[E-devel] Fwd: New Defects reported by Coverity Scan for Enlightenment Foundation Libraries
Another Coverity issue found yesterday. Forwarded Message Subject: New Defects reported by Coverity Scan for Enlightenment Foundation Libraries Date: Tue, 12 May 2020 19:23:50 + (UTC) From: scan-ad...@coverity.com To: ste...@datenfreihafen.org Hi, Please find the latest report on new defect(s) introduced to Enlightenment Foundation Libraries found with Coverity Scan. 1 new defect(s) introduced to Enlightenment Foundation Libraries found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1428799: Null pointer dereferences (REVERSE_INULL) /src/lib/evas/canvas/efl_canvas_object_animation.c: 151 in _efl_canvas_object_animation_animation_pause_set() *** CID 1428799: Null pointer dereferences (REVERSE_INULL) /src/lib/evas/canvas/efl_canvas_object_animation.c: 151 in _efl_canvas_object_animation_animation_pause_set() 145if (pd->in->pause_state == pause) return; 146 147if (pause) 148 _end(obj, pd); 149else 150 _start(obj, pd,(pd->in->speed < 0) ? 1.0 - pd->in->progress : pd->in->progress); CID 1428799: Null pointer dereferences (REVERSE_INULL) Null-checking "pd->in" suggests that it may be null, but it has already been dereferenced on all paths leading to the check. 151if (pd->in) pd->in->pause_state = pause; 152 } 153 154 EOLIAN static Eina_Bool 155 _efl_canvas_object_animation_animation_pause_get(const Eo *obj EINA_UNUSED, Efl_Canvas_Object_Animation_Data *pd) 156 { To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/ls/click?upn=nJaKvJSIH-2FPAfmty-2BK5tYpPklAc1eEA-2F1zfUjH6teExl4Ru1vqXvuwTryVO2Nj02BDTXle-2BVhCv8FT7jqbi77HUQo-2FVd-2B1-2F-2BoakUp0ZyUERYinKunD4dh9MAw6ivIOiF3way_JmTL-2B48xyW7Yn2O51uC4ogY6X2-2FLHNxtv4FHC5fbQZiOqqn-2B8yMi01VrcreZMpiy1pqluJg0cIBTqbOGT0olKXA2sTYzZsYwLvOuuwlqVQ9pxskQwByyPebw0MCpxMOfyopOQMI-2F99uVMlK9mh4XKiF22T-2B-2F4wFpCOtXYC6fi6OGjs-2FqoGkFL7K11959W5foikVh9gBIc2mwRPFi9NuVwB2pHqzQpJpVsp-2FOhNV497YqcVjd6GZnPCNrl1Q-2BoSAX To manage Coverity Scan email notifications for "ste...@datenfreihafen.org", click https://u2389337.ct.sendgrid.net/ls/click?upn=nJaKvJSIH-2FPAfmty-2BK5tYpPklAc1eEA-2F1zfUjH6teEwKPNNrzEFiIgTetQBd7l2Xvx3RmExSxSary1NKqbYJzvAYN6rIwjwlzCIDsnVxKIs1IsiMKrMudAasp4-2BXTMe-2BsMV5Xf019f-2BnGDivW0l0gdQKwBmPFehuj-2Bg1WWnyp1U-3Dcrw4_JmTL-2B48xyW7Yn2O51uC4ogY6X2-2FLHNxtv4FHC5fbQZiOqqn-2B8yMi01VrcreZMpiy1pqluJg0cIBTqbOGT0olKQ7PTtNE3RGjuLvU2yo9RbifuZAT5nJRpW7a3XFwmon1Uz5RanP-2FDLMHoLjHaEGADRJRuAqI1L5VScqxlimAQRDp-2BJLWkBxIQ1SQreXY1N864DxsAvcqgax6U2rXIVdYM69UgIksRC-2FQ7coimRc4LNVCeQKbOpEs2rnWBy5zRBVB ___ enlightenment-devel mailing list enlightenment-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
[E-devel] Fwd: New Defects reported by Coverity Scan for Enlightenment Foundation Libraries
Forwarded Message Subject: New Defects reported by Coverity Scan for Enlightenment Foundation Libraries Date: Fri, 20 Mar 2020 18:21:24 + (UTC) From: scan-ad...@coverity.com To: ste...@datenfreihafen.org Hi, Please find the latest report on new defect(s) introduced to Enlightenment Foundation Libraries found with Coverity Scan. 8 new defect(s) introduced to Enlightenment Foundation Libraries found with Coverity Scan. 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 8 of 8 defect(s) ** CID 1422001: Uninitialized variables (UNINIT) /src/lib/elementary/elm_atspi_bridge.c: 1644 in _text_attributes_get() *** CID 1422001: Uninitialized variables (UNINIT) /src/lib/elementary/elm_atspi_bridge.c: 1644 in _text_attributes_get() 1638else 1639 { 1640 goto fail; 1641 } 1642 1643eldbus_message_iter_container_close(iter, iter_array); CID 1422001: Uninitialized variables (UNINIT) Using uninitialized value "end" when calling "eldbus_message_iter_arguments_append". 1644eldbus_message_iter_arguments_append(iter, "ii", start, end); 1645 1646return ret; 1647 1648 fail: 1649if (ret) eldbus_message_unref(ret); ** CID 1422000: Resource leaks (RESOURCE_LEAK) /src/lib/elementary/elm_atspi_bridge.c: 1412 in _text_text_get() *** CID 1422000: Resource leaks (RESOURCE_LEAK) /src/lib/elementary/elm_atspi_bridge.c: 1412 in _text_text_get() 1406 return _dbus_invalid_ref_error_new(msg); 1407 } 1408 1409str = str ? str : strdup(""); 1410 1411Eldbus_Message *ret = eldbus_message_method_return_new(msg); CID 1422000: Resource leaks (RESOURCE_LEAK) Variable "str" going out of scope leaks the storage it points to. 1412EINA_SAFETY_ON_NULL_RETURN_VAL(ret, NULL); 1413eldbus_message_arguments_append(ret, "s", str); 1414 1415free(str); 1416 1417return ret; ** CID 1421999: Resource leaks (RESOURCE_LEAK) /src/lib/elementary/elm_atspi_bridge.c: 1368 in _text_string_at_offset_get() *** CID 1421999: Resource leaks (RESOURCE_LEAK) /src/lib/elementary/elm_atspi_bridge.c: 1368 in _text_string_at_offset_get() 1362 return _dbus_invalid_ref_error_new(msg); 1363 } 1364 1365str = str ? str : strdup(""); 1366 1367ret = eldbus_message_method_return_new(msg); CID 1421999: Resource leaks (RESOURCE_LEAK) Variable "str" going out of scope leaks the storage it points to. 1368EINA_SAFETY_ON_NULL_RETURN_VAL(ret, NULL); 1369 1370eldbus_message_arguments_append(ret, "sii", str, start, end); 1371free(str); 1372 1373return ret; ** CID 1421998: Resource leaks (RESOURCE_LEAK) /src/lib/elementary/elm_atspi_bridge.c: 1573 in _text_attribute_value_get() *** CID 1421998: Resource leaks (RESOURCE_LEAK) /src/lib/elementary/elm_atspi_bridge.c: 1573 in _text_attribute_value_get() 1567else 1568 { 1569 return _dbus_invalid_ref_error_new(msg); 1570 } 1571 1572ret = eldbus_message_method_return_new(msg); CID 1421998: Resource leaks (RESOURCE_LEAK) Variable "value" going out of scope leaks the storage it points to. 1573EINA_SAFETY_ON_NULL_RETURN_VAL(ret, NULL); 1574eldbus_message_arguments_append(ret, "siib", value ? value : "", start, end, res); 1575 1576free(value); 1577return ret; 1578 } ** CID 1421997: Uninitialized variables (UNINIT) /src/lib/elementary/elm_atspi_bridge.c: 1370 in _text_string_at_offset_get() *** CID 1421997: Uninitialized variables (UNINIT) /src/lib/elementary/elm_atspi_bridge.c: 1370 in _text_string_at_offset_get() 1364 1365str = str ? str : strdup(""); 1366 1367ret = eldbus_message_method_return_new(msg); 1368EINA_SAFETY_ON_NULL_RETURN_VAL(ret, NULL); 1369 >>> CID 1421997: Uninitialized variables (UNINIT) Using uninitialized value "end" when calling "eldbus_message_arguments_append". 1370eldbus_message_arguments_append(ret, "sii", str, start, end); 1371free(str); 1372 1373return ret; 1374 } 1375 ** CID 1421996: Control flow issues (DEADCODE) /src/bin/exactness/exactness.c: 246 in
[E-devel] Fwd: New Defects reported by Coverity Scan for Enlightenment Foundation Libraries
Forwarded Message Subject: New Defects reported by Coverity Scan for Enlightenment Foundation Libraries Date: Tue, 25 Feb 2020 18:02:08 + (UTC) From: scan-ad...@coverity.com To: ste...@datenfreihafen.org Hi, Please find the latest report on new defect(s) introduced to Enlightenment Foundation Libraries found with Coverity Scan. 1 new defect(s) introduced to Enlightenment Foundation Libraries found with Coverity Scan. 6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1400991: Error handling issues (CHECKED_RETURN) /src/lib/elementary/elm_slider.c: 1360 in _indi_default_format_cb() *** CID 1400991: Error handling issues (CHECKED_RETURN) /src/lib/elementary/elm_slider.c: 1360 in _indi_default_format_cb() 1354const Eina_Value_Type *type = eina_value_type_get(); 1355Elm_Slider_Data *sd = efl_data_scope_get(data, ELM_SLIDER_CLASS); 1356double v; 1357 1358if (type != EINA_VALUE_TYPE_DOUBLE) return EINA_FALSE; 1359 >>> CID 1400991: Error handling issues (CHECKED_RETURN) Calling "eina_value_get" without checking return value (as is done elsewhere 152 out of 178 times). 1360eina_value_get(, ); 1361eina_strbuf_append_printf(str, sd->indi_template, v); 1362 1363return EINA_TRUE; 1364 } 1365 To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/ls/click?upn=nJaKvJSIH-2FPAfmty-2BK5tYpPklAc1eEA-2F1zfUjH6teExl4Ru1vqXvuwTryVO2Nj02BDTXle-2BVhCv8FT7jqbi77HUQo-2FVd-2B1-2F-2BoakUp0ZyUERYinKunD4dh9MAw6ivIOiFtVLp_JmTL-2B48xyW7Yn2O51uC4ogY6X2-2FLHNxtv4FHC5fbQZjdbIhI7umsLtyEUP4iUz-2FTnqscC6o7NBczVypMWgAQ3PTfwSkLggRBCnA8L8xN9EOaPjMZUxfEhsuCXtS8wRNACn3UP8RnRSdTGCzQFKv1Xb0ekFfU16ZxFvOmOpcvcii48KbRCAAGV3fVmpEB9rerAjaL-2FezqdYNqdv79vo3JoNGdHkAFhT1DatEqGWBy04GBFuu3AR-2FthiKfWWC6FCB-2B To manage Coverity Scan email notifications for "ste...@datenfreihafen.org", click https://u2389337.ct.sendgrid.net/ls/click?upn=nJaKvJSIH-2FPAfmty-2BK5tYpPklAc1eEA-2F1zfUjH6teEwKPNNrzEFiIgTetQBd7l2Xvx3RmExSxSary1NKqbYJzvAYN6rIwjwlzCIDsnVxKIs1IsiMKrMudAasp4-2BXTMe-2BsMV5Xf019f-2BnGDivW0l0gdQKwBmPFehuj-2Bg1WWnyp1U-3Dd9vh_JmTL-2B48xyW7Yn2O51uC4ogY6X2-2FLHNxtv4FHC5fbQZjdbIhI7umsLtyEUP4iUz-2FTnqscC6o7NBczVypMWgAQ3ARWCq-2FFlzw0NhtpZ4CUd4Jd3f9CyWAIBbfdvHdyXeK5Pst8iXFFh55CbwVAkHZaZ-2Buiy1-2F5IfLwOWoVNGPjLOOyun55aj2hpA2Wu-2BK9XYlIFui4iNbJvSPr7jx7VP3K5vXtOypcbELbysC5sywp1FySWGPwSD9pG0K7b7MUC-2Fve ___ enlightenment-devel mailing list enlightenment-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
[E-devel] Fwd: New Defects reported by Coverity Scan for Enlightenment Foundation Libraries
Hello. We have a new run from Coverity. The first one since mid January. I am still trying to get their system sending mails directly to our devel list , but for now here is the forward. If it shows problems in an area you worked on please have a look. I for one need to look over all the exactness issues reported in here. :/ regards Stefan Schmidt Forwarded Message Subject: New Defects reported by Coverity Scan for Enlightenment Foundation Libraries Date: Mon, 24 Feb 2020 21:00:38 + (UTC) From: scan-ad...@coverity.com To: ste...@datenfreihafen.org Hi, Please find the latest report on new defect(s) introduced to Enlightenment Foundation Libraries found with Coverity Scan. 38 new defect(s) introduced to Enlightenment Foundation Libraries found with Coverity Scan. 7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 20 of 38 defect(s) ** CID 1419880: Insecure data handling (TAINTED_STRING) /src/bin/exactness/recorder.c: 416 in main() *** CID 1419880: Insecure data handling (TAINTED_STRING) /src/bin/exactness/recorder.c: 416 in main() 410 eq = argv[opt_args] ? strchr(argv[opt_args], '=') : NULL; 411 if (eq) 412 { 413 char *var = malloc(eq - argv[opt_args] + 1); 414 memcpy(var, argv[opt_args], eq - argv[opt_args]); 415 var[eq - argv[opt_args]] = '\0'; CID 1419880: Insecure data handling (TAINTED_STRING) Passing tainted string "var" to "setenv", which cannot accept tainted data. 416 setenv(var, eq + 1, 1); 417 opt_args++; 418 } 419 } while (eq); 420_out_filename = eina_stringshare_add(dest); 421 ** CID 1419879: Control flow issues (DEADCODE) /src/bin/exactness/inspect.c: 344 in _grp_text_get() *** CID 1419879: Control flow issues (DEADCODE) /src/bin/exactness/inspect.c: 344 in _grp_text_get() 338 case EX_SCENARIO: { str = "Scenario"; break; } 339 case EX_IMAGE: { str = "Images"; break; } 340 case EX_OBJ_INFO: { str = "Objects"; break; } 341 default: { str = "Unknown"; break; } 342 } 343sprintf(buf, "%s%s", str, compare ? " comparison" : ""); CID 1419879: Control flow issues (DEADCODE) Execution cannot reach this statement: "eina_stringshare_del(str);". 344if (dt == EX_FONTS_DIR) eina_stringshare_del(str); 345return strdup(buf); 346 } 347 348 static char * 349 _scn_text_get(void *data, Evas_Object *gl, const char *part EINA_UNUSED) ** CID 1419878: Resource leaks (RESOURCE_LEAK) /src/bin/exactness/inspect.c: 360 in _scn_text_get() *** CID 1419878: Resource leaks (RESOURCE_LEAK) /src/bin/exactness/inspect.c: 360 in _scn_text_get() 354if (compare) 355 { 356 _Compare_Item_Data *vv = data; 357 Exactness_Action *a1 = vv->p1; 358 Exactness_Action *a2 = vv->p2; 359 >>> CID 1419878: Resource leaks (RESOURCE_LEAK) Variable "buf" going out of scope leaks the storage it points to. 360 if (!a1 ^ !a2) return strdup("X"); 361 362 if (a1->delay_ms != a2->delay_ms) eina_strbuf_append_printf(buf, "[+"LDIFF(%.3f)"/+"RDIFF(%.3f)"]: ", a1->delay_ms/1000.0, a2->delay_ms/1000.0); 363 else eina_strbuf_append_printf(buf, "+%.3f: ", a1->delay_ms / 1000.0); 364 365 if (a1->type != a2->type) ** CID 1419877: Resource leaks (RESOURCE_LEAK) /src/bin/exactness/inspect.c: 562 in _img_content_get() *** CID 1419877: Resource leaks (RESOURCE_LEAK) /src/bin/exactness/inspect.c: 562 in _img_content_get() 556 Exactness_Image *ex_imgO = NULL; 557 exactness_image_compare(ex_img1, ex_img2, _imgO); 558 559 evas_object_image_size_set(evas_img, ex_imgO->w, ex_imgO->h); 560 evas_object_image_data_set(evas_img, ex_imgO->pixels); 561 evas_object_size_hint_min_set(img, ELM_SCALE_SIZE(300), ELM_SCALE_SIZE(300)); CID 1419877: Resource leaks (RESOURCE_LEAK) Variable "ex_imgO" going out of scope leaks the storage it points to. 562 } 563else 564 { 565 if (!data) 566 { 567 efl_del(img); ** CID 1419876: Null pointer dereferences (FORWARD_NULL) /src/bin/exactness/inspect.c: 211 in _are_images_different()
[E-devel] Fwd: New Defects reported by Coverity Scan for Enlightenment Foundation Libraries
Hello. Due to our Jenkins being turned off for the time being we did not have Coverity runs for the last 6 weeks. I triggered a manual one today to see in what shape efl is. 38 new and only 15 fixed. Below are just the first 20 in summary. Please have a look at these inside the code you introduced. regards Stefan Schmidt Forwarded Message Subject: New Defects reported by Coverity Scan for Enlightenment Foundation Libraries Date: Tue, 11 Jul 2017 15:10:39 + (UTC) From: scan-ad...@coverity.com To: ste...@datenfreihafen.org Hi, Please find the latest report on new defect(s) introduced to Enlightenment Foundation Libraries found with Coverity Scan. 38 new defect(s) introduced to Enlightenment Foundation Libraries found with Coverity Scan. 15 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 20 of 38 defect(s) ** CID 1377551: Integer handling issues (NEGATIVE_RETURNS) /src/lib/elementary/efl_ui_internal_text_interactive.c: 723 in _key_down_cb() *** CID 1377551: Integer handling issues (NEGATIVE_RETURNS) /src/lib/elementary/efl_ui_internal_text_interactive.c: 723 in _key_down_cb() 717Efl_Ui_Internal_Text_Interactive_Data *en = efl_data_scope_get(obj, MY_CLASS); 718 719/* FIXME: Maybe allow selctions to happen even when not editable. */ 720if (!en->editable) return; 721 722cur = efl_text_cursor_get(obj, EFL_TEXT_CURSOR_GET_MAIN); >>> CID 1377551: Integer handling issues (NEGATIVE_RETURNS) >>> Assigning: signed variable "old_cur_pos" = >>> "evas_textblock_cursor_pos_get". 723old_cur_pos = evas_textblock_cursor_pos_get(cur); 724 725control = evas_key_modifier_is_set(ev->modifiers, "Control"); 726alt = evas_key_modifier_is_set(ev->modifiers, "Alt"); 727shift = evas_key_modifier_is_set(ev->modifiers, "Shift"); 728 #if defined(__APPLE__) && defined(__MACH__) ** CID 1377550: Error handling issues (CHECKED_RETURN) /src/lib/eina/eina_debug.c: 461 in eina_debug_remote_connect() *** CID 1377550: Error handling issues (CHECKED_RETURN) /src/lib/eina/eina_debug.c: 461 in eina_debug_remote_connect() 455if (fd < 0) goto err; 456// set the socket to close when we exec things so they don't inherit it 457if (fcntl(fd, F_SETFD, FD_CLOEXEC) < 0) goto err; 458 459//Prepare the sockaddr_in structure 460server.sin_family = AF_INET; >>> CID 1377550: Error handling issues (CHECKED_RETURN) >>> Calling "inet_pton" without checking return value (as is done elsewhere >>> 10 out of 11 times). 461inet_pton(AF_INET, "127.0.0.1", _addr.s_addr); 462server.sin_port = htons(port); 463 464if (connect(fd, (struct sockaddr *), sizeof(server)) < 0) 465 { 466 perror("connect failed. Error"); ** CID 1377549: Concurrent data access violations (MISSING_LOCK) /src/lib/eina/eina_debug_cpu.c: 263 in _cpufreq_on_cb() *** CID 1377549: Concurrent data access violations (MISSING_LOCK) /src/lib/eina/eina_debug_cpu.c: 263 in _cpufreq_on_cb() 257 _eina_debug_evlog_active = 1; 258 eina_evlog_start(); 259 } 260if (!_eina_debug_sysmon_active) 261 { 262 _eina_debug_sysmon_reset = 1; >>> CID 1377549: Concurrent data access violations (MISSING_LOCK) >>> Accessing "_eina_debug_sysmon_active" without holding lock >>> "_Eina_Lock.mutex". Elsewhere, "_eina_debug_sysmon_active" is accessed with >>> "_Eina_Lock.mutex" held 1 out of 2 times (1 of these accesses strongly >>> imply that it is necessary). 263 _eina_debug_sysmon_active = 1; 264 eina_lock_release(&_sysmon_lock); 265 } 266return EINA_TRUE; 267 } 268 ** CID 1377548: Insecure data handling (TAINTED_STRING) *** CID 1377548: Insecure data handling (TAINTED_STRING) /src/lib/efl_wl/efl_wl.c: 3474 in seat_keymap_update() 3468s->kbd.keymap_fd = eina_file_mkstemp("comp-keymapXX", ); 3469{ 3470 int flags = fcntl(s->kbd.keymap_fd, F_GETFD); 3471 fcntl(s->kbd.keymap_fd, F_SETFD, flags | FD_CLOEXEC); 3472} 3473ftruncate(s->kbd.keymap_fd, s->kbd.keymap_mem_size); >>> CID 1377548: Insecure data handling (TAINTED_STRING) >>> Passing tainted string "file" to "eina_file_unlink", which cannot >>> accept tainted data. 3474eina_file_unlink(file); 3475