1. 31 Oct, 2016 1 commit
    • coverity: check for Coverity token only if necessary · 18c18e3d
      When running a Coverity build, we have to provide an
      authentication token in order to proof that we are actually
      allowed to run analysis in the name of a certain project. As this
      token should be secret, it is only set on the main repository, so
      when we were requested to run the Coverity script on another
      repository we do error out. But in fact we do also error out if
      the Coverity analysis should _not_ be run if there is no
      authentication token provided.
      
      Fix the issue by only checking for the authentication token after
      determining if analysis is indeed requested.
      Patrick Steinhardt committed
  2. 28 Oct, 2016 2 commits
  3. 10 Oct, 2016 1 commit
  4. 05 Oct, 2016 2 commits
  5. 24 Jul, 2016 1 commit
  6. 23 Jul, 2016 1 commit
  7. 07 Jun, 2016 2 commits
    • coverity: model functions printing into git_buf · 4d8fe1cd
      The `git_buf` structure seems to be too complicated to correctly
      grasp for Coverity. As such, add simpler models trying to guide
      Coverity and remove false positives related to these functions.
      Patrick Steinhardt committed
    • coverity: add user model · 956f1e23
      The static analysis engine coverity allows for user models
      overriding how it treats functions when analyzing code. Like
      this, one can greatly reduce the rate of false positives and thus
      make it easier to spot actual errors.
      
      Add a user model that overrides function models for `git_buf_len`
      and `git_vector_insert`, which together amount for a majority of
      false positives.
      Patrick Steinhardt committed
  8. 19 Apr, 2016 2 commits
  9. 14 Mar, 2016 1 commit
  10. 11 Mar, 2016 1 commit
    • coverity: report errors when uploading tarball · 2615d0d6
      Curl by default does not report errors by setting the error code.
      As the upload can fail through several conditions (e.g. the rate
      limit, leading to unauthorized access) we should indicate this
      information in Travis CI.
      
      To improve upon the behavior, use `--write-out=%{http_code}` to
      write out the HTTP code in addition to the received body and
      return an error if the code does not equal 201.
      Patrick Steinhardt committed
  11. 03 Mar, 2016 2 commits
  12. 23 Feb, 2016 2 commits
    • common: introduce GITERR_CHECK_ALLOC_BUF · 859ed5dd
      We commonly have to check if a git_buf has been allocated
      correctly or if we ran out of memory. Introduce a new macro
      similar to `GITERR_CHECK_ALLOC` which checks if we ran OOM and if
      so returns an error. Provide a `#nodef` for Coverity to mark the
      error case as an abort path.
      Patrick Steinhardt committed
    • coverity: hint git_vector_foreach does not deref NULL contents · f2a554b4
      Coverity does not comprehend the connection between a vector's
      size and the contents pointer, that is that the vector's pointer
      is non-NULL when its size is positive. As the vector code should
      be reasonably well tested and users are expected to not manually
      modify a vector's contents it seems save to assume that the
      macros will never dereference a NULL pointer.
      
      Fix Coverity warnings by overriding the foreach macros with
      macros that explicitly aborting when (v)->contents is NULL.
      Patrick Steinhardt committed
  13. 18 Feb, 2016 2 commits
    • coverity: hint that string length is at least 2 · 40f6f225
      When checking if a string is prefixed by a drive letter (e.g.
      "C:") we verify this by inspecting the first and second character
      of the string. Coverity thinks this is a defect as we do not
      check the string's length first, but in fact we only check the
      second character if the first character is part of the alphabet,
      that is it cannot be '\0'.
      
      Fix this by overriding the macro and explicitly checking the
      string's length.
      Patrick Steinhardt committed
    • coverity: add nodefs for abort macros · 5981ab1d
      Add nodefs for macros that abort the current flow due to errors.
      This includes macros that trigger on integer overflows and for
      the version check macro. This aids Coverity as we point out that
      these paths will cause a fatal error.
      Patrick Steinhardt committed
  14. 10 Feb, 2016 2 commits
    • coverity: use https URL for posting build · 50174ab4
      When posting our instrumented build results to Coverity we have
      to include sensitive information, in particular our authorization
      token. Currently we use an unencrypted channel to post this
      information, leading to the token being transferred in plain.
      
      Fix this by using a secured connection instead.
      Patrick Steinhardt committed
    • coverity: provide nodef for GITERR_CHECK_ALLOC · 8dddea42
      Coverity currently lists a lot of errors with regard to
      GITERR_CHECK_ALLOC causing resource leaks. We know this macro is
      only invoked when we want to abort because we are out of memory.
      
      Coverity allows for overriding the default model where we know
      that certain functions guarantee a desired behavior. The
      user_nodefs.h is used to override the behavior of macros.
      Re-define GITERR_CHECK_ALLOC inside of it to specify its abort
      nature.
      Patrick Steinhardt committed
  15. 06 Jul, 2015 2 commits
  16. 27 Jun, 2015 1 commit
  17. 26 Jun, 2015 1 commit
  18. 12 Jun, 2015 1 commit
  19. 17 Mar, 2015 1 commit
  20. 16 Mar, 2015 1 commit
  21. 10 Mar, 2015 1 commit
  22. 05 Mar, 2015 1 commit
  23. 04 Mar, 2015 2 commits
  24. 20 Nov, 2014 1 commit
  25. 19 Nov, 2014 1 commit
  26. 16 Sep, 2014 2 commits
  27. 29 Aug, 2014 1 commit
  28. 07 Jul, 2014 1 commit
  29. 26 Jun, 2014 1 commit