Am 12.09.2012 16:22, schrieb Stefan Krah:
> This is a false positive:
>
> Assumption: string == ""
>
> Call: PyLong_FromString("", NULL, (int)base);
>
> Now: str == ""
>
> Coverity claims an invalid access at str[1]:
>
> if (str[0] == '0' &&
> ((base == 16 && (str[1] == 'x' || str[1] == 'X')) ||
> (base == 8 && (str[1] == 'o' || str[1] == 'O')) ||
> (base == 2 && (str[1] == 'b' || str[1] == 'B'))))
>
> But str[1] is never accessed due to shortcut evaluation.
>
>
> Coverity appears to have serious problems with shortcut evaluations in many
> places.
You might be right. But did you notice that there is much more code
beyond the large comment block in PyLong_FromString()? There might be
other code paths that push str beyond its limit.
My change adds an early opt out in an error case and doesn't cause a
performance degradation. I'd have no hard feeling if you'd prefer a
revert but I'd keep the modification as it causes no harm.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4