Having recently updated my Clang/MinGW installation, I found quite a few
warnings being generated there. The attached addresses some of those for
core:
1. core.c:612:8: warning: Result of 'malloc' is converted to a pointer
of type 'struct libusb_device *', which is incompatible with sizeof
operand type 'void *'
ret = malloc(sizeof(void *) * (len + 1));
^~~~~~ ~~~~~~~~~~~~~~
False positive, but replacing the 'void *' with 'struct libusb_device *'
is a low risk change, since it's all pointers, so we might as well
silence that one.
2. core.c:700:11: warning: Memory is never released; potential leak of
memory pointed to by 'devs'
return LIBUSB_ERROR_OVERFLOW;
^~~~~~~~~~~~~~~~~~~~~
Actual issue. Now fixed.
3. descriptor.c:490:8: warning: Function call argument is an
uninitialized value
buf = malloc(_config->wTotalLength);
^ ~~~~~~~~~~~~~~~~~~~~~
False positive, since 'usbi_parse_descriptor(tmp, "bbw", _config,
host_endian);' should set _config->wTotalLength, but silencing that one
is also fairly safe by setting wTotalLength to zero before calling
parse_descriptors. Note that we also have to apply the same trick as
below as Clang then report an 'allocation size of 0 bytes' warning.
4. io.c:1869:8: warning: Call to 'malloc' has an allocation size of 0 bytes
fds = malloc(sizeof(*fds) * nfds);
^ ~~~~~~~~~~~~~~~~~~~
Not really an issue, but easy to silence with a conditional on nfds
being zero.
Unless someone has objections, I plan to apply this patch before the
1.0.12 release.
Now, I am still getting the following warnings, that look like false
positives, but that I have no clue how to address yet.
---------------------------------------------------------------------------
$ scan-build make
make all-recursive
make[1]: Entering directory `/d/libusbx'
Making all in libusb
make[2]: Entering directory `/d/libusbx/libusb'
CC libusb_1_0_la-core.lo
core.c:647:15: warning: Assigned value is garbage or undefined
while ((dev = list[i++]) != NULL)
^ ~~~~~~~~~
1 warning generated.
CC libusb_1_0_la-descriptor.lo
CC libusb_1_0_la-io.lo
io.c:1971:8: warning: Branch condition evaluates to a garbage value
if (!timerisset(&timeout))
^~~~~~~~~~~~~~~~~~~~
D:/Clang/bin/../lib/clang/3.2/../../../include\sys/time.h:15:27: note:
expanded from macro 'timerisset'
#define timerisset(tvp) ((tvp)->tv_sec || (tvp)->tv_usec)
^~~~~~~~~~~~~
1 warning generated.
CC libusb_1_0_la-sync.lo
CC libusb_1_0_la-poll_windows.lo
CC libusb_1_0_la-windows_usb.lo
D:\Clang\msys\1.0\bin\perl.exe: *** WFSO timed out
GEN libusb-1.0.lo
CC libusb_1_0_la-threads_windows.lo
CCLD libusb-1.0.la
Creating library file: .libs/libusb-1.0.dll.a
GEN libusb-1.0.dll
make[2]: Leaving directory `/d/libusbx/libusb'
---------------------------------------------------------------------------
We're also getting an awful lot of warnings when building the samples
due to libtool basically rewriting the source, and using that one for
compilation, which I'm not planning to address for now.
Regards,
/Pete
>From 9511100203557228a09bb101a144fef965e8f52a Mon Sep 17 00:00:00 2001
From: Pete Batard <p...@akeo.ie>
Date: Wed, 13 Jun 2012 13:33:00 +0100
Subject: [PATCH 1/2] Core: Fix Clang warnings
core.c:
* Result of 'malloc' is converted to a pointer of type 'struct libusb_device *',
which is incompatible with sizeof operand type 'void *'
* Memory is never released; potential leak of memory pointed to by 'devs'
descriptor.c:
* Function call argument is an uninitialized value
io.c:
* Call to 'malloc' has an allocation size of 0 bytes
---
libusb/core.c | 3 ++-
libusb/descriptor.c | 4 +++-
libusb/io.c | 5 +++--
3 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/libusb/core.c b/libusb/core.c
index b0fa1c0..0e95522 100644
--- a/libusb/core.c
+++ b/libusb/core.c
@@ -609,7 +609,7 @@ ssize_t API_EXPORTED libusb_get_device_list(libusb_context
*ctx,
/* convert discovered_devs into a list */
len = discdevs->len;
- ret = malloc(sizeof(void *) * (len + 1));
+ ret = malloc(sizeof(struct libusb_device *) * (len + 1));
if (!ret) {
len = LIBUSB_ERROR_NO_MEM;
goto out;
@@ -697,6 +697,7 @@ int API_EXPORTED libusb_get_port_path(libusb_context *ctx,
libusb_device *dev, u
break;
i--;
if (i < 0) {
+ libusb_free_device_list(devs, 1);
return LIBUSB_ERROR_OVERFLOW;
}
path[i] = dev->port_number;
diff --git a/libusb/descriptor.c b/libusb/descriptor.c
index 763f93c..0c5f51f 100644
--- a/libusb/descriptor.c
+++ b/libusb/descriptor.c
@@ -486,8 +486,10 @@ int API_EXPORTED
libusb_get_active_config_descriptor(libusb_device *dev,
if (r < 0)
goto err;
+ _config->wTotalLength = 0;
usbi_parse_descriptor(tmp, "bbw", _config, host_endian);
- buf = malloc(_config->wTotalLength);
+ if (_config->wTotalLength != 0)
+ buf = malloc(_config->wTotalLength);
if (!buf) {
r = LIBUSB_ERROR_NO_MEM;
goto err;
diff --git a/libusb/io.c b/libusb/io.c
index e81ca8b..bf5054f 100644
--- a/libusb/io.c
+++ b/libusb/io.c
@@ -1857,7 +1857,7 @@ static int handle_events(struct libusb_context *ctx,
struct timeval *tv)
int r;
struct usbi_pollfd *ipollfd;
POLL_NFDS_TYPE nfds = 0;
- struct pollfd *fds;
+ struct pollfd *fds = NULL;
int i = -1;
int timeout_ms;
@@ -1866,7 +1866,8 @@ static int handle_events(struct libusb_context *ctx,
struct timeval *tv)
nfds++;
/* TODO: malloc when number of fd's changes, not on every poll */
- fds = malloc(sizeof(*fds) * nfds);
+ if (nfds != 0)
+ fds = malloc(sizeof(*fds) * nfds);
if (!fds) {
usbi_mutex_unlock(&ctx->pollfds_lock);
return LIBUSB_ERROR_NO_MEM;
--
1.7.10.msysgit.1
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
libusbx-devel mailing list
libusbx-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/libusbx-devel
