The following section describes the typical work flow of using labels to sort and display your issues.
For example, if your binary is a.out, create a.out.analyze/labels.
a.out.analyze/labels/static_report_labels
a.out.analyze/labels/dynamic_report_labels
a.out.analyze/labels/coverage_report_labels
Each directory contains issues in the static, dynamic and coverage report respectively. The format of the label files is hash-name:label-name:comment.
The following is an example of a label file:
$ cat a.out.analyze/labels/dynamic_report_labels
54f3a6f0160dceb58156be03d07090a2:false_positive:bug 12345678 has been filed
3b7ee9d573847e2dbf80652b7a89026e:false_positive
6c575302146d147f5f1d2d2e6e1710a5:false_positive
When you use codean to process reports of a.out, if an issue has a matching label, the label name will be displayed after the issue by default as additional information.
For example, if you only want to see false positives:
% codean --showlabel false_positive a.out
For example, if you want to hide the wont_be_fixed labelled issues:
% codean --hidelabel wont_be_fixed a.out
% codean --findhash 54f3a6f0160dceb58156be03d07090a2:3b7ee9d573847e2dbf80652b7a89026e a.out
The following is an example of using labels:
$ cat t.c
#include <stdlib.h>
int main()
{
int *p = (int *)malloc(sizeof(int));
int i = *p;
free(p);
return i;
}
$ cc -g t.c
$ discover -a -o a.out.disc a.out
$ ./a.out.disc
$ codean -d --showhash a.out
DYNAMIC report of a.out:
ERROR 1 (UMR): accessing uninitialized data in "*p" at address 0x1001208e0 (4 bytes) on the heap:
hash: 79b6e1b242a057deec8762328b6860e6
main() + 0xac <t.c : 6>
3: int main()
4: {
5: int *p = (int *)malloc(sizeof(int));
6:=> int i = *p;
7: free(p);
_start() + 0x108
was allocated at (4 bytes):
main() + 0x20 <t.c : 5>
1: #include <stdlib.h>
3: int main()
4: {
5:=> int *p = (int *)malloc(sizeof(int));
6: int i = *p;
_start() + 0x108
DISCOVER SUMMARY for a.out: 1 non-leak issues, 0 leak issues
unique errors : 1 (1 total)
unique warnings : 0 (0 total)
unique leaks : 0 (0 blocks, 0 bytes)
unique possible leaks : 0 (0 blocks, 0 bytes)
$ cat a.out.analyze/labels/dynamic_report_labels
79b6e1b242a057deec8762328b6860e6:verified:I have verified that this is a bug.
$ codean -d a.out
DYNAMIC report of a.out:
ERROR 1 (UMR): accessing uninitialized data in "*p" at address 0x1001208e0 (4 bytes) on the heap:
label: verified "I have verified that this is a bug."
main() + 0xac <t.c : 6>
3: int main()
4: {
5: int *p = (int *)malloc(sizeof(int));
6:=> int i = *p;
7: free(p);
_start() + 0x108
was allocated at (4 bytes):
main() + 0x20 <t.c : 5>
1: #include <stdlib.h>
3: int main()
4: {
5:=> int *p = (int *)malloc(sizeof(int));
6: int i = *p;
_start() + 0x108
DISCOVER SUMMARY for a.out: 1 non-leak issues, 0 leak issues
unique errors : 1 (1 total)
unique warnings : 0 (0 total)
unique leaks : 0 (0 blocks, 0 bytes)
unique possible leaks : 0 (0 blocks, 0 bytes)
$ codean -d --showlabel verified a.out
DYNAMIC report of a.out:
ERROR 1 (UMR): accessing uninitialized data in "*p" at address 0x1001208e0 (4 bytes) on the heap:
label: verified "I have verified that this is a bug."
main() + 0xac <t.c : 6>
3: int main()
4: {
5: int *p = (int *)malloc(sizeof(int));
6:=> int i = *p;
7: free(p);
_start() + 0x108
was allocated at (4 bytes):
main() + 0x20 <t.c : 5>
1: #include <stdlib.h>
3: int main()
4: {
5:=> int *p = (int *)malloc(sizeof(int));
6: int i = *p;
_start() + 0x108
DISCOVER SUMMARY for a.out: 1 non-leak issues, 0 leak issues
unique errors : 1 (1 total)
unique warnings : 0 (0 total)
unique leaks : 0 (0 blocks, 0 bytes)
unique possible leaks : 0 (0 blocks, 0 bytes)
$ codean -d --hidelabel verified a.out
DYNAMIC report of a.out:
DISCOVER SUMMARY for a.out: 0 issues found (1 issues suppressed)