aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2008-10-17 06:03:37 +0000
committerDaniel Stenberg <daniel@haxx.se>2008-10-17 06:03:37 +0000
commita0d906739d5fc9c612f57da187875d1abfc33e63 (patch)
treef0a883745bd31e936ff2d731c048873e2daae9b9
parent98b13037e7a853d28d34a49f5d01b60480a67957 (diff)
After having studied one of the coverity.com reports at length last night, I
decided it was a good idea to properly document my thoughts in a comment near the code that was identified as a possible flaw. A false positive as far as I can see.
-rw-r--r--src/main.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/src/main.c b/src/main.c
index 949fc2ff8..7de7e42d9 100644
--- a/src/main.c
+++ b/src/main.c
@@ -4240,6 +4240,13 @@ operate(struct Configurable *config, int argc, argv_item_t argv[])
for(i = 0;
(url = urls?glob_next_url(urls):(i?NULL:strdup(url)));
i++) {
+ /* NOTE: In the condition expression in the for() statement above, the
+ 'url' variable is only ever strdup()ed if (i == 0) and thus never
+ when this loops later on. Further down in this function we call
+ free(url) and then the code loops. Static code parsers may thus get
+ tricked into believing that we have a potential access-after-free
+ here. I can however not spot any such case. */
+
int infd = STDIN_FILENO;
bool infdopen;
char *outfile;