<div dir="ltr">ok, I'll submit a PR with some of the fixes that I think are good. Was the format of the bug report acceptable? Our tool integrates with static analyzers, and sometimes its tricky to include their reports in a way that is clear and concise. Of course, I will provide my own summary of the issues, but I would like to know if you found them helpful. <div><br></div><div>-Ben </div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, May 11, 2017 at 4:24 PM, Matthew Brush <span dir="ltr"><<a href="mailto:mbrush@codebrainz.ca" target="_blank">mbrush@codebrainz.ca</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On 2017-05-11 12:40 PM, Benjamin Bales wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Lex and Matthew,<br>
<br>
You seem to disagree on this issue. Is this a valid issue? And if so, do<br>
you like the fix? I can batch a few of them (<= 10) as a single PR. No<br>
problem.<br>
<br>
</blockquote>
<br></span>
If they're valid bugs (even minor), it certainly doesn't hurt to make a PR (or even an Issue just giving the info). They'll probably require more than an automated fix though, to account for formatting/indentation as well as looking at how it affects the code. Likely they'll need a human to evaluate what the correct fix is, for example the one given before is probably not very good as it just guards out code that was expected to run, rather than figuring out how the code was meant to work and make it do that.<br>
<br>
Regards,<br>
Matthew Brush<div class="HOEnZb"><div class="h5"><br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
-Ben<br>
<br>
On Wed, May 10, 2017 at 8:22 PM, Matthew Brush <<a href="mailto:mbrush@codebrainz.ca" target="_blank">mbrush@codebrainz.ca</a>> wrote:<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On 2017-05-10 04:09 PM, Lex Trotman wrote:<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On 11 May 2017 at 08:10, Benjamin Bales <<a href="mailto:benjamin.bales@qbitlogic.com" target="_blank">benjamin.bales@qbitlogic.com</a>><br>
wrote:<br>
<br>
CodeAi (<a href="https://github.com/C0deAi" rel="noreferrer" target="_blank">https://github.com/C0deAi</a>), an automated repair tool developed at<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
QbitLogic (<a href="http://www.qbitlogic.com" rel="noreferrer" target="_blank">www.qbitlogic.com</a>), suggested the following fix. Could I<br>
submit it as a patch if it looks alright?<br>
<br>
plugins/saveactions.c: “doc->file_type” pointer might be dereferenced<br>
when<br>
null on line 283. Initialization may be provided by “doc” passed in as a<br>
function argument, but a null check would be prudent just in case. The<br>
fix<br>
checks “doc->file_type” for null before allowing a dereference on the<br>
following line. A snapshot of the bug report generated by CodeAi is<br>
attached. A full report is available upon request.<br>
<br>
<br>
</blockquote>
This function is called (via the signal framework) by the function that<br>
created `doc` and as such cannot be null. The design of the application<br>
uses the signal framework to decouple caller and callee and this is likely<br>
to confuse your tool since it cannot see where functions are called.<br>
Whilst any contributions are welcome, a report with a lot of similar false<br>
positives may end up being ignored and be a bad advertisement for your<br>
tool.<br>
<br>
<br>
</blockquote>
Naw, I think it's technically a real bug, albeit very minor. It's the<br>
`file_type` member of the `doc` that can be NULL. IIUC tools like this look<br>
to see if you checked the NULL-ness of something and then proceed to<br>
dereference it outside of that check later, which this code does (checks if<br>
`ft == NULL` several lines up and then unconditionally dereferences it on<br>
the line given by the OP).<br>
<br>
Regards,<br>
Matthew Brush<br>
<br>
<br>
______________________________<wbr>_________________<br>
Devel mailing list<br>
<a href="mailto:Devel@lists.geany.org" target="_blank">Devel@lists.geany.org</a><br>
<a href="https://lists.geany.org/cgi-bin/mailman/listinfo/devel" rel="noreferrer" target="_blank">https://lists.geany.org/cgi-bi<wbr>n/mailman/listinfo/devel</a><br>
<br>
</blockquote>
<br>
<br>
<br>
<br>
<br>
______________________________<wbr>_________________<br>
Devel mailing list<br>
<a href="mailto:Devel@lists.geany.org" target="_blank">Devel@lists.geany.org</a><br>
<a href="https://lists.geany.org/cgi-bin/mailman/listinfo/devel" rel="noreferrer" target="_blank">https://lists.geany.org/cgi-bi<wbr>n/mailman/listinfo/devel</a><br>
<br>
</blockquote>
<br>
______________________________<wbr>_________________<br>
Devel mailing list<br>
<a href="mailto:Devel@lists.geany.org" target="_blank">Devel@lists.geany.org</a><br>
<a href="https://lists.geany.org/cgi-bin/mailman/listinfo/devel" rel="noreferrer" target="_blank">https://lists.geany.org/cgi-bi<wbr>n/mailman/listinfo/devel</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div style="font-size:12.8px">Benjamin Bales</div><div style="font-size:12.8px">Chief Technology Officer</div><div style="font-size:12.8px"><img src="https://media.licdn.com/mpr/mpr/shrink_200_200/AAEAAQAAAAAAAAlpAAAAJGRhNjRiNzc4LWJjNDctNGE2My05NWY1LTY2MDM3Y2YzZTM1OA.png" alt="QbitLogic" width="96" height="96"><br></div><div style="font-size:12.8px">1050 Crown Pointe Pkwy, Ste. 840</div><div style="font-size:12.8px">Atlanta, GA 30338 </div><div style="font-size:12.8px">470-554-2690</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px"><p style="margin:0in 0in 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif;color:rgb(0,0,0)"><span style="font-size:10pt;font-family:'Times New Roman',serif;color:navy">CONFIDENTIALITY NOTICE</span></p><p style="margin:0in 0in 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif;color:rgb(0,0,0)"><span style="font-size:10pt;font-family:'Times New Roman',serif;color:navy">This e-mail and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to which they are addressed. This communication may contain privileged attorney material or other Property and Confidential matter. If you are not the intended recipient or the person responsible for delivering the e-mail for the intended person, be advised that you have received this e-mail in error and that any use, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you believe you have received this e-mail in error, please immediately delete this e-mail and notify Benjamin Bales by telephoning <a href="tel:470-554-2690" value="+14705542690" style="color:rgb(17,85,204)" target="_blank">470-554-2690</a>.</span></p></div></div></div></div></div></div></div>
</div>