Coverity warns about passing in the curl write callback function by address rather than by name.
Error: BAD_SIZEOF (CWE-467): [#def30] freeipa-4.10.0/client/ipa-join.c:725: bad_sizeof: Taking the size of "&jsonrpc_handle_response", which is the address of an object, is suspicious. freeipa-4.10.0/client/ipa-join.c:725: remediation: Did you intend the size of "jsonrpc_handle_response" itself? # 723| CURL_SETOPT(curl, CURLOPT_CAINFO, DEFAULT_CA_CERT_FILE); # 724| # 725|-> CURL_SETOPT(curl, CURLOPT_WRITEFUNCTION, &jsonrpc_handle_response); # 726| CURL_SETOPT(curl, CURLOPT_WRITEDATA, response); # 727|
The sample in the curl documentation also doesn't pass by address, https://curl.se/libcurl/c/CURLOPT_WRITEFUNCTION.html
C treats these equivalently but Coverity I guess doesn't handle function pointers correctly in all cases. Still, it is more correct per the curl examples, etc to pass by name so do that.
master:
ipa-4-9:
ipa-4-10:
Metadata Update from @frenaud: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.