Issues with cppcheck 2.3
cppcheck 2.3 is now available, but, as usually, it comes with a set of problems. IMHO we should skip updating to this version for the time being and here is why.
Upstream commit bd7e915c208219d6a5e3efca40168d31f9c0248c is the primary culprit this time around. It causes two types of problems:
lib/dns/ttl.c:76:13: warning: Either the condition 'weeks!=0' is redundant or there is division by zero at line 76. [zerodivcond]
secs = src % 60;
^
lib/dns/ttl.c:89:12: note: Assuming that condition 'weeks!=0' is not redundant
if (weeks != 0) {
^
lib/dns/ttl.c:84:10: note: Assignment to 'weeks=src'
weeks = src;
^
lib/dns/ttl.c:83:2: note: Compound assignment '/=', assigned value is 0
src /= 7;
^
lib/dns/ttl.c:81:2: note: Compound assignment '/=', assigned value is 0
src /= 24;
^
lib/dns/ttl.c:79:2: note: Compound assignment '/=', assigned value is 0
src /= 60;
^
lib/dns/ttl.c:79:9: note: Assignment to 'src/=60'
src /= 60;
^
lib/dns/ttl.c:76:13: note: Division by zero
secs = src % 60;
^
This is pretty obvious nonsense. I reported it upstream because it is still not addressed in cppcheck's development branch. Working around this would involve adding inline suppressions or reworking 20-year code. Neither of these options sounds reasonable to me at this point.
lib/dns/spnego.c:1591:52: warning: Either the condition 'if(buf)' is redundant or there is pointer arithmetic with NULL pointer. [nullPointerArithmeticRedundantCheck]
ret = gssapi_spnego_encapsulate(minor_status, buf + buf_size - len, len,
^
lib/dns/spnego.c:1606:5: note: Assuming that condition 'if(buf)' is not redundant
if (buf) {
^
lib/dns/spnego.c:1591:52: note: Null pointer addition
ret = gssapi_spnego_encapsulate(minor_status, buf + buf_size - len, len,
^
This seems to only be reported for v9.16 / v9.16-S. This report
is also wrong because a quick look at the goto
statements above the
flagged piece of code clearly tells that buf
cannot be NULL
where
cppcheck things it might be.
Upstream commit da1375c9a3f3a3b7eae7aece5e2ba03e59973aa0 from cppcheck's development branch addresses this, so it will not be flagged by future cppcheck releases.
cppcheck 2.3 also started reporting the following false positive for ~"v9.11" / ~"v9.11-S":
lib/isc/mem.c:697:43: warning: Either the condition 'ret!=NULL' is redundant or there is possible null pointer dereference: ctx->freelists[new_size]. [nullPointerRedundantCheck]
ctx->freelists[new_size] = ctx->freelists[new_size]->next;
^
lib/isc/mem.c:714:10: note: Assuming that condition 'ret!=NULL' is not redundant
if (ret != NULL)
^
lib/isc/mem.c:696:22: note: Assignment to 'ret=ctx->freelists[new_size]'
ret = ctx->freelists[new_size];
^
lib/isc/mem.c:697:43: note: Null pointer dereference
ctx->freelists[new_size] = ctx->freelists[new_size]->next;
^
This report was already triggered for other branches before (#1969 (closed)), the relevant fix (commit 0cf25d7f) was simply not backported to ~"v9.11" / ~"v9.11-S".
All in all, I would wait for cppcheck 2.4, hoping that it will be able
to properly process lib/dns/ttl.c
.