Bug 800154 - Bugs found in python-iwlib-1.1-2.fc17 using gcc-with-cpychecker static analyzer
Bugs found in python-iwlib-1.1-2.fc17 using gcc-with-cpychecker static analyzer
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: python-iwlib (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Jiri Popelka
Fedora Extras Quality Assurance
http://fedorapeople.org/~dmalcolm/gcc...
:
Depends On:
Blocks: cpychecker
  Show dependency treegraph
 
Reported: 2012-03-05 15:59 EST by Dave Malcolm
Modified: 2012-04-18 18:56 EDT (History)
1 user (show)

See Also:
Fixed In Version: python-iwlib-1.2-1.fc17
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-04-18 18:56:29 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Dave Malcolm 2012-03-05 15:59:31 EST
Description of problem:
I've been writing an experimental static analysis tool to detect bugs commonly occurring within C Python extension modules:
  https://fedorahosted.org/gcc-python-plugin/
  http://gcc-python-plugin.readthedocs.org/en/latest/cpychecker.html
  http://fedoraproject.org/wiki/Features/StaticAnalysisOfPythonRefcounts

I ran the latest version of the tool (in git master; post 0.9) on
python-iwlib-1.1-2.fc17.src.rpm, and it reports various errors.

You can see a list of errors here, triaged into categories (from most significant to least significant):
http://fedorapeople.org/~dmalcolm/gcc-python-plugin/2012-03-05/python-iwlib-1.1-2.fc17/

I've manually reviewed the issues reported by the tool; all of them appear to relate to code of this form:

   PyDict_SetItem(dict,
                  PyString_FromString("some_key"),
                  PyString_FromString(buffer));

This will leak references: PyDict_SetItem() adds new references to the key and the value, it doesn't steal references to the inputs.

Also, PyString_FromString() can fail under low memory conditions, returning NULL, and PyDict_SetItem(dict, NULL, ...) or PyDict_SetItem(dict, ..., NULL) will segfault.

(the use of PyDict_SetItemString() would simplify this code, removing two sets of errors).

There may of course be other bugs in my checker tool.

Hope this is helpful; let me know if you need help reading the logs that the tool generates - I know that it could use some improvement.

Version-Release number of selected component (if applicable):
python-iwlib-1.1-2.fc17
gcc-python-plugin post-0.9 git 11462291a66c8db693c8884cb84b795bb5988ffb running the checker in an *f16* chroot
Comment 1 Jiri Popelka 2012-03-06 06:30:11 EST
(In reply to comment #0)
> (the use of PyDict_SetItemString() would simplify this code, removing two sets
> of errors).

Would this be sufficient ?
http://git.fedorahosted.org/git/?p=python-iwlib.git;a=commitdiff;h=0e99906e924940819faea5e758d638816c4b3b42
Comment 2 Fedora Update System 2012-03-29 07:08:06 EDT
python-iwlib-1.2-1.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/python-iwlib-1.2-1.fc17
Comment 3 Fedora Update System 2012-03-29 23:00:16 EDT
Package python-iwlib-1.2-1.fc17:
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing python-iwlib-1.2-1.fc17'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2012-4887/python-iwlib-1.2-1.fc17
then log in and leave karma (feedback).
Comment 4 Fedora Update System 2012-04-18 18:56:29 EDT
python-iwlib-1.2-1.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.