MDBF-534: Coverity scan: fix client folder

--------------------------------- File: `mysqltest` --------------------------------- - Coverity (SIZEOF_MISMATCH): - https://scan5.scan.coverity.com/reports.htm#v58936/p10357/fileInstanceId=231728385&defectInstanceId=53074863&mergedDefectId=972322 Function `qsort` have to use size of element that is `uchar *` - Coverity (REVERSE_INULL): - https://scan5.scan.coverity.com/reports.htm#v58936/p10357/fileInstanceId=231728385&defectInstanceId=53074524&mergedDefectId=1519693&fileStart=3376&fileEnd=3625 First check if null and then use `strlen`, not reversed. - FALSE POSITIVES - Coverity (TAINTED_SCALAR): https://scan5.scan.coverity.com/reports.htm#v58936/p10357/fileInstanceId=231728385&defectInstanceId=53074760&mergedDefectId=1519321 - Coverity (CHECKED_RETURN): - https://scan5.scan.coverity.com/reports.htm#v58936/p10357/fileInstanceId=231728385&defectInstanceId=53074692&mergedDefectId=971714 - https://scan5.scan.coverity.com/reports.htm#v58936/p10357/fileInstanceId=231728385&defectInstanceId=53072839&mergedDefectId=971715 - Coverity (FORWARD_NULL): There is already issued DBUG_ASSERT(query_end) few lines before https://scan5.scan.coverity.com/reports.htm#v58936/p10357/fileInstanceId=231728385&defectInstanceId=53074002&mergedDefectId=971916&eventId=53074002-5 - Coverity (OVERRUN): - https://scan5.scan.coverity.com/reports.htm#v58936/p10357/fileInstanceId=231728385&defectInstanceId=53074470&mergedDefectId=1519697 - https://scan5.scan.coverity.com/reports.htm#v58936/p10357/fileInstanceId=231728385&defectInstanceId=53074862&mergedDefectId=1520391 `uint64_max` and `SIZE_MAX` (max for `size_t`) are same as `count` argument for `memcmp`. - Coverity (RESOURCE_LEAK): - https://scan5.scan.coverity.com/reports.htm#v58936/p10357/fileInstanceId=231728385&defectInstanceId=53074163&mergedDefectId=1519889&eventId=53074163-446 - INTENTION: - Coverity (SIZEOF_MISMATCH): - https://scan5.scan.coverity.com/reports.htm#v58936/p10357/fileInstanceId=231728385&defectInstanceId=53074650&mergedDefectId=1520109 `len` argument is used only in printing so it is not making impact (may be removed as an alternative). In this example size of pointer (8B) is used, that is not the size of value that pointer points to.
MariaDB · Feb 17, 2023 · bd0d7ea · bd0d7ea
1 parent 24911a3
commit bd0d7ea
Showing 1 changed file with 6 additions and 4 deletions.
diff --git a/client/mysqltest.cc b/client/mysqltest.cc
@@ -3563,9 +3563,11 @@ void do_system(struct st_command *command)
 /* returns TRUE if path is inside a sandbox */
 bool is_sub_path(const char *path, size_t plen, const char *sandbox)
 {
-  size_t len= strlen(sandbox);
-  if (!sandbox || !len || plen <= len || memcmp(path, sandbox, len - 1)
-      || path[len] != '/')
+  size_t len;
+  if (!sandbox)
+    return false;
+  len= strlen(sandbox);
+  if (plen <= len || memcmp(path, sandbox, len-1) || path[len] != '/')
     return false;
   return true;
 }
@@ -11696,7 +11698,7 @@ void dynstr_append_sorted(DYNAMIC_STRING* ds, DYNAMIC_STRING *ds_input,
 
   /* Sort array */
   qsort(lines.buffer, lines.elements,
-        sizeof(char**), (qsort_cmp)comp_lines);
+        sizeof(uchar *), (qsort_cmp)comp_lines);
 
   /* Create new result */
   for (i= 0; i < lines.elements ; i++)