Hi Mike,
Le 30 déc. 2013 à 22:01, Mike Sullivan <address@hidden> a écrit :
I'm looking at updating the bison in Solaris and one of the requirements
is to run an internal tool (parfait) on it to check for problems. It seems
to have found that while symbol_list_n_get() can return NULL, there are
a few callers that just dereference the return value and don't check for that.
Here's the output from a run on 2.7.1, but it looks like 3.0.2 hasn't changed
in that respect:
Error: Null pointer dereference (CWE 476)
Write to null pointer symbol_list_n_get(effective_rule, n)
at line 798 of
components/bison/build/amd64/src/../../../src/scan-code.l in function
'handle_action_dollar'.
Function symbol_list_n_get may return constant 'NULL' at line 193,
called at line 798.
Null pointer introduced at line 193 of
components/bison/build/amd64/src/symlist.c in function 'symbol_list_n_get'.
Error: Null pointer dereference (CWE 476)
Read from null pointer symbol_list_n_get(...)
at line 268 of components/bison/build/amd64/src/reader.c in function
'symbol_should_be_used'.
Function symbol_list_n_get may return constant 'NULL' at line 193,
called at line 268.
Null pointer introduced at line 193 of
components/bison/build/amd64/src/symlist.c in function 'symbol_list_n_get'.
Error: Null pointer dereference (CWE 476)
Read from null pointer symbol_list_n_get(...)
at line 536 of components/bison/build/amd64/src/reader.c in function
'packgram'.
Function symbol_list_n_get may return constant 'NULL' at line 193,
called at line 536.
Null pointer introduced at line 193 of
components/bison/build/amd64/src/symlist.c in function 'symbol_list_n_get'.
from a quick look it does appear to be correct, but I don't know if at the
times those calls occur that a NULL would ever really be returned. So they
could be false positives, but it seems worth reporting just in case :)
Thanks for the report. Well, it's good if that's the only
things the tool sees, since I guess it means it also validated
our grammar parser which is written in Bison, so in a way, it
also validated (some of) our generated parsers.
I'm about to install the following patch to address this issue.
Thanks a lot.