Hi, I ran coverity on the jdk11 jdk sources and want to propose the following fixes. I scanned the linux x86_64 build. Some issues are similar to previous parfait fixes (check for NULL). I also identified some issues I consider real problems. If you think some are tooo conservative, I'm happy to remove them. I posted this to core-libs-dev and awt-dev, if you think this should be discussed on other lists please tell me.
http://cr.openjdk.java.net/~goetz/wr18/8207233-covJDK/01/ In detail: Real issues: ------------ transport.c Loop overruns the array, it iterates to 8. Only two iterations are intended. Unix.c getgroups can return -1. This is handled below, but not here. Return as for other errors. Useful code improvements. ------------------------- zip_util.c pmsg is compared to null above. Thus, don't dereference it unconditionally below. I would assume pmsg is always != NULL, so that the check above could as well be turned into a guarantee. This fix is more safe, though. fontpath.c This is a real error, but harmless as the same size is returned. pcsc.c If size is 0, mszReaders is not allocated, but accessed below. return if size is 0. Here, too, I would assume that one could turn the if(size) check into a guarantee, but this way it's more safe. ecl_muilt.c This block calls point_mul, which requires the kt.flag is initialized. unpack.cpp lo is checked for null. If it is null, the dereference below fails. Return if lo == Null similar as above. Alternatively, one could turn the if (lo != null) check into a guarantee.
