PVS-Studio vs IEC SDK

PVS-Studio vs IEC SDK

I checked the IEC SDK project using the PVS-Studio static code analyzer. I just glanced through the code but managed to find a few obviously odd fragments. Below I will cite the analyzer-generated messages I have studied and the corresponding code fragments. I hope this will help to improve the project a bit. You may review other odd fragments by downloading PVS-Studio from here.

I can also give you a registration key for some time. You are welcome to ask questions here: feedback

----------------------
V512 A call of the 'memset' function will lead to underflow of the buffer '(pl_cvt_buffer)'. pl_csv_logger productivity_link_helper.c 683

#define PL_MAX_PATH 255
typedef WCHAR TCHAR, *PTCHAR;
TCHAR pl_cvt_buffer[PL_MAX_PATH] = { '\\0' };

int plh_read_pl_config_ini_file(...)
{
  ...
  ZeroMemory(
    pl_cvt_buffer, 
    PL_MAX_PATH
  );
  ...
}

And here:
V512 A call of the 'memset' function will lead to underflow of the buffer '(pl_cvt_buffer)'. pl_csv_logger productivity_link_helper.c 714
V512 A call of the 'memset' function will lead to underflow of the buffer '(pl_cvt_buffer)'. pl_csv_logger productivity_link_helper.c 745
V512 A call of the 'memset' function will lead to underflow of the buffer '(pl_cvt_buffer)'. pl_csv_logger productivity_link_helper.c 789
V512 A call of the 'memset' function will lead to underflow of the buffer '(pl_cvt_buffer)'. pl_csv_logger productivity_link_helper.c 1247
V512 A call of the 'memset' function will lead to underflow of the buffer '(pl_cvt_buffer)'. pl_csv_logger productivity_link_helper.c 1279
V512 A call of the 'memset' function will lead to underflow of the buffer '(pl_cvt_buffer)'. pl_csv_logger productivity_link_helper.c 1311
V512 A call of the 'memset' function will lead to underflow of the buffer '(pl_cvt_buffer)'. pl_csv_logger productivity_link_helper.c 1374
V512 A call of the 'memset' function will lead to underflow of the buffer '(pl_cvt_buffer)'. pl_csv_logger productivity_link.c 11466
----------------------
V568 It's odd that the argument of sizeof() operator is the '& file_data' expression. pl_csv_logger productivity_link_helper.c 1667

int plh_read_pl_folder(PPLH_PL_FOLDER_INFO pconfig) {
  ...
  WIN32_FIND_DATA file_data;
  ...
  memset(
    &file_data, 
    0, 
    sizeof(&file_data)
  );
  ...
}

Need: sizeof(file_data)

And here:
V568 It's odd that the argument of sizeof() operator is the '& file_data' expression. pl_csv_logger productivity_link_helper.c 1831
----------------------
V512 A call of the 'memset' function will lead to underflow of the buffer 'pconfig'. pl_csv_logger productivity_link_helper.c 1806

typedef struct _plh_dynamic_pl_folder_info {
...
} PLH_DYNAMIC_PL_FOLDER_INFO, *PPLH_DYNAMIC_PL_FOLDER_INFO;

int plh_dynamic_read_pl_folder(PPLH_DYNAMIC_PL_FOLDER_INFO pconfig) {
  ...
  memset(
    pconfig, 
    0, 
    sizeof(pconfig)
  );
  ...
}

Need: sizeof(*pconfig)
----------------------
V512 A call of the 'memset' function will lead to underflow of the buffer 'temp'. core_api_unit_tests unit_tests_tools.c 379

void plt_tools_get_pl_config_full_file_name(char *buffer) {
  ...
  char temp[PL_MAX_PATH] = { '\\0' };
  ...
  memset(
    temp, 
    0, 
    sizeof(buffer)
  );
  ...
}

Need: sizeof(temp)
----------------------
V576 Incorrect format. Consider checking the second actual argument of the 'wprintf' function. The pointer to string of wchar_t type symbols is expected. producer producer.c 166

int main(void) {
  ...
  char *p = NULL;
  ...
  wprintf(
    _T("Using power link directory: %s\\n"), 
    p
  );
  ...
}

Need use printf() or convert p.
----------------------
V557 Array overrun is possible. The '255' index is pointing beyond array bound. pl2ganglia pl2ganglia.c 1114

#define PL_MAX_PATH 255
#define PL2GANFLIA_COUNTER_MAX_LENGTH PL_MAX_PATH

char name[PL_MAX_PATH];

int main(int argc, char *argv[]) {
  ...
  p->pl_counters_data[i].name[
    PL2GANFLIA_COUNTER_MAX_LENGTH
  ] = '\\0';
  ...
}

Need:
p->pl_counters_data[i].name[
  PL2GANFLIA_COUNTER_MAX_LENGTH - 1
] = '\\0';

And here:
V557 Array overrun is possible. The '255' index is pointing beyond array bound. pl2ganglia pl2ganglia.c 1134
----------------------
V576 Incorrect format. A different number of actual arguments is expected while calling 'printf' function. Expected: 2. Present: 3. uuid_variant_sample uuid_variant_sample.c 259

int main(void) {
  ...
  printf(
    "Attach to [%s] Has Failed Possibly Because of a platform UUID variant.\\n",
    pl_config_file_name,
    pld
  );
  ...
}

Need add "%i" or delete "pld" argument.
----------------------
V571 Recurring check. The 'if (ret == PL_FAILURE)' condition was already verified in line 1008. pl_csv_logger pl_csv_logger.c 1009

int main(int argc, char *argv[]) {
  ...
  if(ret == PL_FAILURE) {
    if(ret == PL_FAILURE) {
      pl_csv_logger_error(
        PL_CSV_LOGGER_ERROR_UNABLE_TO_READ_PL
    );
  ...
}
----------------------
publicaciones de 3 / 0 nuevos
Último envío
Para obtener más información sobre las optimizaciones del compilador, consulte el aviso sobre la optimización.

Hi Andrey,Thank you for bringing this to our attention. I will look into each of them and bring corrective actions when required.Best regards,-Jamel

Hi Andrey,

Thank you for letting me using
your analyzer to improve the quality of our code.

It was a great experience
and really appreciated the insight provided by your SW.

I got some great catches!

All the changes I mad will
be incorporated into our next refresh.

Merci,

-Jamel

Deje un comentario

Por favor inicie sesión para agregar un comentario. ¿No es socio? Únase ya