From 90c7e72656d68f6c9f4b2e6011166678b1a22e8b Mon Sep 17 00:00:00 2001 From: firewave Date: Mon, 4 Sep 2023 11:32:12 +0200 Subject: [PATCH 1/2] provide more includes to Cppcheck - added (temporary) suppression of Cppcheck `shiftTooManyBits` false positives in `libxrdp/xrdp_mppc_enc.c` - fix Cppcheck `nullPointerRedundantCheck` in `sesman/chansrv/clipboard.c` --- .github/workflows/build.yml | 1 + scripts/install_cppcheck_dependencies_with_apt.sh | 10 +++++++--- scripts/run_cppcheck.sh | 4 +++- sesman/chansrv/clipboard.c | 13 ++++++------- 4 files changed, 17 insertions(+), 11 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2b25fb9068..6abf0e32d4 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -145,6 +145,7 @@ jobs: key: ${{ steps.os.outputs.image }}-build-${{ env.cache-name }}-${{ env.CPPCHECK_VER }} - run: sudo scripts/install_cppcheck_dependencies_with_apt.sh $CPPCHECK_VER - run: ./bootstrap + - run: ./configure - run: scripts/install_cppcheck.sh $CPPCHECK_REPO $CPPCHECK_VER - run: scripts/run_cppcheck.sh -v $CPPCHECK_VER diff --git a/scripts/install_cppcheck_dependencies_with_apt.sh b/scripts/install_cppcheck_dependencies_with_apt.sh index 95887e78ba..c5a055dd78 100755 --- a/scripts/install_cppcheck_dependencies_with_apt.sh +++ b/scripts/install_cppcheck_dependencies_with_apt.sh @@ -1,7 +1,8 @@ #!/bin/sh set -eufx -PACKAGES="libz3-dev z3" +# these are the packages necessary to run ./configure so config_ac.h is generated +PACKAGES="libpam0g-dev libxfixes-dev libxrandr-dev nasm" usage() { @@ -15,6 +16,8 @@ if [ $# -ne 1 ]; then fi CPPCHECK_VER="$1" +apt-get update + case "$CPPCHECK_VER" in 1.*) # no dependencies @@ -23,7 +26,8 @@ case "$CPPCHECK_VER" in # Cppcheck 2.8 removed the dependency on z3 ;; 2.*) - apt-get update - apt-get -yq --no-install-suggests --no-install-recommends install $PACKAGES + PACKAGES="$PACKAGES libz3-dev z3" ;; esac + +apt-get -yq --no-install-suggests --no-install-recommends install $PACKAGES diff --git a/scripts/run_cppcheck.sh b/scripts/run_cppcheck.sh index b3c7c4ca38..0c736f4162 100755 --- a/scripts/run_cppcheck.sh +++ b/scripts/run_cppcheck.sh @@ -43,7 +43,9 @@ fi # Supply default flags passed to cppcheck if necessary if [ -z "$CPPCHECK_FLAGS" ]; then CPPCHECK_FLAGS="--quiet --force --std=c11 --std=c++11 --inline-suppr \ - --enable=warning --error-exitcode=1" + --enable=warning --error-exitcode=1 \ + --suppress=shiftTooManyBits:libxrdp/xrdp_mppc_enc.c \ + -I . -I common" fi CPPCHECK_FLAGS="$CPPCHECK_FLAGS -D__cppcheck__" diff --git a/sesman/chansrv/clipboard.c b/sesman/chansrv/clipboard.c index b01990bd15..8117478a62 100644 --- a/sesman/chansrv/clipboard.c +++ b/sesman/chansrv/clipboard.c @@ -2572,14 +2572,12 @@ clipboard_event_property_notify(XEvent *xevent) format_in_bytes = FORMAT_TO_BYTES(actual_format_return); new_data_len = nitems_returned * format_in_bytes; cptr = (char *) g_malloc(g_clip_s2c.total_bytes + new_data_len, 0); - g_memcpy(cptr, g_clip_s2c.data, g_clip_s2c.total_bytes); - g_free(g_clip_s2c.data); - if (cptr == NULL) { + /* cannot add any more data */ + g_free(g_clip_s2c.data); g_clip_s2c.data = 0; - /* cannot add any more data */ if (data != 0) { XFree(data); @@ -2588,14 +2586,15 @@ clipboard_event_property_notify(XEvent *xevent) XDeleteProperty(g_display, g_wnd, g_clip_s2c.property); return 0; } + g_memcpy(cptr, g_clip_s2c.data, g_clip_s2c.total_bytes); + g_free(g_clip_s2c.data); LOG_DEVEL(LOG_LEVEL_DEBUG, "clipboard_event_property_notify: new_data_len %d", new_data_len); g_clip_s2c.data = cptr; - g_memcpy(g_clip_s2c.data + g_clip_s2c.total_bytes, data, new_data_len); - g_clip_s2c.total_bytes += new_data_len; - if (data) { + g_memcpy(g_clip_s2c.data + g_clip_s2c.total_bytes, data, new_data_len); + g_clip_s2c.total_bytes += new_data_len; XFree(data); } From 2c0749d2cbe10ca62faaa57ab5c474cd7f7efee8 Mon Sep 17 00:00:00 2001 From: firewave Date: Sat, 9 Sep 2023 19:50:16 +0200 Subject: [PATCH 2/2] bumped Cppcheck to 2.12.1 - build Cppcheck with matchcompiler for improved performance - build Cppcheck with Boost for improved ValueFlow performance --- .github/workflows/build.yml | 2 +- scripts/install_cppcheck.sh | 9 ++++++--- scripts/install_cppcheck_dependencies_with_apt.sh | 2 ++ 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6abf0e32d4..9292388a5e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -127,7 +127,7 @@ jobs: CC: gcc # This is required to use a version of cppcheck other than that # supplied with the operating system - CPPCHECK_VER: "2.11" + CPPCHECK_VER: "2.12.1" CPPCHECK_REPO: https://github.com/danmar/cppcheck.git steps: # Set steps.os.outputs.image to the specific OS (e.g. 'ubuntu20') diff --git a/scripts/install_cppcheck.sh b/scripts/install_cppcheck.sh index 94600b239a..2fa0a37a08 100755 --- a/scripts/install_cppcheck.sh +++ b/scripts/install_cppcheck.sh @@ -123,17 +123,20 @@ fi cd "$workdir" + make_args="MATCHCOMPILER=yes FILESDIR=$FILESDIR PREFIX=$FILESDIR" + case "$CPPCHECK_VER" in 1.*) # CFGDIR is needed for cppcheck before 1.86 - make_args="FILESDIR=$FILESDIR PREFIX=$FILESDIR CFGDIR=$FILESDIR" + make_args="$make_args CFGDIR=$FILESDIR" ;; 2.8 | 2.9 | 2.1*) # Cppcheck 2.8 removed the dependency on z3 - make_args="FILESDIR=$FILESDIR PREFIX=$FILESDIR" + # Cppcheck 2.8 added optional support for utilizing Boost + make_args="$make_args CPPFLAGS=-DHAVE_BOOST" ;; 2.*) - make_args="FILESDIR=$FILESDIR PREFIX=$FILESDIR USE_Z3=yes" + make_args="$make_args USE_Z3=yes" # Check that the Z3 development files appear to be installed # before trying to create z3_version.h. Otherwise we may # mislead the user as to what needs to be done. diff --git a/scripts/install_cppcheck_dependencies_with_apt.sh b/scripts/install_cppcheck_dependencies_with_apt.sh index c5a055dd78..0c2f308df8 100755 --- a/scripts/install_cppcheck_dependencies_with_apt.sh +++ b/scripts/install_cppcheck_dependencies_with_apt.sh @@ -24,6 +24,8 @@ case "$CPPCHECK_VER" in ;; 2.8 | 2.9 | 2.1*) # Cppcheck 2.8 removed the dependency on z3 + # Cppcheck 2.8 added optional support for utilizing Boost + PACKAGES="$PACKAGES libboost-container-dev" ;; 2.*) PACKAGES="$PACKAGES libz3-dev z3"