Closed Bug 336946 Opened 19 years ago Closed 19 years ago

Coverity 260-278 problems in sqlite

Categories

(Core :: SQLite and Embedded Database Bindings, defect, P1)

Product:
Core
Component:
SQLite and Embedded Database Bindings
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla1.8.1beta1

People

(Reporter: jonsmirl, Assigned: brettw)

References

(Blocks 1 open bug)

Details

(Keywords: coverity, fixed1.8.1)

According to the coverity scan page the current CVS version of sqlite is coverity clean. Updating the version in Mozilla should clear all of these.
Assignee: Jan.Varga → vladimir
Component: SQL → Storage
Product: Core → Toolkit
QA Contact: irixman+bugzilla → storage
That's strange because at least bug 336133 was fixed today. I thought coverity caught unchecked mallocs.
Coverity is checking sqlite in two places, once in sqlite CVS and again for the copy in Mozilla CVS. The sqlite CVS version was clean (they picked up 2 errors yesterday) but the Mozilla copy has about 20 Coverity hits. From this I am inferring that things are getting fixed upstream but are not being copied back into Mozilla. It doesn't make sense to fix these again in Mozilla CVS if they have already been fixed upstream. zlib and libjpeg have the same problem
Ah. It was the assertion that sqlite was 100% clean that confused me. Anyways, mozilla's version of sqlite gets updated from upstream once in a while (f.e. see bug 326458 and bug 328213).
It would nice to get an update and try to get Mozilla Coverity hits to zero.
Coverity CID 876 concerns this: <http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/db/sqlite3/src/pager.c&rev=1.8&mark=3195-3197#3194>. Briefly, |pager_lookup| may return NULL, which is dereferenced on the next line. This is already fixed upstream and their bug report implies it's a can't-happen condition so I won't bother to open a separate bug about it. It looks like mozilla is still using sqlite 3.3.4, see bug 328213. 3.3.5 has been released and it includes a lot of coverity fixes; see <http://www.sqlite.org/cvstrac/chngview?cn=3126>.
Assignee: vladimir → brettw
Depends on: 338155
OS: Linux → All
Priority: -- → P1
Hardware: PC → All
Target Milestone: --- → mozilla1.8.1beta1
I'm a little unclear on this bug. Is there anything here that is not fixed by the upgrade to sqlite 3.3.5 (bug 338155)?
brett: this bug was a request for a speedy update to a version that coverity doesn't dislike. since you filed a bug *after* someone asked for this, you filed a duplicate of it, and it's up to you how to resolve it. there's nothing beyond it. once you have imported a normal version, if coverity errors turn up in sqlite code and they don't turn up in standard, i'll probably file coverity bugs against you. until now, i didn't bother filing any bugs about the sqlite stuff because it wasn't worth it.
Fixed by patch in bug 338155.
Status: NEW → RESOLVED
Closed: 19 years ago
Keywords: fixed1.8.1
Resolution: --- → FIXED
Product: Toolkit → Core
You need to log in before you can comment on or make changes to this bug.