[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] why does our coverity-model.c g_strdup() say it is a si
|
From: |
Markus Armbruster |
|
Subject: |
Re: [Qemu-devel] why does our coverity-model.c g_strdup() say it is a size-sink? |
|
Date: |
Thu, 14 Mar 2019 20:15:28 +0100 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) |
Paolo Bonzini <address@hidden> writes:
> On 14/03/19 13:16, Peter Maydell wrote:
>> Mmm, that makes sense. So in this particular case, do we
>> want to try to avoid doing an unbounded allocation based
>> on whatever rubbish the user passed us in the environment,
>> or do we say "this particular case is OK" and mark it
>> as a false-positive ?
>>
>> Cc'ing Gerd since the Coverity issues in question are
>> in the audio code (in get_str() and in
>> audio_handle_legacy_opts()).
>
> I think the solution for that is deprecating the old legacy options and
> getting rid of them in one year...
+1