Content-type: multipart/related; boundary="Boundary_(ID_nfUCpoN3RVwkjl88KDY//w)"; type="text/html" --Boundary_(ID_nfUCpoN3RVwkjl88KDY//w) Content-type: text/html; CHARSET=US-ASCII Content-transfer-encoding: quoted-printable
On Mar 21, 2014, at 11:49 AM, Sean McBride <sean@rog= ue-research.com> wrote:
On Tue, 21 Jan 2014 07:43:10 -07= 00, Nathan Hjelm said:
> &nbs= p; > (2) os/darwin_usb.c:531:10: Implicit conversion loses= integer
>precision: 'size_t' (aka 'unsi= gned long') to 'int'
> &nb= sp; >
> &= nbsp;> A cast would silence this, but actually I worry the last line of= the
>function is returning entirely the= wrong thing. Shouldn't it return
>'ret'= not 'len'? The docs for 'get_config_descriptor' say 'Return 0 on
&nbs= p; >success or a LIBUSB_ERROR code on failure.'
= > >
&nbs= p; > >
&n= bsp; > > (3) core.c:1163:7: = Use of memory after it is freed
> = >
> &nbs= p; > This could be a false positive as it's from the stati= c analyzer. It's
>code path dependant, a= nd really you need the Xcode GUI to follow the
&n= bsp;>flow. Nathan, could you look?
><= br> >I will take a look at both 2 and 3 toda= y.
Just wanted to ping you on these. Both issues sti= ll exist in master.I can't get scan-build to give me the the first one but I do = get the second one. The second one is an interesting flow and will take so= me thought to see if it identifies a real issue or not. clang assumes that= the call to libusb_unref_device in discovered_devs_free wil= l result in a call to free on a device that is being returned. I am not co= nvinced that can ever be the case.