Merge pull request #793 from LebedevRI/codechecker

LebedevRI · web-flow · commit ee51b85909b6 · 2025-04-04T19:04:35.000+03:00
Static analysis fixes
diff --git a/.github/workflows/CI-linux.yml b/.github/workflows/CI-linux.yml
@@ -184,7 +184,7 @@ jobs:
         timeout-minutes: 1
         run: |
           set -xe
-          git config --global --add safe.directory "$GITHUB_WORKSPACE"
+          git config --global --add safe.directory "${GITHUB_WORKSPACE}"
       - name: Fetch/Checkout RawSpeed git repo
         timeout-minutes: 1
         uses: actions/checkout@v4
@@ -396,24 +396,36 @@ jobs:
           BUILD_DIR: ${{ github.workspace }}/rawspeed-build
           CC: ${{ inputs.compiler-CC }}
           CXX: ${{ inputs.compiler-CXX }}
+        id: CC-CSA-plain
         run: |
           set -xe
           . "$PWD/codechecker/venv/bin/activate"
           export PATH="$PWD/codechecker/build/CodeChecker/bin:$PATH"
           set +e
-          CodeChecker check --logfile "${BUILD_DIR}/compile_commands.json" --analyzers clangsa --jobs "$(nproc --all)" --file "${SRC_DIR}/*" --disable deadcode.DeadStores -o "${BUILD_DIR}/codechecker_results"
+          CodeChecker check --logfile "${BUILD_DIR}/compile_commands.json" --analyzers clangsa --jobs "$(nproc --all)" --file "${SRC_DIR}/*" --disable deadcode.DeadStores --disable alpha.unix.Stream -o "${BUILD_DIR}/codechecker_results"
           bugs=$?
-          CodeChecker parse -e html "${BUILD_DIR}/codechecker_results" -o "${BUILD_DIR}/codechecker_report"
+          CodeChecker parse -e sarif "${BUILD_DIR}/codechecker_results" -o "${GITHUB_WORKSPACE}/codechecker_report.json"
+          CodeChecker parse -e html "${BUILD_DIR}/codechecker_results" -o "${GITHUB_WORKSPACE}/codechecker_report"
           set -xe
-          tar -cvJ -f "$GITHUB_WORKSPACE/codechecker_report.tar.xz" -C "${BUILD_DIR}" "codechecker_report"
           [ $bugs -eq 0 ] || exit 1
-      - name: Upload results of clang static analysis (plain mode)
+      - name: Upload results of clang static analysis [SARIF] (plain mode)
         timeout-minutes: 1
-        if: failure()
+        if: inputs.flavor == 'ClangStaticAnalysis' && failure() && steps.CC-CSA-plain.conclusion == 'failure'
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: "${{ github.workspace }}/codechecker_report.json"
+          checkout_path: "${{ github.workspace }}/rawspeed"
+          category: CodeChecker-CSA-plain
+      - name: Upload results of clang static analysis [HTML] (plain mode)
+        timeout-minutes: 1
+        if: inputs.flavor == 'ClangStaticAnalysis' && failure() && steps.CC-CSA-plain.conclusion == 'failure'
         uses: actions/upload-artifact@v4
         with:
-          name: codechecker_report.tar.xz
-          path: ${{ github.workspace }}/codechecker_report.tar.xz
+          name: codechecker_report
+          path: ${{ github.workspace }}/codechecker_report/
+          if-no-files-found: error
+          compression-level: 9
+          overwrite: true
       - name: Perform clang static analysis (CTU mode)
         timeout-minutes: 25
         if: inputs.flavor == 'ClangCTUStaticAnalysis'
@@ -422,24 +434,36 @@ jobs:
           BUILD_DIR: ${{ github.workspace }}/rawspeed-build
           CC: ${{ inputs.compiler-CC }}
           CXX: ${{ inputs.compiler-CXX }}
+        id: CC-CSA-CTU
         run: |
           set -xe
           . "$PWD/codechecker/venv/bin/activate"
           export PATH="$PWD/codechecker/build/CodeChecker/bin:$PATH"
           set +e
-          CodeChecker check --ctu --ctu-reanalyze-on-failure --logfile "${BUILD_DIR}/compile_commands.json" --analyzers clangsa --jobs "$(nproc --all)" --file "${SRC_DIR}/*" --disable deadcode.DeadStores -o "${BUILD_DIR}/codechecker_ctu_results"
+          CodeChecker check --ctu --ctu-reanalyze-on-failure --logfile "${BUILD_DIR}/compile_commands.json" --analyzers clangsa --jobs "$(nproc --all)" --file "${SRC_DIR}/*" --disable deadcode.DeadStores --disable alpha.unix.Stream -o "${BUILD_DIR}/codechecker_ctu_results"
           bugs=$?
-          CodeChecker parse -e html "${BUILD_DIR}/codechecker_ctu_results" -o "${BUILD_DIR}/codechecker_ctu_report"
+          CodeChecker parse -e sarif "${BUILD_DIR}/codechecker_ctu_results" -o "${GITHUB_WORKSPACE}/codechecker_ctu_report.json"
+          CodeChecker parse -e html "${BUILD_DIR}/codechecker_ctu_results" -o "${GITHUB_WORKSPACE}/codechecker_ctu_report"
           set -xe
-          tar -cvJ -f "$GITHUB_WORKSPACE/codechecker_ctu_report.tar.xz" -C "${BUILD_DIR}" "codechecker_ctu_report"
           [ $bugs -eq 0 ] || exit 1
-      - name: Upload results of clang static analysis (CTU mode)
+      - name: Upload results of clang static analysis [SARIF] (plain mode)
+        timeout-minutes: 1
+        if: inputs.flavor == 'ClangCTUStaticAnalysis' && failure() && steps.CC-CSA-CTU.conclusion == 'failure'
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: "${{ github.workspace }}/codechecker_ctu_report.json"
+          checkout_path: "${{ github.workspace }}/rawspeed"
+          category: CodeChecker-CSA-ctu
+      - name: Upload results of clang static analysis [HTML] (CTU mode)
         timeout-minutes: 1
+        if: inputs.flavor == 'ClangCTUStaticAnalysis' && failure() && steps.CC-CSA-CTU.conclusion == 'failure'
         uses: actions/upload-artifact@v4
-        if: failure()
         with:
-          name: codechecker_ctu_report.tar.xz
-          path: ${{ github.workspace }}/codechecker_ctu_report.tar.xz
+          name: codechecker_ctu_report
+          path: ${{ github.workspace }}/codechecker_ctu_report/
+          if-no-files-found: error
+          compression-level: 9
+          overwrite: true
       - name: Perform CodeQL static analysis
         timeout-minutes: 11
         if: inputs.flavor == 'CodeQLAnalysis'
diff --git a/src/librawspeed/io/FileReader.cpp b/src/librawspeed/io/FileReader.cpp
@@ -60,8 +60,12 @@ FileReader::readFile() const {
   if (file == nullptr)
     ThrowFIE("Could not open file \"%s\".", fileName);
 
-  fseek(file.get(), 0, SEEK_END);
+  if (fseek(file.get(), 0, SEEK_END) == -1)
+    ThrowFIE("Could not rewind to the end of the file");
+
   const auto size = ftell(file.get());
+  if (size == -1)
+    ThrowFIE("Could not obtain the file size");
 
   if (size <= 0)
     ThrowFIE("File is 0 bytes.");
@@ -72,20 +76,21 @@ FileReader::readFile() const {
 
   fileSize = size;
 
-  fseek(file.get(), 0, SEEK_SET);
+  if (fseek(file.get(), 0, SEEK_SET) == -1)
+    ThrowFIE("Could not rewind to the beginning of the file");
 
   auto dest = std::make_unique<std::vector<
       uint8_t,
       DefaultInitAllocatorAdaptor<uint8_t, AlignedAllocator<uint8_t, 16>>>>(
       fileSize);
 
-  if (auto bytes_read = fread(dest->data(), 1, fileSize, file.get());
-      fileSize != bytes_read) {
-    ThrowFIE("Could not read file, %s.",
-             feof(file.get()) ? "reached end-of-file"
-                              : (ferror(file.get()) ? "file reading error"
-                                                    : "unknown problem"));
-  }
+  auto bytes_read = fread(dest->data(), 1, fileSize, file.get());
+  if (ferror(file.get()))
+    ThrowFIE("Could not read file, file reading error");
+  if (feof(file.get()))
+    ThrowFIE("Could not read file, reached end-of-file");
+  if (fileSize != bytes_read)
+    ThrowFIE("Could not read file, unknown problem");
 
 #else // __unix__
 
diff --git a/src/utilities/rstest/rstest.cpp b/src/utilities/rstest/rstest.cpp
@@ -25,6 +25,7 @@
 #include "adt/Casts.h"
 #include "adt/DefaultInitAllocatorAdaptor.h"
 #include "adt/NotARational.h"
+#include "io/FileIOException.h"
 #include "md5.h"
 #include <array>
 #include <bit>
@@ -280,6 +281,8 @@ void writePPM(const RawImage& raw, const std::string& fn) {
 
   // Write PPM header
   fprintf(f.get(), "%s\n%d %d\n65535\n", format.c_str(), width, height);
+  if (ferror(f.get()))
+    ThrowFIE("Could not write file");
 
   width *= raw->getCpp();
 
@@ -291,6 +294,8 @@ void writePPM(const RawImage& raw, const std::string& fn) {
       img(y, x) = getU16BE(&img(y, x));
 
     fwrite(&img(y, 0), sizeof(decltype(img)::value_type), width, f.get());
+    if (ferror(f.get()))
+      ThrowFIE("Could not write file");
   }
 }
 
@@ -304,6 +309,8 @@ void writePFM(const RawImage& raw, const std::string& fn) {
 
   // Write PFM header. if scale < 0, it is little-endian, if >= 0 - big-endian
   int len = fprintf(f.get(), "%s\n%d %d\n-1.0", format.c_str(), width, height);
+  if (ferror(f.get()))
+    ThrowFIE("Could not write file");
 
   // make sure that data starts at aligned offset. for sse
   static const auto dataAlignment = 16;
@@ -323,6 +330,8 @@ void writePFM(const RawImage& raw, const std::string& fn) {
 
   // and actually write padding + new line
   len += fprintf(f.get(), "%0*i\n", padding, 0);
+  if (ferror(f.get()))
+    ThrowFIE("Could not write file");
   assert(paddedLen == len);
 
   // did we write a multiple of an alignment value?
@@ -343,6 +352,8 @@ void writePFM(const RawImage& raw, const std::string& fn) {
       img(row_in, x) = std::bit_cast<float>(getU32LE(&img(row_in, x)));
 
     fwrite(&img(row_in, 0), sizeof(decltype(img)::value_type), width, f.get());
+    if (ferror(f.get()))
+      ThrowFIE("Could not write file");
   }
 }
 
