diff options
| author | Glenn Strauss <gstrauss@gluelogic.com> | 2020-10-23 23:14:06 -0400 |
|---|---|---|
| committer | Glenn Strauss <gstrauss@gluelogic.com> | 2020-10-23 23:14:06 -0400 |
| commit | 0a2aab88d2a1b343bbedf60cd121158bf726e51e (patch) | |
| tree | 438e78fde3166583bdd07442dc2e2371cb788143 | |
| parent | ad62991a5b1641acc8c7daea799855a51f5947e5 (diff) | |
| download | lighttpd-git-0a2aab88d2a1b343bbedf60cd121158bf726e51e.tar.gz | |
[core] silence coverity warnings (another try)
| -rw-r--r-- | src/h2.c | 15 | ||||
| -rw-r--r-- | src/ls-hpack/lshpack.c | 1 |
2 files changed, 9 insertions, 7 deletions
@@ -1399,13 +1399,6 @@ h2_parse_frames (connection * const con) c = cq->first; /*(reload after h2_frame_cq_compact())*/ } uint8_t *s = (uint8_t *)(c->mem->ptr + c->offset); - #ifdef __COVERITY__ - /* Coverity does not notice that values used in s are checked. - * Although silencing here, would prefer not to do so since doing so - * disables Coverity from reporting questionable modifications which - * might be made to the code in the future. */ - __coverity_tainted_data_sink__(s); - #endif uint32_t flen = (s[0] << 16) | (s[1] << 8) | s[2]; if (flen > fsize) { h2_send_goaway_e(con, H2_E_FRAME_SIZE_ERROR); @@ -1439,6 +1432,14 @@ h2_parse_frames (connection * const con) cqlen = chunkqueue_length(cq); } + #ifdef __COVERITY__ + /* Coverity does not notice that values used in s are checked. + * Although silencing here, would prefer not to do so since doing so + * disables Coverity from reporting questionable modifications which + * might be made to the code in the future. */ + __coverity_tainted_data_sink__(s); + #endif + int rc = h2_recv_headers(con, s, flen); cqlen -= (9+flen); if (rc >= 0) diff --git a/src/ls-hpack/lshpack.c b/src/ls-hpack/lshpack.c index 96d14526..4f6e90c6 100644 --- a/src/ls-hpack/lshpack.c +++ b/src/ls-hpack/lshpack.c @@ -764,6 +764,7 @@ lshpack_enc_huff_encode (const unsigned char *src, { #ifdef __COVERITY__ assert(bits_used > 0); + if (0 == bits_used || bits_used >= sizeof(bits)*8) abort(); #endif bits <<= sizeof(bits) * 8 - bits_used; bits_used = cur_enc_code.bits - (sizeof(bits) * 8 - bits_used); |