Marc
/
server
forked from github/server
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
6,180 Commits 10 Branches 0 Tags 41 MiB
Commit Graph

6180 Commits

Author SHA1 Message Date
Enno Rehling 54304af182 allocate space for null terminator 2015-10-30 12:08:09 +01:00
Enno Rehling 7fa12ae3af CID 22556: String not null terminated (STRING_NULL) 
add missing null-termination
 2015-10-30 11:59:05 +01:00
Enno Rehling 68f8f0830e CID 22561: Copy into fixed size buffer (STRING_OVERFLOW) 2015-10-30 11:45:20 +01:00
Enno Rehling be0563c1f0 CID 22560: Copy into fixed size buffer (STRING_OVERFLOW) 2015-10-30 11:43:45 +01:00
Enno Rehling 5d273e475e CID 22558: Copy into fixed size buffer (STRING_OVERFLOW) 
bsdstring buffer size check
 2015-10-30 11:41:59 +01:00
Enno Rehling 1fb04179dc CID 22557: Copy into fixed size buffer (STRING_OVERFLOW) 
eliminate code duplication. bsdstring is better than libc strings.
 2015-10-30 11:39:47 +01:00
Enno Rehling ca7d25858e CID 22563: Copy into fixed size buffer (STRING_OVERFLOW) 
bsdstring to the rescue, once again
 2015-10-30 11:16:09 +01:00
Enno Rehling 0de6e5ecb8 CID 22564: Copy into fixed size buffer (STRING_OVERFLOW) 
buffer sizes => bsdstring.h
 2015-10-30 11:13:48 +01:00
Enno Rehling df82a9795d CID 22565: Copy into fixed size buffer (STRING_OVERFLOW) 
bsdstring to the rescue
 2015-10-30 11:11:54 +01:00
Enno Rehling b8d7fa5bcc CID 22567: Copy into fixed size buffer (STRING_OVERFLOW) 
bsdstring replacements, again
 2015-10-30 11:09:28 +01:00
Enno Rehling 51f66b8da8 CID 22568: Copy into fixed size buffer (STRING_OVERFLOW) 
more bsdstring replacements
 2015-10-30 11:06:24 +01:00
Enno Rehling e69635d697 CID 22569: Copy into fixed size buffer (STRING_OVERFLOW) 
bsdstring functions are the best.
 2015-10-30 11:02:51 +01:00
Enno Rehling 4ee0f76927 CID 22570: Copy into fixed size buffer (STRING_OVERFLOW) 
not only that, but strlcpy is the faster option here, too.
 2015-10-30 10:57:52 +01:00
Enno Rehling 2f82cccea1 CID 22571: Copy into fixed size buffer (STRING_OVERFLOW) 
replace strcat with strlcat
 2015-10-30 10:55:06 +01:00
Enno Rehling 05ef6deb26 CID 22572: Copy into fixed size buffer (STRING_OVERFLOW) 2015-10-29 20:47:07 +01:00
Enno Rehling 4e431b41e2 CID 22575 (#2-1 of 2): Copy into fixed size buffer (STRING_OVERFLOW) 2015-10-29 20:45:36 +01:00
Enno Rehling d3f7bd7b10 CID 22597: va_start/va_end mismatch 2015-10-29 20:43:37 +01:00
Enno Rehling 77ad91f8a4 Merge branch 'feature/coverity-scan' of github.com:ennorehling/eressea into feature/coverity-scan 2015-10-29 20:40:51 +01:00
Enno Rehling f581999dde add a script to automate coverity scans 2015-10-29 20:40:40 +01:00
Enno Rehling 4eb6a89821 CID 26262: short and unsigned types are the devil, use int everywhere for fewer headaches 2015-10-29 20:39:44 +01:00
Enno Rehling b3edd8dc5a anerror in this bugfix was found by a lua test. sweet! 2015-10-29 18:55:47 +01:00
Enno Rehling 3bf5ba14bb CID 26252: Memory - illegal accesses (BUFFER_SIZE_WARNING) 
Calling strncpy with a maximum size argument of 5 bytes on destination array "code" of size 5 bytes might leave the destination string unterminated.
 2015-10-29 16:51:39 +01:00
Enno Rehling 1a252bc994 CID 26253: Control flow issues (DEADCODE) 
transformations gone wrong in previous commit
 2015-10-29 16:50:55 +01:00
Enno Rehling 6113bc2144 CID 26254: Incorrect expression (DIVIDE_BY_ZERO) 
magic should never be zero, but coverity doesn't know that.
 2015-10-29 16:46:43 +01:00
Enno Rehling 7a01b58e8d CID 26255: Null pointer dereferences (FORWARD_NULL) 2015-10-29 16:43:09 +01:00
Enno Rehling 0a67d53264 CID 26256: (NULL_RETURNS) 2015-10-29 16:41:53 +01:00
Enno Rehling 833a1e70be CID 26257: Null pointer dereferences (NULL_RETURNS) 
this test should never fire, but it shuts up coverity
 2015-10-29 16:40:18 +01:00
Enno Rehling 9d9994811a CID 26258: (NULL_RETURNS) 
deal with bad connection data, static analysis doen't knwo that we never have that.
 2015-10-29 16:38:29 +01:00
Enno Rehling b7dce8071c CID 26259: Memory - corruptions 
I apparently don't know how strncat works.
 2015-10-29 16:36:20 +01:00
Enno Rehling 59069ae342 CID 26260: Resource leaks (RESOURCE_LEAK) 2015-10-29 16:28:59 +01:00
Enno Rehling db6e9444d6 CID 26263: Memory - illegal accesses (UNINIT) 2015-10-29 16:27:10 +01:00
Enno Rehling 5f4c31af1c bad variable reuse leads to gcc confusion 2015-10-29 12:04:52 +01:00
Enno Rehling 8b6da79984 64 bit compatibility, thank you gcc. 2015-10-29 11:32:04 +01:00
Enno Rehling 4f25831407 coverity scan CID 22576: arguments in wrong order 
I believe that was a false positive, and will try to aquelch it by naming the arguments better.
 2015-10-29 11:24:01 +01:00
Enno Rehling 4384183ab8 coverity scan CID 22504: argument cannot be negative 
handle error cases for ftell, just because they could happen, I guess?
 2015-10-29 11:20:09 +01:00
Enno Rehling 976b6aaea1 coverity CID 22593: write to pointer after free 
github issue #324
use free_land where we need it.
 2015-10-29 11:17:31 +01:00
Enno Rehling c298b7fd74 coverity CID 22501 imroper use of negative value 
explicitly use SK_MAGIC instead of a lookup. Faster, easier to reason about.
 2015-10-29 11:06:25 +01:00
Enno Rehling 8675002e68 coverity scan CIDs 22540 22541 22546: resource leak 
the calendar should only ever be initialized once, but based on static analysis, I agree that this was sloppy.
 2015-10-29 09:56:53 +01:00
Enno Rehling 2372d3aacd coverity scan CID 22516: out-of-bounds write 
potentially a bug with bad XML files? only matters if we have those, but we shouldn't
 2015-10-29 09:49:26 +01:00
Enno Rehling 8b92003fff coverity scan CID 22487: dereference after null check 
we don't use many differnt calendars, so this has never happened.
 2015-10-29 09:43:51 +01:00
Enno Rehling e27c4b4164 coverity scan CID 22457: logically dead code 
the original TEACH_FRIENDS feature could not possibly have worked?
 2015-10-29 09:39:33 +01:00
Enno Rehling f4c32acd05 coverity scan CID 22515: out-of-bounds access 
increase buffer to stop coverity false positive
 2015-10-29 09:32:31 +01:00
Enno Rehling 55b3bfd90e coverity scan CID 22574: copy into fixed size buffer 
zOrder *should* probably be big enough, but static analysis says safe is safe.
 2015-10-29 09:28:02 +01:00
Enno Rehling 6ebfd33478 coverity scan CID 22503: negative array index write 2015-10-29 09:24:58 +01:00
Enno Rehling c7aa8c89b1 coverity scan CID 22551: dereference before null check 2015-10-29 09:22:00 +01:00
Enno Rehling 4da658584c coverity scan CID 22511: dereference null return value 2015-10-29 09:20:58 +01:00
Enno Rehling 178a740ecf coverity scan CID 22573: copy into fixed-size buffer 
in theory, all IDs in the game should be no longer than 4 characters, but coverity doesn't know this.
 2015-10-29 09:17:23 +01:00
Enno Rehling 78899ca801 coverity scan CID 22433: buffer not null terminated, prefer strlcpy over strncpy 2015-10-29 09:06:53 +01:00
Enno Rehling 04bf07a526 coverity scan (multiple CID) is confuced about a_remove, trying to help it. 2015-10-29 09:06:52 +01:00
Enno Rehling 65429a12c3 coverity scan CID 22585, 22586: result is not floating point 2015-10-29 09:06:51 +01:00