Assorted Coverity fixes

[tiennou]

This fixes May/June Coverity reports.

[ethomson]

It looks like the smart pkt changes are causing test failures - could you take a look?

[tiennou]

Rebased. Note that I had to partially revert a recent change because of the allocation semantics of symrefs (it's allocated/populated in smart_protocol.c/detect_caps, but its destructor is in smart.c).
So please don't merge, event though tests should be ok now.

[tiennou]

That should be ok now. Feel free to after reviewing.

[pks-t]

No need to change that now, but our agreed-upon code style is to indent continuation lines in conditionals with four spaces:

if (opts.flags & GIT_BLAME_USE_MAILMAP &&
    git_mailmap_from_repository(&gbr->mailmap, repo) < 0) {
        git_blame_free(gbr);
        return NULL;
}

[pks-t]

I think ignoring the error was actually intended. In case where we're unable to load the mail map, we simply ignore it and output commits with their original author/committer. You could add a comment and cast to void, though

[tiennou]

Ignore the error even though I (the user) has asked for it ? I do not know if that's explicit, but I find this strange… How can I tell if the mailmap was applied when that happens ?

[pks-t]

Huh, you're right. And in fact git_mailmap_from_repository also only errors out in case where git_mailmap_new fails, but never if getting the actual mailmap fails. So checking the error is the right thing to do, and our future warning API should then handle errors when loading the mailmap itself (as described in mailmap_add_from_repository)

[pks-t]

We usually avoid freeing memory when we run in OOM situations. But as you cannot use GITERR_CHECK_ALLOC here I'm fine with this fix

[pks-t]

Indentation is off here

[pks-t]

And here as well

[pks-t]

I actually find this commit a bit hard to digest, as it simultaneously moves around code and changes it at the same time. I'd welcome it if you split it up into multiple commits to make it easier to understand what is going on here

[tiennou]

Sorry, this seemed a simple fix, then memory-management happened. I'll try to split (the crux of the change is that git_smart__detect_caps returns GIT_ENOTFOUND if it stumble on a weird pkt, which allows its caller to know if the symrefs it got are valid or not.

[pks-t]

Thanks :)

[tiennou]

Hopefully the commits are more separated now, which clarifies what is happening. Note that I erroneously said symref above, but my understanding of the issue is that it might (maliciously) happen that the remote sent back one ref (refs is a vector of git_pkt in this code 😮) but doesn't follow through, so this strcmp will segfault on a NULL.

Thinking back a bit more, I don't know if that's plausible protocol-wise, but at least coverity should be pleased…

[pks-t]

I'd love to hear some details why this is necessary. Tests passed before, so why is it needed now?

[tiennou]

The path given to git_index_add_bypath is relative to the root of the repository. That describe/file path is relative to the root of the sandbox directory, hence if I add the missing cl_git_pass I rightfully get an error that $SANDBOX/describe/describe/file doesn't exist. The path is thus changed to be made relative to the repository, which makes the failure go away and "restore" the test.

Hence the test doesn't work as expected, because it does not care about file being added or not to the index, which makes dubious in my eyes.

[pks-t]

Thanks for the explanation!

[tiennou]

I'll put it in the commit message then 😉. I still feel like there's something dubious going on though, but this is about coverity.

[pks-t]

This change is wrong. We're new erroring out when the function ran successfully. It's getting fixed by the next commit, though

[pks-t]

This is fine, as there is only one caller of git_smart__detect_caps, which is the one you're adjusting in the same commit

[pks-t]

Thank you for your fixes, @tiennou!