git-market/curl-curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-13 00:31:41 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
master
curl-curl/tests/unit/unit1609.c
Viktor Szakats 6d87eb2878
cmake: add CURL_GCC_ANALYZER option, enable in CI, fix/silence 
Enable in one existing Linux, macOS and Windows job.

Cost:
- Linux: +1.3 minutes.
- macOS: +1.5 minutes.
- Windows: +2.5 minutes.

Fix or silence issues found:
- conncache: silence NULL deref warning.
  ```
  lib/conncache.c:564:18: warning: dereference of NULL '*data.multi' [CWE-476] [-Wanalyzer-null-dereference]
  ```
  Ref: ede6a8e087 #19378
- http2: check pointer for NULL.
  ```
  lib/http2.c:388:7: error: dereference of NULL ‘data’ [CWE-476] [-Wanalyzer-null-dereference]
  ```
- http2: silence potential NULL deref in `cf_h2_recv`.
  ```
  lib/http2.c: In function 'cf_h2_recv':
  lib/curl_trc.h:62:15: warning: dereference of NULL 'data' [CWE-476] [-Wanalyzer-null-dereference]
  ```
- openldap: silence deref before NULL check.
  Seen in GHA/Linux.
  ```
  lib/openldap.c: In function ‘oldap_state_mechs_resp’:
  lib/curl_trc.h:140:7: warning: check of ‘data’ for NULL after already dereferencing it [-Wanalyzer-deref-before-check]
  ```
- sendf: silence NULL deref false positive in `Curl_creader_set_fread`.
  It looks impossible to happen.
  ```
  lib/sendf.c:1133:7: warning: dereference of NULL 'r' [CWE-476] [-Wanalyzer-null-dereference]
  ```
- ws: silence deref before NULL check.
  ```
  lib/ws.c: In function 'ws_send_raw_blocking':
  lib/curl_trc.h:205:7: warning: check of 'data' for NULL after already dereferencing it [-Wanalyzer-deref-before-check]
  ```
- var: fix potential NULL deref
  ```
  src/var.c:216:29: warning: dereference of NULL 'envp' [CWE-476] [-Wanalyzer-null-dereference]
  ```
- cli_hx_upload.c: fix NULL check after dereference.
  ```
  tests/libtest/cli_hx_upload.c:170:7: warning: check of '*t.method' for NULL after already dereferencing it [-Wanalyzer-deref-before-check]
  ```
- unit1607, unit1609: fix theoretical NULL ptr dereference.
  ```
  tests/unit/unit1607.c:211:12: warning: dereference of NULL 'addr' [CWE-476] [-Wanalyzer-null-dereference]
  tests/unit/unit1609.c:193:12: warning: dereference of NULL 'addr' [CWE-476] [-Wanalyzer-null-dereference]
  ```
- globally disable checks triggering false positives only:
  ```
  docs/examples/externalsocket.c:135:8: warning: 'connect' on possibly invalid file descriptor 'sockfd' [-Wanalyzer-fd-use-without-check]
  lib/bufq.c:465:16: warning: infinite loop [CWE-835] [-Wanalyzer-infinite-loop] (gcc-15 Windows)
  lib/doh.c:1035:34: warning: stack-based buffer over-read [CWE-126] [-Wanalyzer-out-of-bounds] (gcc-15 macOS)
  lib/ftp.c:4022:20: warning: infinite loop [CWE-835] [-Wanalyzer-infinite-loop] (gcc-15 macOS)
  lib/http2.c:689:28: warning: buffer over-read [CWE-126] [-Wanalyzer-out-of-bounds] (gcc-15 macOS)
  lib/socketpair.c:195:5: warning: leak of file descriptor 'curl_dbg_socket(2, 1, 0, 192, "D:/a/curl/curl/lib/socketpair.c")' [CWE-775] [-Wanalyzer-fd-leak]
  src/tool_doswin.c:810:7: warning: leak of file descriptor '*tdata.socket_l' [CWE-775] [-Wanalyzer-fd-leak]
  src/tool_doswin.c:816:9: warning: leak of file descriptor '*tdata.socket_l' [CWE-775] [-Wanalyzer-fd-leak]
  src/tool_main.c:96:1: warning: leak of file descriptor 'fd[0]' [CWE-775] [-Wanalyzer-fd-leak]
  src/tool_main.c:96:1: warning: leak of file descriptor 'fd[1]' [CWE-775] [-Wanalyzer-fd-leak]
  src/tool_urlglob.c:48:17: warning: leak of 'malloc(8)' [CWE-401] [-Wanalyzer-malloc-leak]
  src/tool_writeout.c:870:3: warning: leak of FILE 'stream2' [CWE-775] [-Wanalyzer-file-leak]
  tests/libtest/lib518.c:90:1: warning: leak of FILE [CWE-775] [-Wanalyzer-file-leak]
  tests/libtest/lib537.c:87:1: warning: leak of FILE [CWE-775] [-Wanalyzer-file-leak]
  tests/server/tftpd.c:1147:10: warning: 'bind' on possibly invalid file descriptor 'sock' [-Wanalyzer-fd-use-without-check]
  tests/server/tftpd.c:1155:10: warning: 'bind' on possibly invalid file descriptor 'sock' [-Wanalyzer-fd-use-without-check]
  tests/server/tftpd.c:1259:10: warning: 'connect' on possibly invalid file descriptor '4294967295' [-Wanalyzer-fd-use-without-check]
  ```

Also:
- cmake: update clang-tidy typecheck comment.

Ref: https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html

Closes #20921
2026-03-16 11:49:34 +01:00

219 lines
6.5 KiB
C
Raw Permalink Blame History

/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at https://curl.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
* SPDX-License-Identifier: curl
*
***************************************************************************/
#include "unitcheck.h"
#include "urldata.h"
#include "connect.h"
#include "curl_addrinfo.h"
static CURLcode t1609_setup(void)
{
CURLcode result = CURLE_OK;
global_init(CURL_GLOBAL_ALL);
return result;
}
/* CURLOPT_RESOLVE address parsing test - to test the following defect fix:
1. if there is already existing host:port pair in the DNS cache and
we call CURLOPT_RESOLVE, it should also replace addresses.
for example, if there is "test.com:80" with address "1.1.1.1"
and we called CURLOPT_RESOLVE with address "2.2.2.2", then DNS entry
needs to reflect that.
2. when cached address is already there and close to expire, then by the
time request is made, it can get expired. This happens because, when
we set address using CURLOPT_RESOLVE,
it usually marks as permanent (by setting timestamp to zero). However,
if address already exists
in the cache, then it does not mark it, but just leaves it as it is.
So we fixing this by timestamp to zero if address already exists too.
Test:
- insert new entry
- verify that timestamp is not zero
- call set options with CURLOPT_RESOLVE
- then, call Curl_loadhostpairs
expected result: cached address has zero timestamp.
- call set options with CURLOPT_RESOLVE with same host:port pair,
different address.
- then, call Curl_loadhostpairs
expected result: cached address has zero timestamp and new address
*/
static CURLcode test_unit1609(const char *arg)
{
UNITTEST_BEGIN(t1609_setup())
struct testcase {
/* host:port:address[,address]... */
const char *optval;
/* lowercase host and port to retrieve the addresses from hostcache */
const char *host;
int port;
/* 0 to 9 addresses expected from hostcache */
const char *address[10];
};
static const struct testcase tests[] = {
/* spaces are not allowed, for now */
{ "test.com:80:127.0.0.1",
"test.com", 80, { "127.0.0.1", }
},
{ "test.com:80:127.0.0.2",
"test.com", 80, { "127.0.0.2", }
},
};
size_t i;
struct Curl_multi *multi = NULL;
struct Curl_easy *easy = NULL;
struct curl_slist *list = NULL;
/* important: we setup cache outside of the loop
and also clean cache after the loop. In contrast,for example,
test 1607 sets up and cleans cache on each iteration. */
for(i = 0; i < CURL_ARRAYSIZE(tests); ++i) {
size_t j;
size_t addressnum = CURL_ARRAYSIZE(tests[i].address);
struct Curl_addrinfo *addr;
struct Curl_dns_entry *dns;
void *entry_id;
bool problem = false;
easy = curl_easy_init();
if(!easy) {
curl_global_cleanup();
return CURLE_OUT_OF_MEMORY;
}
/* create a multi handle and add the easy handle to it so that the
hostcache is setup */
multi = curl_multi_init();
if(!multi)
goto error;
curl_multi_add_handle(multi, easy);
list = curl_slist_append(NULL, tests[i].optval);
if(!list)
goto error;
curl_easy_setopt(easy, CURLOPT_RESOLVE, list);
if(Curl_loadhostpairs(easy))
goto error;
entry_id = (void *)curl_maprintf("%s:%d", tests[i].host, tests[i].port);
if(!entry_id)
goto error;
dns = Curl_hash_pick(&multi->dnscache.entries,
entry_id, strlen(entry_id) + 1);
curlx_free(entry_id);
entry_id = NULL;
addr = dns ? dns->addr : NULL;
for(j = 0; j < addressnum; ++j) {
uint16_t port = 0;
char ipaddress[MAX_IPADR_LEN] = { 0 };
if(!addr && !tests[i].address[j])
break;
if(addr && !Curl_addr2string(addr->ai_addr, addr->ai_addrlen,
ipaddress, &port)) {
curl_mfprintf(stderr,
"%s:%d tests[%zu] failed. Curl_addr2string failed.\n",
__FILE__, __LINE__, i);
problem = true;
break;
}
if(addr && !tests[i].address[j]) {
curl_mfprintf(stderr, "%s:%d tests[%zu] failed. the retrieved addr "
"is %s but tests[%zu].address[%zu] is NULL.\n",
__FILE__, __LINE__, i, ipaddress, i, j);
problem = true;
break;
}
if(!addr && tests[i].address[j]) {
curl_mfprintf(stderr, "%s:%d tests[%zu] failed. the retrieved addr "
"is NULL but tests[%zu].address[%zu] is %s.\n",
__FILE__, __LINE__, i, i, j, tests[i].address[j]);
problem = true;
break;
}
if(!curl_strequal(ipaddress, tests[i].address[j])) {
curl_mfprintf(stderr, "%s:%d tests[%zu] failed. the retrieved addr "
"%s is not equal to tests[%zu].address[%zu] %s.\n",
__FILE__, __LINE__, i, ipaddress, i, j,
tests[i].address[j]);
problem = true;
break;
}
if(port != tests[i].port) {
curl_mfprintf(stderr, "%s:%d tests[%zu] failed. the retrieved port "
"for tests[%zu].address[%zu] is %d "
"but tests[%zu].port is %d.\n",
__FILE__, __LINE__, i, i, j, port, i, tests[i].port);
problem = true;
break;
}
if(!addr)
break;
addr = addr->ai_next;
}
curl_easy_cleanup(easy);
easy = NULL;
curl_multi_cleanup(multi);
multi = NULL;
curl_slist_free_all(list);
list = NULL;
if(problem) {
unitfail++;
continue;
}
}
goto unit_test_abort;
error:
curl_easy_cleanup(easy);
curl_multi_cleanup(multi);
curl_slist_free_all(list);
UNITTEST_END(curl_global_cleanup())
}
Reference in New Issue View Git Blame Copy Permalink