LDRA Testbed ® Code Review Report

System : Dovecot-src-ssl-params

Overall Result: FAIL

Report Production	Report Configuration	Analysis phases
C/C++ LDRA Testbed Version: 8.3.0 Config. File: C:\Testbed\CCPP_830_Release\C\sate_creport.dat Produced On: Mon Aug 09 2010 at 22:01:58 Penalty File: C:\Testbed\CCPP_830_Release\c\cpen.dat	Report Level: Summary Report Procedures Reported: Fails Only Programming Standards Model: SATE 2010 L1 Plus Line Numbers refer to: Original Source File Violation Details: Violations Only Reporting Scope: Full analysis scope	Static: Yes Complexity: Yes Static Data Flow: Yes Information Flow: Yes Cross Reference: Yes

Overall Quality Summary

Totals of Violations for each Standard
Table of Procedure Results
Table of Source Files in System
Table of Global Basic Information

Report on Program Components

Quality Results Global Program and Selected Procedures

Overall Quality Summary

Totals for Violated Quality Standards

Number of Violations	LDRA Code	(M) Mandatory Standards	CERT Code
69	77 S	Macro replacement list needs parentheses.	CERT PRE02-C
45	78 S	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
1	577 S	Sizeof argument is a pointer.	CERT EXP01-C
4	5 D	Procedure contains UR data flow anomalies.	CERT EXP33-C
12	45 D	Pointer not checked for null before use	CERT EXP08-C,EXP34-C
1	51 D	Attempt to read from freed memory.	CERT MEM30-C
3	57 D	Global not initialised at declaration.	CERT EXP33-C
8	69 D	Procedure contains UR data flow anomalies.	CERT EXP33-C
1	77 D	Local structure returned in function result
3	86 D	User input not checked before use.	CERT FIO30-C

Number of Violations	LDRA Code	(C) Checking (Mandatory) Standards	CERT Code
4	76 D	Procedure not called in code analysed

Number of Violations	LDRA Code	(O) Optional Standards	CERT Code
1	592 S	Use of filename based functions.	CERT FIO01-C

Number of Mandatory Standards checked	27
Number of Checking Standards checked	1
Number of Optional Standards checked	3
Total Standards checked	31

OVERALL RESULT: FAIL

Out of 36 program components, 22 (61.11 %) pass ( of which 0 conditionally pass ) and 14 fail ( of which 0 fail only because of insufficient comments )

Procedure Results


`Quality Result`	`Procedure`	`Source File`	`Unique Violations`				`Failure Density`
							`(Viols/R.Line %)`
FAIL	Global Program
Pass	buffer_get_data	buffer.h analysed in main.c	0				0
Pass	buffer_get_used_size	buffer.h analysed in main.c	0				0
Pass	array_create_from_buffer_i	array.h analysed in main.c	0				0
FAIL	array_create_i	array.h analysed in main.c	4	-			17		-
Pass	array_free_i	array.h analysed in main.c	0				0
Pass	array_is_created_i	array.h analysed in main.c	0				0
Pass	array_get_pool_i	array.h analysed in main.c	0				0
Pass	array_clear_i	array.h analysed in main.c	0				0
Pass	array_append_i	array.h analysed in main.c	0				0
Pass	array_append_array_i	array.h analysed in main.c	0				0
Pass	array_insert_i	array.h analysed in main.c	0				0
Pass	array_delete_i	array.h analysed in main.c	0				0
Pass	array_get_i	array.h analysed in main.c	0				0
Pass	array_idx_i	array.h analysed in main.c	0				0
Pass	array_get_modifiable_i	array.h analysed in main.c	0				0
Pass	array_append_space_i	array.h analysed in main.c	0				0
Pass	array_copy	array.h analysed in main.c	0				0
Pass	array_count_i	array.h analysed in main.c	0				0
Pass	client_deinit	main.c	0				0
FAIL	client_output_flush	main.c	4	-			7	-
FAIL	client_handle	main.c	4	-			5	-
FAIL	client_connected	main.c	4	-			3	-
FAIL	ssl_params_callback	main.c	4	-			3	-
FAIL	sig_chld	main.c	12		-		13		-
Pass	main_init	main.c	0				0
Pass	main_deinit	main.c	0				0
FAIL	main	main.c	16		-		18		-
FAIL	ssl_params_settings_read	ssl-params-settings.c	8	-			18		-
FAIL	ssl_params_if_unchanged	ssl-params.c	20			-	5	-
Pass	ssl_params_rebuild	ssl-params.c	0				0
Pass	ssl_params_set_timeout	ssl-params.c	0				0
FAIL	ssl_params_read	ssl-params.c	8	-			3	-
FAIL	ssl_params_init	ssl-params.c	8	-			27			-
FAIL	ssl_params_refresh	ssl-params.c	4	-			17		-
FAIL	ssl_params_deinit	ssl-params.c	4	-			11		-

Global Information

Source Files in System

Name	Last Modification Date
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\ssl-params\ssl-params.c	Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\ssl-params\ssl-params-settings.c	Fri Jun 25 08:22:16 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\ssl-params\ssl-params-openssl.c	Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\ssl-params\main.c	Thu May 27 19:00:08 2010

Global Basic Information

Number of procedures:	35
Number of locally uncalled procedures:	0
Maximum loop depth:	1
Total Cyclomatic Complexity:	51
Number of reformatted executable lines:	603
Number of lines of comments:	2660

Summary Report on all Program Components which FAIL

Globals / code outside procedures - FAIL

Standards Violation Summary - All files

Code	File: Src Line	Violation	Standard
M	compat.h: 214	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 215	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 216	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 217	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 218	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 219	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 220	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 221	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 222	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 223	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 224	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 225	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 226	Macro replacement list needs parentheses.	CERT PRE02-C
M	macros.h: 196	Macro replacement list needs parentheses.	CERT PRE02-C
M	macros.h: 197	Macro replacement list needs parentheses.	CERT PRE02-C
M	macros.h: 204	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	macros.h: 204	Macro replacement list needs parentheses.	CERT PRE02-C
M	macros.h: 205	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	macros.h: 205	Macro replacement list needs parentheses.	CERT PRE02-C
M	macros.h: 223	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	macros.h: 223	Macro replacement list needs parentheses.	CERT PRE02-C
M	macros.h: 232	Macro replacement list needs parentheses.	CERT PRE02-C
M	data-stack.h: 49	Macro replacement list needs parentheses.	CERT PRE02-C
M	data-stack.h: 51	Macro replacement list needs parentheses.	CERT PRE02-C
M	data-stack.h: 75	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	data-stack.h: 85	Macro replacement list needs parentheses.	CERT PRE02-C
M	data-stack.h: 90	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	data-stack.h: 90	Macro replacement list needs parentheses.	CERT PRE02-C
M	data-stack.h: 97	Macro replacement list needs parentheses.	CERT PRE02-C
M	mempool.h: 84	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	mempool.h: 87	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	mempool.h: 88	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	mempool.h: 99	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	mempool.h: 99	Macro replacement list needs parentheses.	CERT PRE02-C
M	mempool.h: 102	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	mempool.h: 102	Macro replacement list needs parentheses.	CERT PRE02-C
M	imem.h: 8	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	imem.h: 8	Macro replacement list needs parentheses.	CERT PRE02-C
M	imem.h: 14	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	imem.h: 14	Macro replacement list needs parentheses.	CERT PRE02-C
M	imem.h: 15	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	imem.h: 15	Macro replacement list needs parentheses.	CERT PRE02-C
M	array-decl.h: 4	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array-decl.h: 4	Macro replacement list needs parentheses.	CERT PRE02-C
M	array-decl.h: 7	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array-decl.h: 7	Macro replacement list needs parentheses.	CERT PRE02-C
M	array-decl.h: 9	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array-decl.h: 9	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 35	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 35	Macro replacement list needs parentheses.	CERT PRE02-C

Code	File: Src Line	Violation	Standard
M	array.h: 37	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 37	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 39	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 39	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 53	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 58	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 58	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 62	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 62	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 90	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 90	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 102	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 102	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 110	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 118	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 126	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 134	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 143	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 143	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 153	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 164	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 164	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 174	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 174	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 183	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 183	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 192	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 192	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 201	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 201	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 206	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 206	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 211	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 211	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 216	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 216	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 228	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 232	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 232	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 252	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 257	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 261	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 266	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 279	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 279	Macro replacement list needs parentheses.	CERT PRE02-C
M	ioloop.h: 50	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	ioloop.h: 50	Macro replacement list needs parentheses.	CERT PRE02-C
M	ioloop.h: 56	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	ioloop.h: 75	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	ioloop.h: 75	Macro replacement list needs parentheses.	CERT PRE02-C

Code	File: Src Line	Violation	Standard
M	ostream.h: 61	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	ostream.h: 61	Macro replacement list needs parentheses.	CERT PRE02-C
M	main.c: 21	Global not initialised at declaration. : delayed_fds	CERT EXP33-C
M	main.c: 22	Global not initialised at declaration. : param	CERT EXP33-C
M	main.c: 23	Global not initialised at declaration. : ssl_params	CERT EXP33-C
M	main.c: 21	Procedure contains UR data flow anomalies. : delayed_fds.arr.element_size	CERT EXP33-C
	138
M	main.c: 21	Procedure contains UR data flow anomalies. : delayed_fds.v	CERT EXP33-C
	138
M	main.c: 21	Procedure contains UR data flow anomalies. : delayed_fds.v_modifiable	CERT EXP33-C
	138
M	ioloop.h: 38	Procedure contains UR data flow anomalies. : ioloop_time	CERT EXP33-C
	4 (array.h)
M	settings-parser.h: 46	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	settings-parser.h: 46	Macro replacement list needs parentheses.	CERT PRE02-C
M	settings-parser.h: 50	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	settings-parser.h: 50	Macro replacement list needs parentheses.	CERT PRE02-C
M	settings-parser.h: 54	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	settings-parser.h: 54	Macro replacement list needs parentheses.	CERT PRE02-C
M	settings-parser.h: 58	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	settings-parser.h: 58	Macro replacement list needs parentheses.	CERT PRE02-C
M	settings-parser.h: 62	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	settings-parser.h: 62	Macro replacement list needs parentheses.	CERT PRE02-C
M	ssl-params-settings.c: 21	Sizeof argument is a pointer.	CERT EXP01-C
M	ssl-params-settings.c: 53	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	ssl-params-settings.c: 53	Macro replacement list needs parentheses.	CERT PRE02-C

[	Top of Report	\|	Procedure Table	\|	Contents	]

array_create_i (93 to 101 array.h analysed in main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	100	Pointer not checked for null before use : buffer	CERT EXP08-C,EXP34-C
	99

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_output_flush (31 to 40 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
C	31	Procedure not called in code analysed : client_output_flush

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_handle (42 to 55 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	47	Pointer not checked for null before use : output	CERT EXP08-C,EXP34-C
	46

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_connected (57 to 68 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
C	57	Procedure not called in code analysed : client_connected

[	Top of Report	\|	Procedure Table	\|	Contents	]

ssl_params_callback (70 to 83 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
C	70	Procedure not called in code analysed : ssl_params_callback

[	Top of Report	\|	Procedure Table	\|	Contents	]

sig_chld (85 to 97 main.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	87	Procedure contains UR data flow anomalies. : status	CERT EXP33-C
	89
C	85	Procedure not called in code analysed : sig_chld

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
main.c	87	main.c	89	status

[	Top of Report	\|	Procedure Table	\|	Contents	]

main (115 to 142 main.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	136	Pointer not checked for null before use : set	CERT EXP08-C,EXP34-C
	125
M	138	Pointer not checked for null before use : param	CERT EXP08-C,EXP34-C
	136
M	136	Attempt to read from freed memory. : default_pool	CERT MEM30-C
M	136	Procedure contains UR data flow anomalies. : (default_pool)->v	CERT EXP33-C

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
[external declaration]		main.c	136	(default_pool)->v
main.c	21	main.c	138	delayed_fds.arr.element_size
main.c	21	main.c	138	delayed_fds.v
main.c	21	main.c	138	delayed_fds.v_modifiable
ioloop.h	38	main.c	136	ioloop_time

[	Top of Report	\|	Procedure Table	\|	Contents	]

ssl_params_settings_read (77 to 92 ssl-params-settings.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	84	Procedure contains UR data flow anomalies. : error	CERT EXP33-C
	87

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
ssl-params-settings.c	84	ssl-params-settings.c	87	error

[	Top of Report	\|	Procedure Table	\|	Contents	]

ssl_params_if_unchanged (36 to 110 ssl-params.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	52	Pointer not checked for null before use : temp_path	CERT EXP08-C,EXP34-C
	49
M	77	User input not checked before use. : st	CERT FIO30-C
	72
M	77	User input not checked before use. : st2	CERT FIO30-C
	74
M	39	Procedure contains UR data flow anomalies. : lock	CERT EXP33-C
	60

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
ssl-params.c	39	ssl-params.c	60	lock

[	Top of Report	\|	Procedure Table	\|	Contents	]

ssl_params_read (153 to 193 ssl-params.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	178	Pointer not checked for null before use : buffer	CERT EXP08-C,EXP34-C
	177
M	177	User input not checked before use. : st	CERT FIO30-C
	166

[	Top of Report	\|	Procedure Table	\|	Contents	]

ssl_params_init (195 to 207 ssl-params.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	206	Local structure returned in function result : param
M	202	Pointer not checked for null before use : param	CERT EXP08-C,EXP34-C
	201
M	201	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	Ref. Line -1101 (Module 858)

[	Top of Report	\|	Procedure Table	\|	Contents	]

ssl_params_refresh (209 to 213 ssl-params.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	212	Pointer not checked for null before use : (param)->last_mtime	CERT EXP08-C,EXP34-C
	211
M	212	Pointer not checked for null before use : param.to_rebuild	CERT EXP08-C,EXP34-C
	211

[	Top of Report	\|	Procedure Table	\|	Contents	]

ssl_params_deinit (215 to 224 ssl-params.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	223	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	222
M	223	Pointer not checked for null before use : (param)->path	CERT EXP08-C,EXP34-C
	222

[	Top of Report	\|	Procedure Table	\|	Contents	]

System : Dovecot-src-ssl-params

Contents

Overall Quality Summary

Totals for Violated Quality Standards

OVERALL RESULT: FAIL

Procedure Results

Global Information

Source Files in System

Global Basic Information

Summary Report on all Program Components which FAIL

Standards Violation Summary - All files

Standards Violation Summary

Standards Violation Summary

Standards Violation Summary

Standards Violation Summary

Standards Violation Summary

Standards Violation Summary

Possible UR Anomalies

Standards Violation Summary

Possible UR Anomalies

Standards Violation Summary

Possible UR Anomalies

Standards Violation Summary

Possible UR Anomalies

Standards Violation Summary

Standards Violation Summary

Standards Violation Summary

Standards Violation Summary

End of Code Review Report

Copyright © 2010 Liverpool Data Research Associates