[cfe-dev] How to fix this Clang report bug?

凌欢 linghuan713 at 126.com
Fri Aug 2 04:08:37 PDT 2013


HI, all :
Our developers says that if set NULL to the pointer ,it can be used after released , is it right ? Following the the code which is
reported by scan-build and the type is used after release , can anyone tell me how to fix the bug ?
Or is it the false positive ?  please see the attathed .c file for the detail which is start line 896, end line 942.
 Thanks all .


896 void MTT_ETPV_del(MTT_ETPV ** handle)
897 {
898     MTT_ETPV ** this = (MTT_ETPV**)handle;
899     if((*this)->sURL) JString_del(&(*this)->sURL);
6
←
Taking false branch
→
900     if((*this)->stURLPV) JArray_del(&(*this)->stURLPV);
7
←
Taking false branch
→
901     if((*this)->sID) JString_del(&(*this)->sID);
8
←
Taking false branch
→
902     if((*this)->className) JceFree((*this)->className);
9
←
Taking false branch
→
903     JceFree(*this);
10
←
Within the expansion of the macro 'JceFree':
→
a
Memory is released

904     *this = NULL;
905 }
906  
907 Int32 MTT_ETPV_init(MTT_ETPV * handle)
908 {
909     MTT_ETPV * this = (MTT_ETPV*) handle;
910     
911     char * tafClassName = "MTT.ETPV";
912     
913     this->className = JceMalloc(strlen(tafClassName)+1);
914     this->writeTo = MTT_ETPV_writeTo;
915     this->readFrom = MTT_ETPV_readFrom;
916     
917     this->sURL = JString_new();
918     this->stURLPV = JArray_new("MTT.URLPV");
919     this->sID = JString_new();
920     
921     if(!this->className  || !this->sURL || !this->stURLPV || !this->sID)
922     {
923         MTT_ETPV_del(&this);
5
←
Calling 'MTT_ETPV_del'
→
11
←
Returning; memory was released
→
924         return JCE_MALLOC_ERROR;
925     }
926     memcpy(this->className, tafClassName, strlen(tafClassName)+1);
927     
928     JString_assign(this->sURL, "", strlen(""));
929     JString_assign(this->sID, "", strlen(""));
930     
931     return JCE_SUCCESS;
932 }
933  
934 MTT_ETPV * MTT_ETPV_new()
935 {
936     Int32 ret=0;
937     MTT_ETPV *this = (MTT_ETPV *)JceMalloc(sizeof(MTT_ETPV));
1
Within the expansion of the macro 'JceMalloc':
→
a
Memory is allocated

938     if(!this) return NULL;
2
←
Assuming 'this' is non-null
→
3
←
Taking false branch
→
939     ret = MTT_ETPV_init(this);
4
←
Calling 'MTT_ETPV_init'
→
12
←
Returning; memory was released via 1st parameter
→
940     if(JCE_SUCCESS != ret) { return NULL; }
13
←
Taking false branch
→
941     return this;
14
←
Use of memory after it is freed
942 }

 BRs
Howard Ling
*****************************************************
 
E-mail:    linghuan713 at 126.com
 
*****************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20130802/038a86fb/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: WupPack MTT_IPHONE.c.rar
Type: application/octet-stream
Size: 140274 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20130802/038a86fb/attachment.obj>


More information about the cfe-dev mailing list