You are on page 1of 11

TortoiseSVN

PVS-Studio
:
: 25.06.2013

TortoiseSVN
PVS-Studio. ,
TortoiseSVN . .
PVS-Studio.
TortoiseSVN. .
PVS-Studio 4.00, .
,
. .
. . ,
PVS-Studio. ,
.
, , PVS-Studio 5.05.
TortoiseSVN 19.06.2013 http://tortoisesvn.googlecode.com/svn/trunk.
, TortoiseSVN . -, .


static void ColouriseA68kDoc (....)
{
if (((sc.state == SCE_A68K_NUMBER_DEC) && isdigit(sc.ch))
....

|| ((sc.state == SCE_A68K_MACRO_ARG) && isdigit(sc.ch))


|| ((sc.state == SCE_A68K_MACRO_ARG) && isdigit(sc.ch))
....
}
: V501 There are identical sub-expressions '((sc.state == 11) && isdigit(sc.ch))'
to the left and to the right of the '||' operator. lexa68k.cxx 160
. , .
, , .
'rv'.
struct hentry * AffixMgr::compound_check(
....
if (rv && forceucase && (rv) && ....)
....
}
: V501 There are identical sub-expressions to the left and to the right of the
'&&' operator: rv && forceucase && (rv):

affixmgr.cxx 1784
affixmgr.cxx 1879

:
int main(int argc, char **argv)
{
....
DWORD ticks;
....
if (run_timers(now, &next)) {
ticks = next - GETTICKCOUNT();
if (ticks < 0) ticks = 0;
} else {

ticks = INFINITE;
}
....
}
: V547 Expression 'ticks < 0' is always false. Unsigned type value is never < 0.
winplink.c 635
'ticks' . , "if (ticks < 0)" .
.

, - 'strncmp' .
int

AffixMgr::parse_convtable(...., const char * keyword)

{
char * piece;
....
if (strncmp(piece, keyword, sizeof(keyword)) != 0) {
....
}
: V579 The strncmp function receives the pointer and its size as arguments. It
is possibly a mistake. Inspect the third argument. affixmgr.cxx 3654
'sizeof' . .


, .
class CTSVNPath
{
....
private:
mutable CString m_sBackslashPath;

mutable CString m_sLongBackslashPath;


mutable CString m_sFwdslashPath;
....
};

const FileStatusCacheEntry * SVNFolderStatus::BuildCache(


const CTSVNPath& filepath, ....)
{
....
CTraceToOutputDebugString::Instance() (_T(__FUNCTION__)
_T(": building cache for %s\n"), filepath);
....
}
: V510 The 'operator()' function is not expected to receive class-type variable
as second actual argument:

svnfolderstatus.cpp 150
svnfolderstatus.cpp 355
svnfolderstatus.cpp 360

"%s" , .
, 'filepath' , , .
, .

, 'printf()' : "printf(myStr);".
'myStr' , ,
.
TortoiseSVN:
BOOL CPOFile::ParseFile(....)
{
....
printf(File.getloc().name().c_str());

....
}
: V618 It's dangerous to call the 'printf' function in such a manner, as the line
being passed could contain format specification. The example of the safe code: printf("%s", str); pofile.cpp
158
"myfile%s%i%s.txt", .
. printf().


, TortoiseSVN , .
, . . ,
. :
static void sha_mpint(SHA_State * s, Bignum b)
{
unsigned char lenbuf[4];
....
memset(lenbuf, 0, sizeof(lenbuf));
}
: V597 The compiler could delete the 'memset' function call, which is used to
flush 'lenbuf' buffer. The RtlSecureZeroMemory() function should be used to erase the private data. sshdss.c
23
, 'lenbuf' .
, 'memset'. ,
.
, 'memset()':

sshdss.c 37
sshdss.c 587
sshdes.c 861
sshdes.c 874
sshdes.c 890
sshdes.c 906
sshmd5.c 252
sshrsa.c 113
sshpubk.c 153

sshpubk.c 361
sshpubk.c 1121
sshsha.c 256

BOOL InitInstance(HINSTANCE hResource, int nCmdShow)


{
....
app.hwndTT; // handle to the ToolTip control
....
}
: V607 Ownerless expression 'app.hwndTT'. tortoiseblame.cpp 1782
, 'InitInstance()' , 'hwndTT' - . ,
- , .

64-
. , ,
. , . ,
, .
64- . ,
, .
:
void LoginDialog::CreateModule(void)
{
....
DialogBoxParam(g_hmodThisDll, MAKEINTRESOURCE(IDD_LOGIN),
g_hwndMain, (DLGPROC)(LoginDialogProc),
(long)this);
....
}

: V220 Suspicious sequence of types castings: memsize -> 32-bit integer ->
memsize. The value being casted: 'this'. logindialog.cpp 105
'this' 'long'. LPARAM
(LONG_PTR). , - 'long'. ,
64-. 64-. 'long' Win64
32- . 64- .
4 ,
. ,
.
: DialogBoxParam(...., (LPARAM)this);

:
static int cmpforsearch(void *av, void *bv)
{
Actual_Socket b = (Actual_Socket) bv;
unsigned long as = (unsigned long) av,
bs = (unsigned long) b->s;
if (as < bs)
return -1;
if (as > bs)
return +1;
return 0;
}
: V205 Explicit conversion of pointer type to 32-bit integer type: (unsigned
long) av:

winnet.c 139
winhandl.c 359
winhandl.c 348

'unsigned long' 'as' 'bs'.


, .
, .
.


'new', , - NULL.
std::bad_alloc. , , 'new' 0,
.
, :
int _tmain(....)
{
....
pBuf = new char[maxlength];
if (pBuf == NULL)
{
_tprintf(_T("Could not allocate enough memory!\n"));
delete [] wc;
delete [] dst;
delete [] src;
return ERR_ALLOC;
}
....
}
: V668 There is no sense in testing the 'pBuf' pointer against null, as the
memory was allocated using the 'new' operator. The exception will be generated in the case of memory
allocation error.

subwcrev.cpp 912
repositorybrowser.cpp 2565
repositorybrowser.cpp 4225
svnstatuslistctrl.cpp 5254
svnprogressdlg.cpp 2357
bugtraqassociations.cpp 116
xmessagebox.cpp 792
xmessagebox.cpp 797
hyperlink_base.cpp 166
affixmgr.cxx 272
hashmgr.cxx 363

hashmgr.cxx 611


, , , . ,
. .
, , , .
void CBaseView::OnContextMenu(CPoint point, DiffStates state)
{
....
popup.AppendMenu(MF_STRING | oWhites.HasTrailWhiteChars ?
MF_ENABLED : (MF_DISABLED|MF_GRAYED),
POPUPCOMMAND_REMOVETRAILWHITES, temp);
....
}
: V502 Perhaps the '?:' operator works in a different way than it was
expected. The '?:' operator has a lower priority than the '|' operator. baseview.cpp 2246
'oWhites.HasTrailWhiteChars'
:

MF_STRING | MF_ENABLED
MF_STRING | MF_DISABLED | MF_GRAYED

. '|' , '?:'.
:
(MF_STRING | oWhites.HasTrailWhiteChars) ? MF_ENABLED : MF_DISABLED | MF_GRAYED
, , 'MF_STRING' 0.
. , .
. TortoiseSVN HWND
'unsigned'. . , ,
:
HWND m_hWnd;
UINT_PTR uId;

INT_PTR CBaseView::OnToolHitTest(....) const


{
....
pTI->uId = (UINT)m_hWnd;
....
}

UINT_PTR

idFrom;

HWND m_hWnd;

BOOL CBaseView::OnToolTipNotify(
UINT, NMHDR *pNMHDR, LRESULT *pResult)
{
if (pNMHDR->idFrom != (UINT)m_hWnd)
return FALSE;
....
}

, , HWND , 'long'.
bool CCommonAppUtils::RunTortoiseProc(....)
{
....
CString sCmdLine;
sCmdLine.Format(L"%s /hwnd:%ld",
(LPCTSTR)sCommandLine, AfxGetMainWnd()->GetSafeHwnd());
....
}

. , 'HWND' . ,
32- . PVS-Studio
, .
, !
HWND , Windows
. HANDLE, HMENU, HPALETTE,
HBITMAP .
64- , (,
32- 64- )
32-. "Microsoft Interface Definition Language (MIDL): 64-Bit
Porting Guide" (USER and GDI handles are sign extended 32b values).
HWND 32- ,
. , ,
Windows API.

,
.
PVS-Studio. , :
.

, , .
1. . - ?
2. . V668. There is no sense in testing the pointer against null, as the memory was
allocated using the 'new' operator.
3. . int 64- ?
4. , . 64- /++.