New python PIDL checks cause 2221 new Coverity warnings

Volker Lendecke Volker.Lendecke at SerNet.DE
Wed Aug 26 09:10:24 UTC 2015

On Wed, Aug 26, 2015 at 07:14:02AM +0200, Volker Lendecke wrote:
> Hi, Andrew!
> Sorry, I don't agree with this being unavoidable and by
> design. We had our security bugs in PIDL output in the past,
> so I think it would be a really bad decision to leave all
> these warnings and undefined behaviour in the code, because
> it makes the Coverity output nearly unusable.
> Shouldn't the PIDL output be sensitive to 32-bit or 64-bit
> architecture? We have #defines for the sizes of basic types.
> Also, most of the IDL types we define are specific bit
> values.

By the way, even clang finds this fishy:

default/librpc/gen_ndr/py_security.c:2549:41: warning: comparison of constant 9223372036854775807 with expression of type 'uint32_t' (aka 'unsigned int') is always false
      [-Wtautological-constant-out-of-range-compare] py_std_all = (uint32_t)object->std_all > LONG_MAX ?  PyLong_FromUnsignedLong((uint32_t)obje...
                     ~~~~~~~~~~~~~~~~~~~~~~~~~ ^ ~~~~~~~~

I think we should strive towards LESS warnings, not more.


SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen, mailto:kontakt at

More information about the samba-technical mailing list