Bug 800196
| Summary: | Bugs found in veusz-1.14-3.fc17 using gcc-with-cpychecker static analyzer | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Dave Malcolm <dmalcolm> |
| Component: | veusz | Assignee: | Jeremy Sanders <jeremy> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | rawhide | CC: | jeremy |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| URL: | http://fedorapeople.org/~dmalcolm/gcc-python-plugin/2012-03-05/veusz-1.14-3.fc17/ | ||
| Whiteboard: | |||
| Fixed In Version: | veusz-1.15-1.fc17 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-04-04 19:18:18 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 789472 | ||
|
Description
Dave Malcolm
2012-03-05 22:52:35 UTC
Thanks for the helpful report - I think I've fixed this upstream with this patch: https://github.com/jeremysanders/veusz/commit/3e000ca5fd892c15ef4338cda0ec1760bb08ed19 I didn't fix this problem because it looks like a false positive "Returning (PyObject*)NULL without setting an exception These messages are often false-positives: the analysis tool has no knowledge about internal API calls that can lead to an exception being set helpers/src/_nc_cntr.c cntr_trace returning (PyObject*)NULL without setting an exception" I can't see any way for the error part of cntr_trace to be called without an exception being set. If any PyMem_Alloc fails this should set the exception. The fix should be in 1.15 which should be released shortly. (In reply to comment #1) > Thanks for the helpful report - I think I've fixed this upstream with this > patch: > https://github.com/jeremysanders/veusz/commit/3e000ca5fd892c15ef4338cda0ec1760bb08ed19 Excellent; thanks! > I didn't fix this problem because it looks like a false positive > > "Returning (PyObject*)NULL without setting an exception > > These messages are often false-positives: the analysis tool has no knowledge > about internal API calls that can lead to an exception being set > helpers/src/_nc_cntr.c cntr_trace returning (PyObject*)NULL without setting > an exception" > > I can't see any way for the error part of cntr_trace to be called without an > exception being set. If any PyMem_Alloc fails this should set the exception. Although these are typically false positives, I think that in this case, it actually *is* a bug. PyMem_Malloc() *doesn't* set an exception when it fails. http://docs.python.org/c-api/memory.html#PyMem_Malloc doesn't spell this out, but review of the source code shows it to be the case: it's a thin macro wrapper around malloc(); indeed the example code on that page shows an explicit call to PyErr_NoMemory() for the case when PyMem_Malloc fails. So I think that error-handling path needs a call to PyErr_NoMemory(): http://docs.python.org/c-api/exceptions.html#PyErr_NoMemory Hope this is helpful Dave That's very helpful, thanks. I've fixed the PyMem_Malloc bug upstream in another commit. https://github.com/jeremysanders/veusz/commit/f61d1cb2c42dba5f23c4ba2110d5be4ac01ec974 I've checked the other PyMem_Malloc cases. None were marked by your checker and I think they always set an exception on failure. Upstream Veusz 1.15 fixes this. I've updated rawhide and f17-candidate to Veusz 1.15. http://koji.fedoraproject.org/koji/buildinfo?buildID=311679 http://koji.fedoraproject.org/koji/buildinfo?buildID=311678 Thanks. veusz-1.15-1.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/veusz-1.15-1.fc17 veusz-1.15-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report. |