MINOR: log/cbor: _lf_cbor_encode_byte() explicitly requires non-NULL ctx

As shown in GH #2550, Coverity is tempted to think that NULL-dereference
can occur in _lf_cbor_encode_byte() due to user-ctx being dereferenced
from cbor_ctx, while coverity thinks that cbor_ctx may be NULL.

In practise this cannot happen, because _lf_cbor_encode_byte() is
only leveraged through a function pointer that is set in conjunction with
the function pointer ctx (which ain't NULL). All this logic is done inside
lf_buildctx_prepare() when LOG_OPT_ENCODE_CBOR is set.

Since coverity doesn't seem to understand the logic properly, then it
might as well confuse humans, so let's make it clear in
_lf_cbor_encode_byte() that we expect non-NULL ctx by adding a BUG_ON()

diff --git a/src/log.c b/src/log.c
index 68399a1e069c184f7069df11970786d9f470467d..e3ab29a5034e99e89a1bd1c21b32ba2f96a7b087 100644 (file)
--- a/src/log.c
+++ b/src/log.c
@@ -1768,13 +1768,19 @@ static char *_encode_byte_hex(char *start, char *stop, unsigned char byte)
  *
  * for now only hex form is supported.
  *
+ * The function may only be called under CBOR context (that is when
+ * LOG_OPT_ENCODE_CBOR option is set).
+ *
  * Returns the position of the last written byte on success and NULL on
  * error.
  */
 static char *_lf_cbor_encode_byte(struct cbor_encode_ctx *cbor_ctx,
                                   char *start, char *stop, unsigned char byte)
 {
-       struct lf_buildctx *ctx = cbor_ctx->e_fct_ctx;
+       struct lf_buildctx *ctx;
+
+       BUG_ON(!cbor_ctx);
+       ctx = cbor_ctx->e_fct_ctx;
 
        if (ctx->options & LOG_OPT_BIN) {
                /* raw output */