I think we have been excluding testsuites. The setting appears to still be there: Tests */testsuites/* Ignored=Yes
I think maybe the pattern needs to be updated to put a dot before each asterisk: .*/testsuites/.* However, these could probably be fixed mostly without trouble. On Thu, Jul 15, 2021 at 7:24 AM Joel Sherrill <j...@rtems.org> wrote: > > I am not sure why these popped up now but some indicate logic errors > in the code cited. > > --joel > > ---------- Forwarded message --------- > From: <scan-ad...@coverity.com> > Date: Thu, Jul 15, 2021 at 12:26 AM > Subject: New Defects reported by Coverity Scan for RTEMS > To: <bu...@rtems.org> > > > Hi, > > Please find the latest report on new defect(s) introduced to RTEMS > found with Coverity Scan. > > 9 new defect(s) introduced to RTEMS found with Coverity Scan. > > > New defect(s) Reported-by: Coverity Scan > Showing 9 of 9 defect(s) > > > ** CID 1468693: Insecure data handling (TAINTED_SCALAR) > > > ________________________________________________________________________________________________________ > *** CID 1468693: Insecure data handling (TAINTED_SCALAR) > /testsuites/samples/fileio/init.c: 992 in fileio_read_file() > 986 */ > 987 if (!failed) { > 988 printf("use suffix K for Kbytes, M for Mbytes or no suffix > for bytes:\n" > 989 "Enter block size to use for read calls ==>"); > 990 fflush(stdout); > 991 fgets(tmp_str,sizeof(tmp_str)-1,stdin); > >>> CID 1468693: Insecure data handling (TAINTED_SCALAR) > >>> Passing tainted expression "tmp_str" to "fileio_str2size", which uses > >>> it as an offset. > 992 failed = fileio_str2size(tmp_str,&buf_size); > 993 if (failed) { > 994 printf("*** illegal block size, aborted\n"); > 995 } > 996 } > 997 > > ** CID 1468692: Integer handling issues (DIVIDE_BY_ZERO) > /testsuites/samples/fileio/init.c: 401 in create_ramdisk() > > > ________________________________________________________________________________________________________ > *** CID 1468692: Integer handling issues (DIVIDE_BY_ZERO) > /testsuites/samples/fileio/init.c: 401 in create_ramdisk() > 395 printf ("error: invalid option: %s\n", argv[arg]); > 396 return 1; > 397 } > 398 } > 399 } > 400 > >>> CID 1468692: Integer handling issues (DIVIDE_BY_ZERO) > >>> In expression "size / block_size", division by expression > >>> "block_size" which may be zero has undefined behavior. > 401 block_count = size / block_size; > 402 > 403 /* > 404 * Register the RAM Disk driver. > 405 */ > 406 printf ("Register RAM Disk Driver [blocks=%" PRIu32 \ > > ** CID 1468691: Resource leaks (RESOURCE_LEAK) > /testsuites/samples/fileio/init.c: 209 in shell_nvdisk_erase() > > > ________________________________________________________________________________________________________ > *** CID 1468691: Resource leaks (RESOURCE_LEAK) > /testsuites/samples/fileio/init.c: 209 in shell_nvdisk_erase() > 203 return 1; > 204 } > 205 > 206 if (ioctl (fd, RTEMS_NVDISK_IOCTL_ERASE_DISK) < 0) > 207 { > 208 printf ("error: nvdisk driver erase failed: %s\n", > strerror (errno)); > >>> CID 1468691: Resource leaks (RESOURCE_LEAK) > >>> Handle variable "fd" going out of scope leaks the handle. > 209 return 1; > 210 } > 211 > 212 close (fd); > 213 > 214 printf ("nvdisk erased successful\n"); > > ** CID 1468689: (TAINTED_SCALAR) > > > ________________________________________________________________________________________________________ > *** CID 1468689: (TAINTED_SCALAR) > /testsuites/samples/fileio/init.c: 846 in fileio_write_file() > 840 */ > 841 if (!failed) { > 842 printf("use suffix K for Kbytes, M for Mbytes or no suffix > for bytes:\n" > 843 "Enter block size to use for write calls ==>"); > 844 fflush(stdout); > 845 fgets(tmp_str,sizeof(tmp_str)-1,stdin); > >>> CID 1468689: (TAINTED_SCALAR) > >>> Passing tainted expression "tmp_str" to "fileio_str2size", which uses > >>> it as an offset. > 846 failed = fileio_str2size(tmp_str,&buf_size); > 847 if (failed) { > 848 printf("*** illegal block size, aborted\n"); > 849 } > 850 } > 851 > /testsuites/samples/fileio/init.c: 833 in fileio_write_file() > 827 */ > 828 if (!failed) { > 829 printf("use suffix K for Kbytes, M for Mbytes or no suffix > for bytes:\n" > 830 "Enter filesize to write ==>"); > 831 fflush(stdout); > 832 fgets(tmp_str,sizeof(tmp_str)-1,stdin); > >>> CID 1468689: (TAINTED_SCALAR) > >>> Passing tainted expression "tmp_str" to "fileio_str2size", which uses > >>> it as an offset. > 833 failed = fileio_str2size(tmp_str,&file_size); > 834 if (failed) { > 835 printf("*** illegal file size, aborted\n"); > 836 } > 837 } > 838 /* > > ** CID 1468687: Incorrect expression (COPY_PASTE_ERROR) > /testsuites/samples/paranoia/paranoia.c: 584 in paranoia() > > > ________________________________________________________________________________________________________ > *** CID 1468687: Incorrect expression (COPY_PASTE_ERROR) > /testsuites/samples/paranoia/paranoia.c: 584 in paranoia() > 578 Precision = Y; > 579 } > 580 if ((Precision != FLOOR (Precision)) || (Radix == One)) { > 581 printf ("Precision cannot be characterized by an > Integer number\n"); > 582 printf ("of significant digits but, by itself, this is > a minor flaw.\n"); > 583 } > >>> CID 1468687: Incorrect expression (COPY_PASTE_ERROR) > >>> "Radix" in "Radix == One" looks like a copy-paste error. > 584 if (Radix == One) > 585 printf ("logarithmic encoding has precision > characterized solely by U1.\n"); > 586 else > 587 printf ("The number of significant digits of the Radix > is %f .\n", > 588 Precision); > 589 TstCond (Serious, U2 * Nine * Nine * TwoForty < One, > > ** CID 1468686: Control flow issues (DEADCODE) > /testsuites/samples/fileio/init.c: 392 in create_ramdisk() > > > ________________________________________________________________________________________________________ > *** CID 1468686: Control flow issues (DEADCODE) > /testsuites/samples/fileio/init.c: 392 in create_ramdisk() > 386 { > 387 printf ("error: -b needs a size\n"); > 388 return 1; > 389 } > 390 block_size = parse_size_arg (argv[arg]); > 391 if (size == 0) > >>> CID 1468686: Control flow issues (DEADCODE) > >>> Execution cannot reach this statement: "return 1;". > 392 return 1; > 393 break; > 394 default: > 395 printf ("error: invalid option: %s\n", argv[arg]); > 396 return 1; > 397 } > > ** CID 1468685: Resource leaks (RESOURCE_LEAK) > /testsuites/samples/fileio/init.c: 163 in shell_nvdisk_trace() > > > ________________________________________________________________________________________________________ > *** CID 1468685: Resource leaks (RESOURCE_LEAK) > /testsuites/samples/fileio/init.c: 163 in shell_nvdisk_trace() > 157 return 1; > 158 } > 159 > 160 if (ioctl (fd, RTEMS_NVDISK_IOCTL_INFO_LEVEL, level) < 0) > 161 { > 162 printf ("error: driver set level failed: %s\n", strerror (errno)); > >>> CID 1468685: Resource leaks (RESOURCE_LEAK) > >>> Handle variable "fd" going out of scope leaks the handle. > 163 return 1; > 164 } > 165 > 166 close (fd); > 167 > 168 return 0; > > ** CID 1468679: Incorrect expression (NO_EFFECT) > /testsuites/samples/paranoia/paranoia.c: 1492 in paranoia() > > > ________________________________________________________________________________________________________ > *** CID 1468679: Incorrect expression (NO_EFFECT) > /testsuites/samples/paranoia/paranoia.c: 1492 in paranoia() > 1486 printf ("print out as Q = %.17e, Y = %.17e .\n", Q, Y2); > 1487 printf ("|Q - Y| = %.17e .\n", FABS (Q - Y2)); > 1488 UfThold = Q; > 1489 break; > 1490 > 1491 case 3: > >>> CID 1468679: Incorrect expression (NO_EFFECT) > >>> Assigning "X" to itself has no effect. > 1492 X = X; > 1493 break; > 1494 > 1495 case 4: > 1496 if ((Q == UfThold) && (E1 == E0) > 1497 && (FABS (UfThold - E1 / E9) <= E1)) { > > ** CID 1468677: Uninitialized variables (UNINIT) > /testsuites/samples/capture/test1.c: 78 in capture_CT1b() > > > ________________________________________________________________________________________________________ > *** CID 1468677: Uninitialized variables (UNINIT) > /testsuites/samples/capture/test1.c: 78 in capture_CT1b() > 72 static void > 73 capture_CT1b (rtems_task_argument arg) > 74 { > 75 volatile int i; > 76 > 77 while (!capture_CT1c_deleted) > >>> CID 1468677: Uninitialized variables (UNINIT) > >>> Using uninitialized value "i". > 78 i++; > 79 > 80 capture_CT1b_deleted = 1; > 81 > 82 rtems_task_exit(); > 83 } > > > ________________________________________________________________________________________________________ > To view the defects in Coverity Scan visit, > https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50ypUUzi-2FdSNmuyRB7BEFT8xQ4-2B8hpujh0hTgQljRGId4Dg-3D-3DhaSM_EU3W9teASMK00lBXX9WT4lsogDrkCcNZLvg-2FVxwAXMoyD0JEs4cQVPs7yModO9iS3KZmOTMtFerKpWJTESZ9XSy9bw2fNvjKFGKtVfArZIqrPcBx6KD5m2cYyPfuBRUlwl84oo0u5GaEKs-2FEiV5-2BOPirAYHmPdhb88irmeK9V0lU3GUWr0Z8zNQlCYoFZw1Rqng5dhEax-2FWHTiswmaiSJQ-3D-3D > > _______________________________________________ > build mailing list > bu...@rtems.org > http://lists.rtems.org/mailman/listinfo/build > _______________________________________________ > devel mailing list > devel@rtems.org > http://lists.rtems.org/mailman/listinfo/devel _______________________________________________ devel mailing list devel@rtems.org http://lists.rtems.org/mailman/listinfo/devel