Polyspace report on your library #78
Comments
|
I've finally set aside some time for this. It's not that it's irrelevant, but... Some items are just harmless safeguards, like initializing something with zero only to rewrite later. Or some checks that turn out to be dead code now, but may be useful later when some code changes. Some items look very troubling, like uninitialized reads and null dereferences, but they are annoyingly hard to track down, especially in 3rd party code (Minizip). It seems these conditions happen only under unusual circumstances, like using customized I/O API, which isn't recommended at all because it would cause all kinds of trouble with Zip64 support and some QuaZip modes. I'll leave this open for now. Not sure if I ever get back to this, though. |
|
Hello @stachenov Since we use your library, we just wanted to give you some info on potential issues. Since you analyzed and don't see any obvious issue, I would advice to close this issue as it may not be relevant anymore ? |
|
I'm not sure. Maybe I'll look into it further later and figure out how to clean up a bit so there'll be less warnings. Maybe add more tests and run them all under Valgrind, which would detect some of these issues at runtime. There are no obvious issues, but that doesn't mean things can't break under unusual circumstances, and it would be better if that never happened. Or at least it can serve as a hint where to look if I ever get to some major changes, like Minizip update. Maybe rewrite this parts in a cleaner way or get rid of some deprecated features and/or dead code. It's better to keep it open, I'll just consider it to be of low priority for now. |
Hello,
Thank you for this library.
Here are some "bug" returned by our tool (polyspace bug finder) that may interest you to improve your library (I used 0.9.1 tag):
polyspace report.pdf
Feel free to close this issue if you don't think it is relevant.
The text was updated successfully, but these errors were encountered: