RFR(S): 8207233: Minor improvements of jdk C-coding

Roger Riggs Roger.Riggs at Oracle.com
Fri Jul 13 15:23:56 UTC 2018


Hi Goetz,

Thanks for the cleanup; looks fine with or without the suggestion below.

src/jdk.crypto.ec/share/native/libsunec/impl/ecl_mult.c: 84, 89
    Since the assignment is done in both branches of the if, it could be 
moved up.

Regards, Roger


On 7/13/2018 6:54 AM, Lindenmaier, Goetz wrote:
> Hi,
>
> I ran coverity on the jdk11 jdk sources and want to propose the following fixes. I scanned the linux x86_64 build. Some issues are similar to previous parfait fixes (check for NULL). I also identified some issues I consider real problems.  If you think some are tooo conservative, I'm happy to remove them.
> I posted this to core-libs-dev and awt-dev, if you think this should
> be discussed on other lists please tell me.
>
> http://cr.openjdk.java.net/~goetz/wr18/8207233-covJDK/01/
>
> In detail:
>
> Real issues:
>   ------------
>
>   transport.c
>     Loop overruns the array, it iterates to 8. Only
>     two iterations are intended.
>
>   Unix.c
>     getgroups can return -1. This is handled below,
>     but not here. Return as for other errors.
>
>   Useful code improvements.
>   -------------------------
>
>   zip_util.c
>     pmsg is compared to null above. Thus, don't
>     dereference it unconditionally below.
>     I would assume pmsg is always != NULL, so that the
>     check above could as well be turned into a guarantee.
>     This fix is more safe, though.
>
>   fontpath.c
>     This is a real error, but harmless as the same size is
>     returned.
>
>   pcsc.c
>     If size is 0, mszReaders is not allocated, but accessed
>     below. return if size is 0.
>     Here, too, I would assume that one could turn the if(size)
>     check into a guarantee, but this way it's more safe.
>
>   ecl_muilt.c
>     This block calls point_mul, which requires the kt.flag
>     is initialized.
>
>   unpack.cpp
>     lo is checked for null. If it is null, the dereference
>     below fails.
>     Return if lo == Null similar as above.
>     Alternatively, one could turn the if (lo != null) check into
>     a guarantee.



More information about the core-libs-dev mailing list