Yes, rare but it could happen.
Fixed and committed to SVN.
Best,
Scuri
2018-01-19 15:01 GMT-02:00 Ranier VF <ranier_...@hotmail.com>:
> Hi,
> Well can be rarely but.
>
> If afunc->system_default is NOT NULL and afunc->default_value is NULL,
> and afunc->call_global_default IS NOT NULL:
>
> if ((!iupStrEqualNoCase(afunc->default_value, afunc->system_default)) ||
>
> take false branch, and
>
> (afunc->call_global_default && iupGlobalDefaultColorChanged(
> afunc->default_value)))
>
> take true branch,
>
> iupGlobalDefaultColorChange is called with afunc->default_value=NULL.
>
> int iupGlobalDefaultColorChanged(const char *name)
> 51{
> 52 char str[50] = "_IUP_USER_DEFAULT_";
> 1. deref_parm_in_call: Function strcat dereferences name.
> 53 strcat(str, name)
>
> Result segmentation fault, rare, but possible.
>
> Best.
> Ranier
> ________________________________________
> De: Antonio Scuri <antonio.sc...@gmail.com>
> Enviado: sexta-feira, 19 de janeiro de 2018 10:54
> Para: IUP discussion list.
> Assunto: Re: [Iup-users] CID 210573 (#1 of 1): Dereference after null
> check (FORWARD_NULL)
>
> The first if tests for:
>
> (afunc->default_value || afunc->system_default) &&
>
> So default_value can be NULL if system_default is not. Or they are equal
> and NOT NULL.
>
> The second if tests for:
>
> if ((!iupStrEqualNoCase(afunc->default_value, afunc->system_default)) ||
>
> If they are not equal OR
>
> then they are equal and not NULL at:
>
> (afunc->call_global_default && iupGlobalDefaultColorChanged(
> afunc->default_value)))
>
> There is no need for " && afunc->default_value"
>
> Best,
> Scuri
>
>
> 2018-01-19 0:06 GMT-02:00 Ranier VF <ranier_...@hotmail.com<mailto:
> ranier_...@hotmail.com>>:
> Hi,
> Issue found by Coverity Scan.
> CID 210573 (#1 of 1): Dereference after null check (FORWARD_NULL)
> var_deref_model: Passing null pointer afunc->default_value to
> iupGlobalDefaultColorChanged, which dereferences it.
>
> --- a\src\iup_classattrib.c Fri Oct 14 13:48:50 2016
> +++ b\src\iup_classattrib.c Fri Jan 19 00:01:03 2018
> @@ -990,7 +990,8 @@
> !(afunc->flags & IUPAF_HAS_ID))
> {
> if ((!iupStrEqualNoCase(afunc->default_value,
> afunc->system_default)) ||
> - (afunc->call_global_default && iupGlobalDefaultColorChanged(
> afunc->default_value)))
> + (afunc->call_global_default && afunc->default_value &&
> + iupGlobalDefaultColorChanged(afunc->default_value)))
> {
> if ((!ih->handle && (afunc->flags & IUPAF_NOT_MAPPED)) ||
> (ih->handle && !(afunc->flags & IUPAF_NOT_MAPPED)))
>
> Best.
> Ranier
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Iup-users mailing list
> Iup-users@lists.sourceforge.net<mailto:Iup-users@lists.sourceforge.net>
> https://lists.sourceforge.net/lists/listinfo/iup-users
>
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Iup-users mailing list
> Iup-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/iup-users
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Iup-users mailing list
Iup-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/iup-users
