I have a specialization template function that performs nulling:
template <class T> void SecureWipeBuffer(T *buf, size_t n) { volatile T *p = buf+n; while (n--) *((volatile T*)(--p)) = 0; } ... template <> void SecureWipeBuffer(word64* p, size_t n) { asm volatile("rep stosq" : "+c"(n), "+D"(p) : "a"(0) : "memory"); }
Coverage concludes on SecureWipeBuffer :
word64 val; ... SecureWipeBuffer(&val, 1);
Find:
>>> CID 164713: Incorrect expression (SIZEOF_MISMATCH) >>> Passing argument "&val" of type "word64 *" and argument "1UL" to function "SecureWipeBuffer" is suspicious because "sizeof (word64)" /*8*/ is expected. 275 SecureWipeBuffer(&val, 1);
How to make Cover Coverity that SecureWipeBuffer accepts the number of elements, not the number of bytes?
EDIT : We got two similar outputs with our Windows code. In addition, Coverity draws conclusions about standard library functions. As if he doesnβt understand that C ++ deals with counting elements, not the number of bytes.
Below is the Microsft standard library code in <xmemory>
25 if (_Count == 0) 26 ; 27 else if (((size_t)(-1) / sizeof (_Ty) < _Count) CID 12348 (#1 of 1): Wrong sizeof argument (SIZEOF_MISMATCH) suspicious_sizeof: Passing argument _Count * 4U to function operator new which returns a value of type std::allocator<void *>::value_type is suspicious. 28 || (_Ptr = ::operator new(_Count * sizeof (_Ty))) == 0) 29 _Xbad_alloc();
source share