romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-30 14:37:30 +03:00
Code Issues Projects Releases Packages Wiki Activity
curl/tests
History
Viktor Szakats 6d87eb2878
cmake: add CURL_GCC_ANALYZER option, enable in CI, fix/silence 
Enable in one existing Linux, macOS and Windows job.

Cost:
- Linux: +1.3 minutes.
- macOS: +1.5 minutes.
- Windows: +2.5 minutes.

Fix or silence issues found:
- conncache: silence NULL deref warning.
  ```
  lib/conncache.c:564:18: warning: dereference of NULL '*data.multi' [CWE-476] [-Wanalyzer-null-dereference]
  ```
  Ref: ede6a8e087 #19378
- http2: check pointer for NULL.
  ```
  lib/http2.c:388:7: error: dereference of NULL ‘data’ [CWE-476] [-Wanalyzer-null-dereference]
  ```
- http2: silence potential NULL deref in `cf_h2_recv`.
  ```
  lib/http2.c: In function 'cf_h2_recv':
  lib/curl_trc.h:62:15: warning: dereference of NULL 'data' [CWE-476] [-Wanalyzer-null-dereference]
  ```
- openldap: silence deref before NULL check.
  Seen in GHA/Linux.
  ```
  lib/openldap.c: In function ‘oldap_state_mechs_resp’:
  lib/curl_trc.h:140:7: warning: check of ‘data’ for NULL after already dereferencing it [-Wanalyzer-deref-before-check]
  ```
- sendf: silence NULL deref false positive in `Curl_creader_set_fread`.
  It looks impossible to happen.
  ```
  lib/sendf.c:1133:7: warning: dereference of NULL 'r' [CWE-476] [-Wanalyzer-null-dereference]
  ```
- ws: silence deref before NULL check.
  ```
  lib/ws.c: In function 'ws_send_raw_blocking':
  lib/curl_trc.h:205:7: warning: check of 'data' for NULL after already dereferencing it [-Wanalyzer-deref-before-check]
  ```
- var: fix potential NULL deref
  ```
  src/var.c:216:29: warning: dereference of NULL 'envp' [CWE-476] [-Wanalyzer-null-dereference]
  ```
- cli_hx_upload.c: fix NULL check after dereference.
  ```
  tests/libtest/cli_hx_upload.c:170:7: warning: check of '*t.method' for NULL after already dereferencing it [-Wanalyzer-deref-before-check]
  ```
- unit1607, unit1609: fix theoretical NULL ptr dereference.
  ```
  tests/unit/unit1607.c:211:12: warning: dereference of NULL 'addr' [CWE-476] [-Wanalyzer-null-dereference]
  tests/unit/unit1609.c:193:12: warning: dereference of NULL 'addr' [CWE-476] [-Wanalyzer-null-dereference]
  ```
- globally disable checks triggering false positives only:
  ```
  docs/examples/externalsocket.c:135:8: warning: 'connect' on possibly invalid file descriptor 'sockfd' [-Wanalyzer-fd-use-without-check]
  lib/bufq.c:465:16: warning: infinite loop [CWE-835] [-Wanalyzer-infinite-loop] (gcc-15 Windows)
  lib/doh.c:1035:34: warning: stack-based buffer over-read [CWE-126] [-Wanalyzer-out-of-bounds] (gcc-15 macOS)
  lib/ftp.c:4022:20: warning: infinite loop [CWE-835] [-Wanalyzer-infinite-loop] (gcc-15 macOS)
  lib/http2.c:689:28: warning: buffer over-read [CWE-126] [-Wanalyzer-out-of-bounds] (gcc-15 macOS)
  lib/socketpair.c:195:5: warning: leak of file descriptor 'curl_dbg_socket(2, 1, 0, 192, "D:/a/curl/curl/lib/socketpair.c")' [CWE-775] [-Wanalyzer-fd-leak]
  src/tool_doswin.c:810:7: warning: leak of file descriptor '*tdata.socket_l' [CWE-775] [-Wanalyzer-fd-leak]
  src/tool_doswin.c:816:9: warning: leak of file descriptor '*tdata.socket_l' [CWE-775] [-Wanalyzer-fd-leak]
  src/tool_main.c:96:1: warning: leak of file descriptor 'fd[0]' [CWE-775] [-Wanalyzer-fd-leak]
  src/tool_main.c:96:1: warning: leak of file descriptor 'fd[1]' [CWE-775] [-Wanalyzer-fd-leak]
  src/tool_urlglob.c:48:17: warning: leak of 'malloc(8)' [CWE-401] [-Wanalyzer-malloc-leak]
  src/tool_writeout.c:870:3: warning: leak of FILE 'stream2' [CWE-775] [-Wanalyzer-file-leak]
  tests/libtest/lib518.c:90:1: warning: leak of FILE [CWE-775] [-Wanalyzer-file-leak]
  tests/libtest/lib537.c:87:1: warning: leak of FILE [CWE-775] [-Wanalyzer-file-leak]
  tests/server/tftpd.c:1147:10: warning: 'bind' on possibly invalid file descriptor 'sock' [-Wanalyzer-fd-use-without-check]
  tests/server/tftpd.c:1155:10: warning: 'bind' on possibly invalid file descriptor 'sock' [-Wanalyzer-fd-use-without-check]
  tests/server/tftpd.c:1259:10: warning: 'connect' on possibly invalid file descriptor '4294967295' [-Wanalyzer-fd-use-without-check]
  ```

Also:
- cmake: update clang-tidy typecheck comment.

Ref: https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html

Closes #20921
2026-03-16 11:49:34 +01:00
..
certs cmake: mark two internal options as advanced 2026-03-05 04:00:08 +01:00
cmake cmake: minor improvements to integration test framework 2026-03-02 14:50:33 +01:00
data urldata: connection bit ipv6_ip is wrong 2026-03-14 23:17:40 +01:00
http proxy-auth: additional tests 2026-03-06 22:52:39 +01:00
libtest cmake: add CURL_GCC_ANALYZER option, enable in CI, fix/silence 2026-03-16 11:49:34 +01:00
server autotools: limit checksrc target to ignore non-repo test sources 2026-03-12 01:45:24 +01:00
tunit autotools: limit checksrc target to ignore non-repo test sources 2026-03-12 01:45:24 +01:00
unit cmake: add CURL_GCC_ANALYZER option, enable in CI, fix/silence 2026-03-16 11:49:34 +01:00
.gitignore tidy-up: .gitignore lines mostly 2025-01-27 20:59:46 +01:00
allversions.pm badwords: fix issues found in tests 2025-11-17 13:30:35 +01:00
appveyor.pm tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
azure.pm runtests: fix quoting in Appveyor and Azure test integration 2023-04-22 11:50:03 -07:00
CMakeLists.txt cmake: add CURL_GCC_ANALYZER option, enable in CI, fix/silence 2026-03-16 11:49:34 +01:00
config.in copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
configurehelp.pm.in build: use configurehelp.pm.in with autotools and cmake 2024-09-21 12:21:14 +02:00
devtest.pl tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
dictserver.py badwords: add more contractions, fix fallouts 2025-11-17 19:29:15 +01:00
directories.pm tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
ech_combos.py tidy-up: miscellaneous 2025-11-17 13:32:43 +01:00
ech_tests.sh badwords: fix issues found in tests 2025-11-17 13:30:35 +01:00
ftpserver.pl badwords: avoid 'simply' 2026-03-10 19:34:06 +01:00
getpart.pm tidy-up: miscellaneous 2026-01-15 13:06:13 +01:00
globalconfig.pm runtests: improve XML prolog check, enable -w permanently, fix two tests 2025-12-14 12:26:38 +01:00
http-server.pl tidy-up: miscellaneous 2025-11-17 13:32:43 +01:00
http2-server.pl tidy-up: miscellaneous 2025-11-17 13:32:43 +01:00
http3-server.pl tidy-up: miscellaneous 2025-11-17 13:32:43 +01:00
Makefile.am tidy-up: miscellaneous 2026-01-15 13:06:13 +01:00
memanalyze.pl runtests: make memanalyzer a Perl module (for 1.1-2x speed-up per test run) 2025-12-04 13:14:32 +01:00
memanalyzer.pm tidy-up: miscellaneous 2026-02-25 14:44:56 +01:00
negtelnetserver.py tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
nghttpx.conf copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
pathhelp.pm tidy-up: Markdown, clang-format nits 2026-01-22 23:44:47 +01:00
processhelp.pm tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
requirements.txt GHA: bump the pip-dependencies group across 2 directories with 3 updates 2025-11-02 17:10:39 +01:00
rtspserver.pl tidy-up: miscellaneous 2025-11-17 13:32:43 +01:00
runner.pm tidy-up: miscellaneous 2026-02-12 14:52:16 +01:00
runtests.pl badwords: avoid 'simply' 2026-03-10 19:34:06 +01:00
secureserver.pl badwords: avoid 'simply' 2026-03-10 19:34:06 +01:00
serverhelp.pm tidy-up: miscellaneous 2026-02-12 14:52:16 +01:00
servers.pm tidy-up: miscellaneous 2026-02-25 14:44:56 +01:00
smbserver.py tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
sshhelp.pm tidy-up: miscellaneous 2026-02-12 14:52:16 +01:00
sshserver.pl tidy-up: miscellaneous 2026-02-12 14:52:16 +01:00
test745.pl tidy-up: Markdown, clang-format nits 2026-01-22 23:44:47 +01:00
test971.pl badwords: fix issues found in tests 2025-11-17 13:30:35 +01:00
test1119.pl tidy-up: miscellaneous 2026-03-09 11:35:19 +01:00
test1135.pl badwords: fix issues found in tests 2025-11-17 13:30:35 +01:00
test1139.pl tidy-up: miscellaneous 2026-02-25 14:44:56 +01:00
test1140.pl tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
test1165.pl build: disable typecheck via the command-line instead of curl_config.h 2026-02-20 16:32:37 +01:00
test1167.pl tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
test1173.pl tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
test1175.pl badwords: fix issues found in tests 2025-11-17 13:30:35 +01:00
test1177.pl NTLM_WB: drop support 2024-04-08 13:58:58 +02:00
test1222.pl tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
test1275.pl tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
test1276.pl scripts: enable strict warnings in Perl where missing, fix fallouts 2025-07-27 22:35:18 +02:00
test1477.pl tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
test1486.pl src: fix formatting nits 2025-12-03 20:50:18 +01:00
test1488.pl badwords: fix issues found in tests 2025-11-17 13:30:35 +01:00
test1544.pl tidy-up: merge root packages directory into projects 2026-01-12 23:49:35 +01:00
test1707.pl scripts: enable strict warnings in Perl where missing, fix fallouts 2025-07-27 22:35:18 +02:00
testcurl.pl tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
testutil.pm tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
tftpserver.pl tidy-up: miscellaneous 2025-11-17 13:32:43 +01:00
util.py tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
valgrind.pm tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
valgrind.supp hyper: drop support 2024-12-21 11:33:05 +01:00