Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

linenoise update #2307

Open
wants to merge 5 commits into
base: devel
Choose a base branch
from
Open

linenoise update #2307

wants to merge 5 commits into from

Conversation

lePici
Copy link
Collaborator

@lePici lePici commented Oct 7, 2024

  • linenoise updated
  • added UTF-8 support from forked repository
  • enable multiline, added new interactive command and customization of tcl tests

I expect alerts from Coverity Scan for linenoise.c or utf-8.c

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 7, 2024
View reviewed changes
tools/lint/completion.c
} else {
full_path = malloc((int)(ptr - hint) + FILENAME_MAX + 1);
++ptr;
sprintf(full_path, "%.*s", (int)(ptr - hint), hint);

Check failure

Code scanning / CodeQL

Unbounded write Critical

This 'call to sprintf' with input from
buffer read by read
Loading
may overflow the destination.
This 'call to sprintf' with input from
buffer read by read
Loading
may overflow the destination.
This 'call to sprintf' with input from
buffer read by read
Loading
may overflow the destination.
This 'call to sprintf' with input from
buffer read by read
Loading
may overflow the destination.
This 'call to sprintf' with input from
string read by fgets
Loading
may overflow the destination.
This 'call to sprintf' with input from
string read by fgets
Loading
may overflow the destination.
This 'call to sprintf' with input from
buffer read by read
Loading
may overflow the destination.
This 'call to sprintf' with input from
buffer read by read
Loading
may overflow the destination.
This 'call to sprintf' with input from
buffer read by read
Loading
may overflow the destination.
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like a false-positive to me.

tools/lint/linenoise/linenoise.c
if (fp == NULL) return -1;
chmod(filename,S_IRUSR|S_IWUSR);

Check failure

Code scanning / CodeQL

Time-of-check time-of-use filesystem race condition High

The
filename
Loading
being operated upon was previously
checked
Loading
, but the underlying file may have been changed since then.
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like a false-positive to me.

tools/lint/linenoise/utf8.c Fixed Show resolved Hide resolved
@lePici lePici force-pushed the linenoise branch 2 times, most recently from f586fc1 to c5d05b8 Compare October 7, 2024 09:22
@lePici
yanglint BUGFIX ignore interactive tests
e756c19
@lePici
yanglint UPDATE of linenoise
36415c8 
The linenoise source code has been updated to commit d895173 from
antirez/linenoise repository. So when you use the diff tool, you'll
see bugfixes and customizations for yanglint needs.
@lePici
yanglint FEATURE added utf-8 support
9b79197 
The source code of linenoise was modified according to a fork from
the yhirose/linenoise repository, commit b35616d.
@lePici lePici force-pushed the linenoise branch 2 times, most recently from c292a7f to 8dbd8f9 Compare October 7, 2024 13:51
@lePici
yanglint FEATURE enable multiline for linenoise
dbcc959 
Had to add a new 'cli' command to yanglint in interactive mode.
Although the Multiline is more suitable for interactive mode,
it creates a problem for tcl tests because it often adds ANSI
escape codes. So at the beginning of the tcl tests, multiline
is turned off.
@lePici
yanglint REFACTOR of completion callback
cbe9ec9
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@lePici