recurse-dir: add assert for MALLOC_SIZEOF_SAFE lower bound

Coverity flags MALLOC_SIZEOF_SAFE(de) - offsetof(DirectoryEntries,
buffer) as a potential underflow when MALLOC_SIZEOF_SAFE returns 0.
After a successful malloc the return value is at least as large as
the requested size, but Coverity cannot trace this. Add an assert
to establish the lower bound.

CID#1548020

Follow-up for 6393b847f459dba14d2b615ee93babb143168b57

diff --git a/src/basic/recurse-dir.c b/src/basic/recurse-dir.c
index 1bd82319663144bd7f22373a814b0dad58dde1ce..8f691d922945f866a100b08efcaad193c1d147a5 100644 (file)
--- a/src/basic/recurse-dir.c
+++ b/src/basic/recurse-dir.c
@@ -55,6 +55,8 @@ int readdir_all(int dir_fd, RecurseDirFlags flags, DirectoryEntries **ret) {
                 size_t bs;
                 ssize_t n;
 
+                /* Silence static analyzers, MALLOC_SIZEOF_SAFE is at least as large as the allocation */
+                assert(MALLOC_SIZEOF_SAFE(de) >= offsetof(DirectoryEntries, buffer));
                 bs = MIN(MALLOC_SIZEOF_SAFE(de) - offsetof(DirectoryEntries, buffer), (size_t) SSIZE_MAX);
                 assert(bs > de->buffer_size);