Revert "cf-https-connect: silence clang-tidy v21 false positive"

This reverts commit 36e08e5e62.
2026-06-12 11:24:20 +03:00 · 2025-08-28 21:02:55 +02:00 · 2025-08-28 21:02:55 +02:00 · a002f5c71b
commit a002f5c71b
parent e824d931f7
12 changed files with 0 additions and 21 deletions
--- a/lib/cf-https-connect.c
+++ b/lib/cf-https-connect.c
@ -75,7 +75,6 @@ static void cf_hc_baller_reset(struct cf_hc_baller *b,

 static bool cf_hc_baller_is_active(struct cf_hc_baller *b)
 {
-  /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
  return b->cf && !b->result;
 }

--- a/lib/content_encoding.c
+++ b/lib/content_encoding.c
@ -654,7 +654,6 @@ void Curl_all_content_encodings(char *buf, size_t blen)
        *p++ = ' ';
      }
    }
-    /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
    p[-2] = '\0';
  }
 }
--- a/lib/mime.c
+++ b/lib/mime.c
@ -1753,7 +1753,6 @@ static bool content_type_match(const char *contenttype,
                               const char *target, size_t len)
 {
  if(contenttype && curl_strnequal(contenttype, target, len))
-    /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
    switch(contenttype[len]) {
    case '\0':
    case '\t':
--- a/lib/vauth/ntlm.c
+++ b/lib/vauth/ntlm.c
@ -411,7 +411,6 @@ static void unicodecpy(unsigned char *dest, const char *src, size_t length)
 {
  size_t i;
  for(i = 0; i < length; i++) {
-    /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
    dest[2 * i] = (unsigned char)src[i];
    dest[2 * i + 1] = '\0';
  }
@ -833,7 +832,6 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,

  DEBUGASSERT(size == hostoff);
  if(unicode)
-    /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
    unicodecpy(&ntlmbuf[size], host, hostlen / 2);
  else
    memcpy(&ntlmbuf[size], host, hostlen);
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@ -1048,7 +1048,6 @@ static size_t multissl_version(char *buffer, size_t size)

    backends[0] = '\0';

-    /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
    for(i = 0; available_backends[i]; ++i) {
      char vb[200];
      bool paren = (selected != available_backends[i]);
@ -1089,7 +1088,6 @@ static int multissl_setup(const struct Curl_ssl *backend)

  env = curl_getenv("CURL_SSL_BACKEND");
  if(env) {
-    /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
    for(i = 0; available_backends[i]; i++) {
      if(curl_strequal(env, available_backends[i]->info.name)) {
        Curl_ssl = available_backends[i];
@ -1136,7 +1134,6 @@ CURLsslset Curl_init_sslset_nolock(curl_sslbackend id, const char *name,
           CURLSSLSET_UNKNOWN_BACKEND;
 #endif

-  /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
  for(i = 0; available_backends[i]; i++) {
    if(available_backends[i]->info.id == id ||
       (name && curl_strequal(available_backends[i]->info.name, name))) {
--- a/tests/server/dnsd.c
+++ b/tests/server/dnsd.c
@ -180,7 +180,6 @@ static void add_answer(unsigned char *bytes, size_t *w,
  size_t i = *w;

  /* add answer */
-  /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
  bytes[i++] = 0xc0;
  bytes[i++] = 0x0c; /* points to the query at this fixed packet index */

--- a/tests/server/getpart.c
+++ b/tests/server/getpart.c
@ -99,7 +99,6 @@ static int readline(char **buffer, size_t *bufsize, size_t *length,
    }

    *length = offset + line_length(*buffer + offset, bytestoread);
-    /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
    if(*(*buffer + *length - 1) == '\n')
      break;
    offset = *length;
--- a/tests/server/rtspd.c
+++ b/tests/server/rtspd.c
@ -655,7 +655,6 @@ static int rtspd_get_request(curl_socket_t sock, struct rtspd_httprequest *req)
    logmsg("Read %zd bytes", got);

    req->offset += (size_t)got;
-    /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
    reqbuf[req->offset] = '\0';

    done_processing = rtspd_ProcessRequest(req);
--- a/tests/server/sockfilt.c
+++ b/tests/server/sockfilt.c
@ -1023,7 +1023,6 @@ static bool juggle(curl_socket_t *sockfdp,
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Warith-conversion"
 #endif
-      /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
      FD_SET(sockfd, &fds_read);
 #ifdef __DJGPP__
 #pragma GCC diagnostic pop
--- a/tests/server/socksd.c
+++ b/tests/server/socksd.c
@ -560,7 +560,6 @@ static int tunnel(struct perclient *cp, fd_set *fds)
  ssize_t nread;
  ssize_t nwrite;
  char buffer[512];
-  /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
  if(FD_ISSET(cp->clientfd, fds)) {
    /* read from client, send to remote */
    nread = recv(cp->clientfd, buffer, sizeof(buffer), 0);
@ -574,7 +573,6 @@ static int tunnel(struct perclient *cp, fd_set *fds)
    else
      return 1;
  }
-  /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
  if(FD_ISSET(cp->remotefd, fds)) {
    /* read from remote, send to client */
    nread = recv(cp->remotefd, buffer, sizeof(buffer), 0);
@ -682,7 +680,6 @@ static bool socksd_incoming(curl_socket_t listenfd)
      return FALSE;
    }

-    /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
    if((clients < 2) && FD_ISSET(sockfd, &fds_read)) {
      curl_socket_t newfd = accept(sockfd, NULL, NULL);
      if(CURL_SOCKET_BAD == newfd) {
--- a/tests/server/sws.c
+++ b/tests/server/sws.c
@ -1311,7 +1311,6 @@ static curl_socket_t connect_to(const char *ipaddr, unsigned short port)
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Warith-conversion"
 #endif
-      /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
      FD_SET(serverfd, &output);
 #ifdef __DJGPP__
 #pragma GCC diagnostic pop
@ -1491,7 +1490,6 @@ static void http_connect(curl_socket_t *infdp,
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Warith-conversion"
 #endif
-          /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
          FD_SET(serverfd[i], &input);
 #ifdef __DJGPP__
 #pragma GCC diagnostic pop
@ -1609,7 +1607,6 @@ static void http_connect(curl_socket_t *infdp,
        size_t len;
        if(clientfd[i] != CURL_SOCKET_BAD) {
          len = sizeof(readclient[i]) - tos[i];
-          /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
          if(len && FD_ISSET(clientfd[i], &input)) {
            /* read from client */
            rc = sread(clientfd[i], &readclient[i][tos[i]], len);
@ -1628,7 +1625,6 @@ static void http_connect(curl_socket_t *infdp,
        }
        if(serverfd[i] != CURL_SOCKET_BAD) {
          len = sizeof(readserver[i])-toc[i];
-          /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
          if(len && FD_ISSET(serverfd[i], &input)) {
            /* read from server */
            rc = sread(serverfd[i], &readserver[i][toc[i]], len);
@ -1666,7 +1662,6 @@ static void http_connect(curl_socket_t *infdp,
          }
        }
        if(serverfd[i] != CURL_SOCKET_BAD) {
-          /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
          if(tos[i] && FD_ISSET(serverfd[i], &output)) {
            /* write to server */
            rc = swrite(serverfd[i], readclient[i], tos[i]);
--- a/tests/server/tftpd.c
+++ b/tests/server/tftpd.c
@ -913,7 +913,6 @@ static int do_tftp(struct testcase *test, struct tftphdr *tp, ssize_t size)
  filename = cp;
  do {
    bool endofit = true;
-    /* NOLINTNEXTLINE(clang-analyzer-security.ArrayBound) */
    while(cp < &trsbuf.storage[size]) {
      if(*cp == '\0') {
        endofit = false;