[PATCH] Coverity: va_args/va_copy without va_end #13778
Comments
From @jhiva_end is not optional. Attached. |
From @jhi0001-Fix-for-Coverity-perl5-CIDs-29225-29226-29227-29228-.patchFrom 74a2420d94fc4ac200f7cbd4b6f9963ec7d2ccb6 Mon Sep 17 00:00:00 2001
From: Jarkko Hietaniemi <jhi@iki.fi>
Date: Wed, 23 Apr 2014 12:53:42 -0400
Subject: [PATCH] Fix for Coverity perl5 CIDs 29225, 29226, 29227, 29228,
29229: Missing varargs init or cleanup (VARARGS) missing va_end: va_end was
not called for foo.
Use of va_args must be finished off with va_end (in other words,
use of va_start or va_copy must be bracketed off with va_end).
In most platforms va_end is a no-op, but in some platforms it is
required for proper cleanup (or face stack smash, or memory leak).
---
ext/PerlIO-via/via.xs | 8 ++++----
mathoms.c | 10 ++++++++--
perlio.c | 1 +
util.c | 1 +
4 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/ext/PerlIO-via/via.xs b/ext/PerlIO-via/via.xs
index 619174a..d0f3d78 100644
--- a/ext/PerlIO-via/via.xs
+++ b/ext/PerlIO-via/via.xs
@@ -68,12 +68,12 @@ PerlIOVia_method(pTHX_ PerlIO * f, const char *method, CV ** save, int flags,
...)
{
PerlIOVia *s = PerlIOSelf(f, PerlIOVia);
+ SV *result = Nullsv;
CV *cv =
(*save) ? *save : PerlIOVia_fetchmethod(aTHX_ s, method, save);
- SV *result = Nullsv;
- va_list ap;
- va_start(ap, flags);
if (cv != (CV *) - 1) {
+ va_list ap;
+ va_start(ap, flags);
IV count;
dSP;
SV *arg;
@@ -84,6 +84,7 @@ PerlIOVia_method(pTHX_ PerlIO * f, const char *method, CV ** save, int flags,
while ((arg = va_arg(ap, SV *))) {
XPUSHs(arg);
}
+ va_end(ap);
if (*PerlIONext(f)) {
if (!s->fh) {
GV *gv;
@@ -121,7 +122,6 @@ PerlIOVia_method(pTHX_ PerlIO * f, const char *method, CV ** save, int flags,
LEAVE;
POPSTACK;
}
- va_end(ap);
return result;
}
diff --git a/mathoms.c b/mathoms.c
index 73f1e8d..1132ac8 100644
--- a/mathoms.c
+++ b/mathoms.c
@@ -544,6 +544,7 @@ int
Perl_fprintf_nocontext(PerlIO *stream, const char *format, ...)
{
dTHXs;
+ int ret = 0;
va_list(arglist);
/* Easier to special case this here than in embed.pl. (Look at what it
@@ -553,7 +554,9 @@ Perl_fprintf_nocontext(PerlIO *stream, const char *format, ...)
#endif
va_start(arglist, format);
- return PerlIO_vprintf(stream, format, arglist);
+ ret = PerlIO_vprintf(stream, format, arglist);
+ va_end(arglist);
+ return ret;
}
int
@@ -561,13 +564,16 @@ Perl_printf_nocontext(const char *format, ...)
{
dTHX;
va_list(arglist);
+ int ret = 0;
#ifdef PERL_IMPLICIT_CONTEXT
PERL_ARGS_ASSERT_PRINTF_NOCONTEXT;
#endif
va_start(arglist, format);
- return PerlIO_vprintf(PerlIO_stdout(), format, arglist);
+ ret = PerlIO_vprintf(PerlIO_stdout(), format, arglist);
+ va_end(arglist);
+ return ret;
}
#if defined(HUGE_VAL) || (defined(USE_LONG_DOUBLE) && defined(HUGE_VALL))
diff --git a/perlio.c b/perlio.c
index 0ae0a43..8d8c873 100644
--- a/perlio.c
+++ b/perlio.c
@@ -4915,6 +4915,7 @@ PerlIO_vprintf(PerlIO *f, const char *fmt, va_list ap)
s = SvPV_const(sv, len);
wrote = PerlIO_write(f, s, len);
SvREFCNT_dec(sv);
+ va_end(apc);
return wrote;
}
diff --git a/util.c b/util.c
index 0a0ee40..09b2679 100644
--- a/util.c
+++ b/util.c
@@ -4935,6 +4935,7 @@ Perl_my_vsnprintf(char *buffer, const Size_t len, const char *format, va_list ap
retval = vsprintf(buffer, format, ap);
# endif
#endif /* #ifdef NEED_VA_COPY */
+ va_end(apc);
/* vsprintf() shows failure with < 0 */
if (retval < 0
#ifdef HAS_VSNPRINTF
--
1.9.2
|
From @tonycozOn Sat Apr 26 13:04:36 2014, jhi wrote:
It turns out the va_end() in this chunk: Inline Patchdiff --git a/util.c b/util.c
index 0a0ee40..09b2679 100644
--- a/util.c
+++ b/util.c
@@ -4935,6 +4935,7 @@ Perl_my_vsnprintf(char *buffer, const Size_t len, const char *format, va_list ap
retval = vsprintf(buffer, format, ap);
# endif
#endif /* #ifdef NEED_VA_COPY */
+ va_end(apc);
/* vsprintf() shows failure with < 0 */
if (retval < 0
#ifdef HAS_VSNPRINTF
Tony |
|
The RT System itself - Status changed from 'new' to 'open' |
From @jhiOn Wednesday-201405-21, 20:35, Tony Cook via RT wrote:
Smoke link? |
From @tonycozOn Wed May 21 17:37:51 2014, jhi wrote:
http://www.nntp.perl.org/group/perl.daily-build.reports/2014/05/msg161602.html Same problem in perlio.c. apc is only declared inside #ifdef NEED_VA_COPY, but the va_end() it outside of it. I'll push some temp fixes for this and other issues soon. Tony |
From @jhiOn Wednesday-201405-21, 21:54, Tony Cook via RT wrote:
Ahh, duh.
Thanks! |
From @tonycozOn Wed May 21 19:03:20 2014, jhi wrote:
Another: --- a/ext/PerlIO-via/via.xs has code (va_start()) before declarations, breaking C89 builds. Tony |
From @jhiOn Wednesday-201405-21, 22:07, Tony Cook via RT wrote:
Grrr. I think I will start adding -std=c89 to my builds... In this particular case the va_start() can be pushed down after all the |
From @tonycozOn Wed, May 21, 2014 at 10:15:36PM -0400, Jarkko Hietaniemi wrote:
Right. Tony |
|
@tonycoz - Status changed from 'open' to 'resolved' |
Migrated from rt.perl.org#121748 (status was 'resolved')
Searchable as RT121748$
The text was updated successfully, but these errors were encountered: