[sword-devel] Coverity Scan
Greg Hellings
greg.hellings at gmail.com
Mon Feb 16 15:10:18 MST 2015
On Mon, Feb 16, 2015 at 3:07 AM, Jaak Ristioja <jaak at ristioja.ee> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 16.02.2015 10:55, Peter von Kaehne wrote:
>> On Fri, 2015-02-13 at 10:54 +0200, Jaak Ristioja wrote:
>>> Hello!
>>>
>>> Has the Sword project considered running their code throught the
>>> Coverity Scan service (scan.coverity.com)? We just configured
>>> BibleTime to run on Travis CI and the Coverity Scan and it found
>>> quite a lot of bugs in our code. I suggest it also be run on
>>> Sword.
>>
>> Has it changed much since this blog has been written?
>>
>> http://blog.josefsson.org/2007/04/02/boycott-scancoveritycom/
>
> Well, judge for yourself:
> https://scan.coverity.com/policy
> http://www.coverity.com/terms-of-use/
>
> Blessings,
> Jaak
>
>
> PS: I guess asking for Sword to be analyzed through Coverity was too
> much to ask in the first place. I mean have any of you even ran
> cppcheck on the code?
Salty attitude aside, I have now run it (with the default 12
combination, not the full --force. That's running now). Output is
pasted below. Anyone using the HEAD of SVN as of a few minutes ago and
configuring with CMake can execute the full suite on their own systems
by invoking "make all_cppcheck". I haven't added targets for all of
the utilities yet, just for the library in both dynamic and static
configurations.
If there is support for it, I'll add targets for the different utilities.
--Greg
/home/greg/build/crosswire/sword/include/swkey.h:227: error: Reference
to auto variable returned.
/home/greg/build/crosswire/sword/include/listkey.h:152: error:
Reference to auto variable returned.
/home/greg/build/crosswire/sword/include/versekey.h:477: error:
Reference to auto variable returned.
/home/greg/build/crosswire/sword/include/treekey.h:137: error:
Reference to auto variable returned.
/home/greg/build/crosswire/sword/include/treekeyidx.h:111: error:
Reference to auto variable returned.
/home/greg/build/crosswire/sword/include/strkey.h:51: error: Reference
to auto variable returned.
/home/greg/build/crosswire/sword/include/versetreekey.h:119: error:
Reference to auto variable returned.
/home/greg/build/crosswire/sword/src/modules/common/entriesblk.cpp:122:
error: Common realloc mistake: 'block' nulled but not freed upon
failure
/home/greg/build/crosswire/sword/src/modules/common/swcomprs.cpp:145:
error: Common realloc mistake: 'buf' nulled but not freed upon failure
/home/greg/build/crosswire/sword/src/modules/common/swcomprs.cpp:156:
error: Common realloc mistake: 'zbuf' nulled but not freed upon
failure
/home/greg/build/crosswire/sword/src/modules/filters/scsuutf8.cpp:59:
error: Array 'start[8]' accessed at index 8, which is out of bounds.
/home/greg/build/crosswire/sword/src/modules/filters/scsuutf8.cpp:60:
error: Array 'slide[8]' accessed at index 8, which is out of bounds.
/home/greg/build/crosswire/sword/src/modules/filters/scsuutf8.cpp:61:
error: Array 'win[256]' accessed at index 256, which is out of bounds.
/home/greg/build/crosswire/sword/src/modules/lexdict/swld.cpp:111:
error: Mismatching allocation and deallocation: buf
:: information: Too many #ifdef configurations - cppcheck only checks
12 configurations. Use --force to check all configurations. For more
details, use --enable=information.
More information about the sword-devel
mailing list