What to do with triaged Coverity complaints about makefs ?

Fri Oct 30 12:50:33 UTC 2015

Hi,

Alan Somers wrote:
> > > Filling out the Coverity triage info is good.

i wrote:
> > It seems that i am not authorized.

Ulrich Spörlein wrote:
> Only members of the Project (i.e. people with @freebsd.org addresses)
> have full access.

I have filed two handful of PRs, which ngie at FreeBSD.org assigned
to himself meanwhile.
The CIDs are named in their subjects. So it should be possible
to triage them in Coverity when they have been processed for FreeBSD.

> If you don't see a run _every_ week (ideally 2x a week), then yell at
> me, because something has broken (again) then.

I got a mail that a rescan happened a few days ago.
But since most of the PRs still have to be processed, i did
not look for changes there.

------------------------------------------------------------
Overview of PRs:

PR 203644
  makefs: Coverity CID 974635, 974636:
  Copying several struct elements by single memcpy().

PR 203938
  makefs: Coverity CID 975345, 975346:
  No provisions for i/o error

PR 203937
  makefs: Coverity CID 975347, 975348:
  No provisions for i/o error

PR 203923
  makefs: Coverity CID 975621:
  False positive

PR 203645
  makefs: Coverity CID 976312:
  SIGSEGV with option -l 3

PR 203940
  makefs: Coverity CID 976847:
  Delayed error with wrong output file type

PR 203943
  makefs: Coverity CID 977469:
  False positive

PR 203646
  makefs: Coverity CID 977470:
  Writes slightly wrong El Torito Boot Record

PR 203647
  makefs: Coverity CID 978431:
  No free() after malloc().

PR 203944
  makefs: Coverity CID 979130, 979131:
  Possibly gone after PR 203938 / CID 975345, 975346 is done

PR 203648
  makefs: Coverity CID 1008927:
  sizeof() compared against desired bit count rather than byte count

PR 203649
  makefs: Coverity CID 1305659:
  Unclear whether reaction on malloc failure suffices.
(Meanwhile it is clear that err() suffices.)

------------------------------------------------------------

Have a nice day :)

Thomas