Result of checking SQLite with PVS-Studio static code analyzer

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Result of checking SQLite with PVS-Studio static code analyzer

info
Hello, I just did a quick check of SQLite version 3.24.0 with PVS-Studio
(https://www.viva64.com), a static code analyzer.

I have singled out a few strange code fragments that the analyzer warned
about that I think could be real bugs:

1. ext\misc\fileio.c:207 Last argument of memset() is
"sizeof(WIN32_FIND_DATA)", however, the data type of variable "fd" is
"WIN32_FIND_DATAW" (NOTE: wide version with W at end). The size of these
two data types differ (at least on my machine) and I assume
"sizeof(WIN32_FIND_DATAW)" should be used instead.
2. src\insert.c:908 "==" has higher precedence than "&&" so code will be
executed as "== (0 && ...)". I assume programmer wanted "((pColumn==0)
&& ...)".
3. src\os_win.c On lines 3299 and 3306 both if-statements have the same
conditionals ("locktype==EXCLUSIVE_LOCK && res"). Based on the comment
before the first if-statment maybe it should be "locktype==PENDING_LOCK"
in the first if-statement?
4. tool\lemon.c:2860 Before returning on line 2860 you forgot to free()
"filebuf".

Regards, Johan Mattsson
_______________________________________________
sqlite-users mailing list
[hidden email]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users