[pcre-dev] [Bug 2686] New: Compiler warnings under -fanalyze…

Top Page

Reply to this message
Author: admin
Date:  
To: pcre-dev
Subject: [pcre-dev] [Bug 2686] New: Compiler warnings under -fanalyzer and GCC 10.2
https://bugs.exim.org/show_bug.cgi?id=2686

            Bug ID: 2686
           Summary: Compiler warnings under -fanalyzer and GCC 10.2
           Product: PCRE
           Version: 10.36 (PCRE2)
          Hardware: x86-64
                OS: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Code
          Assignee: Philip.Hazel@???
          Reporter: dangelog@???
                CC: pcre-dev@???


Hi,

When compiling PCRE2 10.36 under GCC 10.2 with the -fanalyzer command line
option, I get the warning reported below (the paths are relative to the PCRE2
copy shipped within Qt). I have no idea if the report is formally correct or
not; if it's a false positive, maybe some asserts could be added to silence the
warning.

Thanks,



../src/3rdparty/pcre2/src/pcre2_auto_possess.c: In function ‘compare_opcodes’:
../src/3rdparty/pcre2/src/pcre2_auto_possess.c:548:5: warning: dereference of
NULL ‘code’ [CWE-690] [-Wanalyzer-null-dereference]
  548 |   c = *code;
      |   ~~^~~~~~~
  ‘_pcre2_auto_possessify_16’: event 1
    |
    |../src/3rdparty/pcre2/src/pcre2_internal.h:1943:51:
    | 1943 | #define _pcre2_auto_possessify      
PCRE2_SUFFIX(_pcre2_auto_possessify_)
    |      |                                                  
^~~~~~~~~~~~~~~~~~~~~~~
    |      |                                                   |
    |      |                                                   (1) entry to
‘_pcre2_auto_possessify_16’
../src/3rdparty/pcre2/src/pcre2.h:796:25: note: in definition of macro
‘PCRE2_JOIN’
    |  796 | #define PCRE2_JOIN(a,b) a ## b
    |      |                         ^
../src/3rdparty/pcre2/src/pcre2.h:975:25: note: in expansion of macro
‘PCRE2_GLUE’
    |  975 | #define PCRE2_SUFFIX(a) PCRE2_GLUE(a, PCRE2_CODE_UNIT_WIDTH)
    |      |                         ^~~~~~~~~~
../src/3rdparty/pcre2/src/pcre2_internal.h:1943:38: note: in expansion of macro
‘PCRE2_SUFFIX’
    | 1943 | #define _pcre2_auto_possessify      
PCRE2_SUFFIX(_pcre2_auto_possessify_)
    |      |                                      ^~~~~~~~~~~~
../src/3rdparty/pcre2/src/pcre2_internal.h:177:20: note: in expansion of macro
‘_pcre2_auto_possessify’
    |  177 | #define PRIV(name) _pcre2_##name
    |      |                    ^~~~~~~
../src/3rdparty/pcre2/src/pcre2_auto_possess.c:1114:1: note: in expansion of
macro ‘PRIV’
    | 1114 | PRIV(auto_possessify)(PCRE2_UCHAR *code, const compile_block *cb)
    |      | ^~~~
    |
  ‘_pcre2_auto_possessify_16’: events 2-12
    |
    | 1128 |   if (c >= OP_TABLE_LENGTH) return -1;   /* Something gone wrong
*/
    |      |      ^
    |      |      |
    |      |      (2) following ‘false’ branch (when ‘c <= 167’)...
    | 1129 | 
    | 1130 |   if (c >= OP_STAR && c <= OP_TYPEPOSUPTO)
    |      |      ~
    |      |      |
    |      |      (3) ...to here
    |......
    | 1177 |   else if (c == OP_CLASS || c == OP_NCLASS || c == OP_XCLASS)
    |      |           ~
    |      |           |
    |      |           (4) following ‘true’ branch (when ‘c == 110’)...
    |......
    | 1180 |     if (c == OP_XCLASS)
    |      |        ~
    |      |        |
    |      |        (5) ...to here
    |      |        (6) following ‘false’ branch (when ‘c != 112’)...
    |......
    | 1184 |       repeat_opcode = code + 1 + (32 / sizeof(PCRE2_UCHAR));
    |      |       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                     |
    |      |                     (7) ...to here
    |......
    | 1187 |     if (c >= OP_CRSTAR && c <= OP_CRMINRANGE)
    |      |        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |        |               |
    |      |        |               (9) ...to here
    |      |        |               (10) following ‘true’ branch (when ‘c <=
105’)...
    |      |        (8) following ‘true’ branch (when ‘c > 97’)...
    |......
    | 1190 |       end = get_chr_property_list(code, utf, ucp, cb->fcc, list);
    |      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |             |
    |      |             (11) ...to here
    |      |             (12) calling ‘get_chr_property_list’ from
‘_pcre2_auto_possessify_16’
    |
    +--> ‘get_chr_property_list’: events 13-14
           |
           |  308 | get_chr_property_list(PCRE2_SPTR code, BOOL utf, BOOL ucp,
const uint8_t *fcc,
           |      | ^~~~~~~~~~~~~~~~~~~~~
           |      | |
           |      | (13) entry to ‘get_chr_property_list’
           |......
           |  365 | switch(c)
           |      | ~~~~~~
           |      | |
           |      | (14) following ‘default:’ branch...
           |
         ‘get_chr_property_list’: event 15
           |
           |  493 | return NULL;    /* Opcode not accepted */
           |      |        ^~~~
           |      |        |
           |      |        (15) ...to here
           |
         ‘get_chr_property_list’: event 16
           |
           |cc1:
           | (16): ‘<return-value>’ is NULL
           |
    <------+
    |
  ‘_pcre2_auto_possessify_16’: events 17-18
    |
    | 1190 |       end = get_chr_property_list(code, utf, ucp, cb->fcc, list);
    |      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |             |
    |      |             (17) return of NULL to ‘_pcre2_auto_possessify_16’
from ‘get_chr_property_list’
    |......
    | 1194 |       if (compare_opcodes(end, utf, ucp, cb, list, end,
&rec_limit))
    |      |          
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |           |
    |      |           (18) calling ‘compare_opcodes’ from
‘_pcre2_auto_possessify_16’
    |
    +--> ‘compare_opcodes’: events 19-22
           |
           |  518 | compare_opcodes(PCRE2_SPTR code, BOOL utf, BOOL ucp, const
compile_block *cb,
           |      | ^~~~~~~~~~~~~~~
           |      | |
           |      | (19) entry to ‘compare_opcodes’
           |......
           |  536 | if (--(*rec_limit) <= 0) return FALSE;  /* Recursion has
gone too deep */
           |      |    ~
           |      |    |
           |      |    (20) following ‘false’ branch...
           |......
           |  548 |   c = *code;
           |      |   ~~~~~~~~~
           |      |     |
           |      |     (21) ...to here
           |      |     (22) dereference of NULL ‘code’
           |


--
You are receiving this mail because:
You are on the CC list for the bug.