Comments (6)
FWIW I would be willing to add someone to Squash's project on Coverity Scan so you can see the results in their interface, though I would suggest just creating a project for brotli. It has actually uncovered quite a few real issues in other compression libraries (as well as Squash itself) with surprisingly few false positives—definitely worth it, IMHO.
from brotli.
All Coverity Scan reports have been addressed =)
See https://scan.coverity.com/projects/google-brotli
Thank you for reporting about these issues.
from brotli.
I think it's time for another run; Coverity is reporting 9 high-impact issues and 4 medium-impact issues in Brotli.
from brotli.
Uninitialized variables and null-dereference are all false-positives. Usage of tainted values is natural -> almost false positive. Going to toss coda a little bit to convince Coverity Scan.
from brotli.
FWIW, cppcheck picks up a couple minor issues, too:
[brotli/enc/block_splitter_inc.h:280] -> [brotli/enc/block_splitter_inc.h:281]: (style) Variable 'pairs' is reassigned a value before the old one has been used.
[brotli/enc/write_bits.h:80]: (warning) %d in format string (no. 1) requires 'int' but the argument type is 'size_t {aka unsigned long}'.
To fix the second one, you could cast to int, or if you want to really use size_t you can do something like this (stolen from https://github.com/nemequ/munit/blob/master/munit.h#L56):
#if !defined(_WIN32)
#define BROTLI_SIZE_SPECIFIER "zu"
#elif defined(_M_X64) || defined(__amd64__)
#define BROTLI_SIZE_SPECIFIER "I64u"
#else
#define BROTLI_SIZE_SPECIFIER "u"
#endif
Windows make everything harder.
from brotli.
@eustas, I see the only issue remaining is a null-pointer dereference; IIRC that can be "fixed" by adding an assert(foo != NULL)
. If it's a function parameter, another possibility might be to add a nonnnull attribute… Looks like it's available in GCC 3.3+.
from brotli.
Related Issues (20)
- Brotli wheel for arm64 HOT 3
- How to compress utf-16 string and decompress? HOT 4
- using brotli compression on embedded iot with limited RAM HOT 1
- BrotliInputStream.java issue when using both read() followed by read(byte b[]) HOT 5
- mode_generic & dictionary sharing HOT 1
- (windows) JNI makefile
- JavaScript throws Corrupted reserved bit HOT 6
- OSS-Fuzz issue 60394 HOT 1
- Ability to clone/serialize/deserialize state in Compressor and Decompressor HOT 4
- Exception while brotliDecode in decode.ts HOT 5
- EMPTY VERSION FIELDS IN PKGCONFIG FILES (LINUX) HOT 4
- Support for user-supplied dictionaries in Python binding
- Release v1.1 HOT 14
- Publish JNI artefacts (including platform-dependent) HOT 7
- Stale comment referring to nonexisting WriteMetadata() function HOT 6
- v1.1.0rc does not build on macOS 10.12.6 HOT 8
- Strange compression ratio on large CSV file... HOT 1
- Brotli v1.1.0 tests fail with pypy3 HOT 10
- Brotli 1.1.0 breaks Python 2 compatibility HOT 3
- Create a static source tarball for releases
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from brotli.