This started as another false positive from coverity.
Adding the assertion placates the tool.
I could have added an always-false conjunct:
if (p && p[1])
but the assertion seems cleaner.
>From c8adbe8cf03a044f3e23fada862700e20bcc5d54 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyer...@redhat.com>
Date: Wed, 25 May 2011 21:35:50 +0200
Subject: [PATCH] shred: placate coverity and fix a comment
* src/shred.c (incname): Add an assertion to tell static analyzers
that we know this particular use of strchr never returns NULL.
Finish incomplete sentence in function-describing comment.
---
src/shred.c | 10 +++++++---
1 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/src/shred.c b/src/shred.c
index d8b33e7..ecb27b8 100644
--- a/src/shred.c
+++ b/src/shred.c
@@ -907,9 +907,9 @@ static char const nameset[] =
"0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_.";
/* Increment NAME (with LEN bytes). NAME must be a big-endian base N
- number with the digits taken from nameset. Return true if
- successful if not (because NAME already has the greatest possible
- value. */
+ number with the digits taken from nameset. Return true if successful.
+ Otherwise, (because NAME already has the greatest possible value)
+ return false. */
static bool
incname (char *name, size_t len)
@@ -918,6 +918,10 @@ incname (char *name, size_t len)
{
char const *p = strchr (nameset, name[len]);
+ /* Given that NAME is composed of bytes from NAMESET,
+ P will never be NULL here. */
+ assert (p);
+
/* If this character has a successor, use it. */
if (p[1])
{
--
1.7.5.2.660.g9f46c
