#32 Several bugs from static analysis

[Honza Horak]

Hi, unixODBC-2.3.1 sources have been scanned using Coverity static analysis tool and several more or less severe problems have been found. Please note, that some of them can be false positives, but many are not most probably.

I've prepared a patch (will be attached) that fixes the most obvious errors, but you can also look at the report itself (will be also attached), if you want to solve the others as well or to know more about the fixes.

[Honza Horak]

patch for most obvious errors

[Honza Horak]

report from static analysis

[Honza Horak]

part of the report, that filters the fixed errors

[Tom Lane]

I'm suspicious of the proposed second hunk in isql.c, that is the removal of "free(szSepLine);". That cannot in itself be sufficient to fix the code, because the previous line frees hStmt which the subsequent code refers to. I think probably what was meant here was to free the resources and then return, in which case the free() is correct where it is and the proper fix is to add a return after it.

[Tom Lane]

Hm, belay that --- looking at the callers of display_result_set(), I see they all free the hStmt for themselves. So the SQLFreeStmt call is wrong too. Probably what we ought to do there is replace both lines with a simple "break;".

[Honza Horak]

Another issue has been found in the previous patch, particularly

• if ( !buffer_length < 0 )
• if ( !(buffer_length < 0) )

The correct fix that should've been applied (in both cases):

• if ( !buffer_length < 0 )
• if ( buffer_length < 0 )

Attaching a new patch.