Commit 5fc81308 authored by Ondřej Surý's avatar Ondřej Surý

Merge branch '45-integrate-llvm-scan-build-to-gitlab-ci-workflow' into 'master'

Add LLVM/Clang scan-build checks into the GitLab CI

Closes #45

See merge request !2452
parents d2fdebe0 e9acad63
Pipeline #24757 passed with stages
in 1 minute and 57 seconds
...@@ -16,6 +16,8 @@ variables: ...@@ -16,6 +16,8 @@ variables:
TEST_PARALLEL_JOBS: 6 TEST_PARALLEL_JOBS: 6
MAKE: make MAKE: make
CONFIGURE: ./configure
SCAN_BUILD: scan-build-9
stages: stages:
- precheck - precheck
...@@ -88,7 +90,7 @@ stages: ...@@ -88,7 +90,7 @@ stages:
.debian-buster-amd64: &debian_buster_amd64_image .debian-buster-amd64: &debian_buster_amd64_image
image: "$CI_REGISTRY_IMAGE:debian-buster-amd64" image: "$CI_REGISTRY_IMAGE:debian-buster-amd64"
<<: *linux_i386 <<: *linux_amd64
.debian-sid-amd64: &debian_sid_amd64_image .debian-sid-amd64: &debian_sid_amd64_image
image: "$CI_REGISTRY_IMAGE:debian-sid-amd64" image: "$CI_REGISTRY_IMAGE:debian-sid-amd64"
...@@ -158,7 +160,7 @@ stages: ...@@ -158,7 +160,7 @@ stages:
expire_in: "1 week" expire_in: "1 week"
.configure: &configure | .configure: &configure |
./configure \ ${CONFIGURE} \
--disable-maintainer-mode \ --disable-maintainer-mode \
--enable-developer \ --enable-developer \
--with-libtool \ --with-libtool \
...@@ -507,6 +509,38 @@ unit:gcc:buster:amd64: ...@@ -507,6 +509,38 @@ unit:gcc:buster:amd64:
- gcc:buster:amd64 - gcc:buster:amd64
needs: ["gcc:buster:amd64"] needs: ["gcc:buster:amd64"]
# Jobs for scan-build builds on Debian Buster (amd64)
.scan_build: &scan_build |
${SCAN_BUILD} --html-title="BIND 9 ($CI_COMMIT_SHORT_SHA)" \
--keep-cc \
--status-bugs \
--keep-going \
-o scan-build.reports \
make -j${BUILD_PARALLEL_JOBS:-1} all V=1
scan-build:buster:amd64:
<<: *default_triggering_rules
<<: *debian_buster_amd64_image
stage: postcheck
variables:
CC: clang-9
CFLAGS: "-Wall -Wextra -O2 -g"
CONFIGURE: "${SCAN_BUILD} ./configure"
EXTRA_CONFIGURE: "--enable-dnstap --with-libidn2"
script:
- *configure
- *scan_build
dependencies:
- autoreconf:sid:amd64
needs:
- autoreconf:sid:amd64
artifacts:
paths:
- scan-build.reports/
expire_in: "1 week"
when: on_failure
# Jobs for regular GCC builds on Debian Sid (amd64) # Jobs for regular GCC builds on Debian Sid (amd64)
gcc:sid:amd64: gcc:sid:amd64:
......
...@@ -787,7 +787,10 @@ hashlist_comp(const void *a, const void *b) { ...@@ -787,7 +787,10 @@ hashlist_comp(const void *a, const void *b) {
static void static void
hashlist_sort(hashlist_t *l) { hashlist_sort(hashlist_t *l) {
qsort(l->hashbuf, l->entries, l->length, hashlist_comp); INSIST(l->hashbuf != NULL || l->length == 0);
if (l->length > 0) {
qsort(l->hashbuf, l->entries, l->length, hashlist_comp);
}
} }
static bool static bool
......
...@@ -135,14 +135,6 @@ EXTERN const char * named_g_defaultpidfile INIT(NAMED_LOCALSTATEDIR ...@@ -135,14 +135,6 @@ EXTERN const char * named_g_defaultpidfile INIT(NAMED_LOCALSTATEDIR
"/run/named.pid"); "/run/named.pid");
#endif #endif
#ifdef HAVE_DNSTAP
EXTERN const char * named_g_defaultdnstap
INIT(NAMED_LOCALSTATEDIR "/run/named/"
"dnstap.sock");
#else
EXTERN const char * named_g_defaultdnstap INIT(NULL);
#endif /* HAVE_DNSTAP */
EXTERN const char * named_g_username INIT(NULL); EXTERN const char * named_g_username INIT(NULL);
EXTERN const char * named_g_engine INIT(NULL); EXTERN const char * named_g_engine INIT(NULL);
......
...@@ -3473,7 +3473,7 @@ configure_dnstap(const cfg_obj_t **maps, dns_view_t *view) { ...@@ -3473,7 +3473,7 @@ configure_dnstap(const cfg_obj_t **maps, dns_view_t *view) {
isc_result_t result; isc_result_t result;
const cfg_obj_t *obj, *obj2; const cfg_obj_t *obj, *obj2;
const cfg_listelt_t *element; const cfg_listelt_t *element;
const char *dpath = named_g_defaultdnstap; const char *dpath;
const cfg_obj_t *dlist = NULL; const cfg_obj_t *dlist = NULL;
dns_dtmsgtype_t dttypes = 0; dns_dtmsgtype_t dttypes = 0;
unsigned int i; unsigned int i;
...@@ -8098,6 +8098,7 @@ load_configuration(const char *filename, named_server_t *server, ...@@ -8098,6 +8098,7 @@ load_configuration(const char *filename, named_server_t *server,
INSIST(result == ISC_R_SUCCESS); INSIST(result == ISC_R_SUCCESS);
CHECKM(setstring(server, &server->bindkeysfile, CHECKM(setstring(server, &server->bindkeysfile,
cfg_obj_asstring(obj)), "strdup"); cfg_obj_asstring(obj)), "strdup");
INSIST(server->bindkeysfile != NULL);
if (access(server->bindkeysfile, R_OK) == 0) { if (access(server->bindkeysfile, R_OK) == 0) {
isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL,
......
...@@ -59,7 +59,6 @@ named_paths_init(void) { ...@@ -59,7 +59,6 @@ named_paths_init(void) {
named_g_keyfile = isc_ntpaths_get(RNDC_KEY_PATH); named_g_keyfile = isc_ntpaths_get(RNDC_KEY_PATH);
named_g_defaultsessionkeyfile = isc_ntpaths_get(SESSION_KEY_PATH); named_g_defaultsessionkeyfile = isc_ntpaths_get(SESSION_KEY_PATH);
named_g_defaultbindkeys = isc_ntpaths_get(BIND_KEYS_PATH); named_g_defaultbindkeys = isc_ntpaths_get(BIND_KEYS_PATH);
named_g_defaultdnstap = NULL;
Initialized = TRUE; Initialized = TRUE;
} }
......
...@@ -146,12 +146,11 @@ query(void) { ...@@ -146,12 +146,11 @@ query(void) {
dns_fixedname_t name; dns_fixedname_t name;
dns_fixedname_t found; dns_fixedname_t found;
dns_db_t *db; dns_db_t *db;
char *s;
isc_buffer_t buffer; isc_buffer_t buffer;
isc_result_t result; isc_result_t result;
dns_rdataset_t rdataset; dns_rdataset_t rdataset;
dns_rdataset_t sigset; dns_rdataset_t sigset;
fd_set rfdset; fd_set rfdset = { { 0 } };
db = NULL; db = NULL;
result = dns_zone_getdb(zone, &db); result = dns_zone_getdb(zone, &db);
...@@ -166,7 +165,7 @@ query(void) { ...@@ -166,7 +165,7 @@ query(void) {
dns_rdataset_init(&sigset); dns_rdataset_init(&sigset);
do { do {
char *s;
fprintf(stdout, "zone_test "); fprintf(stdout, "zone_test ");
fflush(stdout); fflush(stdout);
FD_ZERO(&rfdset); FD_ZERO(&rfdset);
......
...@@ -99,6 +99,7 @@ add_name(struct dlz_example_data *state, struct record *list, ...@@ -99,6 +99,7 @@ add_name(struct dlz_example_data *state, struct record *list,
int first_empty = -1; int first_empty = -1;
for (i = 0; i < MAX_RECORDS; i++) { for (i = 0; i < MAX_RECORDS; i++) {
INSIST(list[i].name != NULL);
if (first_empty == -1 && strlen(list[i].name) == 0U) { if (first_empty == -1 && strlen(list[i].name) == 0U) {
first_empty = i; first_empty = i;
} }
......
...@@ -885,21 +885,12 @@ client_resfind(resctx_t *rctx, dns_fetchevent_t *event) { ...@@ -885,21 +885,12 @@ client_resfind(resctx_t *rctx, dns_fetchevent_t *event) {
* Otherwise, get some resource for copying the * Otherwise, get some resource for copying the
* result. * result.
*/ */
dns_name_t *aname = dns_fixedname_name(&rctx->name);
ansname = isc_mem_get(mctx, sizeof(*ansname)); ansname = isc_mem_get(mctx, sizeof(*ansname));
if (ansname == NULL) dns_name_init(ansname, NULL);
tresult = ISC_R_NOMEMORY;
else { (void)dns_name_dup(aname, mctx, ansname);
dns_name_t *aname;
aname = dns_fixedname_name(&rctx->name);
dns_name_init(ansname, NULL);
tresult = dns_name_dup(aname, mctx, ansname);
if (tresult != ISC_R_SUCCESS)
isc_mem_put(mctx, ansname,
sizeof(*ansname));
}
if (tresult != ISC_R_SUCCESS)
result = tresult;
} }
switch (result) { switch (result) {
......
...@@ -167,6 +167,7 @@ send_test(void **state) { ...@@ -167,6 +167,7 @@ send_test(void **state) {
cleanup(); cleanup();
result = dns_test_makeview("test", &view); result = dns_test_makeview("test", &view);
assert_int_equal(result, ISC_R_SUCCESS);
fopt = fstrm_iothr_options_init(); fopt = fstrm_iothr_options_init();
assert_non_null(fopt); assert_non_null(fopt);
...@@ -191,6 +192,7 @@ send_test(void **state) { ...@@ -191,6 +192,7 @@ send_test(void **state) {
memset(&zr, 0, sizeof(zr)); memset(&zr, 0, sizeof(zr));
isc_buffer_init(&zb, zone, sizeof(zone)); isc_buffer_init(&zb, zone, sizeof(zone));
result = dns_compress_init(&cctx, -1, dt_mctx); result = dns_compress_init(&cctx, -1, dt_mctx);
assert_int_equal(result, ISC_R_SUCCESS);
dns_compress_setmethods(&cctx, DNS_COMPRESS_NONE); dns_compress_setmethods(&cctx, DNS_COMPRESS_NONE);
result = dns_name_towire(zname, &cctx, &zb); result = dns_name_towire(zname, &cctx, &zb);
assert_int_equal(result, ISC_R_SUCCESS); assert_int_equal(result, ISC_R_SUCCESS);
......
...@@ -1499,7 +1499,7 @@ check_apex_rrsets(vctx_t *vctx) { ...@@ -1499,7 +1499,7 @@ check_apex_rrsets(vctx_t *vctx) {
* The variables to update are chosen based on 'is_ksk', which is true when * The variables to update are chosen based on 'is_ksk', which is true when
* 'dnskey' is a KSK and false otherwise. * 'dnskey' is a KSK and false otherwise.
*/ */
static isc_result_t static void
check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey, check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
dns_rdata_t *rdata, bool is_ksk) dns_rdata_t *rdata, bool is_ksk)
{ {
...@@ -1513,25 +1513,26 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey, ...@@ -1513,25 +1513,26 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
standby_keys = (is_ksk ? vctx->standby_ksk : vctx->standby_zsk); standby_keys = (is_ksk ? vctx->standby_ksk : vctx->standby_zsk);
goodkey = (is_ksk ? &vctx->goodksk : &vctx->goodzsk); goodkey = (is_ksk ? &vctx->goodksk : &vctx->goodzsk);
if (dns_dnssec_selfsigns(rdata, vctx->origin, &vctx->keyset, if (!dns_dnssec_selfsigns(rdata, vctx->origin, &vctx->keyset,
&vctx->keysigs, false, vctx->mctx)) &vctx->keysigs, false, vctx->mctx))
{ {
if (active_keys[dnskey->algorithm] != 255) { if (!is_ksk &&
active_keys[dnskey->algorithm]++; dns_dnssec_signs(rdata, vctx->origin, &vctx->soaset,
} &vctx->soasigs, false, vctx->mctx))
} else if (!is_ksk && {
dns_dnssec_signs(rdata, vctx->origin, &vctx->soaset, if (active_keys[dnskey->algorithm] != 255) {
&vctx->soasigs, false, vctx->mctx)) active_keys[dnskey->algorithm]++;
{ }
if (active_keys[dnskey->algorithm] != 255) { } else {
active_keys[dnskey->algorithm]++; if (standby_keys[dnskey->algorithm] != 255) {
} standby_keys[dnskey->algorithm]++;
return (ISC_R_SUCCESS); }
} else {
if (standby_keys[dnskey->algorithm] != 255) {
standby_keys[dnskey->algorithm]++;
} }
return (ISC_R_SUCCESS); return;
}
if (active_keys[dnskey->algorithm] != 255) {
active_keys[dnskey->algorithm]++;
} }
/* /*
...@@ -1540,7 +1541,7 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey, ...@@ -1540,7 +1541,7 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
*/ */
if (vctx->secroots == NULL) { if (vctx->secroots == NULL) {
*goodkey = true; *goodkey = true;
return (ISC_R_SUCCESS); return;
} }
/* /*
...@@ -1549,7 +1550,7 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey, ...@@ -1549,7 +1550,7 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
result = dns_dnssec_keyfromrdata(vctx->origin, rdata, vctx->mctx, result = dns_dnssec_keyfromrdata(vctx->origin, rdata, vctx->mctx,
&key); &key);
if (result != ISC_R_SUCCESS) { if (result != ISC_R_SUCCESS) {
return (result); goto cleanup;
} }
result = dns_keytable_findkeynode(vctx->secroots, vctx->origin, result = dns_keytable_findkeynode(vctx->secroots, vctx->origin,
...@@ -1560,10 +1561,6 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey, ...@@ -1560,10 +1561,6 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
* No such trust anchor. * No such trust anchor.
*/ */
if (result != ISC_R_SUCCESS) { if (result != ISC_R_SUCCESS) {
if (result == DNS_R_PARTIALMATCH || result == ISC_R_NOTFOUND) {
result = ISC_R_SUCCESS;
}
goto cleanup; goto cleanup;
} }
...@@ -1592,7 +1589,6 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey, ...@@ -1592,7 +1589,6 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
if (key != NULL) { if (key != NULL) {
dst_key_free(&key); dst_key_free(&key);
} }
return (ISC_R_SUCCESS);
} }
/*% /*%
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment