Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

parser-cov: align assignment of key events with Coverity #165

Merged
merged 11 commits into from
Feb 26, 2024
Merged

parser-cov: align assignment of key events with Coverity #165

merged 11 commits into from
Feb 26, 2024

Conversation

kdudka
Copy link
Member

@kdudka kdudka commented Feb 20, 2024

@kdudka
parser-json: remove trailing new-lines from messages
250e301 
They cannot be propagated through the plain-text format and
could cause artificial differences when compared with JSON.

Related: https://issues.redhat.com/browse/OSH-552
@kdudka
parser-cov: align the columns in KeyEventDigger ctor
5b25c7d 
... to improve code readability

Related: https://issues.redhat.com/browse/OSH-552
@kdudka
parser-cov: tweak key event detection for LOCK_EVASION
0a0c57e 
Instead of `use_same_locks_for_read_and_modify` we need to pick
`thread1_overwrites_value_in_field` in the example used as a test.

Related: https://issues.redhat.com/browse/OSH-552
@kdudka kdudka requested a review from hanchuntao February 20, 2024 16:48
@kdudka kdudka self-assigned this Feb 20, 2024
kdudka added a commit to kdudka/csdiff that referenced this pull request Feb 20, 2024
@kdudka
parser-cov: look for an eligible key event
edcb5bc 
... in forward direction, which seems to be more compatible
with Coverity's native assignment of key events.

Resolves: https://issues.redhat.com/browse/OSH-552
Closes: csutils#165
@kdudka kdudka force-pushed the cov-parser-overhaul branch from 821265e to edcb5bc Compare February 20, 2024 16:48
@kdudka kdudka mentioned this pull request Feb 20, 2024
Closed
@kdudka kdudka marked this pull request as draft February 21, 2024 09:19
kdudka added a commit to kdudka/csdiff that referenced this pull request Feb 21, 2024
@kdudka
parser-cov: search key event backwards
9a3a622 
... only for RESOURCE_LEAK, UNINIT, and UNINIT_CTOR.  Coverity is
inconsistent in this and the plain-text parser in csdiff needs to
follow it.

Resolves: https://issues.redhat.com/browse/OSH-552
Closes: csutils#165
@kdudka kdudka force-pushed the cov-parser-overhaul branch from edcb5bc to 9a3a622 Compare February 21, 2024 10:54
kdudka added a commit to kdudka/csdiff that referenced this pull request Feb 21, 2024
@kdudka
parser-cov: search key event backwards
3606446 
... only for RESOURCE_LEAK, UNINIT, and UNINIT_CTOR.  Coverity is
inconsistent in this and the plain-text parser in csdiff needs to
follow it.

Resolves: https://issues.redhat.com/browse/OSH-552
Closes: csutils#165
@kdudka kdudka force-pushed the cov-parser-overhaul branch from 9a3a622 to 3606446 Compare February 21, 2024 10:56
@kdudka kdudka marked this pull request as ready for review February 21, 2024 10:57
@kdudka kdudka marked this pull request as draft February 21, 2024 11:58
kdudka added a commit to kdudka/csdiff that referenced this pull request Feb 21, 2024
@kdudka
parser-cov: search more key event backwards
a8b3dec 
... to better emulate how Coverity itself assign key events.

Resolves: https://issues.redhat.com/browse/OSH-552
Closes: csutils#165
@kdudka kdudka force-pushed the cov-parser-overhaul branch from 3606446 to a8b3dec Compare February 21, 2024 12:16
kdudka added a commit to kdudka/csdiff that referenced this pull request Feb 21, 2024
@kdudka
parser-cov: further tweaks to key event matching
c0d34b8 
Resolves: https://issues.redhat.com/browse/OSH-552
Closes: csutils#165
@kdudka kdudka force-pushed the cov-parser-overhaul branch from a8b3dec to c0d34b8 Compare February 21, 2024 15:28
@kdudka
parser-cov: update explicitly defined key events
5f3f915 
... to match the assignment used by Coverity's JSON v7 format

Related: https://issues.redhat.com/browse/OSH-552
@kdudka
parser-cov: look for an explicitly defined key event
6dffa0d 
... in forward direction, which seems to be more compatible
with Coverity's native assignment of key events.

Related: https://issues.redhat.com/browse/OSH-552
@kdudka
parser-cov: look for an eligible key event
737f94a 
... in forward direction, which seems to be more compatible
with Coverity's native assignment of key events.

Related: https://issues.redhat.com/browse/OSH-552
@kdudka
parser-cov: update explicitly defined key events
c9d76f2 
... to match the assignment used by Coverity's JSON v7 format

Related: https://issues.redhat.com/browse/OSH-552
@kdudka
parser-cov: search key event backwards
21fd2f7 
... only for RESOURCE_LEAK, UNINIT, and UNINIT_CTOR.  Coverity is
inconsistent in this and the plain-text parser in csdiff needs to
follow it.

Related: https://issues.redhat.com/browse/OSH-552
@kdudka
parser-cov: search more key event backwards
9dbb09a 
... to better emulate how Coverity itself assign key events.

Related: https://issues.redhat.com/browse/OSH-552
kdudka added a commit to kdudka/csdiff that referenced this pull request Feb 21, 2024
@kdudka
parser-cov: further tweaks to key event matching
a3cdbc4 
Resolves: https://issues.redhat.com/browse/OSH-552
Closes: csutils#165
@kdudka kdudka force-pushed the cov-parser-overhaul branch from c0d34b8 to a3cdbc4 Compare February 21, 2024 15:48
kdudka added a commit to kdudka/csdiff that referenced this pull request Feb 22, 2024
@kdudka
tests/csdiff: help csdiff to find the correct key event
ef63a3d 
The 2nd event is a key event in the following finding from Coverity:
```
Error: SOCKET_ACCEPT_ALL_ORIGINS (CWE-942):
grafana-9.2.10/vendor/github.com/gorilla/websocket/server.go:302: go_socketio_all_origins: The function "function anonymous%1" always returns "true".
grafana-9.2.10/vendor/github.com/gorilla/websocket/server.go:302: go_socketio_all_origins: The function "Upgrader.CheckOrigin()" always returns "true" to accept requests from all origins.
grafana-9.2.10/vendor/github.com/gorilla/websocket/server.go:302: go_socketio_all_origins: Modify the "Upgrader.CheckOrigin()" function to only return "true" for trusted origins, or remove the function completely since the default "Upgrader" will only create "WebSocket" connections with clients from the same origin.
```

Related: https://issues.redhat.com/browse/OSH-552
Closes: csutils#165
@kdudka kdudka force-pushed the cov-parser-overhaul branch from a3cdbc4 to ef63a3d Compare February 22, 2024 07:28
@kdudka kdudka marked this pull request as ready for review February 22, 2024 07:29
@kdudka
parser-cov: further tweaks to key event matching
75a2a82 
Resolves: https://issues.redhat.com/browse/OSH-552
@kdudka
tests/csdiff: help csdiff to find the correct key event
4a17373 
The 2nd event is a key event in the following finding from Coverity:
```
Error: SOCKET_ACCEPT_ALL_ORIGINS (CWE-942):
grafana-9.2.10/vendor/github.com/gorilla/websocket/server.go:302: go_socketio_all_origins: The function "function anonymous%1" always returns "true".
grafana-9.2.10/vendor/github.com/gorilla/websocket/server.go:302: go_socketio_all_origins: The function "Upgrader.CheckOrigin()" always returns "true" to accept requests from all origins.
grafana-9.2.10/vendor/github.com/gorilla/websocket/server.go:302: go_socketio_all_origins: Modify the "Upgrader.CheckOrigin()" function to only return "true" for trusted origins, or remove the function completely since the default "Upgrader" will only create "WebSocket" connections with clients from the same origin.
```

Related: https://issues.redhat.com/browse/OSH-552
Closes: csutils#165
@kdudka kdudka force-pushed the cov-parser-overhaul branch from ef63a3d to 4a17373 Compare February 22, 2024 07:45
@kdudka
Copy link
Member Author

kdudka commented Feb 22, 2024

/packit build

@kdudka kdudka closed this in 4a17373 Feb 26, 2024
@kdudka kdudka merged commit 4a17373 into csutils:main Feb 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hanchuntao hanchuntao hanchuntao approved these changes

Assignees

@kdudka kdudka

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kdudka @hanchuntao