-
Notifications
You must be signed in to change notification settings - Fork 534
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix GCC v14 [-Wanalyzer-null-dereference] warnings in Kerberos #1983
Conversation
huaraz
commented
Jan 17, 2025
•
edited by rousskov
Loading
edited by rousskov
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for improving this code.
I made PR title more specific and fixed PR description formatting. I also committed (without testing) two trivial adjustments to avoid adding new NULLs to C++ code. Please check!
AFAICT, the first warning is false -- lutil_sasl_defaults() never returns nil because our xmalloc() never returns nil. However, resource freeing functions like lutil_sasl_freedefs() should be written like delete
(i.e. do nothing when the pointer is nil). Thus, this PR improves that code.
I did not have enough time to check whether the other warning is false.
The log containing these and other GCC v14 static analyzer warnings is available in squid-dev archives.
Thank you for the comments. I also did not a full check if it is a false positive, but to avoid analyser warnings I added a simple check. |
src/acl/external/kerberos_ldap_group/support_sasl.cc:190:17: error: dereference of NULL 'defs' [CWE-476] [-Wanalyzer-null-dereference] src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:235:19: error: dereference of NULL 'Rids' [CWE-476] [-Wanalyzer-null-dereference]
…-cache#1983) src/acl/external/kerberos_ldap_group/support_sasl.cc:190:17: error: dereference of NULL 'defs' [CWE-476] [-Wanalyzer-null-dereference] src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:235:19: error: dereference of NULL 'Rids' [CWE-476] [-Wanalyzer-null-dereference]
queued for backport to v6 |
src/acl/external/kerberos_ldap_group/support_sasl.cc:190:17: error: dereference of NULL 'defs' [CWE-476] [-Wanalyzer-null-dereference] src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:235:19: error: dereference of NULL 'Rids' [CWE-476] [-Wanalyzer-null-dereference]