Fixes for all these issues are now commited. Thanks! .... Ken
On 3 August 2016 at 03:37, <support.a...@npo-echelon.ru> wrote: > Greetings! > > We've checked your source code with static analyzer > "AppChecker":https://npo-echelon.ru/en/solutions/appchecker.php and found > some possible defects in your source code: > > 1) > File - src/usr.sbin/map-mbone/mapper.c, line 498 > http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/map-mbone/mapper.c?rev=1.23 > > if (nb_i->addr == nb_n->addr) { > if (nb_i->metric != nb_n->metric > || nb_i->threshold != nb_i->threshold) > > nb_i->threshold is comparing with itself. I guess there should be nb_n > > 2) > File - src/sbin/pfctl/pfctl_optimize.c, line 1078 > http://cvsweb/src/sbin/pfctl/pfctl_optimize.c?rev=1.35&content-type=text/x-cvsweb-markup > > if (strcmp(a->dst.addr.v.ifname, b->dst.addr.v.ifname) != 0 || > a->dst.addr.iflags != a->dst.addr.iflags || > memcmp(&a->dst.addr.v.a.mask, &b->dst.addr.v.a.mask, > sizeof(a->dst.addr.v.a.mask))) > > > a->dst.addr.iflags is comparing with itself. I guess it should be b-> > > 3) > File - src/sbin/pfctl/pfctl_optimize.c, line 1150 > http://cvsweb/src/sbin/pfctl/pfctl_optimize.c?rev=1.35&content-type=text/x-cvsweb-markup > > if (strcmp(a->src.addr.v.ifname, b->src.addr.v.ifname) != 0 || > a->src.addr.iflags != a->src.addr.iflags || > memcmp(&a->src.addr.v.a.mask, &b->src.addr.v.a.mask, > sizeof(a->src.addr.v.a.mask))) > > > a->src.addr.iflags is comparing with itself. I guess it should be b-> > > 4) > File - src/usr.sbin/mtrace/mtrace.c, line 1060 > http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/mtrace/mtrace.c?rev=1.35 > > if ((n->tr_inaddr != b->tr_inaddr) || (n->tr_inaddr != b->tr_inaddr)) > > (n->tr_inaddr != b->tr_inaddr) is checked twice > > 5) > File - src/usr.bin/infocmp/infocmp.c, line 631 > http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.bin/infocmp/infocmp.c > > if (strnames[i][0] == 'k' && strnames[i][0] == 'f') > > strnames[i][0] can't be equal to 'k' and 'f' at the same time - so the > expression is always false. > > All these possible defects were found by Echelon team with AppChecker static > analyzer. > > >