quiet clang analyzer scan-build warnings

(expansion of buffer_string_lenth() inline function and CONST_BUF_LEN() macro, which always check for NULL, appears to cause the analyzer to believe that a pointer might be NULL in cases where it otherwise can not be NULL) x-ref: http://clang-analyzer.llvm.org/faq.html
2020-07-08 18:01:52 -04:00 · 2020-07-08 18:01:52 -04:00 · 28f1867c11
parent 98a224a4a2
commit 28f1867c11
13 changed files with 41 additions and 3 deletions
--- a/src/array.c
+++ b/src/array.c
@ -390,6 +390,9 @@ array_match_key_prefix_nc_klen (const array * const a, const char * const s, con
 data_unset *
 array_match_key_prefix (const array * const a, const buffer * const b)
 {
+  #ifdef __clang_analyzer__
+    force_assert(b);
+  #endif
    return array_match_key_prefix_klen(a, CONST_BUF_LEN(b));
 }

--- a/src/configfile.c
+++ b/src/configfile.c
@ -1184,6 +1184,9 @@ int config_log_error_open(server *srv) {
    /* logs are opened after preflight check (srv->srvconf.preflight_check)
     * and after dropping privileges instead of being opened during config
     * processing */
+  #ifdef __clang_analyzer__
+    force_assert(srv->errh);
+  #endif

    /* Note: implementation does not de-dup repeated files or pipe commands */

--- a/src/data_config.c
+++ b/src/data_config.c
@ -134,6 +134,7 @@ data_config *data_config_init(void) {
 	data_config *ds;

 	ds = calloc(1, sizeof(*ds));
+	force_assert(ds);

 	ds->comp_tag = buffer_init();
 	ds->comp_key = buffer_init();
--- a/src/gw_backend.c
+++ b/src/gw_backend.c
@ -2376,6 +2376,9 @@ handler_t gw_check_extension(request_st * const r, gw_plugin_data * const p, int
            /* check if extension matches */
            for (uint32_t k = 0; k < exts->used; ++k) {
                gw_extension *ext = exts->exts+k;
+              #ifdef __clang_analyzer__
+                force_assert(ext); /*(unnecessary; quiet clang analyzer)*/
+              #endif
                size_t ct_len = buffer_string_length(&ext->key);

                /* check _url_ in the form "/gw_pattern" */
--- a/src/mod_extforward.c
+++ b/src/mod_extforward.c
@ -501,7 +501,7 @@ static int is_proxy_trusted(plugin_data *p, const char * const ip, size_t iplen)
        sock_addr addr;
        /* C funcs inet_aton(), inet_pton() require '\0'-terminated IP str */
        char addrstr[64]; /*(larger than INET_ADDRSTRLEN and INET6_ADDRSTRLEN)*/
-        if (iplen >= sizeof(addrstr)) return 0;
+        if (0 == iplen || iplen >= sizeof(addrstr)) return 0;
        memcpy(addrstr, ip, iplen);
        addrstr[iplen] = '\0';

@ -843,6 +843,7 @@ static handler_t mod_extforward_Forwarded (request_st * const r, plugin_data * c

    /* parse out params associated with for=<ip> addr set above */
    oproto = ohost = oby = oremote_user = -1;
+    UNUSED(oby);
    j = ofor;
    if (j > 0) { do { --j; } while (j > 0 && -1 != offsets[j]); }
    if (-1 == offsets[j]) ++j;
--- a/src/mod_fastcgi.c
+++ b/src/mod_fastcgi.c
@ -348,6 +348,10 @@ static int fastcgi_get_packet(handler_ctx *hctx, fastcgi_response_packet *packet
 		}
 		return -1;
 	}
+      #ifdef __clang_analyzer__
+        /*(unnecessary (length checked above); init to quiet scan-build)*/
+        memset(&header, 0, sizeof(FCGI_Header));
+      #endif

 	/* get at least the FastCGI header */
 	for (chunk *c = hctx->rb->first; c; c = c->next) {
--- a/src/mod_openssl.c
+++ b/src/mod_openssl.c
@ -884,6 +884,9 @@ mod_wolfssl_load_client_CA_file (const buffer *ssl_ca_file, log_error_st *errh)
    /* similar to wolfSSL_load_client_CA_file(), plus some processing */
    buffer **certs = NULL;
    if (NULL == mod_wolfssl_load_pem_file(ssl_ca_file->ptr, errh, &certs)) {
+      #ifdef __clang_analyzer__
+        mod_wolfssl_free_der_certs(certs); /*unnecessary; quiet clang analyzer*/
+      #endif
        return NULL;
    }

@ -929,6 +932,9 @@ mod_wolfssl_load_cacerts (const buffer *ssl_ca_file, log_error_st *errh)
    /* similar to wolfSSL_load_client_CA_file(), plus some processing */
    buffer **certs = NULL;
    if (NULL == mod_wolfssl_load_pem_file(ssl_ca_file->ptr, errh, &certs)) {
+      #ifdef __clang_analyzer__
+        mod_wolfssl_free_der_certs(certs); /*unnecessary; quiet clang analyzer*/
+      #endif
        return NULL;
    }

--- a/src/mod_proxy.c
+++ b/src/mod_proxy.c
@ -786,7 +786,7 @@ static void proxy_set_Forwarded(connection * const con, request_st * const r, co
            buffer_append_string_backslash_escaped(
              b, CONST_BUF_LEN(remote_user));
            buffer_append_string_len(b, CONST_STR_LEN("\""));
-            semicolon = 1;
+            /*semicolon = 1;*/
        }
    }

--- a/src/plugin.c
+++ b/src/plugin.c
@ -62,6 +62,7 @@ static plugin *plugin_init(void) {
 }

 static void plugin_free(plugin *p) {
+    if (NULL == p) return; /*(should not happen w/ current usage)*/
  #if !defined(LIGHTTPD_STATIC)
    if (p->lib) {
     #if defined(HAVE_VALGRIND_VALGRIND_H)
--- a/src/server.c
+++ b/src/server.c
@ -374,6 +374,9 @@ static int server_oneshot_init(server *srv, int fd) {
 	srv_socket = server_oneshot_getsock(srv, &cnt_addr);
 	if (NULL == srv_socket) return 0;

+      #ifdef __clang_analyzer__
+        memset(&cnt_addr, 0, sizeof(cnt_addr));
+      #endif
 	cnt_len = sizeof(cnt_addr);
 	if (0 != getpeername(fd, (struct sockaddr *)&cnt_addr, &cnt_len)) {
 		log_perror(srv->errh, __FILE__, __LINE__, "getpeername()");
--- a/src/stat_cache.c
+++ b/src/stat_cache.c
@ -234,11 +234,17 @@ static void fam_dir_periodic_cleanup() {

 static void fam_dir_invalidate_tree(splay_tree *t, const char *name, size_t len)
 {
+  #ifdef __clang_analyzer__
+    force_assert(name);
+  #endif
    /*force_assert(t);*/
    if (t->left)  fam_dir_invalidate_tree(t->left,  name, len);
    if (t->right) fam_dir_invalidate_tree(t->right, name, len);

    fam_dir_entry * const fam_dir = t->data;
+  #ifdef __clang_analyzer__
+    force_assert(fam_dir);
+  #endif
    buffer *b = fam_dir->name;
    size_t blen = buffer_string_length(b);
    if (blen > len && b->ptr[len] == '/' && 0 == memcmp(b->ptr, name, len))
--- a/src/t/test_burl.c
+++ b/src/t/test_burl.c
@ -141,6 +141,7 @@ static void test_burl_normalize (void) {
    run_burl_normalize(psrc, ptmp, flags, __LINE__, CONST_STR_LEN("/a/b?c=d%20e"), CONST_STR_LEN("/a/b?c=d+e"));
    flags &= ~HTTP_PARSEOPT_URL_NORMALIZE_QUERY_20_PLUS;

+    UNUSED(flags);
    buffer_free(psrc);
    buffer_free(ptmp);
 }
--- a/src/t/test_configfile.c
+++ b/src/t/test_configfile.c
@ -44,6 +44,11 @@ const struct {
 };

 static void test_configfile_addrbuf_eq_remote_ip_mask (void) {
+	request_st r;
+	memset(&r, 0, sizeof(request_st));
+	r.conf.errh              = log_error_st_init();
+	r.conf.errh->errorlog_fd = -1; /* (disable) */
+
 	int i, m;
 	buffer * const s = buffer_init();
 	char *slash;
@ -53,7 +58,7 @@ static void test_configfile_addrbuf_eq_remote_ip_mask (void) {
 		if (1 != sock_addr_inet_pton(&rmt, rmtmask[i].rmtstr, rmtmask[i].rmtfamily, 0)) exit(-1); /*(bad test)*/
 		buffer_copy_string(s, rmtmask[i].string);
 		slash = strchr(s->ptr,'/'); assert(slash);
-		m = config_addrbuf_eq_remote_ip_mask(NULL, s, slash, &rmt);
+		m = config_addrbuf_eq_remote_ip_mask(&r, s, slash, &rmt);
 		if (m != rmtmask[i].expect) {
 			fprintf(stderr, "failed assertion: %s %s %s\n",
 				rmtmask[i].string,
@ -64,6 +69,7 @@ static void test_configfile_addrbuf_eq_remote_ip_mask (void) {
 	}

 	buffer_free(s);
+	log_error_st_free(r.conf.errh);
 }

 int main (void) {