You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@thrift.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2016/10/05 18:51:20 UTC
[jira] [Commented] (THRIFT-3943) Coverity Scan identified some high
severity defects
[ https://issues.apache.org/jira/browse/THRIFT-3943?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15549630#comment-15549630 ]
ASF GitHub Bot commented on THRIFT-3943:
----------------------------------------
GitHub user jeking3 opened a pull request:
https://github.com/apache/thrift/pull/1109
THRIFT-3943: resolve some high severity outstanding defects identified by coverity scan
https://scan7.coverity.com/reports.htm#v15415/p10216/fileInstanceId=3547531&defectInstanceId=1023429&mergedDefectId=748818
Coverity Scan identified 9 issues of high severity.
I dismissed 4 of them as false positives; coverity lost track of the handling of socket file descriptors across multiple layers of calls; this left 5 issues:
1295822 - memory leak in ThreadFactoryTests
1216842 - uninitialized rfds fd_set is passed to select if mode is not WAIT_MODE_C (R+W)
1216841 - uninitialized wfds fd_set is passed to select if mode is not WAIT_MODE_C (R+W)
1216840 - getsockname is always passed uninitialized addrlen
1174563 - memory leak in compiler class handling functions
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/jeking3/thrift defect/THRIFT-3943
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/thrift/pull/1109.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1109
----
commit fc06e472cdd901e9273936e323efc85e694e7b32
Author: James E. King, III <ji...@simplivity.com>
Date: 2016-10-05T18:47:18Z
THRIFT-3943: resolve some high severity outstanding defects identified by coverity scan
----
> Coverity Scan identified some high severity defects
> ---------------------------------------------------
>
> Key: THRIFT-3943
> URL: https://issues.apache.org/jira/browse/THRIFT-3943
> Project: Thrift
> Issue Type: Bug
> Components: C++ - Library, Lua - Library
> Affects Versions: 0.9.3
> Environment: https://scan.coverity.com/projects/thrift
> Reporter: James E. King, III
> Assignee: James E. King, III
> Priority: Critical
>
> Coverity Scan identified 9 issues of high severity.
> I dismissed 4 of them as false positives; coverity lost track of the handling of socket file descriptors across multiple layers of calls; this left 5 issues:
> 1295822 - memory leak in ThreadFactoryTests
> 1216842 - uninitialized rfds fd_set is passed to select if mode is not WAIT_MODE_C (R+W)
> 1216841 - uninitialized wfds fd_set is passed to select if mode is not WAIT_MODE_C (R+W)
> 1216840 - getsockname is always passed uninitialized addrlen
> 1174563 - memory leak in compiler class handling functions
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)