[E-devel] Fwd: New Defects reported by Coverity Scan for Enlightenment Foundation Libraries

[Stefan Schmidt]

 Forwarded Message 
Subject: New Defects reported by Coverity Scan for Enlightenment 
Foundation Libraries

Date: Tue, 25 Feb 2020 18:02:08 + (UTC)
From: scan-ad...@coverity.com
To: ste...@datenfreihafen.org

Hi,

Please find the latest report on new defect(s) introduced to 
Enlightenment Foundation Libraries found with Coverity Scan.


1 new defect(s) introduced to Enlightenment Foundation Libraries found 
with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1400991:  Error handling issues  (CHECKED_RETURN)
/src/lib/elementary/elm_slider.c: 1360 in _indi_default_format_cb()



*** CID 1400991:  Error handling issues  (CHECKED_RETURN)
/src/lib/elementary/elm_slider.c: 1360 in _indi_default_format_cb()
1354const Eina_Value_Type *type = eina_value_type_get();
1355Elm_Slider_Data *sd = efl_data_scope_get(data, 
ELM_SLIDER_CLASS);

1356double v;
1357 1358if (type != EINA_VALUE_TYPE_DOUBLE) return EINA_FALSE;
1359 >>> CID 1400991:  Error handling issues  (CHECKED_RETURN)

Calling "eina_value_get" without checking return value (as is done 
elsewhere 152 out of 178 times).

1360eina_value_get(, );
1361eina_strbuf_append_printf(str, sd->indi_template, v);
1362 1363return EINA_TRUE;
1364 }
1365


To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/ls/click?upn=nJaKvJSIH-2FPAfmty-2BK5tYpPklAc1eEA-2F1zfUjH6teExl4Ru1vqXvuwTryVO2Nj02BDTXle-2BVhCv8FT7jqbi77HUQo-2FVd-2B1-2F-2BoakUp0ZyUERYinKunD4dh9MAw6ivIOiFtVLp_JmTL-2B48xyW7Yn2O51uC4ogY6X2-2FLHNxtv4FHC5fbQZjdbIhI7umsLtyEUP4iUz-2FTnqscC6o7NBczVypMWgAQ3PTfwSkLggRBCnA8L8xN9EOaPjMZUxfEhsuCXtS8wRNACn3UP8RnRSdTGCzQFKv1Xb0ekFfU16ZxFvOmOpcvcii48KbRCAAGV3fVmpEB9rerAjaL-2FezqdYNqdv79vo3JoNGdHkAFhT1DatEqGWBy04GBFuu3AR-2FthiKfWWC6FCB-2B


  To manage Coverity Scan email notifications for 
"ste...@datenfreihafen.org", click 
https://u2389337.ct.sendgrid.net/ls/click?upn=nJaKvJSIH-2FPAfmty-2BK5tYpPklAc1eEA-2F1zfUjH6teEwKPNNrzEFiIgTetQBd7l2Xvx3RmExSxSary1NKqbYJzvAYN6rIwjwlzCIDsnVxKIs1IsiMKrMudAasp4-2BXTMe-2BsMV5Xf019f-2BnGDivW0l0gdQKwBmPFehuj-2Bg1WWnyp1U-3Dd9vh_JmTL-2B48xyW7Yn2O51uC4ogY6X2-2FLHNxtv4FHC5fbQZjdbIhI7umsLtyEUP4iUz-2FTnqscC6o7NBczVypMWgAQ3ARWCq-2FFlzw0NhtpZ4CUd4Jd3f9CyWAIBbfdvHdyXeK5Pst8iXFFh55CbwVAkHZaZ-2Buiy1-2F5IfLwOWoVNGPjLOOyun55aj2hpA2Wu-2BK9XYlIFui4iNbJvSPr7jx7VP3K5vXtOypcbELbysC5sywp1FySWGPwSD9pG0K7b7MUC-2Fve




___
enlightenment-devel mailing list
enlightenment-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/enlightenment-devel

Re: [E-devel] 1.24 schedule proposal

[Boris Faure]

On 20-02-25 17:13, Stefan Schmidt wrote:
> Hello.
> 
> On 01.02.20 12:45, Carsten Haitzler (The Rasterman) wrote:
> > On Fri, 31 Jan 2020 15:40:16 +0100 Stefan Schmidt 
> > 
> > said:
> > 
> > roughly - sounds good to me :)
> > 
> > > Hello.
> > > 
> > > Tomorrow it will be 4 months since we released 1.23. I wanna talk about
> > > my schedule proposal for 1.24.
> > > 
> > > When starting now with getting all things we want in the release
> > > finished, debugged and fixed I think April might be a good target month.
> > > 
> > > Here is what I propose for a schedule. Comments?
> > > 
> > > === Schedule ===
> > > 2019-10-01 1.23 release / merge window for 1.24 opens
> > > 2020-03-23 Notice about soon ending merge window
> > > 2020-04-01 Merge window is over. Freeze in place.
> > > * Only bug fixes from this point
> > > * Alpha release tarball
> > > 2020-04-08 Beta1 release tarball
> > > * Only critical fixes from this point
> > > 2020-04-15 Beta2 release tarball
> > > 2020-04-22 Final EFL 1.24 or Beta 3, depending on bug status
> > > 2020-04-29 Final EFL 1.24 is out (alternative date)
> 
> Besides the rough consensus from Raster I have not gotten any replies.
> I take this as a "go ahead as suggested". If anyone has problems with this
> schedule please speak up _now_.

I'm happy the way it is.
-- 
Boris Faure
Pointer Arithmetician


signature.asc
Description: PGP signature
___
enlightenment-devel mailing list
enlightenment-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/enlightenment-devel

Re: [E-devel] 1.24 schedule proposal

[Stefan Schmidt]

Hello.

On 01.02.20 12:45, Carsten Haitzler (The Rasterman) wrote:

On Fri, 31 Jan 2020 15:40:16 +0100 Stefan Schmidt 
said:

roughly - sounds good to me :)


Hello.

Tomorrow it will be 4 months since we released 1.23. I wanna talk about
my schedule proposal for 1.24.

When starting now with getting all things we want in the release
finished, debugged and fixed I think April might be a good target month.

Here is what I propose for a schedule. Comments?

=== Schedule ===
2019-10-01 1.23 release / merge window for 1.24 opens
2020-03-23 Notice about soon ending merge window
2020-04-01 Merge window is over. Freeze in place.
* Only bug fixes from this point
* Alpha release tarball
2020-04-08 Beta1 release tarball
* Only critical fixes from this point
2020-04-15 Beta2 release tarball
2020-04-22 Final EFL 1.24 or Beta 3, depending on bug status
2020-04-29 Final EFL 1.24 is out (alternative date)


Besides the rough consensus from Raster I have not gotten any replies.
I take this as a "go ahead as suggested". If anyone has problems with 
this schedule please speak up _now_.


regards
Stefan Schmidt


___
enlightenment-devel mailing list
enlightenment-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/enlightenment-devel

[E-devel] Fwd: New Defects reported by Coverity Scan for Enlightenment Foundation Libraries

[Stefan Schmidt]

Hello.

We have a new run from Coverity. The first one since mid January.
I am still trying to get their system sending mails directly to our 
devel list , but for now here is the forward.


If it shows problems in an area you worked on please have a look.
I for one need to look over all the exactness issues reported in here. :/

regards
Stefan Schmidt

 Forwarded Message 
Subject: New Defects reported by Coverity Scan for Enlightenment 
Foundation Libraries

Date: Mon, 24 Feb 2020 21:00:38 + (UTC)
From: scan-ad...@coverity.com
To: ste...@datenfreihafen.org

Hi,

Please find the latest report on new defect(s) introduced to 
Enlightenment Foundation Libraries found with Coverity Scan.


38 new defect(s) introduced to Enlightenment Foundation Libraries found 
with Coverity Scan.
7 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 20 of 38 defect(s)


** CID 1419880:  Insecure data handling  (TAINTED_STRING)
/src/bin/exactness/recorder.c: 416 in main()



*** CID 1419880:  Insecure data handling  (TAINTED_STRING)
/src/bin/exactness/recorder.c: 416 in main()
410 eq = argv[opt_args] ? strchr(argv[opt_args], '=') : NULL;
411 if (eq)
412   {
413  char *var = malloc(eq - argv[opt_args] + 1);
414  memcpy(var, argv[opt_args], eq - argv[opt_args]);
415  var[eq - argv[opt_args]] = '\0';

CID 1419880:  Insecure data handling  (TAINTED_STRING)
Passing tainted string "var" to "setenv", which cannot accept tainted data.

416  setenv(var, eq + 1, 1);
417  opt_args++;
418   }
419  } while (eq);
420_out_filename = eina_stringshare_add(dest);
421
** CID 1419879:  Control flow issues  (DEADCODE)
/src/bin/exactness/inspect.c: 344 in _grp_text_get()



*** CID 1419879:  Control flow issues  (DEADCODE)
/src/bin/exactness/inspect.c: 344 in _grp_text_get()
338   case EX_SCENARIO: { str = "Scenario"; break; }
339   case EX_IMAGE: { str = "Images"; break; }
340   case EX_OBJ_INFO: { str = "Objects"; break; }
341   default: { str = "Unknown"; break; }
342  }
343sprintf(buf, "%s%s", str, compare ? " comparison" : "");

CID 1419879:  Control flow issues  (DEADCODE)
Execution cannot reach this statement: "eina_stringshare_del(str);".

344if (dt == EX_FONTS_DIR) eina_stringshare_del(str);
345return strdup(buf);
346 }
347 348 static char *
349 _scn_text_get(void *data, Evas_Object *gl, const char *part 
EINA_UNUSED)


** CID 1419878:  Resource leaks  (RESOURCE_LEAK)
/src/bin/exactness/inspect.c: 360 in _scn_text_get()



*** CID 1419878:  Resource leaks  (RESOURCE_LEAK)
/src/bin/exactness/inspect.c: 360 in _scn_text_get()
354if (compare)
355  {
356 _Compare_Item_Data *vv = data;
357 Exactness_Action *a1 = vv->p1;
358 Exactness_Action *a2 = vv->p2;
359 >>> CID 1419878:  Resource leaks  (RESOURCE_LEAK)

Variable "buf" going out of scope leaks the storage it points to.

360 if (!a1 ^ !a2) return strdup("X");
361 362 if (a1->delay_ms != a2->delay_ms) 
eina_strbuf_append_printf(buf, "[+"LDIFF(%.3f)"/+"RDIFF(%.3f)"]: ", 
a1->delay_ms/1000.0, a2->delay_ms/1000.0);
363 else eina_strbuf_append_printf(buf, "+%.3f: ", 
a1->delay_ms / 1000.0);

364 365 if (a1->type != a2->type)

** CID 1419877:  Resource leaks  (RESOURCE_LEAK)
/src/bin/exactness/inspect.c: 562 in _img_content_get()



*** CID 1419877:  Resource leaks  (RESOURCE_LEAK)
/src/bin/exactness/inspect.c: 562 in _img_content_get()
556 Exactness_Image *ex_imgO = NULL;
557 exactness_image_compare(ex_img1, ex_img2, _imgO);
558 559 evas_object_image_size_set(evas_img, ex_imgO->w, 
ex_imgO->h);

560 evas_object_image_data_set(evas_img, ex_imgO->pixels);
561 evas_object_size_hint_min_set(img, ELM_SCALE_SIZE(300), 
ELM_SCALE_SIZE(300));

CID 1419877:  Resource leaks  (RESOURCE_LEAK)
Variable "ex_imgO" going out of scope leaks the storage it points to.

562  }
563else
564  {
565 if (!data)
566   {
567  efl_del(img);

** CID 1419876:  Null pointer dereferences  (FORWARD_NULL)
/src/bin/exactness/inspect.c: 211 in _are_images_different()