server icon indicating copy to clipboard operation
server copied to clipboard

Published 20 hours ago verified publisher icon MariaDB

Small cppcheck fixes and refactor GitLab cppcheck job

Open anson1014 opened this issue 9 months ago • 1 comments

Description

This PR makes changes to the existing cppcheck GitLab CI job in order to make it easier to address new/existing findings. Existing ignorelists are also updated to reflect this and the current state of the codebase. Also, some trivial issues found by cppcheck are addressed.

Refactor GitLab cppcheck job

  • Line numbers had to be removed from the ignorelists in order to be diffed against since locations of the same findings can differ across runs. Therefore preprocessing has to be done on the CI findings so that it can be compared to the ignorelist and new findings can be outputted. However, since line numbers have to be removed, a situation occurs where it is difficult tao reference the location of findings in code given the output of the CI job.
  • To lessen this pain, change the cppcheck template to include code snippets which make it easier to reference where in the code the finding is referring to, even in the absence of line numbers. Ignorelisting works as before since locations of the finding may change but not the code it is referring to.
  • Furthermore, due to the innate difficulty in maintaining ignorelists across branches and triaging new findings, allow failure as to not have constantly failing pipelines as a result of new findings that have not been addressed yet.
  • Lastly, update SAST ignorelists to match the newly refactored cppcheck job and the current state of the codebase.

Small cppcheck fixes

  • Mismatched brackets
  • Avoid possible cases of division by zero

Release Notes

N/A

How can this PR be tested?

Code changes are non-functional and ./mtr --suite=main passes successfully.

Basing the PR against the correct MariaDB version

  • [x] This is a bug fix and the PR is based against the earliest maintained branch in which the bug can be reproduced.

PR quality check

  • [x] I checked the CODING_STANDARDS.md file and my PR conforms to this where appropriate.
  • [x] For any trivial modifications to the PR, I am ok with the reviewer making the changes themselves.

All new code of the whole pull request, including one or several files that are either new files or modified ones, are contributed under the BSD-new license. I am contributing on behalf of my employer Amazon Web Services, Inc.

anson1014 avatar May 16 '24 04:05 anson1014