From 92f796c07aa76947d4eac4b141e3e3896d905913 Mon Sep 17 00:00:00 2001
From: Jenny Tam <v-yitam@microsoft.com>
Date: Tue, 14 Jul 2020 17:22:46 -0700
Subject: [PATCH] Modified source files based on some static analysis tools 
 (#1155)

---
 source/shared/FormattedPrint.cpp |  8 +++-----
 source/shared/core_conn.cpp      |  5 ++++-
 source/shared/core_stmt.cpp      |  6 ++----
 source/shared/core_util.cpp      | 10 +++++-----
 source/sqlsrv/init.cpp           |  2 +-
 source/sqlsrv/php_sqlsrv_int.h   |  2 +-
 source/sqlsrv/util.cpp           |  2 --
 7 files changed, 16 insertions(+), 19 deletions(-)

diff --git a/source/shared/FormattedPrint.cpp b/source/shared/FormattedPrint.cpp
index dd076078..94c7b28f 100644
--- a/source/shared/FormattedPrint.cpp
+++ b/source/shared/FormattedPrint.cpp
@@ -389,7 +389,6 @@ int FormattedPrintA( IFormattedPrintOutput<char> * output, const char *format, v
         char sz[BUFFERSIZE];
         } buffer = {'\0'};
     WCHAR wchar;                /* temp wchar_t */
-    int buffersize;             /* size of text.sz (used only for the call to _cfltcvt) */
     int bufferiswide=0;         /* non-zero = buffer contains wide chars already */
 
 #ifndef _SAFECRT_IMPL
@@ -406,7 +405,6 @@ int FormattedPrintA( IFormattedPrintOutput<char> * output, const char *format, v
     textlen = 0;        /* no text yet */
     state = ST_NORMAL;  /* starting state */
     heapbuf = NULL;     /* not using heap-allocated buffer */
-    buffersize = 0;
 
     /* main loop -- loop while format character exist and no I/O errors */
     while ((ch = *format++) != '\0' && charsout >= 0) {
@@ -631,9 +629,9 @@ int FormattedPrintA( IFormattedPrintOutput<char> * output, const char *format, v
             case ('a'): {
                 /* floating point conversion -- we call cfltcvt routines */
                 /* to do the work for us.                                */
-                flags |= FL_SIGNED;         /* floating point is signed conversion */
-                text.sz = buffer.sz;        /* put result in buffer */
-                buffersize = BUFFERSIZE;
+                flags |= FL_SIGNED;             /* floating point is signed conversion */
+                text.sz = buffer.sz;            /* put result in buffer */
+                int buffersize = BUFFERSIZE;    /* size of text.sz (used only for the call to _cfltcvt) */
 
                 /* compute the precision value */
                 if (precision < 0)
diff --git a/source/shared/core_conn.cpp b/source/shared/core_conn.cpp
index d8d2f506..16b45324 100644
--- a/source/shared/core_conn.cpp
+++ b/source/shared/core_conn.cpp
@@ -808,7 +808,10 @@ void build_connection_string_and_set_conn_attr( _Inout_ sqlsrv_conn* conn, _Inou
             zval* auth_option = NULL;
             auth_option = zend_hash_index_find(options, SQLSRV_CONN_OPTION_AUTHENTICATION);
 
-            char* option = Z_STRVAL_P(auth_option);
+            char* option = NULL;
+            if (auth_option != NULL) {
+                option = Z_STRVAL_P(auth_option);
+            }
 
             if (!stricmp(option, AzureADOptions::AZURE_AUTH_AD_MSI)) {
                 activeDirectoryMSI = true;
diff --git a/source/shared/core_stmt.cpp b/source/shared/core_stmt.cpp
index b7d99b09..27fd1cae 100644
--- a/source/shared/core_stmt.cpp
+++ b/source/shared/core_stmt.cpp
@@ -2101,7 +2101,6 @@ SQLSMALLINT default_c_type( _Inout_ sqlsrv_stmt* stmt, _In_opt_ SQLULEN paramno,
                 break;
             case CP_UTF8:
                 sql_c_type = (is_a_numeric_type(sql_type)) ? SQL_C_CHAR : SQL_C_WCHAR;
-                //sql_c_type = SQL_C_WCHAR;
                 break;
             default:
                 THROW_CORE_ERROR(stmt, SQLSRV_ERROR_INVALID_PARAMETER_ENCODING, paramno);
@@ -3056,14 +3055,13 @@ void adjustDecimalPrecision(_Inout_ zval* param_z, _In_ SQLSMALLINT decimal_digi
         } else {
             short oldpos = 0;
             if (pt == NULL) {
-                pt = exp;       // Decimal point not found, use the exp sign
-                oldpos = exp - src;
+                oldpos = exp - src;     // Decimal point not found, use the exp sign
             }
             else {
                 oldpos = pt - src;
                 num_decimals = exp - pt - 1;
                 if (power > 0 && num_decimals <= power) {
-                    return;     // The result will be a whole number, do nothing and return
+                    return;             // The result will be a whole number, do nothing and return
                 }
             }
 
diff --git a/source/shared/core_util.cpp b/source/shared/core_util.cpp
index 99b1113a..930455ae 100644
--- a/source/shared/core_util.cpp
+++ b/source/shared/core_util.cpp
@@ -146,6 +146,11 @@ bool convert_string_from_utf16( _In_ SQLSRV_ENCODING encoding, _In_reads_bytes_(
         return true;
     }
 
+#ifndef _WIN32
+    // Allocate enough space to hold the largest possible number of bytes for UTF-8 conversion
+    // instead of calling FromUtf16, for performance reasons
+    cchOutLen = 4 * cchInLen;
+#else	
     // flags set to 0 by default, which means that any invalid characters are dropped rather than causing
     // an error.   This happens only on XP.
     DWORD flags = 0;
@@ -154,11 +159,6 @@ bool convert_string_from_utf16( _In_ SQLSRV_ENCODING encoding, _In_reads_bytes_(
         flags = WC_ERR_INVALID_CHARS;
     }
 
-#ifndef _WIN32
-    // Allocate enough space to hold the largest possible number of bytes for UTF-8 conversion
-    // instead of calling FromUtf16, for performance reasons
-    cchOutLen = 4*cchInLen;
-#else	
     // Calculate the number of output bytes required - no performance hit here because
     // WideCharToMultiByte is highly optimised
     cchOutLen = WideCharToMultiByte( encoding, flags,
diff --git a/source/sqlsrv/init.cpp b/source/sqlsrv/init.cpp
index 7c6fcc19..7ddbaffa 100644
--- a/source/sqlsrv/init.cpp
+++ b/source/sqlsrv/init.cpp
@@ -694,7 +694,7 @@ PHP_RSHUTDOWN_FUNCTION(sqlsrv)
     LOG_FUNCTION( "PHP_RSHUTDOWN for php_sqlsrv" );
     reset_errors();
 
-	// TODO - destruction
+	// destruction
     zval_ptr_dtor( &SQLSRV_G( errors ));
     zval_ptr_dtor( &SQLSRV_G( warnings ));
 
diff --git a/source/sqlsrv/php_sqlsrv_int.h b/source/sqlsrv/php_sqlsrv_int.h
index e0cea7bb..43f91f2e 100644
--- a/source/sqlsrv/php_sqlsrv_int.h
+++ b/source/sqlsrv/php_sqlsrv_int.h
@@ -366,7 +366,7 @@ inline H* process_params( INTERNAL_FUNCTION_PARAMETERS, _In_ char const* param_s
     SQLSRV_UNUSED( return_value );
 
     zval* rsrc;
-    H* h;
+    H* h = NULL;
     
     // reset the errors from the previous API call
     reset_errors();
diff --git a/source/sqlsrv/util.cpp b/source/sqlsrv/util.cpp
index b593b460..c240dde1 100644
--- a/source/sqlsrv/util.cpp
+++ b/source/sqlsrv/util.cpp
@@ -775,7 +775,6 @@ void copy_error_to_zval( _Inout_ zval* error_z, _In_ sqlsrv_error_const* error,
     zval temp; 
 	ZVAL_UNDEF(&temp);
 	core::sqlsrv_zval_stringl( &temp, reinterpret_cast<char*>( error->sqlstate ), SQL_SQLSTATE_SIZE );
-    //TODO: reference?
 	Z_TRY_ADDREF_P( &temp );
     if( add_next_index_zval( error_z, &temp ) == FAILURE ) {
         DIE( "Fatal error during error processing" );
@@ -797,7 +796,6 @@ void copy_error_to_zval( _Inout_ zval* error_z, _In_ sqlsrv_error_const* error,
     // native_message
 	ZVAL_UNDEF(&temp);
     ZVAL_STRING( &temp, reinterpret_cast<char*>( error->native_message ) );
-    //TODO: reference?
 	Z_TRY_ADDREF_P(&temp);
     if( add_next_index_zval( error_z, &temp ) == FAILURE ) {
         DIE( "Fatal error during error processing" );