Fini"".
  7712|       Py_XDECREF(consts);
  7713|       instr_sequence_fini(&optimized_instrs);
  7714|->     _PyCfgBuilder_Fini(&g);
  7715|       return co;
  7716|   }
@bedevere-app bedevere-app bot mentioned this issue Jun 7, 2024
Merged
vstinner added a commit to vstinner/cpython that referenced this issue Jun 7, 2024
@vstinner
pythongh-120155: Fix optimize_and_assemble_code_unit() error handling
9cbc914 
Don't use 'g' before it's being initialized: don't use the 'error'
label if consts_dict_keys_inorder() failed.

Fix the Coverity issue:

Error: UNINIT (CWE-457):
Python-3.12.2/Python/compile.c:7670:5: skipped_decl: Jumping over declaration of ""g"".
Python-3.12.2/Python/compile.c:7714:5: uninit_use_in_call: Using uninitialized value ""g.g_block_list"" when calling ""_PyCfgBuilder_Fini"".
Python-3.12.2/Python/compile.c:7714:5: uninit_use_in_call: Using uninitialized value ""g.g_entryblock"" when calling ""_PyCfgBuilder_Fini"".
  7712|       Py_XDECREF(consts);
  7713|       instr_sequence_fini(&optimized_instrs);
  7714|->     _PyCfgBuilder_Fini(&g);
  7715|       return co;
  7716|   }
vstinner added a commit to vstinner/cpython that referenced this issue Jun 7, 2024
@vstinner
pythongh-120155: Fix Coverity issue in zoneinfo load_data()
7191383 
Declare the 'rv' at the top of the load_data() function to make sure
that it's initialized before the first 'goto error' which uses 'rv'
(return rv).
@bedevere-app bedevere-app bot mentioned this issue Jun 7, 2024
Merged
vstinner added a commit to vstinner/cpython that referenced this issue Jun 7, 2024
@vstinner
pythongh-120155: Fix Coverity issue in zoneinfo load_data()
43cd10f 
Declare the 'rv' at the top of the load_data() function to make sure
that it's initialized before the first 'goto error' which uses 'rv'
(return rv).

Fix the Coverity issue:

Error: UNINIT (CWE-457):
Python-3.12.2/Modules/_zoneinfo.c:1233:5: skipped_decl: Jumping over declaration of ""rv"".
Python-3.12.2/Modules/_zoneinfo.c:1284:5: uninit_use: Using uninitialized value ""rv"".
  1282|       }
  1283|
  1284|->     return rv;
  1285|   }
  1286|
vstinner added a commit to vstinner/cpython that referenced this issue Jun 7, 2024
@vstinner
pythongh-120155: Fix Coverity issue in zoneinfo load_data()
fc5e471 
Declare the 'rv' varaible at the top of the load_data() function to
make sure that it's initialized before the first 'goto error' which
uses 'rv' (return rv).

Fix the Coverity issue:

Error: UNINIT (CWE-457):
Python-3.12.2/Modules/_zoneinfo.c:1233:5: skipped_decl: Jumping over declaration of ""rv"".
Python-3.12.2/Modules/_zoneinfo.c:1284:5: uninit_use: Using uninitialized value ""rv"".
  1282|       }
  1283|
  1284|->     return rv;
  1285|   }
  1286|
vstinner added a commit that referenced this issue Jun 7, 2024
@vstinner
[3.12] gh-120155: Fix optimize_and_assemble_code_unit() error handling (
b3b5278 
#120231)

gh-120155: Fix optimize_and_assemble_code_unit() error handling

Don't use 'g' before it's being initialized: don't use the 'error'
label if consts_dict_keys_inorder() failed.

Fix the Coverity issue:

Error: UNINIT (CWE-457):
Python-3.12.2/Python/compile.c:7670:5: skipped_decl: Jumping over declaration of ""g"".
Python-3.12.2/Python/compile.c:7714:5: uninit_use_in_call: Using uninitialized value ""g.g_block_list"" when calling ""_PyCfgBuilder_Fini"".
Python-3.12.2/Python/compile.c:7714:5: uninit_use_in_call: Using uninitialized value ""g.g_entryblock"" when calling ""_PyCfgBuilder_Fini"".
  7712|       Py_XDECREF(consts);
  7713|       instr_sequence_fini(&optimized_instrs);
  7714|->     _PyCfgBuilder_Fini(&g);
  7715|       return co;
  7716|   }
vstinner added a commit that referenced this issue Jun 7, 2024
@vstinner
gh-120155: Fix copy/paste error in HAVE_SUBOFFSETS_IN_LAST_DIM() (#12…
90b7540 
…0228)

Don't hardcode 'dest' in HAVE_SUBOFFSETS_IN_LAST_DIM() macro of
memoryobject.c, but use its 'view' parameter instead.

Fix the Coverity issue:

Error: COPY_PASTE_ERROR (CWE-398):
Python-3.12.2/Objects/memoryobject.c:273:14: original: ""dest->suboffsets + (dest->ndim - 1)"" looks like the original copy.
Python-3.12.2/Objects/memoryobject.c:274:14: copy_paste_error: ""dest"" in ""src->suboffsets + (dest->ndim - 1)"" looks like a copy-paste error.
Python-3.12.2/Objects/memoryobject.c:274:14: remediation: Should it say ""src"" instead?
#  272|       assert(dest->ndim > 0 && src->ndim > 0);
#  273|       return (!HAVE_SUBOFFSETS_IN_LAST_DIM(dest) &&
#  274|->             !HAVE_SUBOFFSETS_IN_LAST_DIM(src) &&
#  275|               dest->strides[dest->ndim-1] == dest->itemsize &&
#  276|               src->strides[src->ndim-1] == src->itemsize);
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jun 7, 2024
@vstinner @miss-islington
pythongh-120155: Fix copy/paste error in HAVE_SUBOFFSETS_IN_LAST_DIM() (
424643e 
pythonGH-120228)

Don't hardcode 'dest' in HAVE_SUBOFFSETS_IN_LAST_DIM() macro of
memoryobject.c, but use its 'view' parameter instead.

Fix the Coverity issue:

Error: COPY_PASTE_ERROR (CWE-398):
Python-3.12.2/Objects/memoryobject.c:273:14: original: ""dest->suboffsets + (dest->ndim - 1)"" looks like the original copy.
Python-3.12.2/Objects/memoryobject.c:274:14: copy_paste_error: ""dest"" in ""src->suboffsets + (dest->ndim - 1)"" looks like a copy-paste error.
Python-3.12.2/Objects/memoryobject.c:274:14: remediation: Should it say ""src"" instead?
GH-  272|       assert(dest->ndim > 0 && src->ndim > 0);
GH-  273|       return (!HAVE_SUBOFFSETS_IN_LAST_DIM(dest) &&
GH-  274|->             !HAVE_SUBOFFSETS_IN_LAST_DIM(src) &&
GH-  275|               dest->strides[dest->ndim-1] == dest->itemsize &&
GH-  276|               src->strides[src->ndim-1] == src->itemsize);
(cherry picked from commit 90b7540)

Co-authored-by: Victor Stinner <vstinner@python.org>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jun 7, 2024
@vstinner @miss-islington
pythongh-120155: Fix copy/paste error in HAVE_SUBOFFSETS_IN_LAST_DIM() (
f47a351 
pythonGH-120228)

Don't hardcode 'dest' in HAVE_SUBOFFSETS_IN_LAST_DIM() macro of
memoryobject.c, but use its 'view' parameter instead.

Fix the Coverity issue:

Error: COPY_PASTE_ERROR (CWE-398):
Python-3.12.2/Objects/memoryobject.c:273:14: original: ""dest->suboffsets + (dest->ndim - 1)"" looks like the original copy.
Python-3.12.2/Objects/memoryobject.c:274:14: copy_paste_error: ""dest"" in ""src->suboffsets + (dest->ndim - 1)"" looks like a copy-paste error.
Python-3.12.2/Objects/memoryobject.c:274:14: remediation: Should it say ""src"" instead?
GH-  272|       assert(dest->ndim > 0 && src->ndim > 0);
GH-  273|       return (!HAVE_SUBOFFSETS_IN_LAST_DIM(dest) &&
GH-  274|->             !HAVE_SUBOFFSETS_IN_LAST_DIM(src) &&
GH-  275|               dest->strides[dest->ndim-1] == dest->itemsize &&
GH-  276|               src->strides[src->ndim-1] == src->itemsize);
(cherry picked from commit 90b7540)

Co-authored-by: Victor Stinner <vstinner@python.org>
This was referenced Jun 7, 2024
Merged
Merged
vstinner added a commit that referenced this issue Jun 7, 2024
@miss-islington @vstinner
[3.13] gh-120155: Fix copy/paste error in HAVE_SUBOFFSETS_IN_LAST_DIM…
afef6b5 
…() (GH-120228) (#120238)

gh-120155: Fix copy/paste error in HAVE_SUBOFFSETS_IN_LAST_DIM() (GH-120228)

Don't hardcode 'dest' in HAVE_SUBOFFSETS_IN_LAST_DIM() macro of
memoryobject.c, but use its 'view' parameter instead.

Fix the Coverity issue:

Error: COPY_PASTE_ERROR (CWE-398):
Python-3.12.2/Objects/memoryobject.c:273:14: original: ""dest->suboffsets + (dest->ndim - 1)"" looks like the original copy.
Python-3.12.2/Objects/memoryobject.c:274:14: copy_paste_error: ""dest"" in ""src->suboffsets + (dest->ndim - 1)"" looks like a copy-paste error.
Python-3.12.2/Objects/memoryobject.c:274:14: remediation: Should it say ""src"" instead?
GH-  272|       assert(dest->ndim > 0 && src->ndim > 0);
GH-  273|       return (!HAVE_SUBOFFSETS_IN_LAST_DIM(dest) &&
GH-  274|->             !HAVE_SUBOFFSETS_IN_LAST_DIM(src) &&
GH-  275|               dest->strides[dest->ndim-1] == dest->itemsize &&
GH-  276|               src->strides[src->ndim-1] == src->itemsize);
(cherry picked from commit 90b7540)

Co-authored-by: Victor Stinner <vstinner@python.org>
vstinner added a commit that referenced this issue Jun 7, 2024
@miss-islington @vstinner
[3.12] gh-120155: Fix copy/paste error in HAVE_SUBOFFSETS_IN_LAST_DIM…
ec7c9d3 
…() (GH-120228) (#120240)

gh-120155: Fix copy/paste error in HAVE_SUBOFFSETS_IN_LAST_DIM() (GH-120228)

Don't hardcode 'dest' in HAVE_SUBOFFSETS_IN_LAST_DIM() macro of
memoryobject.c, but use its 'view' parameter instead.

Fix the Coverity issue:

Error: COPY_PASTE_ERROR (CWE-398):
Python-3.12.2/Objects/memoryobject.c:273:14: original: ""dest->suboffsets + (dest->ndim - 1)"" looks like the original copy.
Python-3.12.2/Objects/memoryobject.c:274:14: copy_paste_error: ""dest"" in ""src->suboffsets + (dest->ndim - 1)"" looks like a copy-paste error.
Python-3.12.2/Objects/memoryobject.c:274:14: remediation: Should it say ""src"" instead?
GH-  272|       assert(dest->ndim > 0 && src->ndim > 0);
GH-  273|       return (!HAVE_SUBOFFSETS_IN_LAST_DIM(dest) &&
GH-  274|->             !HAVE_SUBOFFSETS_IN_LAST_DIM(src) &&
GH-  275|               dest->strides[dest->ndim-1] == dest->itemsize &&
GH-  276|               src->strides[src->ndim-1] == src->itemsize);
(cherry picked from commit 90b7540)

Co-authored-by: Victor Stinner <vstinner@python.org>
vstinner added a commit that referenced this issue Jun 10, 2024
@vstinner
gh-120155: Fix Coverity issue in zoneinfo load_data() (#120232)
b90bd3e 
Declare the 'rv' varaible at the top of the load_data() function to
make sure that it's initialized before the first 'goto error' which
uses 'rv' (return rv).

Fix the Coverity issue:

Error: UNINIT (CWE-457):
Python-3.12.2/Modules/_zoneinfo.c:1233:5: skipped_decl: Jumping over declaration of ""rv"".
Python-3.12.2/Modules/_zoneinfo.c:1284:5: uninit_use: Using uninitialized value ""rv"".
  1282|       }
  1283|
  1284|->     return rv;
  1285|   }
  1286|
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jun 10, 2024
@vstinner @miss-islington
pythongh-120155: Fix Coverity issue in zoneinfo load_data() (pythonGH…
8ec67f5 
…-120232)

Declare the 'rv' varaible at the top of the load_data() function to
make sure that it's initialized before the first 'goto error' which
uses 'rv' (return rv).

Fix the Coverity issue:

Error: UNINIT (CWE-457):
Python-3.12.2/Modules/_zoneinfo.c:1233:5: skipped_decl: Jumping over declaration of ""rv"".
Python-3.12.2/Modules/_zoneinfo.c:1284:5: uninit_use: Using uninitialized value ""rv"".
  1282|       }
  1283|
  1284|->     return rv;
  1285|   }
  1286|
(cherry picked from commit b90bd3e)

Co-authored-by: Victor Stinner <vstinner@python.org>
@bedevere-app bedevere-app bot mentioned this issue Jun 10, 2024
Merged
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jun 10, 2024
@vstinner @miss-islington
pythongh-120155: Fix Coverity issue in zoneinfo load_data() (pythonGH…
df7e058 
…-120232)

Declare the 'rv' varaible at the top of the load_data() function to
make sure that it's initialized before the first 'goto error' which
uses 'rv' (return rv).

Fix the Coverity issue:

Error: UNINIT (CWE-457):
Python-3.12.2/Modules/_zoneinfo.c:1233:5: skipped_decl: Jumping over declaration of ""rv"".
Python-3.12.2/Modules/_zoneinfo.c:1284:5: uninit_use: Using uninitialized value ""rv"".
  1282|       }
  1283|
  1284|->     return rv;
  1285|   }
  1286|
(cherry picked from commit b90bd3e)

Co-authored-by: Victor Stinner <vstinner@python.org>
@bedevere-app bedevere-app bot mentioned this issue Jun 10, 2024
Merged
vstinner added a commit that referenced this issue Jun 10, 2024
@miss-islington @vstinner
[3.12] gh-120155: Fix Coverity issue in zoneinfo load_data() (GH-120232
ff980e3 
…) (#120311)

gh-120155: Fix Coverity issue in zoneinfo load_data() (GH-120232)

Declare the 'rv' varaible at the top of the load_data() function to
make sure that it's initialized before the first 'goto error' which
uses 'rv' (return rv).

Fix the Coverity issue:

Error: UNINIT (CWE-457):
Python-3.12.2/Modules/_zoneinfo.c:1233:5: skipped_decl: Jumping over declaration of ""rv"".
Python-3.12.2/Modules/_zoneinfo.c:1284:5: uninit_use: Using uninitialized value ""rv"".
  1282|       }
  1283|
  1284|->     return rv;
  1285|   }
  1286|
(cherry picked from commit b90bd3e)

Co-authored-by: Victor Stinner <vstinner@python.org>
vstinner added a commit that referenced this issue Jun 10, 2024
@miss-islington @vstinner
[3.13] gh-120155: Fix Coverity issue in zoneinfo load_data() (GH-120232
14ff4c9 
…) (#120310)

gh-120155: Fix Coverity issue in zoneinfo load_data() (GH-120232)

Declare the 'rv' varaible at the top of the load_data() function to
make sure that it's initialized before the first 'goto error' which
uses 'rv' (return rv).

Fix the Coverity issue:

Error: UNINIT (CWE-457):
Python-3.12.2/Modules/_zoneinfo.c:1233:5: skipped_decl: Jumping over declaration of ""rv"".
Python-3.12.2/Modules/_zoneinfo.c:1284:5: uninit_use: Using uninitialized value ""rv"".
  1282|       }
  1283|
  1284|->     return rv;
  1285|   }
  1286|
(cherry picked from commit b90bd3e)

Co-authored-by: Victor Stinner <vstinner@python.org>
vstinner added a commit to vstinner/cpython that referenced this issue Jun 12, 2024
@vstinner
pythongh-120155: Add assertion to sre.c match_getindex()
d814f1b 
Add an assertion to help static analyzers to detect that i*2 cannot
overflow.
vstinner added a commit to vstinner/cpython that referenced this issue Jun 12, 2024
@vstinner
pythongh-120155: Add assertion to sre.c match_getindex()
2d2c3ec 
Add an assertion to help static analyzers to detect that i*2 cannot
overflow.
@bedevere-app bedevere-app bot mentioned this issue Jun 12, 2024
Merged
@bedevere-app bedevere-app bot mentioned this issue Jun 12, 2024
Merged
vstinner added a commit that referenced this issue Jun 12, 2024
@miss-islington @vstinner
[3.12] gh-120155: Add assertion to sre.c match_getindex() (GH-120402) (
ab30934 
…#120410)

gh-120155: Add assertion to sre.c match_getindex() (GH-120402)

Add an assertion to help static analyzers to detect that i*2 cannot
overflow.
(cherry picked from commit 42b25dd)

Co-authored-by: Victor Stinner <vstinner@python.org>
vstinner added a commit that referenced this issue Jun 12, 2024
@miss-islington @vstinner
[3.13] gh-120155: Add assertion to sre.c match_getindex() (GH-120402) (
e048092 
…#120409)

gh-120155: Add assertion to sre.c match_getindex() (GH-120402)

Add an assertion to help static analyzers to detect that i*2 cannot
overflow.
(cherry picked from commit 42b25dd)

Co-authored-by: Victor Stinner <vstinner@python.org>
@vstinner vstinner changed the title Fix some Coverity warnings / false alarms Fix some Coverity warnings and false alarms Jun 19, 2024
vstinner added a commit to vstinner/cpython that referenced this issue Jun 25, 2024
@vstinner
pythongh-120155: Fix Coverity issue in parse_string()
898a590 
Add an assertion to make sure that the 'len' variable is at least 1,
to make sure that '--len' above is safe.

Fix the Coverity issue on Python-3.12.2:

Error: INTEGER_OVERFLOW (CWE-190):
Parser/string_parser.c:236:5: underflow: The decrement operator on the unsigned variable ""len"" might result in an underflow.
Parser/string_parser.c:246:9: overflow: The expression ""len -= 2UL"" is deemed underflowed because at least one of its arguments has underflowed.
Parser/string_parser.c:269:13: overflow_sink: ""len"", which might have underflowed, is passed to ""PyBytes_FromStringAndSize(s, len)"".
  267|           }
  268|           if (rawmode) {
  269|->             return PyBytes_FromStringAndSize(s, len);
  270|           }
  271|           return decode_bytes_with_escapes(p, s, len, t);
vstinner added a commit to vstinner/cpython that referenced this issue Jun 25, 2024
@vstinner
pythongh-120155: Fix Coverity issue in parse_string()
dc88363 
Add an assertion to make sure that the 'len' variable is at least 1,
to make sure that '--len' below is safe.

Fix the Coverity issue on Python-3.12.2:

Error: INTEGER_OVERFLOW (CWE-190):
Parser/string_parser.c:236:5: underflow: The decrement operator on the unsigned variable ""len"" might result in an underflow.
Parser/string_parser.c:246:9: overflow: The expression ""len -= 2UL"" is deemed underflowed because at least one of its arguments has underflowed.
Parser/string_parser.c:269:13: overflow_sink: ""len"", which might have underflowed, is passed to ""PyBytes_FromStringAndSize(s, len)"".
  267|           }
  268|           if (rawmode) {
  269|->             return PyBytes_FromStringAndSize(s, len);
  270|           }
  271|           return decode_bytes_with_escapes(p, s, len, t);
vstinner added a commit to vstinner/cpython that referenced this issue Jun 25, 2024
@vstinner
pythongh-120155: Fix Coverity issue in parse_string()
bda62ba 
Add an assertion to make sure that the 'len' variable is at least 1,
to make sure that the code '--len' below is safe.

Fix the Coverity issue on Python-3.12.2:

Error: INTEGER_OVERFLOW (CWE-190):
Parser/string_parser.c:236:5: underflow: The decrement operator on
    the unsigned variable "len" might result in an underflow.
Parser/string_parser.c:246:9: overflow: The expression "len -= 2UL"
    is deemed underflowed because at least one of its arguments has
    underflowed.
Parser/string_parser.c:269:13: overflow_sink: "len", which might
    have underflowed, is passed to
    "PyBytes_FromStringAndSize(s, len)".
  267|           }
  268|           if (rawmode) {
  269|->             return PyBytes_FromStringAndSize(s, len);
  270|           }
  271|           return decode_bytes_with_escapes(p, s, len, t);
@bedevere-app bedevere-app bot mentioned this issue Jun 25, 2024
Merged
pablogsal pushed a commit that referenced this issue Jun 25, 2024
@vstinner
gh-120155: Fix Coverity issue in parse_string() (#120997)
769aea3
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jun 25, 2024
@vstinner @miss-islington
pythongh-120155: Fix Coverity issue in parse_string() (pythonGH-120997)
725b8e9 
(cherry picked from commit 769aea3)

Co-authored-by: Victor Stinner <vstinner@python.org>
@bedevere-app bedevere-app bot mentioned this issue Jun 25, 2024
Merged
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jun 25, 2024
@vstinner @miss-islington
pythongh-120155: Fix Coverity issue in parse_string() (pythonGH-120997)
0da87ef 
(cherry picked from commit 769aea3)

Co-authored-by: Victor Stinner <vstinner@python.org>
@bedevere-app bedevere-app bot mentioned this issue Jun 25, 2024
Merged
vstinner added a commit that referenced this issue Jun 25, 2024
@miss-islington @vstinner
[3.13] gh-120155: Fix Coverity issue in parse_string() (GH-120997) (#…
571cefd 
…121005)

gh-120155: Fix Coverity issue in parse_string() (GH-120997)
(cherry picked from commit 769aea3)

Co-authored-by: Victor Stinner <vstinner@python.org>
vstinner added a commit that referenced this issue Jun 25, 2024
@miss-islington @vstinner
[3.12] gh-120155: Fix Coverity issue in parse_string() (GH-120997) (#…
5290e40 
…121006)

gh-120155: Fix Coverity issue in parse_string() (GH-120997)
(cherry picked from commit 769aea3)

Co-authored-by: Victor Stinner <vstinner@python.org>
@vstinner
Copy link
Member Author

Ok, I'm done with the report with the report I was working on. I close the issue.

mrahtz pushed a commit to mrahtz/cpython that referenced this issue Jun 30, 2024
@vstinner @mrahtz
pythongh-120155: Fix Coverity issue in zoneinfo load_data() (python#1…
788b517 
…20232)

Declare the 'rv' varaible at the top of the load_data() function to
make sure that it's initialized before the first 'goto error' which
uses 'rv' (return rv).

Fix the Coverity issue:

Error: UNINIT (CWE-457):
Python-3.12.2/Modules/_zoneinfo.c:1233:5: skipped_decl: Jumping over declaration of ""rv"".
Python-3.12.2/Modules/_zoneinfo.c:1284:5: uninit_use: Using uninitialized value ""rv"".
  1282|       }
  1283|
  1284|->     return rv;
  1285|   }
  1286|
mrahtz pushed a commit to mrahtz/cpython that referenced this issue Jun 30, 2024
@vstinner @mrahtz
pythongh-120155: Add assertion to sre.c match_getindex() (python#120402)
49d9a9b 
Add an assertion to help static analyzers to detect that i*2 cannot
overflow.
mrahtz pushed a commit to mrahtz/cpython that referenced this issue Jun 30, 2024
@vstinner @mrahtz
pythongh-120155: Fix Coverity issue in parse_string() (python#120997)
abda2e9
noahbkim pushed a commit to hudson-trading/cpython that referenced this issue Jul 11, 2024
@vstinner @noahbkim
pythongh-120155: Initialize variables in _tkinter.c (python#120156)
607abe9 
Initialize variables in _tkinter.c to make static analyzers happy.
noahbkim pushed a commit to hudson-trading/cpython that referenced this issue Jul 11, 2024
@vstinner @noahbkim
pythongh-120155: Fix copy/paste error in HAVE_SUBOFFSETS_IN_LAST_DIM() (
fb569f9 
python#120228)

Don't hardcode 'dest' in HAVE_SUBOFFSETS_IN_LAST_DIM() macro of
memoryobject.c, but use its 'view' parameter instead.

Fix the Coverity issue:

Error: COPY_PASTE_ERROR (CWE-398):
Python-3.12.2/Objects/memoryobject.c:273:14: original: ""dest->suboffsets + (dest->ndim - 1)"" looks like the original copy.
Python-3.12.2/Objects/memoryobject.c:274:14: copy_paste_error: ""dest"" in ""src->suboffsets + (dest->ndim - 1)"" looks like a copy-paste error.
Python-3.12.2/Objects/memoryobject.c:274:14: remediation: Should it say ""src"" instead?
#  272|       assert(dest->ndim > 0 && src->ndim > 0);
#  273|       return (!HAVE_SUBOFFSETS_IN_LAST_DIM(dest) &&
#  274|->             !HAVE_SUBOFFSETS_IN_LAST_DIM(src) &&
#  275|               dest->strides[dest->ndim-1] == dest->itemsize &&
#  276|               src->strides[src->ndim-1] == src->itemsize);
noahbkim pushed a commit to hudson-trading/cpython that referenced this issue Jul 11, 2024
@vstinner @noahbkim
pythongh-120155: Fix Coverity issue in zoneinfo load_data() (python#1…
6d4d184 
…20232)

Declare the 'rv' varaible at the top of the load_data() function to
make sure that it's initialized before the first 'goto error' which
uses 'rv' (return rv).

Fix the Coverity issue:

Error: UNINIT (CWE-457):
Python-3.12.2/Modules/_zoneinfo.c:1233:5: skipped_decl: Jumping over declaration of ""rv"".
Python-3.12.2/Modules/_zoneinfo.c:1284:5: uninit_use: Using uninitialized value ""rv"".
  1282|       }
  1283|
  1284|->     return rv;
  1285|   }
  1286|
noahbkim pushed a commit to hudson-trading/cpython that referenced this issue Jul 11, 2024
@vstinner @noahbkim
pythongh-120155: Add assertion to sre.c match_getindex() (python#120402)
47d4cb4 
Add an assertion to help static analyzers to detect that i*2 cannot
overflow.
noahbkim pushed a commit to hudson-trading/cpython that referenced this issue Jul 11, 2024
@vstinner @noahbkim
pythongh-120155: Fix Coverity issue in parse_string() (python#120997)
29c3b27
estyxx pushed a commit to estyxx/cpython that referenced this issue Jul 17, 2024
@vstinner @estyxx
pythongh-120155: Initialize variables in _tkinter.c (python#120156)
3065c15 
Initialize variables in _tkinter.c to make static analyzers happy.
estyxx pushed a commit to estyxx/cpython that referenced this issue Jul 17, 2024
@vstinner @estyxx
pythongh-120155: Fix copy/paste error in HAVE_SUBOFFSETS_IN_LAST_DIM() (
eac123d 
python#120228)

Don't hardcode 'dest' in HAVE_SUBOFFSETS_IN_LAST_DIM() macro of
memoryobject.c, but use its 'view' parameter instead.

Fix the Coverity issue:

Error: COPY_PASTE_ERROR (CWE-398):
Python-3.12.2/Objects/memoryobject.c:273:14: original: ""dest->suboffsets + (dest->ndim - 1)"" looks like the original copy.
Python-3.12.2/Objects/memoryobject.c:274:14: copy_paste_error: ""dest"" in ""src->suboffsets + (dest->ndim - 1)"" looks like a copy-paste error.
Python-3.12.2/Objects/memoryobject.c:274:14: remediation: Should it say ""src"" instead?
#  272|       assert(dest->ndim > 0 && src->ndim > 0);
#  273|       return (!HAVE_SUBOFFSETS_IN_LAST_DIM(dest) &&
#  274|->             !HAVE_SUBOFFSETS_IN_LAST_DIM(src) &&
#  275|               dest->strides[dest->ndim-1] == dest->itemsize &&
#  276|               src->strides[src->ndim-1] == src->itemsize);
estyxx pushed a commit to estyxx/cpython that referenced this issue Jul 17, 2024
@vstinner @estyxx
pythongh-120155: Fix Coverity issue in zoneinfo load_data() (python#1…
1338c24 
…20232)

Declare the 'rv' varaible at the top of the load_data() function to
make sure that it's initialized before the first 'goto error' which
uses 'rv' (return rv).

Fix the Coverity issue:

Error: UNINIT (CWE-457):
Python-3.12.2/Modules/_zoneinfo.c:1233:5: skipped_decl: Jumping over declaration of ""rv"".
Python-3.12.2/Modules/_zoneinfo.c:1284:5: uninit_use: Using uninitialized value ""rv"".
  1282|       }
  1283|
  1284|->     return rv;
  1285|   }
  1286|
estyxx pushed a commit to estyxx/cpython that referenced this issue Jul 17, 2024
@vstinner @estyxx
pythongh-120155: Add assertion to sre.c match_getindex() (python#120402)
0fffa6c 
Add an assertion to help static analyzers to detect that i*2 cannot
overflow.
estyxx pushed a commit to estyxx/cpython that referenced this issue Jul 17, 2024
@vstinner @estyxx
pythongh-120155: Fix Coverity issue in parse_string() (python#120997)
e8cea88
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@vstinner