[bug #66078] [refer] Typo in the array elements comparison in src/preproc/refer/ref.cpp

Mon, 12 Aug 2024 05:41:44 -0700 

URL:
  <https://savannah.gnu.org/bugs/?66078>

                 Summary: [refer] Typo in the array elements comparison in
src/preproc/refer/ref.cpp
                   Group: GNU roff
               Submitter: ljavorsk
               Submitted: Mon 12 Aug 2024 12:41:13 PM UTC
                Category: Preprocessor refer
                Severity: 3 - Normal
              Item Group: None
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any
         Planned Release: None


    _______________________________________________________

Follow-up Comments:


-------------------------------------------------------
Date: Mon 12 Aug 2024 12:41:13 PM UTC By: Lukas Javorsky <ljavorsk>
For-loop that should compare array's elements lack the dereference for each
individual element.

These defects were identified by SAST analyzers (combination of
coverity,snyk,cppcheck,gcc,clang,shellcheck,unicontrol), and from 98 findings
these are few that I believe are NOT false positives.

Error: COMPILER_WARNING (CWE-595):
groff-1.23.0/src/preproc/refer/ref.cpp: scope_hint: In function ‘int
same_reference(const reference&, const reference&)’
groff-1.23.0/src/preproc/refer/ref.cpp:539:24: warning[-Warray-compare]:
comparison between two arrays
#  539 |     if (r1.field_index != r2.field_index)
#      |         ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~
groff-1.23.0/src/preproc/refer/ref.cpp:539:24: note: use unary ‘+’ which
decays operands to pointers or ‘&‘component_ref’ not supported by
dump_decl<declaration error>[0] != &‘component_ref’ not supported by
dump_decl<declaration error>[0]’ to compare the addresses
#  537|     int i = 0; 
#  538|     for (i = 0; i < 256; i++)
#  539|->     if (r1.field_index != r2.field_index)
#  540|         return 0;
#  541|     for (i = 0; i < r1.nfields; i++)

Possible remedy:
Commits are in the attachments

Please let me know if you believe these are indeed false positives and why.
Thank you so much for your collaboration.






    _______________________________________________________
File Attachments:


-------------------------------------------------------
Name: 0001-Fix-array-comparison-warning-by-comparing-elements-i.patch  Size:
820B
<https://file.savannah.gnu.org/file/0001-Fix-array-comparison-warning-by-comparing-elements-i.patch?file_id=56345>

    AGPL NOTICE

These attachments are served by Savane. You can download the corresponding
source code of Savane at
https://git.savannah.nongnu.org/cgit/administration/savane.git/snapshot/savane-d76bf983d304f2acfc08b5b4a201839fd9edec71.tar.gz

    _______________________________________________________

Reply to this item at:

  <https://savannah.gnu.org/bugs/?66078>

_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/

Attachment: signature.asc
Description: PGP signature

Reply via email to