Skip to content

Fix static analysis warning in Serializable.cpp (#2385) #2386

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 28, 2023
Merged

Fix static analysis warning in Serializable.cpp (#2385) #2386

merged 3 commits into from
Nov 28, 2023

Conversation

bocchino
Copy link
Collaborator

@bocchino bocchino commented Nov 28, 2023
edited
Loading

  • Fix the coding issue.
  • Add unit test coverage for the code.

Closes #2385.

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 28, 2023
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 28, 2023
View reviewed changes
Fw/Types/Serializable.cpp
POINTER_CAST pointerCastVal = 0;
const SerializeStatus stat = this->deserialize(pointerCastVal);
if (stat == FW_SERIALIZE_OK) {
val = reinterpret_cast<void*>(pointerCastVal);

Check warning

Code scanning / CodeQL

Unchecked function argument

This use of parameter val has not been checked.
@LeStarch
Copy link
Collaborator

Since spelling needs to be appeased anyway, could we rename POINTER_CAST to PlatformPointerCastType? This is a migration we need to get to anyway.

@bocchino bocchino changed the title Fix bug in Serializable.cpp (#2385) Fix static analysis warning in Serializable.cpp (#2385) Nov 28, 2023
@bocchino
Copy link
Collaborator Author

Done!

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 28, 2023
View reviewed changes
Fw/Types/Serializable.cpp
@@ -478,7 +478,13 @@
}

SerializeStatus SerializeBufferBase::deserialize(void*& val) {
return this->deserialize(reinterpret_cast<POINTER_CAST&>(val));
// Deserialize as pointer cast, then convert to void*
PlatformPointerCastType pointerCastVal = 0;

Check notice

Code scanning / CodeQL

Use of basic integral type

pointerCastVal uses the basic integral type unsigned long rather than a typedef with size and signedness.
@LeStarch LeStarch merged commit d1d5860 into nasa:devel Nov 28, 2023
@bocchino bocchino deleted the fix-serializable-cpp branch November 29, 2023 02:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@LeStarch LeStarch LeStarch approved these changes

@thomas-bc thomas-bc thomas-bc approved these changes

@Joshua-Anderson Joshua-Anderson Awaiting requested review from Joshua-Anderson

@timcanham timcanham Awaiting requested review from timcanham

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Static Analysis Warning in Serializable.cpp
3 participants
@bocchino @LeStarch @thomas-bc