You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
http1_codec.c:
1029 // invariant:
CID 390253: Macro compares unsigned to 0 (NO_EFFECT) [select issue]
CID 390252 (#1 of 1): Operands don't affect result (CONSTANT_EXPRESSION_RESULT)result_independent_of_operands: body_ptr->remaining >= 0 is always true regardless of the values of its operands. This occurs as the logical first operand of ?:.
1030 assert(body_ptr->remaining >= 0);
1035 if (flush && body_ptr->remaining) {
1036 // need to copy out remaining body octets into new buffer
1037 qd_buffer_t *tail = qd_buffer();
1038
33. Condition body_ptr->remaining <= qd_buffer_capacity(tail), taking true branch.
34. Falling through to end of if statement.
1039 assert(body_ptr->remaining <= qd_buffer_capacity(tail));
CID 390265 (#1 of 1): Explicit null dereferenced (FORWARD_NULL)35. var_deref_model: Passing null pointer body_ptr->cursor to memcpy, which dereferences it.
1040 memcpy(qd_buffer_cursor(tail), body_ptr->cursor, body_ptr->remaining);
1041 qd_buffer_insert(tail, body_ptr->remaining);
1042 DEQ_INSERT_TAIL(blist, tail);
1043 octets += body_ptr->remaining;
1044 *body_ptr = *rptr;
1045 body_ptr->remaining = 0;
1046 }
http1_server.c:
1352 if (!method_iter) {
1353 return PN_REJECTED;
1354 }
1355
6. alloc_fn: Storage is returned from allocation function qd_iterator_copy. [show details]
7. var_assign: Assigning: method_str = storage returned from qd_iterator_copy(method_iter).
1356 method_str = (char*) qd_iterator_copy(method_iter);
1357 qd_iterator_free(method_iter);
8. Condition !method_str, taking false branch.
9. Condition *method_str == 0, taking true branch.
1358 if (!method_str || *method_str == 0) {
CID 379179 (#1 of 1): Resource leak (RESOURCE_LEAK)10. leaked_storage: Variable method_str going out of scope leaks the storage it points to.
1359 return PN_REJECTED;
1360 }
690 if (!hconn->qdr_conn) {
691 qd_log(log, QD_LOG_DEBUG, "[C%"PRIu64"] HTTP/1.x server connection closed", hconn->conn_id);
692 qdr_http1_connection_free(hconn);
693
694 } else {
CID 379186 (#2-3 of 3): Use after free (USE_AFTER_FREE)16. double_free: Calling _process_request frees pointer hconn->requests.head which has already been freed.
695 bool need_close = _process_request((_server_request_t*) DEQ_HEAD(hconn->requests));
696 if (need_close) {
697 qd_log(log, QD_LOG_DEBUG, "[C%"PRIu64"] HTTP Request requires connection close", hconn->conn_id);
698 qdr_http1_close_connection(hconn, 0);
699 }
700 }
701}
http1_common.c:
678 //
cond_notnull: Condition host, taking true branch. Now the value of host is not NULL.
679 if (!host)
680 return;
681
682 qdr_http_request_info_t* record = _new_qdr_http_request_info_t();
683 record->ingress = ingress;
684 record->address = address ? qd_strdup(address) : 0;
notnull: At condition host, the value of host cannot be NULL.
dead_error_condition: The condition host must be true.
CID 379181 (#1 of 1): Logically dead code (DEADCODE)dead_error_line: Execution cannot reach the expression NULL inside this statement: record->host = (host ? qd_s....
685 record->host = host ? qd_strdup(host) : 0;
686 record->site = remote_site ? qd_strdup(remote_site) : 0;
687 record->key = _record_key(record->host, record->address, remote_site, record->ingress);
688 record->requests = 1;
The text was updated successfully, but these errors were encountered:
http1_codec.c:
1029 // invariant:
CID 390253: Macro compares unsigned to 0 (NO_EFFECT) [select issue]
CID 390252 (#1 of 1): Operands don't affect result (CONSTANT_EXPRESSION_RESULT)result_independent_of_operands: body_ptr->remaining >= 0 is always true regardless of the values of its operands. This occurs as the logical first operand of ?:.
1030 assert(body_ptr->remaining >= 0);
1035 if (flush && body_ptr->remaining) {
1036 // need to copy out remaining body octets into new buffer
1037 qd_buffer_t *tail = qd_buffer();
1038
33. Condition body_ptr->remaining <= qd_buffer_capacity(tail), taking true branch.
34. Falling through to end of if statement.
1039 assert(body_ptr->remaining <= qd_buffer_capacity(tail));
CID 390265 (#1 of 1): Explicit null dereferenced (FORWARD_NULL)35. var_deref_model: Passing null pointer body_ptr->cursor to memcpy, which dereferences it.
1040 memcpy(qd_buffer_cursor(tail), body_ptr->cursor, body_ptr->remaining);
1041 qd_buffer_insert(tail, body_ptr->remaining);
1042 DEQ_INSERT_TAIL(blist, tail);
1043 octets += body_ptr->remaining;
1044 *body_ptr = *rptr;
1045 body_ptr->remaining = 0;
1046 }
http1_server.c:
1352 if (!method_iter) {
1353 return PN_REJECTED;
1354 }
1355
6. alloc_fn: Storage is returned from allocation function qd_iterator_copy. [show details]
7. var_assign: Assigning: method_str = storage returned from qd_iterator_copy(method_iter).
1356 method_str = (char*) qd_iterator_copy(method_iter);
1357 qd_iterator_free(method_iter);
8. Condition !method_str, taking false branch.
9. Condition *method_str == 0, taking true branch.
1358 if (!method_str || *method_str == 0) {
CID 379179 (#1 of 1): Resource leak (RESOURCE_LEAK)10. leaked_storage: Variable method_str going out of scope leaks the storage it points to.
1359 return PN_REJECTED;
1360 }
690 if (!hconn->qdr_conn) {
691 qd_log(log, QD_LOG_DEBUG, "[C%"PRIu64"] HTTP/1.x server connection closed", hconn->conn_id);
692 qdr_http1_connection_free(hconn);
693
694 } else {
CID 379186 (#2-3 of 3): Use after free (USE_AFTER_FREE)16. double_free: Calling _process_request frees pointer hconn->requests.head which has already been freed.
695 bool need_close = _process_request((_server_request_t*) DEQ_HEAD(hconn->requests));
696 if (need_close) {
697 qd_log(log, QD_LOG_DEBUG, "[C%"PRIu64"] HTTP Request requires connection close", hconn->conn_id);
698 qdr_http1_close_connection(hconn, 0);
699 }
700 }
701}
http1_common.c:
678 //
cond_notnull: Condition host, taking true branch. Now the value of host is not NULL.
679 if (!host)
680 return;
681
682 qdr_http_request_info_t* record = _new_qdr_http_request_info_t();
683 record->ingress = ingress;
684 record->address = address ? qd_strdup(address) : 0;
notnull: At condition host, the value of host cannot be NULL.
dead_error_condition: The condition host must be true.
CID 379181 (#1 of 1): Logically dead code (DEADCODE)dead_error_line: Execution cannot reach the expression NULL inside this statement: record->host = (host ? qd_s....
685 record->host = host ? qd_strdup(host) : 0;
686 record->site = remote_site ? qd_strdup(remote_site) : 0;
687 record->key = _record_key(record->host, record->address, remote_site, record->ingress);
688 record->requests = 1;
The text was updated successfully, but these errors were encountered: