diff options
| author | Eliseo Martínez <eliseomarmol@gmail.com> | 2015-01-27 15:22:36 +0100 |
|---|---|---|
| committer | Justin M. Keyes <justinkz@gmail.com> | 2015-02-02 01:21:57 -0500 |
| commit | ab86da74c4f81f492d493a42a1c3c26a273016a9 (patch) | |
| tree | e8b52e61f89f644bdd0d0ff4b8e1ee849c7a0ff2 /src | |
| parent | 828a18722c2fb2d23560fd38ae182359e943d589 (diff) | |
| download | rneovim-ab86da74c4f81f492d493a42a1c3c26a273016a9.tar.gz rneovim-ab86da74c4f81f492d493a42a1c3c26a273016a9.tar.bz2 rneovim-ab86da74c4f81f492d493a42a1c3c26a273016a9.zip | |
coverity/68610: Out-of-bounds access: FP.
Diagnostic : False positive.
Rationale : Coverity thinks we are forgetting to add more char to hold
NULL, but it's not taking into account that two chars from
cntxformat will no be present in the result. In fact, we
can even allocate one byte less than currently done.
Resolution : Add explanatory comment and allocate one less byte.
Marked as "Intentional" at coverity's database.
Diffstat (limited to 'src')
| -rw-r--r-- | src/nvim/if_cscope.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/src/nvim/if_cscope.c b/src/nvim/if_cscope.c index 843cbcf6f9..09f4ecf519 100644 --- a/src/nvim/if_cscope.c +++ b/src/nvim/if_cscope.c @@ -1646,7 +1646,6 @@ static void cs_print_tags_priv(char **matches, char **cntxts, int num_matches) char *fname, *lno, *extra, *tbuf; int i, idx, num; char *globalcntx = "GLOBAL"; - char *cntxformat = " <<%s>>"; char *context; char *cstag_msg = _("Cscope tag: %s"); @@ -1706,7 +1705,11 @@ static void cs_print_tags_priv(char **matches, char **cntxts, int num_matches) context = cntxts[idx]; else context = globalcntx; - newsize = strlen(context) + strlen(cntxformat); + + const char *cntxformat = " <<%s>>"; + // '%s' won't appear in result string, so: + // newsize = len(cntxformat) - 2 + len(context) + 1 (for NUL). + newsize = strlen(context) + strlen(cntxformat) - 1; if (bufsize < newsize) { buf = xrealloc(buf, newsize); |