From d9701e22b5b98fbc9915c319eb364a56652979bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Wed, 25 Nov 2020 12:45:47 +0100 Subject: [PATCH] Teach cppcheck that fatal() does not return cppcheck is not aware that the bin/dnssec/dnssectool.c:fatal() function does not return. This triggers certain cppcheck 2.2 false positives, for example: bin/dnssec/dnssec-signzone.c:3471:13: warning: Either the condition 'ndskeys==8' is redundant or the array 'dskeyfile[8]' is accessed at index 8, which is out of bounds. [arrayIndexOutOfBoundsCond] dskeyfile[ndskeys++] = isc_commandline_argument; ^ bin/dnssec/dnssec-signzone.c:3468:16: note: Assuming that condition 'ndskeys==8' is not redundant if (ndskeys == MAXDSKEYS) { ^ bin/dnssec/dnssec-signzone.c:3471:13: note: Array index out of bounds dskeyfile[ndskeys++] = isc_commandline_argument; ^ bin/dnssec/dnssec-signzone.c:772:20: warning: Either the condition 'l->hashbuf==NULL' is redundant or there is pointer arithmetic with NULL pointer. [nullPointerArithmeticRedundantCheck] memset(l->hashbuf + l->entries * l->length, 0, l->length); ^ bin/dnssec/dnssec-signzone.c:768:18: note: Assuming that condition 'l->hashbuf==NULL' is not redundant if (l->hashbuf == NULL) { ^ bin/dnssec/dnssec-signzone.c:772:20: note: Null pointer addition memset(l->hashbuf + l->entries * l->length, 0, l->length); ^ Instead of suppressing all such warnings individually, conditionally define a preprocessor macro which prevents them from being triggered. --- bin/dnssec/dnssec-keyfromlabel.c | 4 ---- bin/dnssec/dnssec-keygen.c | 2 -- bin/dnssec/dnssectool.h | 4 ++++ 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/bin/dnssec/dnssec-keyfromlabel.c b/bin/dnssec/dnssec-keyfromlabel.c index 81c6cc1037..bb94c98a18 100644 --- a/bin/dnssec/dnssec-keyfromlabel.c +++ b/bin/dnssec/dnssec-keyfromlabel.c @@ -362,7 +362,6 @@ main(int argc, char **argv) { setup_logging(mctx, &log); if (predecessor == NULL) { - /* cppcheck-suppress nullPointerRedundantCheck */ if (label == NULL) { fatal("the key label was not specified"); } @@ -384,7 +383,6 @@ main(int argc, char **argv) { isc_result_totext(ret)); } - /* cppcheck-suppress nullPointerRedundantCheck */ if (strchr(label, ':') == NULL) { char *l; int len; @@ -396,13 +394,11 @@ main(int argc, char **argv) { label = l; } - /* cppcheck-suppress nullPointerRedundantCheck */ if (algname == NULL) { fatal("no algorithm specified"); } r.base = algname; - /* cppcheck-suppress nullPointerRedundantCheck */ r.length = strlen(algname); ret = dns_secalg_fromtext(&alg, &r); if (ret != ISC_R_SUCCESS) { diff --git a/bin/dnssec/dnssec-keygen.c b/bin/dnssec/dnssec-keygen.c index 30e16fb87f..f16d98257b 100644 --- a/bin/dnssec/dnssec-keygen.c +++ b/bin/dnssec/dnssec-keygen.c @@ -1180,12 +1180,10 @@ main(int argc, char **argv) { } if (ctx.predecessor == NULL && ctx.policy == NULL) { - /* cppcheck-suppress nullPointerRedundantCheck */ if (algname == NULL) { fatal("no algorithm specified"); } r.base = algname; - /* cppcheck-suppress nullPointerRedundantCheck */ r.length = strlen(algname); ret = dns_secalg_fromtext(&ctx.alg, &r); if (ret != ISC_R_SUCCESS) { diff --git a/bin/dnssec/dnssectool.h b/bin/dnssec/dnssectool.h index bb18c69183..e0970e2ae6 100644 --- a/bin/dnssec/dnssectool.h +++ b/bin/dnssec/dnssectool.h @@ -43,8 +43,12 @@ extern uint8_t dtype[8]; typedef void(fatalcallback_t)(void); +#ifndef CPPCHECK ISC_NORETURN void fatal(const char *format, ...) ISC_FORMAT_PRINTF(1, 2); +#else /* CPPCHECK */ +#define fatal(...) exit(1) +#endif void setfatalcallback(fatalcallback_t *callback);