[tor-bugs] #18897 [Core Tor/Tor]: Narrow scan-build checkers to those that have an acceptably low false positive rate.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Apr 26 14:46:14 UTC 2016
#18897: Narrow scan-build checkers to those that have an acceptably low false
positive rate.
--------------------------+------------------------------
Reporter: nickm | Owner:
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: 029-proposed | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor: SponsorS-can
--------------------------+------------------------------
Comment (by nickm):
Right now on master I see 29 bugs:
Cast region with wrong size 4 -- all false, I think, unless there's
something wrong with `char **x = tor_calloc(n, sizeof(char*))`.
Out-of-bound access 18 -- basically any time we run a char* over an
allocated memory buffer, this complains.
Out-of-bound array access 2 -- both in some rather fuzzy code in
process_environment_make. Worth looking at more closely.
Use fixed address 2 -- Doesn't like our use of SIG_IGN.
Memory Error
Use-after-free 3 -- The reference-counting code in our handle logic seems
to confuse the checker here. Or there is a bug that I just can't see.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18897#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list