Re: [Iup-users] CID 210573 (#1 of 1): Dereference after null check (FORWARD_NULL)

2018-01-20 Thread Antonio Scuri 
  Yes, rare but it could happen.

  Fixed and committed to SVN.

Best,
Scuri



2018-01-19 15:01 GMT-02:00 Ranier VF <ranier_...@hotmail.com>:

> Hi,
> Well can be rarely but.
>
> If afunc->system_default is NOT NULL and afunc->default_value is NULL,
> and afunc->call_global_default IS NOT NULL:
>
> if ((!iupStrEqualNoCase(afunc->default_value, afunc->system_default)) ||
>
> take false branch,  and
>
> (afunc->call_global_default && iupGlobalDefaultColorChanged(
> afunc->default_value)))
>
> take true branch,
>
> iupGlobalDefaultColorChange is called with afunc->default_value=NULL.
>
> int iupGlobalDefaultColorChanged(const char *name)
> 51{
> 52  char str[50] = "_IUP_USER_DEFAULT_";
>   1. deref_parm_in_call: Function strcat dereferences name.
> 53  strcat(str, name)
>
> Result segmentation fault, rare, but possible.
>
> Best.
> Ranier
> 
> De: Antonio Scuri <antonio.sc...@gmail.com>
> Enviado: sexta-feira, 19 de janeiro de 2018 10:54
> Para: IUP discussion list.
> Assunto: Re: [Iup-users] CID 210573 (#1 of 1): Dereference after null
> check (FORWARD_NULL)
>
>   The first if tests for:
>
> (afunc->default_value || afunc->system_default) &&
>
>   So default_value can be NULL if system_default is not. Or they are equal
> and NOT NULL.
>
>   The second if tests for:
>
> if ((!iupStrEqualNoCase(afunc->default_value, afunc->system_default)) ||
>
>   If they are not equal OR
>
>   then they are equal and not NULL at:
>
>   (afunc->call_global_default && iupGlobalDefaultColorChanged(
> afunc->default_value)))
>
>   There is no need for " && afunc->default_value"
>
> Best,
> Scuri
>
>
> 2018-01-19 0:06 GMT-02:00 Ranier VF <ranier_...@hotmail.com ranier_...@hotmail.com>>:
> Hi,
> Issue found by Coverity Scan.
> CID 210573 (#1 of 1): Dereference after null check (FORWARD_NULL)
> var_deref_model: Passing null pointer afunc->default_value to
> iupGlobalDefaultColorChanged, which dereferences it.
>
> --- a\src\iup_classattrib.c Fri Oct 14 13:48:50 2016
> +++ b\src\iup_classattrib.c Fri Jan 19 00:01:03 2018
> @@ -990,7 +990,8 @@
>  !(afunc->flags & IUPAF_HAS_ID))
>  {
>if ((!iupStrEqualNoCase(afunc->default_value,
> afunc->system_default)) ||
> -  (afunc->call_global_default && iupGlobalDefaultColorChanged(
> afunc->default_value)))
> +  (afunc->call_global_default && afunc->default_value &&
> +   iupGlobalDefaultColorChanged(afunc->default_value)))
>{
>  if ((!ih->handle && (afunc->flags & IUPAF_NOT_MAPPED)) ||
>  (ih->handle && !(afunc->flags & IUPAF_NOT_MAPPED)))
>
> Best.
> Ranier
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Iup-users mailing list
> Iup-users@lists.sourceforge.net<mailto:Iup-users@lists.sourceforge.net>
> https://lists.sourceforge.net/lists/listinfo/iup-users
>
>
>
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Iup-users mailing list
> Iup-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/iup-users
>
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Iup-users mailing list
Iup-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/iup-users

Re: [Iup-users] CID 210573 (#1 of 1): Dereference after null check (FORWARD_NULL)

2018-01-19 Thread Ranier VF 
Hi,
Well can be rarely but.

If afunc->system_default is NOT NULL and afunc->default_value is NULL,
and afunc->call_global_default IS NOT NULL:

if ((!iupStrEqualNoCase(afunc->default_value, afunc->system_default)) ||

take false branch,  and

(afunc->call_global_default && 
iupGlobalDefaultColorChanged(afunc->default_value)))

take true branch,

iupGlobalDefaultColorChange is called with afunc->default_value=NULL.

int iupGlobalDefaultColorChanged(const char *name)
51{
52  char str[50] = "_IUP_USER_DEFAULT_";
  1. deref_parm_in_call: Function strcat dereferences name.
53  strcat(str, name)

Result segmentation fault, rare, but possible.

Best.
Ranier

De: Antonio Scuri <antonio.sc...@gmail.com>
Enviado: sexta-feira, 19 de janeiro de 2018 10:54
Para: IUP discussion list.
Assunto: Re: [Iup-users] CID 210573 (#1 of 1): Dereference after null check 
(FORWARD_NULL)

  The first if tests for:

(afunc->default_value || afunc->system_default) &&

  So default_value can be NULL if system_default is not. Or they are equal and 
NOT NULL.

  The second if tests for:

if ((!iupStrEqualNoCase(afunc->default_value, afunc->system_default)) ||

  If they are not equal OR

  then they are equal and not NULL at:

  (afunc->call_global_default && 
iupGlobalDefaultColorChanged(afunc->default_value)))

  There is no need for " && afunc->default_value"

Best,
Scuri


2018-01-19 0:06 GMT-02:00 Ranier VF 
<ranier_...@hotmail.com<mailto:ranier_...@hotmail.com>>:
Hi,
Issue found by Coverity Scan.
CID 210573 (#1 of 1): Dereference after null check (FORWARD_NULL)
var_deref_model: Passing null pointer afunc->default_value to 
iupGlobalDefaultColorChanged, which dereferences it.

--- a\src\iup_classattrib.c Fri Oct 14 13:48:50 2016
+++ b\src\iup_classattrib.c Fri Jan 19 00:01:03 2018
@@ -990,7 +990,8 @@
 !(afunc->flags & IUPAF_HAS_ID))
 {
   if ((!iupStrEqualNoCase(afunc->default_value, afunc->system_default)) ||
-  (afunc->call_global_default && 
iupGlobalDefaultColorChanged(afunc->default_value)))
+  (afunc->call_global_default && afunc->default_value &&
+   iupGlobalDefaultColorChanged(afunc->default_value)))
   {
 if ((!ih->handle && (afunc->flags & IUPAF_NOT_MAPPED)) ||
 (ih->handle && !(afunc->flags & IUPAF_NOT_MAPPED)))

Best.
Ranier
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Iup-users mailing list
Iup-users@lists.sourceforge.net<mailto:Iup-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/iup-users



--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Iup-users mailing list
Iup-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/iup-users

Re: [Iup-users] CID 210573 (#1 of 1): Dereference after null check (FORWARD_NULL)

2018-01-19 Thread Antonio Scuri 
  No. I didn't change it. The logic is correct.

  You can not replace call_global_default  by default_value.

Best,
Scuri


2018-01-19 11:15 GMT-02:00 Pete Lomax via Iup-users <
iup-users@lists.sourceforge.net>:

> On Fri, 19/1/18, Antonio Scuri  wrote:
>
> >then they are equal and not NULL at:
> >
> > (afunc->call_global_default && iupGlobalDefaultColorChanged(
> afunc->default_value)))
>
> By that logic you could/should/may as well change it to:
>
>  (afunc->default_value && iupGlobalDefaultColorChanged(
> afunc->default_value)))
>
> Is that what you did?
>
> Pete
>
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Iup-users mailing list
> Iup-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/iup-users
>
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Iup-users mailing list
Iup-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/iup-users

Re: [Iup-users] CID 210573 (#1 of 1): Dereference after null check (FORWARD_NULL)

2018-01-19 Thread Pete Lomax via Iup-users 
On Fri, 19/1/18, Antonio Scuri  wrote:

>then they are equal and not NULL at:
>      
>     (afunc->call_global_default && 
> iupGlobalDefaultColorChanged(afunc->default_value)))

By that logic you could/should/may as well change it to:

     (afunc->default_value && 
iupGlobalDefaultColorChanged(afunc->default_value)))

Is that what you did?

Pete

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Iup-users mailing list
Iup-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/iup-users

Re: [Iup-users] CID 210573 (#1 of 1): Dereference after null check (FORWARD_NULL)

2018-01-19 Thread Antonio Scuri 
  The first if tests for:

(afunc->default_value || afunc->system_default) &&

  So default_value can be NULL if system_default is not. Or they are equal
and NOT NULL.

  The second if tests for:

if ((!iupStrEqualNoCase(afunc->default_value, afunc->system_default)) ||

  If they are not equal OR

  then they are equal and not NULL at:

  (afunc->call_global_default &&
iupGlobalDefaultColorChanged(afunc->default_value)))

  There is no need for " && afunc->default_value"

Best,
Scuri


2018-01-19 0:06 GMT-02:00 Ranier VF :

> Hi,
> Issue found by Coverity Scan.
> CID 210573 (#1 of 1): Dereference after null check (FORWARD_NULL)
> var_deref_model: Passing null pointer afunc->default_value to
> iupGlobalDefaultColorChanged, which dereferences it.
>
> --- a\src\iup_classattrib.c Fri Oct 14 13:48:50 2016
> +++ b\src\iup_classattrib.c Fri Jan 19 00:01:03 2018
> @@ -990,7 +990,8 @@
>  !(afunc->flags & IUPAF_HAS_ID))
>  {
>if ((!iupStrEqualNoCase(afunc->default_value,
> afunc->system_default)) ||
> -  (afunc->call_global_default && iupGlobalDefaultColorChanged(
> afunc->default_value)))
> +  (afunc->call_global_default && afunc->default_value &&
> +   iupGlobalDefaultColorChanged(afunc->default_value)))
>{
>  if ((!ih->handle && (afunc->flags & IUPAF_NOT_MAPPED)) ||
>  (ih->handle && !(afunc->flags & IUPAF_NOT_MAPPED)))
>
> Best.
> Ranier
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Iup-users mailing list
> Iup-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/iup-users
>
>
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Iup-users mailing list
Iup-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/iup-users

[Iup-users] CID 210573 (#1 of 1): Dereference after null check (FORWARD_NULL)

2018-01-18 Thread Ranier VF 
Hi,
Issue found by Coverity Scan.
CID 210573 (#1 of 1): Dereference after null check (FORWARD_NULL)
var_deref_model: Passing null pointer afunc->default_value to 
iupGlobalDefaultColorChanged, which dereferences it.

--- a\src\iup_classattrib.c Fri Oct 14 13:48:50 2016
+++ b\src\iup_classattrib.c Fri Jan 19 00:01:03 2018
@@ -990,7 +990,8 @@
 !(afunc->flags & IUPAF_HAS_ID))
 {
   if ((!iupStrEqualNoCase(afunc->default_value, afunc->system_default)) || 
-  (afunc->call_global_default && 
iupGlobalDefaultColorChanged(afunc->default_value)))
+  (afunc->call_global_default && afunc->default_value &&
+   iupGlobalDefaultColorChanged(afunc->default_value)))
   {
 if ((!ih->handle && (afunc->flags & IUPAF_NOT_MAPPED)) ||
 (ih->handle && !(afunc->flags & IUPAF_NOT_MAPPED)))

Best.
Ranier

iup_classattrib.patch
Description: iup_classattrib.patch
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Iup-users mailing list
Iup-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/iup-users