[cppcheck] Dangerous usage of strncat in file xf86AutoConfig.c
Thomas Dickey
dickey at his.com
Sat Oct 3 06:07:58 PDT 2009
On Sat, 3 Oct 2009, David Gerard wrote:
> 2009/10/3 Thomas Dickey <dickey at his.com>:
>
>> It's possible, but cppcheck isn't that smart.
>
>
> Interesting to note: Wine is being run through cppcheck after every
> two-weekly release as well. It's showing up occasional bugs and
> questionable coding in wine, but mostly bugs in cppcheck ;-)
yes (I've run it a few times, found no bugs in the target code, but have
appeased it in a few cases - the equivalent of using a void cast to quiet
gcc or lint).
> I suggest running the whole server code base through cppcheck, seeing
> what it comes up with then going through very carefully to work out
> what's a bug in Xorg code and what's actually a bug in cppcheck.
> Probably a lot of the latter still.
mostly its usefulness seems to be to force someone to reread the code
> That said, it has usefully spotted bad stuff in wine. Just very
> noisily. It'll probably manage at least as well on a codebase as large
> and old as X11.
>
>
> - d.
> _______________________________________________
> xorg-devel mailing list
> xorg-devel at lists.x.org
> http://lists.x.org/mailman/listinfo/xorg-devel
>
--
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net
More information about the xorg-devel
mailing list