You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Fix -Wstringop-overflow compiler warning in src/modules/packages/packages.c by replacing direct buffer index assignment with safe FFstrbuf API calls.
Note on output behavior: The original code removed the trailing , via two operations — ffStrbufSubstrBefore(&output, output.length - 1) truncating the space, then a direct char write overwriting the comma with \n. The new code achieves the exact same result via ffStrbufSubstrBefore(&output, output.length - 2) + ffStrbufAppendC. Output is byte-for-byte identical. No behavioral change.
Related issue (required for new logos for new distros)
N/A
Changes
Replaced manual index assignment output.chars[output.length - 1] = '\n' with ffStrbufSubstrBefore + ffStrbufAppendC
Preserves original assert(output.length >= 2) invariant
Output format unchanged: trailing , is removed, newline appended
GCC's static analysis could not prove buffer non-empty after ffStrbufSubstrBefore, causing a false positive; the API-based rewrite resolves this
The reason will be displayed to describe this comment to others. Learn more.
Pull Request Overview
The pull request successfully addresses the -Wstringop-overflow compiler warning by migrating to the FFstrbuf API. The build quality is currently up to standards according to Codacy analysis, and no critical security flaws or major logic bugs were identified.
There is a minor discrepancy between the implementation and the PR description regarding output formatting. The new logic removes the trailing comma from the package manager list, whereas the previous code (and description) implied behavior would remain identical. This change in the final string format should be confirmed as intentional before merging.
About this PR
The PR lacks accompanying unit or integration tests to verify that the string manipulation logic correctly formats the output across different package manager configurations. Without a coverage report or tests, it is difficult to verify that this specific execution path is exercised safely.
Test suggestions
Verify that when package counts are printed, the resulting string ends with a newline and no trailing comma/space.
Verify that the program does not crash/assert when only one package manager is reported (minimum length requirement).
Prompt proposal for missing tests
Consider implementing these tests if applicable:
1. Verify that when package counts are printed, the resulting string ends with a newline and no trailing comma/space.
2. Verify that the program does not crash/assert when only one package manager is reported (minimum length requirement).
assert(output.length >= 2); // counts.all > 0 guarantees that at least one package count was printed, which guarantees that ", " was appended at least once
The reason will be displayed to describe this comment to others. Learn more.
⚪ LOW RISK
Suggestion: The implementation changes the output from 'package,\n' to 'package\n' (removing the comma). While this is likely an improvement, it contradicts the 'identical behavior' claim in the PR description. Ensure this change in output format is intended for the packages module.
The reason will be displayed to describe this comment to others. Learn more.
This is a bot misread. The original code performed two operations:
ffStrbufSubstrBefore(&output, output.length - 1) — truncates, removing the trailing space
output.chars[output.length - 1] = '\n' — overwrites what is now the last char (the ,) with \n
Both the comma and space were removed; output never ended with a comma. The new code produces byte-for-byte identical output via ffStrbufSubstrBefore(&output, output.length - 2) + ffStrbufAppendC(&output, '\n').
Isn't the correct way to fix a warning #pragma GCC diagnostic ignored "-Wshut-up" ?
Ha, that would work too, but fixing the actual cause seemed cleaner than teaching GCC to look the other way. 🤷🏽♂️
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
![codacy-production[bot]](https://avatars.githubusercontent.com/in/56611?s=60&v=4){kind=small}
Summary
Fix
-Wstringop-overflowcompiler warning insrc/modules/packages/packages.cby replacing direct buffer index assignment with safeFFstrbufAPI calls.Note on output behavior: The original code removed the trailing
,via two operations —ffStrbufSubstrBefore(&output, output.length - 1)truncating the space, then a direct char write overwriting the comma with\n. The new code achieves the exact same result viaffStrbufSubstrBefore(&output, output.length - 2)+ffStrbufAppendC. Output is byte-for-byte identical. No behavioral change.Related issue (required for new logos for new distros)
N/A
Changes
output.chars[output.length - 1] = '\n'withffStrbufSubstrBefore+ffStrbufAppendCassert(output.length >= 2)invariant,is removed, newline appendedffStrbufSubstrBefore, causing a false positive; the API-based rewrite resolves thisScreenshots
N/A
Checklist