Travis: Add scan-build Static Code Analysis
Add scan-build static code analyzer for clang and gcc to Travis CI.
Fix unchecked index warning in session-util.c found by scan-build.
Fixes #969.
Signed-off-by: Dan Anderson <daniel.anderson@intel.com>
diff --git a/.travis.yml b/.travis.yml
index a75cc25..f4a3230 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -85,9 +85,19 @@
if [ "$CC" == "gcc" ]; then
export CONFIGURE_OPTIONS="--enable-code-coverage";
fi
- - ../configure --enable-unit --enable-integration $CONFIGURE_OPTIONS
+ - |
+ if [ "$CC" == "clang" ]; then
+ scan-build ../configure --enable-unit --enable-integration $CONFIGURE_OPTIONS
+ else
+ ../configure --enable-unit --enable-integration $CONFIGURE_OPTIONS
+ fi
- make -j$(nproc) distcheck
- - make -j$(nproc) check
+ - |
+ if [ "$CC" == "clang" ]; then
+ scan-build --status-bugs make -j$(nproc) check
+ else
+ make -j$(nproc) check
+ fi
- cat test-suite.log
- |
for LOG in $(ls -1 test/unit/*.log); do
diff --git a/test/integration/sapi-session-util.c b/test/integration/sapi-session-util.c
index 7a4e05b..84a31bf 100644
--- a/test/integration/sapi-session-util.c
+++ b/test/integration/sapi-session-util.c
@@ -650,8 +650,15 @@
TPM2B_AUTH *authValue)
{
TSS2_RC rval = TSS2_RC_SUCCESS;
- TPM2B_MAX_BUFFER key, mask;
- int i;
+ TPM2B_MAX_BUFFER key;
+ TPM2B_MAX_BUFFER mask = { .size = 0, .buffer = 0 };
+ UINT16 i;
+ UINT16 size = inputData->size;
+
+ if (size > TPM2_MAX_DIGEST_BUFFER) {
+ LOG_ERROR("Bad value for inputData size: %" PRIu16, size);
+ return TSS2_SYS_RC_GENERAL_FAILURE;
+ }
CopySizedByteBuffer((TPM2B *)&key, (TPM2B *)&session->sessionKey);
CatSizedByteBuffer((TPM2B *)&key, (TPM2B *)authValue);
@@ -661,15 +668,15 @@
"XOR",
(TPM2B *)&session->nonceNewer,
(TPM2B *)&session->nonceOlder,
- inputData->size * 8, &mask);
+ size * 8, &mask);
if (rval)
return rval;
- for (i = 0; i < inputData->size; i++)
+ for (i = 0; i < size; i++)
outputData->buffer[i] = inputData->buffer[i] ^ mask.buffer[i];
- outputData->size = inputData->size;
+ outputData->size = size;
return rval;
}