Commit 5fc81308 authored by Ondřej Surý's avatar Ondřej Surý

Merge branch '45-integrate-llvm-scan-build-to-gitlab-ci-workflow' into 'master'

Add LLVM/Clang scan-build checks into the GitLab CI

Closes #45

See merge request !2452
parents d2fdebe0 e9acad63
Pipeline #24757 passed with stages
in 1 minute and 57 seconds
......@@ -16,6 +16,8 @@ variables:
TEST_PARALLEL_JOBS: 6
MAKE: make
CONFIGURE: ./configure
SCAN_BUILD: scan-build-9
stages:
- precheck
......@@ -88,7 +90,7 @@ stages:
.debian-buster-amd64: &debian_buster_amd64_image
image: "$CI_REGISTRY_IMAGE:debian-buster-amd64"
<<: *linux_i386
<<: *linux_amd64
.debian-sid-amd64: &debian_sid_amd64_image
image: "$CI_REGISTRY_IMAGE:debian-sid-amd64"
......@@ -158,7 +160,7 @@ stages:
expire_in: "1 week"
.configure: &configure |
./configure \
${CONFIGURE} \
--disable-maintainer-mode \
--enable-developer \
--with-libtool \
......@@ -507,6 +509,38 @@ unit:gcc:buster:amd64:
- gcc:buster:amd64
needs: ["gcc:buster:amd64"]
# Jobs for scan-build builds on Debian Buster (amd64)
.scan_build: &scan_build |
${SCAN_BUILD} --html-title="BIND 9 ($CI_COMMIT_SHORT_SHA)" \
--keep-cc \
--status-bugs \
--keep-going \
-o scan-build.reports \
make -j${BUILD_PARALLEL_JOBS:-1} all V=1
scan-build:buster:amd64:
<<: *default_triggering_rules
<<: *debian_buster_amd64_image
stage: postcheck
variables:
CC: clang-9
CFLAGS: "-Wall -Wextra -O2 -g"
CONFIGURE: "${SCAN_BUILD} ./configure"
EXTRA_CONFIGURE: "--enable-dnstap --with-libidn2"
script:
- *configure
- *scan_build
dependencies:
- autoreconf:sid:amd64
needs:
- autoreconf:sid:amd64
artifacts:
paths:
- scan-build.reports/
expire_in: "1 week"
when: on_failure
# Jobs for regular GCC builds on Debian Sid (amd64)
gcc:sid:amd64:
......
......@@ -787,7 +787,10 @@ hashlist_comp(const void *a, const void *b) {
static void
hashlist_sort(hashlist_t *l) {
INSIST(l->hashbuf != NULL || l->length == 0);
if (l->length > 0) {
qsort(l->hashbuf, l->entries, l->length, hashlist_comp);
}
}
static bool
......
......@@ -135,14 +135,6 @@ EXTERN const char * named_g_defaultpidfile INIT(NAMED_LOCALSTATEDIR
"/run/named.pid");
#endif
#ifdef HAVE_DNSTAP
EXTERN const char * named_g_defaultdnstap
INIT(NAMED_LOCALSTATEDIR "/run/named/"
"dnstap.sock");
#else
EXTERN const char * named_g_defaultdnstap INIT(NULL);
#endif /* HAVE_DNSTAP */
EXTERN const char * named_g_username INIT(NULL);
EXTERN const char * named_g_engine INIT(NULL);
......
......@@ -3473,7 +3473,7 @@ configure_dnstap(const cfg_obj_t **maps, dns_view_t *view) {
isc_result_t result;
const cfg_obj_t *obj, *obj2;
const cfg_listelt_t *element;
const char *dpath = named_g_defaultdnstap;
const char *dpath;
const cfg_obj_t *dlist = NULL;
dns_dtmsgtype_t dttypes = 0;
unsigned int i;
......@@ -8098,6 +8098,7 @@ load_configuration(const char *filename, named_server_t *server,
INSIST(result == ISC_R_SUCCESS);
CHECKM(setstring(server, &server->bindkeysfile,
cfg_obj_asstring(obj)), "strdup");
INSIST(server->bindkeysfile != NULL);
if (access(server->bindkeysfile, R_OK) == 0) {
isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL,
......
......@@ -59,7 +59,6 @@ named_paths_init(void) {
named_g_keyfile = isc_ntpaths_get(RNDC_KEY_PATH);
named_g_defaultsessionkeyfile = isc_ntpaths_get(SESSION_KEY_PATH);
named_g_defaultbindkeys = isc_ntpaths_get(BIND_KEYS_PATH);
named_g_defaultdnstap = NULL;
Initialized = TRUE;
}
......
......@@ -146,12 +146,11 @@ query(void) {
dns_fixedname_t name;
dns_fixedname_t found;
dns_db_t *db;
char *s;
isc_buffer_t buffer;
isc_result_t result;
dns_rdataset_t rdataset;
dns_rdataset_t sigset;
fd_set rfdset;
fd_set rfdset = { { 0 } };
db = NULL;
result = dns_zone_getdb(zone, &db);
......@@ -166,7 +165,7 @@ query(void) {
dns_rdataset_init(&sigset);
do {
char *s;
fprintf(stdout, "zone_test ");
fflush(stdout);
FD_ZERO(&rfdset);
......
......@@ -99,6 +99,7 @@ add_name(struct dlz_example_data *state, struct record *list,
int first_empty = -1;
for (i = 0; i < MAX_RECORDS; i++) {
INSIST(list[i].name != NULL);
if (first_empty == -1 && strlen(list[i].name) == 0U) {
first_empty = i;
}
......
......@@ -885,21 +885,12 @@ client_resfind(resctx_t *rctx, dns_fetchevent_t *event) {
* Otherwise, get some resource for copying the
* result.
*/
ansname = isc_mem_get(mctx, sizeof(*ansname));
if (ansname == NULL)
tresult = ISC_R_NOMEMORY;
else {
dns_name_t *aname;
dns_name_t *aname = dns_fixedname_name(&rctx->name);
aname = dns_fixedname_name(&rctx->name);
ansname = isc_mem_get(mctx, sizeof(*ansname));
dns_name_init(ansname, NULL);
tresult = dns_name_dup(aname, mctx, ansname);
if (tresult != ISC_R_SUCCESS)
isc_mem_put(mctx, ansname,
sizeof(*ansname));
}
if (tresult != ISC_R_SUCCESS)
result = tresult;
(void)dns_name_dup(aname, mctx, ansname);
}
switch (result) {
......
......@@ -167,6 +167,7 @@ send_test(void **state) {
cleanup();
result = dns_test_makeview("test", &view);
assert_int_equal(result, ISC_R_SUCCESS);
fopt = fstrm_iothr_options_init();
assert_non_null(fopt);
......@@ -191,6 +192,7 @@ send_test(void **state) {
memset(&zr, 0, sizeof(zr));
isc_buffer_init(&zb, zone, sizeof(zone));
result = dns_compress_init(&cctx, -1, dt_mctx);
assert_int_equal(result, ISC_R_SUCCESS);
dns_compress_setmethods(&cctx, DNS_COMPRESS_NONE);
result = dns_name_towire(zname, &cctx, &zb);
assert_int_equal(result, ISC_R_SUCCESS);
......
......@@ -1499,7 +1499,7 @@ check_apex_rrsets(vctx_t *vctx) {
* The variables to update are chosen based on 'is_ksk', which is true when
* 'dnskey' is a KSK and false otherwise.
*/
static isc_result_t
static void
check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
dns_rdata_t *rdata, bool is_ksk)
{
......@@ -1513,25 +1513,26 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
standby_keys = (is_ksk ? vctx->standby_ksk : vctx->standby_zsk);
goodkey = (is_ksk ? &vctx->goodksk : &vctx->goodzsk);
if (dns_dnssec_selfsigns(rdata, vctx->origin, &vctx->keyset,
if (!dns_dnssec_selfsigns(rdata, vctx->origin, &vctx->keyset,
&vctx->keysigs, false, vctx->mctx))
{
if (active_keys[dnskey->algorithm] != 255) {
active_keys[dnskey->algorithm]++;
}
} else if (!is_ksk &&
if (!is_ksk &&
dns_dnssec_signs(rdata, vctx->origin, &vctx->soaset,
&vctx->soasigs, false, vctx->mctx))
{
if (active_keys[dnskey->algorithm] != 255) {
active_keys[dnskey->algorithm]++;
}
return (ISC_R_SUCCESS);
} else {
if (standby_keys[dnskey->algorithm] != 255) {
standby_keys[dnskey->algorithm]++;
}
return (ISC_R_SUCCESS);
}
return;
}
if (active_keys[dnskey->algorithm] != 255) {
active_keys[dnskey->algorithm]++;
}
/*
......@@ -1540,7 +1541,7 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
*/
if (vctx->secroots == NULL) {
*goodkey = true;
return (ISC_R_SUCCESS);
return;
}
/*
......@@ -1549,7 +1550,7 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
result = dns_dnssec_keyfromrdata(vctx->origin, rdata, vctx->mctx,
&key);
if (result != ISC_R_SUCCESS) {
return (result);
goto cleanup;
}
result = dns_keytable_findkeynode(vctx->secroots, vctx->origin,
......@@ -1560,10 +1561,6 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
* No such trust anchor.
*/
if (result != ISC_R_SUCCESS) {
if (result == DNS_R_PARTIALMATCH || result == ISC_R_NOTFOUND) {
result = ISC_R_SUCCESS;
}
goto cleanup;
}
......@@ -1592,7 +1589,6 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
if (key != NULL) {
dst_key_free(&key);
}
return (ISC_R_SUCCESS);
}
/*%
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment