From: "Philip Oakley" <philipoakley@iee.org>
To: "Koch, Rick \(Subcontractor\)" <Rick.Koch@tbe.com>,
"Git List" <git@vger.kernel.org>
Subject: Re: CPPCheck found 24 high risk bugs in Git v.1.8.3.4
Date: Mon, 19 Aug 2013 21:03:21 +0100 [thread overview]
Message-ID: <33FCCE7A2CD5494B88F3C5CDBC341DFD@PhilipOakley> (raw)
In-Reply-To: 85C8141E5DAD94428A121F706995A31F010F116FDAD3@MX1.net.tbe.com
From: "Koch, Rick (Subcontractor)" <Rick.Koch@tbe.com>
Sent: Monday, August 19, 2013 6:09 PM
>I'm directing to this e-mail, as it seems to be the approved forum
>for posting Git bugs. We ran CPPCheck against Git v.1.8.3.4
>and found 24 high risk bugs. Please see the attachment xlsx.
>Is there a method to post to the Git community to allow the
>community to review and debunk as faults positive or develop
>patches to fix lists code files?
>v/r
>Roderick (Rick) Koch
>Information Assurance
>Rick.Koch@tbe.com
What OS version / CPPCheck version was this checked on?
In case other readers don't have a .xlsx reader here is Rick's list in
plain text (may be white space damaged).
I expect some will be false positives, and some will just be being too
cautious.
Philip
description resourceFilePath fileName lineNumber
nullPointer(CppCheck) \git-master\builtin\add.c add.c 286
wrongPrintfScanfArgNum(CppCheck) \git-master\builtin\fetch.c
fetch.c 588
nullPointer(CppCheck) \git-master\builtin\ls-files.c ls-files.c
144
nullPointer(CppCheck) \git-master\builtin\merge.c merge.c 1208
doubleFree(CppCheck) \git-master\builtin\notes.c notes.c 275
nullPointer(CppCheck) \git-master\builtin\reflog.c reflog.c 437
uninitvar(CppCheck) \git-master\builtin\rev-list.c rev-list.c 342
uninitvar(CppCheck) \git-master\builtin\rev-list.c rev-list.c 342
uninitvar(CppCheck) \git-master\compat\regex\regcomp.c regcomp.c
2803
uninitvar(CppCheck) \git-master\compat\regex\regcomp.c regcomp.c
2802
uninitvar(CppCheck) \git-master\compat\regex\regcomp.c regcomp.c
2805
memleakOnRealloc(CppCheck) \git-master\compat\win32\syslog.c
syslog.c 46
uninitvar(CppCheck)
\git-master\contrib\examples\builtin-fetch--tool.c builtin-fetch--tool.c
419
uninitvar(CppCheck) \git-master\fast-import.c fast-import.c 2917
nullPointer(CppCheck) \git-master\line-log.c line-log.c 638
nullPointer(CppCheck) \git-master\mailmap.c mailmap.c 156
uninitvar(CppCheck) \git-master\merge-recursive.c
merge-recursive.c 1887
uninitvar(CppCheck) \git-master\notes.c notes.c 805
uninitvar(CppCheck) \git-master\notes.c notes.c 805
deallocret(CppCheck) \git-master\pretty.c pretty.c 677
resourceLeak(CppCheck) \git-master\refs.c refs.c 3041
doubleFree(CppCheck) \git-master\sequencer.c sequencer.c 924
nullPointer(CppCheck) \git-master\sha1_file.c sha1_file.c 125
doubleFree(CppCheck) \git-master\shell.c shell.c 130
next prev parent reply other threads:[~2013-08-19 20:03 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-08-19 17:09 CPPCheck found 24 high risk bugs in Git v.1.8.3.4 Koch, Rick (Subcontractor)
2013-08-19 20:03 ` Philip Oakley [this message]
2013-08-19 20:40 ` Jeff King
2013-08-19 20:46 ` Junio C Hamano
2013-08-19 20:52 ` Johan Herland
[not found] ` <85C8141E5DAD94428A121F706995A31F010F116FDADE@MX1.net.tbe.com>
2013-08-19 21:46 ` Philip Oakley
2013-08-23 19:51 ` CPPCheck found 24 high risk bugs in Git v.1.8.3.4 (fetch.c L588) Philip Oakley
2013-08-19 22:55 ` CPPCheck found 24 high risk bugs in Git v.1.8.3.4 Philip Oakley
2013-08-19 23:15 ` Erik Faye-Lund
2013-08-20 14:33 ` Jeff King
2013-08-20 18:44 ` Andreas Schwab
2013-08-20 20:34 ` René Scharfe
2013-08-20 22:28 ` Erik Faye-Lund
2013-08-20 22:26 ` Erik Faye-Lund
2013-08-20 23:01 ` Andreas Schwab
2013-08-20 23:45 ` Junio C Hamano
2013-08-21 0:01 ` Erik Faye-Lund
2013-08-19 21:36 ` Stefan Beller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=33FCCE7A2CD5494B88F3C5CDBC341DFD@PhilipOakley \
--to=philipoakley@iee.org \
--cc=Rick.Koch@tbe.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).