ci: extend pre-commit checks, fix failing checks#394
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| } | ||
|
|
||
| // Concatenate all segments to create the data bit string | ||
| memset(qrcode, 0, (size_t)qrcodegen_BUFFER_LEN_FOR_VERSION(version) * sizeof(qrcode[0])); |
Check warning
Code scanning / clang-tidy
Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
| assert(1 <= degree && degree <= qrcodegen_REED_SOLOMON_DEGREE_MAX); | ||
| // Polynomial coefficients are stored from highest to lowest power, excluding the leading term which is always 1. | ||
| // For example the polynomial x^3 + 255x^2 + 8x + 93 is stored as the uint8 array {255, 8, 93}. | ||
| memset(result, 0, (size_t)degree * sizeof(result[0])); |
Check warning
Code scanning / clang-tidy
Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
| const uint8_t generator[], int degree, uint8_t result[]) | ||
| { | ||
| assert(1 <= degree && degree <= qrcodegen_REED_SOLOMON_DEGREE_MAX); | ||
| memset(result, 0, (size_t)degree * sizeof(result[0])); |
Check warning
Code scanning / clang-tidy
Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
| memset(result, 0, (size_t)degree * sizeof(result[0])); | ||
| for (int i = 0; i < dataLen; i++) { // Polynomial division | ||
| uint8_t factor = data[i] ^ result[0]; | ||
| memmove(&result[0], &result[1], (size_t)(degree - 1) * sizeof(result[0])); |
Check warning
Code scanning / clang-tidy
Call to function 'memmove' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memmove_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
| { | ||
| // Initialize QR Code | ||
| int qrsize = version * 4 + 17; | ||
| memset(qrcode, 0, (size_t)((qrsize * qrsize + 7) / 8 + 1) * sizeof(qrcode[0])); |
Check warning
Code scanning / clang-tidy
Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
| assert(bitLen != -1); | ||
| result.numChars = (int)len; | ||
| if (bitLen > 0) { | ||
| memset(buf, 0, ((size_t)bitLen + 7) / 8 * sizeof(buf[0])); |
Check warning
Code scanning / clang-tidy
Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
| assert(bitLen != -1); | ||
| result.numChars = (int)len; | ||
| if (bitLen > 0) { | ||
| memset(buf, 0, ((size_t)bitLen + 7) / 8 * sizeof(buf[0])); |
Check warning
Code scanning / clang-tidy
Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
| if (assignVal < 0) { | ||
| assert(false); | ||
| } else if (assignVal < (1 << 7)) { | ||
| memset(buf, 0, 1 * sizeof(buf[0])); |
Check warning
Code scanning / clang-tidy
Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
| memset(buf, 0, 1 * sizeof(buf[0])); | ||
| appendBitsToBuffer((unsigned int)assignVal, 8, buf, &result.bitLength); | ||
| } else if (assignVal < (1 << 14)) { | ||
| memset(buf, 0, 2 * sizeof(buf[0])); |
Check warning
Code scanning / clang-tidy
Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
| appendBitsToBuffer(2, 2, buf, &result.bitLength); | ||
| appendBitsToBuffer((unsigned int)assignVal, 14, buf, &result.bitLength); | ||
| } else if (assignVal < 1000000L) { | ||
| memset(buf, 0, 3 * sizeof(buf[0])); |
Check warning
Code scanning / clang-tidy
Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
Test Results 10 files 10 suites 25m 7s ⏱️ Results for commit 010f2d4. |
2 participants
Closes #384