Skip to content

Commit e85e6ee

Browse files
Merge pull request #79 from NathanNeurotic/codex/locate-remaining-codacy-findings
Fix Codacy findings: bounded read helpers, remove cppcheck suppressions, and harden mk_kelf.sh
2 parents e81efbb + 7c0fac8 commit e85e6ee

5 files changed

Lines changed: 18 additions & 44 deletions

File tree

README.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -332,8 +332,8 @@ If you find one — please report it 🙂
332332

333333
## Static Analysis (Codacy / cppcheck)
334334

335-
- Run `scripts/cppcheck.sh` locally or in Codacy. It invokes `cppcheck` with `--library=std.cfg --check-config --enable=all --std=c99 --inline-suppr --suppress=missingIncludeSystem` and includes:
335+
- Run `scripts/cppcheck.sh` locally or in Codacy. It invokes `cppcheck` with `--library=std.cfg --check-config --enable=all --std=c99 --inline-suppr` and includes:
336336
- `$PS2SDK/ee/include`, `$PS2SDK/iop/include`, `$PS2SDK/common/include` (defaulting to `/usr/local/ps2dev/ps2sdk`)
337337
- Project headers under `include/`
338338
- Analysis-only PS2SDK shims under `tools/codacy_shims/ps2sdk/` and minimal standard-library shims under `tools/codacy_shims/stdlib/` to avoid “missing include” findings when the real SDK or libc headers are unavailable
339-
- If Codacy’s Cppcheck runner cannot see the PS2SDK headers, configure it to load `cppcheck-suppressions.txt` (e.g., `--suppressions-list=cppcheck-suppressions.txt`) to silence environment-only `missingInclude` / `missingIncludeSystem` noise without changing real includes.
339+
- If Codacy’s Cppcheck runner cannot see the PS2SDK headers, point it at the shim headers under `tools/codacy_shims/` to avoid missing-include noise without masking real issues.

mk_kelf.sh

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,8 @@ make banner
33

44
DATE=$(date "+%d-%m-%Y")
55
SHA8=$(git rev-parse --short HEAD)
6+
: "${DATE:?DATE is unset or empty}"
7+
: "${SHA8:?SHA8 is unset or empty}"
68
TARGET="PS2BBL_KELF-[$DATE]-[$SHA8]"
79

810
: "${TARGET:?TARGET not set}"
@@ -53,5 +55,6 @@ if [ "$TARGET" = "/" ]; then
5355
exit 1
5456
fi
5557

58+
: "${TARGET:?TARGET is unset or empty}"
5659
rm -rf -- "${TARGET:?}/"
5760
echo "done!"

scripts/cppcheck.sh

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -23,9 +23,6 @@ exec cppcheck \
2323
--enable=all \
2424
--std=c99 \
2525
--inline-suppr \
26-
--suppressions-list="${PROJECT_ROOT}/cppcheck-suppressions.txt" \
27-
--suppress=missingIncludeSystem \
28-
--suppress=missingInclude \
2926
"${INCLUDE_PATHS[@]}" \
3027
"${PROJECT_ROOT}/src" \
3128
"${PROJECT_ROOT}/include"

src/OSDHistory.c

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -129,10 +129,6 @@ int LoadHistoryFile(int port)
129129
fd = open(fullpath, O_RDONLY);
130130
result = 0;
131131
if (fd >= 0) {
132-
/* Flawfinder: ignore (bounded read into fixed-size HistoryEntries buffer) */
133-
// cppcheck-suppress readBufferSize
134-
// cppcheck-suppress bufferAccessOutOfBounds
135-
// Use bounded read helper for Codacy CWE-120/CWE-20 compliance.
136132
ssize_t r = safe_read_fully_bin(fd, HistoryEntries, HISTORY_SIZE);
137133
if (r != (ssize_t)HISTORY_SIZE)
138134
result = -EIO;

src/util_safeio.c

Lines changed: 13 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,6 @@
11
#include "util_safeio.h"
22

3-
#ifdef __CPPCHECK__
4-
typedef long ssize_t;
5-
extern ssize_t read(int, void *, unsigned int);
6-
#else
73
#include <unistd.h>
8-
#endif
94

105
/* Centralized bounded read helpers to address Codacy CWE-120/CWE-20 findings. */
116

@@ -15,42 +10,26 @@ static ssize_t safe_read_loop(int fd, char *buf, size_t buf_sz, int nul_terminat
1510
return -1;
1611
}
1712

18-
#ifdef __CPPCHECK__
19-
/* Cppcheck-only: avoid false-positive CWE-120 on bounded read loops. */
20-
size_t max_read = buf_sz;
21-
if (nul_terminate) {
22-
if (buf_sz == 1) {
23-
buf[0] = '\0';
24-
return 0;
25-
}
26-
max_read = buf_sz - 1;
27-
}
28-
ssize_t r = read(fd, buf, (unsigned int)max_read);
29-
if (r < 0) {
30-
return r;
13+
if (nul_terminate && buf_sz == 1) {
14+
buf[0] = '\0';
15+
return 0;
3116
}
17+
18+
size_t max_payload = buf_sz;
3219
if (nul_terminate) {
33-
size_t term_at = ((size_t)r < buf_sz) ? (size_t)r : (buf_sz - 1);
34-
buf[term_at] = '\0';
20+
max_payload = buf_sz - 1;
3521
}
36-
return r;
37-
#else
38-
size_t offset = 0;
39-
while (offset < buf_sz) {
40-
size_t max_read = buf_sz - offset;
4122

42-
if (nul_terminate) {
43-
if (max_read <= 1) {
44-
break; // Leave space for the terminator.
45-
}
46-
max_read -= 1;
23+
size_t offset = 0;
24+
while (offset < max_payload) {
25+
size_t to_read = max_payload - offset;
26+
ssize_t r = read(fd, buf + offset, to_read);
27+
if (r < 0) {
28+
return -1;
4729
}
48-
49-
ssize_t r = read(fd, buf + offset, max_read);
50-
if (r <= 0) {
30+
if (r == 0) {
5131
break;
5232
}
53-
5433
offset += (size_t)r;
5534
}
5635

@@ -59,7 +38,6 @@ static ssize_t safe_read_loop(int fd, char *buf, size_t buf_sz, int nul_terminat
5938
}
6039

6140
return (ssize_t)offset;
62-
#endif
6341
}
6442

6543
ssize_t safe_read_once_nt(int fd, char *buf, size_t buf_sz)

0 commit comments

Comments
 (0)