From 336aab5eef68a493dcd1ddc2dfe6405b6ee7a0a9 Mon Sep 17 00:00:00 2001 From: Eliseo Martínez Date: Tue, 4 Nov 2014 15:41:46 +0100 Subject: Fix warnings: regexp.c: skip_regexp: Np dereference: FP. Problem: Derefence of null pointer @ 1208. http://neovim.org/doc/reports/clang/report-24b5ca.html#Path10 Diagnostic: False positive. Rationale : Error is reported to happen if after `if (*newp == NULL) {` body, `*newp` continues being NULL, and false branch of following `if (*newp != NULL)` is taken. Now, `vim_strsave` cannot return NULL, so error cannot happen. Resolution: Remove dead code (leftover since OOM refactors). --- src/nvim/regexp.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'src/nvim/regexp.c') diff --git a/src/nvim/regexp.c b/src/nvim/regexp.c index 90da02bb1b..4e5ae403d6 100644 --- a/src/nvim/regexp.c +++ b/src/nvim/regexp.c @@ -1199,10 +1199,7 @@ char_u *skip_regexp(char_u *startp, int dirc, int magic, char_u **newp) *newp = vim_strsave(startp); p = *newp + (p - startp); } - if (*newp != NULL) - STRMOVE(p, p + 1); - else - ++p; + STRMOVE(p, p + 1); } else ++p; /* skip next character */ if (*p == 'v') -- cgit From 22475b5ae80b5c08115677b9abc5c62258716c08 Mon Sep 17 00:00:00 2001 From: Eliseo Martínez Date: Tue, 4 Nov 2014 15:41:48 +0100 Subject: Fix warnings: regexp.c: br_regcomp(): Np dereference: MI. Problem: Dereference of null pointer @ 1312. http://neovim.org/doc/reports/clang/report-b1d09a.html#EndPath Diagnostic: Multithreading issue. Rationale : Suggested error path contains two succesive calls to `regnext(scan)`, first of which returning nonnull, the second one returning null. This can only occur if global `reg_toolong` accesed in `regnext()` changes between the calls. Resolution: Use local variable to cache first `regnext(scan)` result. Note that this change alters function semantics, as now function only issues one call instead of two, reusing the result for the second time. This shouldn't be a problem, though, as new semantics should be in fact be better. --- src/nvim/regexp.c | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) (limited to 'src/nvim/regexp.c') diff --git a/src/nvim/regexp.c b/src/nvim/regexp.c index 4e5ae403d6..93fc5c62ef 100644 --- a/src/nvim/regexp.c +++ b/src/nvim/regexp.c @@ -1297,16 +1297,18 @@ static regprog_T *bt_regcomp(char_u *expr, int re_flags) r->regstart = (*mb_ptr2char)(OPERAND(scan)); else r->regstart = *OPERAND(scan); - } else if ((OP(scan) == BOW - || OP(scan) == EOW - || OP(scan) == NOTHING - || OP(scan) == MOPEN + 0 || OP(scan) == NOPEN - || OP(scan) == MCLOSE + 0 || OP(scan) == NCLOSE) - && OP(regnext(scan)) == EXACTLY) { - if (has_mbyte) - r->regstart = (*mb_ptr2char)(OPERAND(regnext(scan))); - else - r->regstart = *OPERAND(regnext(scan)); + } else if (OP(scan) == BOW + || OP(scan) == EOW + || OP(scan) == NOTHING + || OP(scan) == MOPEN + 0 || OP(scan) == NOPEN + || OP(scan) == MCLOSE + 0 || OP(scan) == NCLOSE) { + char_u *regnext_scan = regnext(scan); + if (OP(regnext_scan) == EXACTLY) { + if (has_mbyte) + r->regstart = (*mb_ptr2char)(OPERAND(regnext_scan)); + else + r->regstart = *OPERAND(regnext_scan); + } } /* -- cgit From 997c0b3939f6da8c32672bb4e640ebc86b167be0 Mon Sep 17 00:00:00 2001 From: Eliseo Martínez Date: Tue, 4 Nov 2014 15:41:49 +0100 Subject: Fix warnings: regexp.c: match_with_backref(): Nonnull violation: FP. Problem: Argument with 'nonnull' attribute passed null @ 5632. http://neovim.org/doc/reports/clang/report-041a0e.html#EndPath. Diagnostic: False positive. Rationale : `p = reg_getline(clnum)` above should not be null, because `clnum` starts at `start_lnum` and only increments after that. Resolution: Assert p not null. --- src/nvim/regexp.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/nvim/regexp.c') diff --git a/src/nvim/regexp.c b/src/nvim/regexp.c index 93fc5c62ef..cef2e6d9bf 100644 --- a/src/nvim/regexp.c +++ b/src/nvim/regexp.c @@ -43,6 +43,7 @@ /* #undef REGEXP_DEBUG */ /* #define REGEXP_DEBUG */ +#include #include #include #include @@ -5625,6 +5626,8 @@ static int match_with_backref(linenr_T start_lnum, colnr_T start_col, linenr_T e /* Get the line to compare with. */ p = reg_getline(clnum); + assert(p); + if (clnum == end_lnum) len = end_col - ccol; else -- cgit