From: "René Scharfe" <l.s.r@web.de>
To: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>, git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
Jinoh Kang <luke1337@theori.io>,
Phillip Wood <phillip.wood@talktalk.net>,
Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
Han-Wen Nienhuys <hanwen@google.com>,
Karthik Nayak <karthik.188@gmail.com>,
Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>
Subject: Re: [RFC PATCH 04/15] diff-lib.c: don't dereference NULL in oneway_diff()
Date: Sat, 4 Jun 2022 00:48:24 +0200 [thread overview]
Message-ID: <6fec4a06-ac02-3de0-4517-6aa9314653a6@web.de> (raw)
In-Reply-To: <RFC-patch-04.15-3a287c19d7e-20220603T183608Z-avarab@gmail.com>
Am 03.06.22 um 20:37 schrieb Ævar Arnfjörð Bjarmason:
> Fix a control flow issue dating back to d1f2d7e8ca6 (Make
> run_diff_index() use unpack_trees(), not read_tree(), 2008-01-19)
> where we'd assume "tree" must be non-NULL if idx was NULL. As
> -fanalyzer shows we'd end up dereferencing "tree" in that case in
> ce_path_match():
>
> dir.h:541:41: warning: dereference of NULL ‘ce’ [CWE-476] [-Wanalyzer-null-dereference]
> 541 | S_ISDIR(ce->ce_mode) || S_ISGITLINK(ce->ce_mode));
> | ^
> ‘oneway_diff’: events 1-2
> |
> |diff-lib.c:493:12:
> | 493 | static int oneway_diff(const struct cache_entry * const *src,
> | | ^~~~~~~~~~~
> | | |
> | | (1) entry to ‘oneway_diff’
> |......
> | 506 | if (tree == o->df_conflict_entry)
> | | ~
> | | |
> | | (2) following ‘true’ branch...
> |
> ‘oneway_diff’: event 3
> |
> | 507 | tree = NULL;
> | | ^
> | | |
> | | (3) ...to here
> |
> ‘oneway_diff’: events 4-8
> |
> | 507 | tree = NULL;
> | | ^
> | | |
> | | (4) ‘tree’ is NULL
> | 508 |
> | 509 | if (ce_path_match(revs->diffopt.repo->index,
> | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> | | |
> | | (5) following ‘false’ branch (when ‘idx’ is NULL)...
> | | (6) ...to here
> | | (7) ‘tree’ is NULL
> | | (8) calling ‘ce_path_match’ from ‘oneway_diff’
> | 510 | idx ? idx : tree,
> | | ~~~~~~~~~~~~~~~~~
> | 511 | &revs->prune_data, NULL)) {
> | | ~~~~~~~~~~~~~~~~~~~~~~~~
> |
> +--> ‘ce_path_match’: event 9
> |
> |dir.h:535:19:
> | 535 | static inline int ce_path_match(struct index_state *istate,
> | | ^~~~~~~~~~~~~
> | | |
> | | (9) entry to ‘ce_path_match’
> |
> ‘ce_path_match’: event 10
> |
> | 541 | S_ISDIR(ce->ce_mode) || S_ISGITLINK(ce->ce_mode));
> | | ^
> | | |
> | | (10) dereference of NULL ‘ce
>
> Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
> ---
> diff-lib.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/diff-lib.c b/diff-lib.c
> index ca085a03efc..8373ad7e3ea 100644
> --- a/diff-lib.c
> +++ b/diff-lib.c
> @@ -506,6 +506,9 @@ static int oneway_diff(const struct cache_entry * const *src,
> if (tree == o->df_conflict_entry)
> tree = NULL;
So here we have a D/F conflict in a oneway diff, i.e. a single tree.
That means if we discard the thing from the tree, then we still have
the conflicting thing from the index. Meaning idx and tree cannot both
be NULL in that D/F conflict scenario. Right?
>
> + if (!idx && !tree)
> + return 0;
That calms down the confused compiler, but would it perhaps be better to
BUG out at this point? Or is there a valid state with both idx and tree
being NULL?
> +
> if (ce_path_match(revs->diffopt.repo->index,
> idx ? idx : tree,> &revs->prune_data, NULL)) {
next prev parent reply other threads:[~2022-06-03 22:49 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-03 18:37 [RFC PATCH 00/15] Fix GCC -fanalyzer warnings & add -fanalyzer DEVOPTS mode Ævar Arnfjörð Bjarmason
2022-06-03 18:37 ` [RFC PATCH 01/15] remote.c: don't dereference NULL in freeing loop Ævar Arnfjörð Bjarmason
2022-06-03 21:07 ` René Scharfe
2022-06-03 21:28 ` Junio C Hamano
2022-06-03 22:32 ` Glen Choo
2022-06-04 12:51 ` Phillip Wood
2022-06-04 16:20 ` Ævar Arnfjörð Bjarmason
2022-06-03 18:37 ` [RFC PATCH 02/15] pull.c: don't feed NULL to strcmp() on get_rebase_fork_point() path Ævar Arnfjörð Bjarmason
2022-06-03 21:27 ` René Scharfe
2022-06-03 18:37 ` [RFC PATCH 03/15] reftable: don't memset() a NULL from failed malloc() Ævar Arnfjörð Bjarmason
2022-06-03 22:22 ` René Scharfe
2022-06-04 0:54 ` Ævar Arnfjörð Bjarmason
2022-06-04 12:24 ` René Scharfe
2022-06-04 16:23 ` Ævar Arnfjörð Bjarmason
2022-06-04 20:31 ` René Scharfe
2022-06-06 16:53 ` Junio C Hamano
2022-06-06 17:38 ` Ævar Arnfjörð Bjarmason
2022-06-06 17:44 ` Junio C Hamano
2022-06-06 17:46 ` Ævar Arnfjörð Bjarmason
2022-06-03 18:37 ` [RFC PATCH 04/15] diff-lib.c: don't dereference NULL in oneway_diff() Ævar Arnfjörð Bjarmason
2022-06-03 22:48 ` René Scharfe [this message]
2022-06-03 18:37 ` [RFC PATCH 05/15] refs/packed-backend.c: add a BUG() if iter is NULL Ævar Arnfjörð Bjarmason
2022-06-03 23:14 ` René Scharfe
2022-06-03 18:37 ` [RFC PATCH 06/15] ref-filter.c: BUG() out on show_ref() with NULL refname Ævar Arnfjörð Bjarmason
2022-06-04 18:07 ` René Scharfe
2022-06-03 18:37 ` [RFC PATCH 07/15] strbuf.c: placate -fanalyzer in strbuf_grow() Ævar Arnfjörð Bjarmason
2022-06-04 12:24 ` René Scharfe
2022-06-04 12:46 ` Phillip Wood
2022-06-04 16:21 ` Ævar Arnfjörð Bjarmason
2022-06-04 20:37 ` René Scharfe
2022-06-05 10:20 ` Phillip Wood
2022-06-03 18:37 ` [RFC PATCH 08/15] strbuf.c: use st_add3(), not unsigned_add_overflows() Ævar Arnfjörð Bjarmason
2022-06-04 21:27 ` René Scharfe
2022-06-03 18:37 ` [RFC PATCH 09/15] add-patch: assert parse_diff() expectations with BUG() Ævar Arnfjörð Bjarmason
2022-06-04 13:04 ` Phillip Wood
2022-06-03 18:37 ` [RFC PATCH 10/15] reftable: don't have reader_get_block() confuse -fanalyzer Ævar Arnfjörð Bjarmason
2022-06-03 18:37 ` [RFC PATCH 11/15] blame.c: clarify the state of "final_commit" for -fanalyzer Ævar Arnfjörð Bjarmason
2022-06-03 18:37 ` [RFC PATCH 12/15] pack.h: wrap write_*file*() functions Ævar Arnfjörð Bjarmason
2022-06-03 18:37 ` [RFC PATCH 13/15] pack-write API: pass down "verify" not arbitrary flags Ævar Arnfjörð Bjarmason
2022-06-03 18:37 ` [RFC PATCH 14/15] config.mak.dev: add a DEVOPTS=analyzer mode to use GCC's -fanalyzer Ævar Arnfjörð Bjarmason
2022-06-03 18:37 ` [RFC PATCH 15/15] config.mak.dev: add and use ASSERT_FOR_FANALYZER() macro Ævar Arnfjörð Bjarmason
2022-06-04 13:12 ` Phillip Wood
2022-06-07 15:50 ` [PATCH 0/3] remote API: fix -fanalyzer-spotted freeing issue Ævar Arnfjörð Bjarmason
2022-06-07 15:50 ` [PATCH 1/3] remote.c: remove braces from one-statement "for"-loops Ævar Arnfjörð Bjarmason
2022-06-07 15:50 ` [PATCH 2/3] remote.c: don't dereference NULL in freeing loop Ævar Arnfjörð Bjarmason
2022-06-07 17:23 ` Junio C Hamano
2022-06-07 15:50 ` [PATCH 3/3] remote API: don't buggily FREE_AND_NULL(), free() instead Ævar Arnfjörð Bjarmason
2022-06-07 17:02 ` Glen Choo
2022-06-07 18:09 ` Junio C Hamano
2022-06-07 17:29 ` Junio C Hamano
2022-06-07 17:32 ` [PATCH 0/3] remote API: fix -fanalyzer-spotted freeing issue Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6fec4a06-ac02-3de0-4517-6aa9314653a6@web.de \
--to=l.s.r@web.de \
--cc=avarab@gmail.com \
--cc=chooglen@google.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=hanwen@google.com \
--cc=karthik.188@gmail.com \
--cc=luke1337@theori.io \
--cc=me@ttaylorr.com \
--cc=phillip.wood@talktalk.net \
--cc=pyokagan@gmail.com \
--cc=whydoubt@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).