New python PIDL checks cause 2221 new Coverity warnings
Volker Lendecke
Volker.Lendecke at SerNet.DE
Wed Aug 26 09:10:24 UTC 2015
On Wed, Aug 26, 2015 at 07:14:02AM +0200, Volker Lendecke wrote:
> Hi, Andrew!
>
> Sorry, I don't agree with this being unavoidable and by
> design. We had our security bugs in PIDL output in the past,
> so I think it would be a really bad decision to leave all
> these warnings and undefined behaviour in the code, because
> it makes the Coverity output nearly unusable.
>
> Shouldn't the PIDL output be sensitive to 32-bit or 64-bit
> architecture? We have #defines for the sizes of basic types.
> Also, most of the IDL types we define are specific bit
> values.
By the way, even clang finds this fishy:
default/librpc/gen_ndr/py_security.c:2549:41: warning: comparison of constant 9223372036854775807 with expression of type 'uint32_t' (aka 'unsigned int') is always false
[-Wtautological-constant-out-of-range-compare] py_std_all = (uint32_t)object->std_all > LONG_MAX ? PyLong_FromUnsignedLong((uint32_t)obje...
~~~~~~~~~~~~~~~~~~~~~~~~~ ^ ~~~~~~~~
I think we should strive towards LESS warnings, not more.
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
More information about the samba-technical
mailing list