From muralidhara.bk at microfocus.com Wed Nov 2 01:53:53 2022 From: muralidhara.bk at microfocus.com (Muralidhara B K) Date: Wed Nov 2 05:55:21 2022 Subject: [xsd-users] Regarding bugs - Type Mismatch: Signed to Unsigned In-Reply-To: References: Message-ID: Hi Boris, These issues are reported with high severity in our static analysis tool ,it will be great if you provide fix or add explicit casts. Thanks & Regards, Murali muralidhara.bk@microfocus.com -----Original Message----- From: Boris Kolpackov Sent: 31 October 2022 05:52 PM To: Muralidhara B K Cc: xsd-users@codesynthesis.com; Sruti Ranjan Majhi ; Vijay Kumar P ; Adarsh Babu Subject: Re: [xsd-users] Regarding bugs - Type Mismatch: Signed to Unsigned Muralidhara B K writes: > As part of static code analysis , bugs are reported against codes in > codeSynthesis/xsd-4.0.0-i686-windows/libxsd/xsd/cxx/xml/char-utf8.txx. > > Issue Type : Type Mismatch: Signed to Unsigned > > Issue are as listed below, > > 1. The function in char-utf8.txx is declared to return an unsigned value, but on line 155 it returns a signed value. The function is declared to return an unsigned number but returns a signed value. > 2. The function in char-utf8.txx is declared to return an unsigned value, but on line 204 it returns a signed value. The function is declared to return an unsigned number but returns a signed value. > 3. The function in char-utf8.txx is declared to return an unsigned value, but on line 220 it returns a signed value. The function is declared to return an unsigned number but returns a signed value. > 4. The function in char-utf8.txx is declared to return an unsigned value, but on line 235 it returns a signed value. The function is declared to return an unsigned number but returns a signed value. > 5. The function in char-utf8.txx is declared to return an unsigned value, but on line 243 it returns a signed value. The function is declared to return an unsigned number but returns a signed value. > 6. The function in char-utf8.txx is declared to return an unsigned value, but on line 258 it returns a signed value. The function is declared to return an unsigned number but returns a signed value. > 7. The function in char-utf8.txx is declared to return an unsigned value, but on line 266 it returns a signed value. The function is declared to return an unsigned number but returns a signed value. > 8. The function in char-utf8.txx is declared to return an unsigned value, but on line 274 it returns a signed value. The function is declared to return an unsigned number but returns a signed value. Firstly, there is no function return on these lines. Rather, it's an assignment of char to unsigned char as part of the UTF8 sequence analysis. These are not bugs but we can add explicit casts if that helps. From boris at codesynthesis.com Wed Nov 2 06:24:47 2022 From: boris at codesynthesis.com (Boris Kolpackov) Date: Wed Nov 2 06:18:49 2022 Subject: [xsd-users] Regarding bugs - Type Mismatch: Signed to Unsigned In-Reply-To: References: Message-ID: Muralidhara B K writes: > These issues are reported with high severity in our static analysis > tool, it will be great if you provide fix or add explicit casts. We've added the casts for the next release. You can also grab the two affected files and replace them in your 4.0.0 distribution if you feel the need (though I can tell you this is not a bug and the explicit casts don't change anything semantically): https://git.codesynthesis.com/cgit/xsd/xsd/tree/libxsd/xsd/cxx/xml/char-utf8.hxx https://git.codesynthesis.com/cgit/xsd/xsd/tree/libxsd/xsd/cxx/xml/char-utf8.txx From muralidhara.bk at microfocus.com Wed Nov 2 07:00:22 2022 From: muralidhara.bk at microfocus.com (Muralidhara B K) Date: Thu Nov 3 09:23:46 2022 Subject: [xsd-users] Regarding bugs - Type Mismatch: Signed to Unsigned In-Reply-To: References: Message-ID: Hi Boris, Thank you for the update. I will replace the updated file and let you know the result. Meanwhile we have found one more issue against codeSynthesis/xerces-c-3.2.2/src/xercesc/util/regx/RegularExpression.hpp. Issue Type - Null Dereference Issue Description : - The function in RegularExpression.hpp can crash the program by dereferencing a null pointer on line 737.The program can potentially dereference a null pointer, thereby causing a segmentation fault. Please let us know if any fix is available for this ? Thanks & Regards, Murali SW Engr (Applications) - AutoPass +91 9611208625 muralidhara.bk@microfocus.com -----Original Message----- From: Boris Kolpackov Sent: 02 November 2022 03:55 PM To: Muralidhara B K Cc: xsd-users@codesynthesis.com; Sruti Ranjan Majhi ; Vijay Kumar P ; Adarsh Babu Subject: Re: [xsd-users] Regarding bugs - Type Mismatch: Signed to Unsigned Muralidhara B K writes: > These issues are reported with high severity in our static analysis > tool, it will be great if you provide fix or add explicit casts. We've added the casts for the next release. You can also grab the two affected files and replace them in your 4.0.0 distribution if you feel the need (though I can tell you this is not a bug and the explicit casts don't change anything semantically): https://git.codesynthesis.com/cgit/xsd/xsd/tree/libxsd/xsd/cxx/xml/char-utf8.hxx https://git.codesynthesis.com/cgit/xsd/xsd/tree/libxsd/xsd/cxx/xml/char-utf8.txx From boris at codesynthesis.com Thu Nov 3 09:46:55 2022 From: boris at codesynthesis.com (Boris Kolpackov) Date: Thu Nov 3 09:40:54 2022 Subject: [xsd-users] Regarding bugs - Type Mismatch: Signed to Unsigned In-Reply-To: References: Message-ID: Muralidhara B K writes: > Meanwhile we have found one more issue against > codeSynthesis/xerces-c-3.2.2/src/xercesc/util/regx/RegularExpression.hpp. > > Issue Type - Null Dereference > > Issue Description : - The function in RegularExpression.hpp can crash > the program by dereferencing a null pointer on line 737. Is there more information via which executaion path this can happen? I took a look at the code and I don't see anything obvious. Without more details, this is not very useful since every pointer in C/C++ can potentially be NULL. From muralidhara.bk at microfocus.com Mon Nov 7 04:25:13 2022 From: muralidhara.bk at microfocus.com (Muralidhara B K) Date: Mon Nov 7 06:41:50 2022 Subject: [xsd-users] Regarding bugs - Type Mismatch: Signed to Unsigned In-Reply-To: References: Message-ID: Hi Boris, Its better to add a NULL check prior to dereferencing pointer on line 737 (if (childTok->getMinLength() == 0)). Please check if adding NULL check is feasible . Thanks & Regards, Murali SW Engr (Applications) - AutoPass +91 9611208625 muralidhara.bk@microfocus.com -----Original Message----- From: Boris Kolpackov Sent: 03 November 2022 07:17 PM To: Muralidhara B K Cc: xsd-users@codesynthesis.com; Sruti Ranjan Majhi ; Vijay Kumar P ; Adarsh Babu Subject: Re: [xsd-users] Regarding bugs - Type Mismatch: Signed to Unsigned Muralidhara B K writes: > Meanwhile we have found one more issue against > codeSynthesis/xerces-c-3.2.2/src/xercesc/util/regx/RegularExpression.hpp. > > Issue Type - Null Dereference > > Issue Description : - The function in RegularExpression.hpp can crash > the program by dereferencing a null pointer on line 737. Is there more information via which executaion path this can happen? I took a look at the code and I don't see anything obvious. Without more details, this is not very useful since every pointer in C/C++ can potentially be NULL. From boris at codesynthesis.com Mon Nov 7 06:59:20 2022 From: boris at codesynthesis.com (Boris Kolpackov) Date: Mon Nov 7 06:53:18 2022 Subject: [xsd-users] Regarding bugs - Type Mismatch: Signed to Unsigned In-Reply-To: References: Message-ID: Muralidhara B K writes: > Its better to add a NULL check prior to dereferencing pointer [...] No, it is better to understand why your static analysis tool thinks that this pointer could be NULL. If you look at the code, the function compiles a regex closure, and a closure would normally contain at least one child. So, in a sense, the "not NULL" check should be implied by the call site. > Please check if adding NULL check is feasible. No, adding checks just to satisfy static analysis tools (which are well-know to have false-positives) is not feasible. If we go down this route, then every place where we dereference a pointer will need a check like that. From javier.tegedor at spacekinetics.com Tue Nov 29 08:26:12 2022 From: javier.tegedor at spacekinetics.com (Javier Tegedor) Date: Tue Nov 29 08:23:48 2022 Subject: [xsd-users] XSD for ARM cpu architecture Message-ID: <184c391058b.c51aa4a54086508.3354569180565365508@spacekinetics.com> Hi,? I am trying to install xsd_4.0.0 in a Docker image, in particular registry.redhat.io/rhel8/gcc-toolset-11-toolchain, running on a MacOS with an ARM processor.M processor. Executing "yum install -y?https://www.codesynthesis.com/download/xsd/4.0/linux-gnu/x86_64/xsd-4.0.0-1.x86_64.rpmhttps://www.codesynthesis.com/download/xsd/4.0/linux-gnu/x86_64/xsd-4.0.0-1.x86_64.rpm" returns the following error: - package xsd-4.0.0-1.x86_64 does not have a compatible architecture Is there a version of XSD compatible with ARM architecture? Sincerely, Javier Tegedor From boris at codesynthesis.com Tue Nov 29 08:34:37 2022 From: boris at codesynthesis.com (Boris Kolpackov) Date: Tue Nov 29 08:28:18 2022 Subject: [xsd-users] XSD for ARM cpu architecture In-Reply-To: <184c391058b.c51aa4a54086508.3354569180565365508@spacekinetics.com> References: <184c391058b.c51aa4a54086508.3354569180565365508@spacekinetics.com> Message-ID: Javier Tegedor writes: > Is there a version of XSD compatible with ARM architecture? Currently the only way is to build it from source following these instructions: https://codesynthesis.com/products/xsd/doc/install-build2.xhtml We have it successfully building for aarch64-linux-gnu on Debian here: https://queue.stage.build2.org/?builds=xsd&tg=aarch64**