Coverity issues #54
Comments
|
@abierman That's not very helpful.. Maybe come up with some Coverty logs and proposals on how to fix some of those issues.. |
|
I have registered the project with coverity and submitted the current develop HEAD for analysis. The defects will be visible soon here. |
|
We pay for Coverity and our license does not allow us to share coverity logs. |
|
So, most are in /test where resource leaks are not really an issue. But indeed, the coverity scan has uncovered quite a few (yes, plenty) issues. Thanks @abierman for pointing this out! |
|
After having fixed all but one defect (some dead code in client.c), I close this issue for now. |
|
Hi,
OK -- guess you are not running Coverity very strict.
You might want to look at coap_opt_value, which can return NULL.
It is used in macros and plain C code and never checked for NULL.
Andy
…On Fri, Dec 2, 2016 at 5:59 AM, obgm ***@***.***> wrote:
After having fixed all but one defect (some dead code in client.c), I
close this issue for now.
Most of the leaks detected with default aggressiveness of the coverity
analysis tool have been in the unit tests where they do not harm, the core
library had only one leak in a corner case that usually does not occur
(because the application would not do anything useful in that case...)
Zero uses of NULL pointers were detected.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#54 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ABugj0bjz4Xa9LMVCHjwIy83khZvIUKEks5rECQtgaJpZM4K-hfo>
.
|
|
Yes, indeed. Re-opening.... |
|
After having checked every occurrence of coap_opt_value() and coap_opt_length() (including macros) in the core library and the examples, I still see no problem. Your scan results seem to be false positives, I presume. |
Coverity reports a lot of issues with this library.
Coverity Scan is free for open source projects
https://scan.coverity.com/
The text was updated successfully, but these errors were encountered: