coverity: hint git_vector_foreach does not deref NULL contents

Coverity does not comprehend the connection between a vector's
size and the contents pointer, that is that the vector's pointer
is non-NULL when its size is positive. As the vector code should
be reasonably well tested and users are expected to not manually
modify a vector's contents it seems save to assume that the
macros will never dereference a NULL pointer.

Fix Coverity warnings by overriding the foreach macros with
macros that explicitly aborting when (v)->contents is NULL.

diff --git a/script/user_nodefs.h b/script/user_nodefs.h
index 3d25d92ec0638168e4585b3ad51126d7e76d41af..5b0be81a342064f3376aac86e707e26b8d6527f6 100644 (file)
--- a/script/user_nodefs.h
+++ b/script/user_nodefs.h
@@ -25,3 +25,9 @@
 #nodef GITERR_CHECK_VERSION(S,V,N) if (giterr__check_version(S,V,N) < 0)  { __coverity_panic__(); }
 
 #nodef LOOKS_LIKE_DRIVE_PREFIX(S) (strlen(S) >= 2 && git__isalpha((S)[0]) && (S)[1] == ':')
+
+#nodef git_vector_foreach(v, iter, elem)       \
+       for ((iter) = 0; (v)->contents != NULL && (iter) < (v)->length && ((elem) = (v)->contents[(iter)], 1); (iter)++ )
+
+#nodef git_vector_rforeach(v, iter, elem)      \
+       for ((iter) = (v)->length - 1; (v)->contents != NULL && (iter) < SIZE_MAX && ((elem) = (v)->contents[(iter)], 1); (iter)-- )