Coverity Reports on Passing NULL to fileno()

Gedare Bloom gedare at rtems.org
Wed Feb 17 19:07:00 UTC 2021


On Wed, Feb 17, 2021 at 11:21 AM Sebastian Huber
<sebastian.huber at embedded-brains.de> wrote:
>
> On 17/02/2021 18:58, Joel Sherrill wrote:
>
> >
> > I don't want to ignore calls to fileno() and other methods from RTEMS
> > code that potentially could pass a NULL in. I only see a few options:
> >
> >   + Use an rtems_fileno() wrapper which does check for NULL. I don't
> > like this because it opens a path of doing this for any libc method
> > that takes a pointer.
> >
> > + Mark these as ignored in Coverity. I don't like this because it
> > always feels like we could be papering over something.
> >
> > + Add an RTEMS assert() ahead of these suspect calls so at least debug
> > mode flags them and Coverity is happier.
> >
> > + Add nonnull attribute to the headers for the various parameters in
> > libc that shouldn't be null. I don't think this will catch all stupid
> > cases of passing NULL but may be sufficient to catch some. I have no
> > idea if this will make Coverity happy or not.
> >
> > I think aiming for the last two since they seem reasonable and
> > straightforward.
>
> The nonnull attribute could have unpleasant side effects:
>
> http://www.rkoucha.fr/tech_corner/nonnull_gcc_attribute.html
>
> I would place assertions in the code. This looks like a case by case
> analysis is necessary.
>
I agree, I'd just put an assert before the call. I don't think a
wrapper is necessary, unless we do need to add this to other
libc/posix functions

> --
> embedded brains GmbH
> Herr Sebastian HUBER
> Dornierstr. 4
> 82178 Puchheim
> Germany
> email: sebastian.huber at embedded-brains.de
> phone: +49-89-18 94 741 - 16
> fax:   +49-89-18 94 741 - 08
>
> Registergericht: Amtsgericht München
> Registernummer: HRB 157899
> Vertretungsberechtigte Geschäftsführer: Peter Rasmussen, Thomas Dörfler
> Unsere Datenschutzerklärung finden Sie hier:
> https://embedded-brains.de/datenschutzerklaerung/
>
> _______________________________________________
> devel mailing list
> devel at rtems.org
> http://lists.rtems.org/mailman/listinfo/devel


More information about the devel mailing list