Travis: update CLang Static Analyzer to CLang 9

Enable optional checkers
Fix two false positives

5 files changed, 32 insertions, 9 deletions

diff --git a/src/init.cpp b/src/init.cpp
index 9c7b7b19..a25d1ccd 100644
--- a/src/init.cpp
+++ b/src/init.cpp
@@ -239,7 +239,7 @@ Expand key from buffer or (if not in buffer) from init file
         char initname[5];
         int exists;
 
-        memcpy(initname, xkey, 4);
+        strncpy(initname, xkey, 4);
         initname[4] = 0;
 
         if( strncmp(xkey, "epsg:", 5) == 0 ) {
diff --git a/src/param.cpp b/src/param.cpp
index 182c40b0..289faca3 100644
--- a/src/param.cpp
+++ b/src/param.cpp
@@ -85,7 +85,7 @@ paralist *pj_mkparam_ws (const char *str, const char **next_str) {
     newitem = (paralist *) pj_calloc (1, sizeof(paralist) + len + 1);
     if (nullptr==newitem)
         return nullptr;
-    memmove(newitem->param, str, len);
+    memcpy(newitem->param, str, len);
     unquote_string(newitem->param);
 
     newitem->used = 0;
diff --git a/src/proj_internal.h b/src/proj_internal.h
index 7a777027..557c61cb 100644
--- a/src/proj_internal.h
+++ b/src/proj_internal.h
@@ -560,7 +560,7 @@ struct PJconsts {
 struct ARG_list {
     paralist *next;
     char used;
-#if defined(__GNUC__) && __GNUC__ >= 8
+#if (defined(__GNUC__) && __GNUC__ >= 8) || (defined(__clang__) && __clang_major__ >= 9)
     char param[]; /* variable-length member */
     /* Safer to use [] for gcc 8. See https://github.com/OSGeo/proj.4/pull/1087 */
     /* and https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86914 */
diff --git a/travis/csa/before_install.sh b/travis/csa/before_install.sh
index dcb7733b..0ebc94fb 100755
--- a/travis/csa/before_install.sh
+++ b/travis/csa/before_install.sh
@@ -7,7 +7,7 @@ set -e
 
 sudo apt-get install -qq sqlite3 libsqlite3-dev libtiff-dev libcurl4-openssl-dev
 
-CLANG_LLVM=clang+llvm-6.0.0-x86_64-linux-gnu-ubuntu-16.04
-wget http://releases.llvm.org/6.0.0/$CLANG_LLVM.tar.xz
+CLANG_LLVM=clang+llvm-9.0.0-x86_64-linux-gnu-ubuntu-16.04
+wget http://releases.llvm.org/9.0.0/$CLANG_LLVM.tar.xz
 tar xJf $CLANG_LLVM.tar.xz
-mv $CLANG_LLVM clang+llvm-6
+mv $CLANG_LLVM clang+llvm-9
diff --git a/travis/csa/install.sh b/travis/csa/install.sh
index 334389ee..349afcb1 100755
--- a/travis/csa/install.sh
+++ b/travis/csa/install.sh
@@ -5,7 +5,30 @@ set -e
 # prepare build files
 ./autogen.sh
 
-CXXFLAGS="-std=c++11" ./clang+llvm-6/bin/scan-build -o scanbuildoutput -plist -v ./configure
-./clang+llvm-6/bin/scan-build -o scanbuildoutput -plist -v make -j2
+export PATH=$PWD/clang+llvm-9/bin:$PATH
+CXXFLAGS="-std=c++11" scan-build -o scanbuildoutput -plist -v ./configure
+rm -rf scanbuildoutput
+TOPDIR=$PWD
+scan-build -o $TOPDIR/scanbuildoutput -sarif -v -enable-checker alpha.unix.cstring.OutOfBounds,alpha.unix.cstring.BufferOverlap,optin.cplusplus.VirtualCall,optin.cplusplus.UninitializedObject make -j2
 
-if grep -r "\.c" scanbuildoutput | grep "<string>" | grep -v -e "<key>" -e _generated_parser; then echo "error" && /bin/false; else echo "ok"; fi 
+sudo apt-get install jq
+
+rm -f filtered_scanbuild.txt
+files=$(find scanbuildoutput -name "*.sarif")
+for f in $files; do
+    jq '.runs[].results[] | (if .locations[].physicalLocation.fileLocation.uri | (contains("_generated_parser") ) then empty else { "uri": .locations[].physicalLocation.fileLocation.uri, "msg": .message.text, "location": .codeFlows[-1].threadFlows[-1].locations[-1] } end)' < $f > tmp.txt
+    if [ -s tmp.txt ]; then
+        echo "Errors from $f: "
+        cat $f
+        echo ""
+        cat tmp.txt >> filtered_scanbuild.txt
+    fi
+done
+if [ -s filtered_scanbuild.txt ]; then
+    echo ""
+    echo ""
+    echo "========================"
+    echo "Summary of errors found:"
+    cat filtered_scanbuild.txt
+    /bin/false
+fi