You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@thrift.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2016/10/05 18:51:20 UTC

[jira] [Commented] (THRIFT-3943) Coverity Scan identified some high severity defects

    [ https://issues.apache.org/jira/browse/THRIFT-3943?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15549630#comment-15549630 ] 

ASF GitHub Bot commented on THRIFT-3943:
----------------------------------------

GitHub user jeking3 opened a pull request:

    https://github.com/apache/thrift/pull/1109

    THRIFT-3943: resolve some high severity outstanding defects identified by coverity scan

    https://scan7.coverity.com/reports.htm#v15415/p10216/fileInstanceId=3547531&defectInstanceId=1023429&mergedDefectId=748818
    
    Coverity Scan identified 9 issues of high severity.
    I dismissed 4 of them as false positives; coverity lost track of the handling of socket file descriptors across multiple layers of calls; this left 5 issues:
    
    1295822 - memory leak in ThreadFactoryTests
    1216842 - uninitialized rfds fd_set is passed to select if mode is not WAIT_MODE_C (R+W)
    1216841 - uninitialized wfds fd_set is passed to select if mode is not WAIT_MODE_C (R+W)
    1216840 - getsockname is always passed uninitialized addrlen
    1174563 - memory leak in compiler class handling functions

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/jeking3/thrift defect/THRIFT-3943

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/thrift/pull/1109.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1109
    
----
commit fc06e472cdd901e9273936e323efc85e694e7b32
Author: James E. King, III <ji...@simplivity.com>
Date:   2016-10-05T18:47:18Z

    THRIFT-3943: resolve some high severity outstanding defects identified by coverity scan

----


> Coverity Scan identified some high severity defects
> ---------------------------------------------------
>
>                 Key: THRIFT-3943
>                 URL: https://issues.apache.org/jira/browse/THRIFT-3943
>             Project: Thrift
>          Issue Type: Bug
>          Components: C++ - Library, Lua - Library
>    Affects Versions: 0.9.3
>         Environment: https://scan.coverity.com/projects/thrift
>            Reporter: James E. King, III
>            Assignee: James E. King, III
>            Priority: Critical
>
> Coverity Scan identified 9 issues of high severity.
> I dismissed 4 of them as false positives; coverity lost track of the handling of socket file descriptors across multiple layers of calls; this left 5 issues:
> 1295822 - memory leak in ThreadFactoryTests
> 1216842 - uninitialized rfds fd_set is passed to select if mode is not WAIT_MODE_C (R+W)
> 1216841 - uninitialized wfds fd_set is passed to select if mode is not WAIT_MODE_C (R+W)
> 1216840 - getsockname is always passed uninitialized addrlen
> 1174563 - memory leak in compiler class handling functions



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)