From a3cf7c0f87f060b62f82fc397b92eec6e54ac0ef Mon Sep 17 00:00:00 2001 From: Ezra Peisach Date: Wed, 25 Apr 2001 17:33:13 +0000 Subject: [PATCH] * Makefile.in: Add lclint support * dyn.h: Lclint annotate functions. * dyn_create.c (DynCreate): Do not assume that malloc(0) is valid and returns a valid pointer. Fix memory leak if malloc fails. * dyn_realloc.c (_DynResize): Turn off warning of shifting a signed variable. * test.c: Check the return values of all library calls. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13191 dc483132-0cff-0310-8789-dd5450dbe970 --- src/util/dyn/ChangeLog | 14 ++++++++ src/util/dyn/Makefile.in | 18 +++++++++++ src/util/dyn/dyn.h | 13 ++++---- src/util/dyn/dyn_create.c | 12 ++++--- src/util/dyn/dyn_realloc.c | 2 ++ src/util/dyn/test.c | 65 ++++++++++++++++++++++++++++++-------- 6 files changed, 100 insertions(+), 24 deletions(-) diff --git a/src/util/dyn/ChangeLog b/src/util/dyn/ChangeLog index f16c5ee3e..8e9df29cc 100644 --- a/src/util/dyn/ChangeLog +++ b/src/util/dyn/ChangeLog @@ -1,3 +1,17 @@ +2001-04-25 Ezra Peisach + + * Makefile.in: Add lclint support. + + * dyn.h: Lclint annotate functions. + + * dyn_create.c (DynCreate): Do not assume that malloc(0) is valid + and returns a valid pointer. Fix memory leak if malloc fails. + + * dyn_realloc.c (_DynResize): Turn off warning of shifting a + signed variable. + + * test.c: Check the return values of all library calls. + Thu Nov 9 15:31:31 2000 Ezra Peisach * dyn_create.c (DynCopy): Arguments to memcpy were reversed. Found diff --git a/src/util/dyn/Makefile.in b/src/util/dyn/Makefile.in index 850d36504..e189f3895 100644 --- a/src/util/dyn/Makefile.in +++ b/src/util/dyn/Makefile.in @@ -67,3 +67,21 @@ check-windows:: clean-mac:: clean-windows:: +# /u1/kr/lclint-2.5m/bin/lclint -warnposix -D__sparc +LCLINT=lclint +# +posixlib gets more complete errno list than ansilib +# -usedef turns off bogus warnings from poor dataflow analysis (should be +# redundant with gcc warnings anyways) +# -warnposix +# +charintliteral +# +ignoresigns +# -predboolint +# -exportlocal +# -retvalint allow ignoring of int return values (e.g., fputs) +LCLINTOPTS=+posixlib \ + +ignoresigns -predboolint \ + +mod-uncon +modinternalstrict +modfilesys \ + -expect 2 + +do-lclint: $(SRCS) + $(LCLINT) $(LCLINTOPTS) $(LOCALINCLUDES) $(DEFS) $(SRCS) $(srcdir)/test.c diff --git a/src/util/dyn/dyn.h b/src/util/dyn/dyn.h index f884588de..267d758dd 100644 --- a/src/util/dyn/dyn.h +++ b/src/util/dyn/dyn.h @@ -37,20 +37,21 @@ typedef struct _DynObject { #define DYN_BADVALUE -1003 /* Function declarations */ -#ifdef __STDC__ +#if defined(__STDC__) || defined(__LCLINT__) #define P(args) args #else #define P(args) () #endif /* __STDC__ */ -DynObject DynCreate P((int el_size, int inc)), DynCopy P((DynObject obj)); -int DynDestroy P((DynObject obj)), DynRelease P((DynObject obj)); +/*@null@*//*@only@*/ DynObject DynCreate P((int el_size, int inc)); +/*@null@*//*@only@*/ DynObject DynCopy P((DynObject obj)); +int DynDestroy P((/*@only@*/DynObject obj)), DynRelease P((DynObject obj)); int DynAdd P((DynObject obj, void *el)); int DynPut P((DynObject obj, void *el, int idx)); -int DynInsert P((DynObject obj, int idx, void *els, int num)); +int DynInsert P((DynObject obj, int idx, /*@observer@*/void *els, int num)); int DynDelete P((DynObject obj, int idx)); -DynPtr DynGet P((DynObject obj, int num)); -DynPtr DynArray P((DynObject obj)); +/*@dependent@*//*@null@*/ DynPtr DynGet P((DynObject obj, int num)); +/*@observer@*/ DynPtr DynArray P((DynObject obj)); int DynDebug P((DynObject obj, int state)); int DynParanoid P((DynObject obj, int state)); int DynInitzero P((DynObject obj, int state)); diff --git a/src/util/dyn/dyn_create.c b/src/util/dyn/dyn_create.c index ec2ba6296..01d1ad4bd 100644 --- a/src/util/dyn/dyn_create.c +++ b/src/util/dyn/dyn_create.c @@ -32,11 +32,13 @@ DynObjectP DynCreate(el_size, inc) if (obj == NULL) return NULL; -#ifdef USE_DBMALLOC obj->array = (DynPtr) malloc(1); -#else - obj->array = (DynPtr) malloc(0); -#endif + if (obj->array == NULL) { + free(obj); + return NULL; + } + obj->array[0] = '\0'; + obj->el_size = el_size; obj->num_el = obj->size = 0; obj->debug = obj->paranoid = 0; @@ -74,7 +76,7 @@ DynObjectP DynCopy(obj) } int DynDestroy(obj) - DynObjectP obj; + /*@only@*/DynObjectP obj; { if (obj->paranoid) { if (obj->debug) diff --git a/src/util/dyn/dyn_realloc.c b/src/util/dyn/dyn_realloc.c index 229dde08f..97b3d998f 100644 --- a/src/util/dyn/dyn_realloc.c +++ b/src/util/dyn/dyn_realloc.c @@ -34,8 +34,10 @@ int _DynResize(obj, req) else size = obj->size; + /*@-shiftsigned@*/ while (size <= req) size <<= 1; + /*@=shiftsigned@*/ return _DynRealloc(obj, size); } diff --git a/src/util/dyn/test.c b/src/util/dyn/test.c index 9ac1d0157..8282c6079 100644 --- a/src/util/dyn/test.c +++ b/src/util/dyn/test.c @@ -30,9 +30,10 @@ static char insert3[] = " This follows the random string."; int main(argc, argv) - int argc; - char **argv; +/*@unused@*/int argc; +/*@unused@*/char **argv; { + /*@-exitarg@*/ DynObject obj; int i, s; char d, *data; @@ -50,16 +51,25 @@ main(argc, argv) o_size = malloc_inuse(&hist1); #endif + /*@+matchanyintegral@*/ obj = DynCreate(sizeof(char), -8); if (! obj) { fprintf(stderr, "test: create failed.\n"); exit(1); } - DynDebug(obj, 1); - DynParanoid(obj, 1); + if(DynDebug(obj, 1) != DYN_OK) { + fprintf(stderr, "test: setting paranoid failed.\n"); + exit(1); + } + if(DynParanoid(obj, 1) != DYN_OK) { + fprintf(stderr, "test: setting paranoid failed.\n"); + exit(1); + } + - if (DynGet(obj, -5) || DynGet(obj, 0) || DynGet(obj, 1000)) { + if ((DynGet(obj, -5) != NULL) || + (DynGet(obj, 0) != NULL) || (DynGet(obj, 1000) != NULL)) { fprintf(stderr, "test: Get did not fail when it should have.\n"); exit(1); } @@ -96,19 +106,27 @@ main(argc, argv) exit(1); } - d = 200; + d = '\200'; if (DynAdd(obj, &d) != DYN_OK) { fprintf(stderr, "test: Adding %d failed.\n", i); exit(1); } data = (char *) DynGet(obj, 0); + if(data == NULL) { + fprintf(stderr, "test: getting object 0 failed.\n"); + exit(1); + } s = DynSize(obj); for (i=0; i < s; i++) - printf("Element %d is %d.\n", i, (unsigned char) data[i]); + printf("Element %d is %d.\n", i, (int) data[i]); data = (char *) DynGet(obj, 13); - printf("Element 13 is %d.\n", (unsigned char) *data); + if(data == NULL) { + fprintf(stderr, "test: getting element 13 failed.\n"); + exit(1); + } + printf("Element 13 is %d.\n", (int) *data); data = (char *) DynGet(obj, DynSize(obj)); if (data) { @@ -116,7 +134,12 @@ main(argc, argv) exit(1); } - printf("This should be the random string: \"%s\"\n", DynGet(obj, 14)); + data = DynGet(obj, 14); + if(data == NULL) { + fprintf(stderr, "test: getting element 13 failed.\n"); + exit(1); + } + printf("This should be the random string: \"%s\"\n", data); if (DynInsert(obj, -1, "foo", 4) != DYN_BADINDEX || DynInsert(obj, DynSize(obj) + 1, "foo", 4) != DYN_BADINDEX || @@ -141,11 +164,26 @@ main(argc, argv) exit(1); } - printf("A new random string: \"%s\"\n", DynGet(obj, 14 + - strlen(insert1) + 1)); - printf("This was put at the beginning: \"%s\"\n", DynGet(obj, 0)); + data = DynGet(obj, 14 + strlen(insert1) + 1); + if (data == NULL) { + fprintf(stderr, "DynGet of 14+strelen(insert1) failed.\n"); + exit(1); + + } + printf("A new random string: \"%s\"\n", data); + + data = DynGet(obj, 0); + if (data == NULL) { + fprintf(stderr, "DynGet of 0 failed.\n"); + exit(1); + + } + printf("This was put at the beginning: \"%s\"\n", data); - DynDestroy(obj); + if(DynDestroy(obj) != DYN_OK) { + fprintf(stderr, "test: destroy failed.\n"); + exit(1); + } #ifdef _DEBUG_MALLOC_INC c_size = malloc_inuse(&hist2); @@ -156,6 +194,7 @@ main(argc, argv) } #endif + printf("All tests pass\n"); return 0; } -- 2.26.2