[Digikam-devel] New Defects reported by Coverity Scan for digiKam
scan-admin at coverity.com
scan-admin at coverity.com
Tue Jul 23 10:13:28 BST 2013
Hi,
Please find the latest report on new defect(s) introduced to digiKam found with Coverity Scan
Defect(s) Reported-by: Coverity Scan
Showing 7 of 37 defects
** CID 1042377: Uninitialized pointer field (UNINIT_CTOR)
/mnt/devel/GIT/3.x/core/libs/widgets/common/dxmlguiwindow.cpp: 77
** CID 1028686: Mixing enum types (MIXED_ENUMS)
/mnt/devel/GIT/3.x/core/libs/jpegutils/jpegutils.cpp: 515
** CID 990933: Resource leak (RESOURCE_LEAK)
/mnt/devel/GIT/3.x/extra/kipi-plugins/htmlexport/theme.cpp: 195
** CID 986605: Unintended sign extension (SIGN_EXTENSION)
/mnt/devel/GIT/3.x/core/libs/dimg/dimgscale.cpp: 2036
** CID 986604: Unintended sign extension (SIGN_EXTENSION)
/mnt/devel/GIT/3.x/core/libs/dimg/dimgscale.cpp: 1613
** CID 981257: Uncaught exception (UNCAUGHT_EXCEPT)
/mnt/devel/GIT/3.x/core/tests/qtpgftest.cpp: 47
** CID 981248: Copy into fixed size buffer (STRING_OVERFLOW)
/mnt/devel/GIT/3.x/extra/kipi-plugins/videoslideshow/magickiface/magickiface.cpp: 267
________________________________________________________________________
CID 1042377: Uninitialized pointer field (UNINIT_CTOR)
/mnt/devel/GIT/3.x/core/libs/widgets/common/dxmlguiwindow.cpp: 127 ( member_decl)
124 KAction* dbStatAction;
125 KAction* libsInfoAction;
126 DAboutData* about;
>>> Class member declaration for "anim".
127 DLogoAction* anim;
128 };
129
130 // --------------------------------------------------------------------------------------------------------
131
/mnt/devel/GIT/3.x/core/libs/widgets/common/dxmlguiwindow.cpp: 77 ( uninit_member)
74 libsInfoAction = 0;
75 about = 0;
76 dbStatAction = 0;
>>> CID 1042377: Uninitialized pointer field (UNINIT_CTOR)
>>> Non-static class member "anim" is not initialized in this constructor nor in any functions that it calls.
77 }
78
79 public:
80
81 /** Settings taken from managed window configuration to handle toolbar visibility in full-screen mode
________________________________________________________________________
CID 1028686: Mixing enum types (MIXED_ENUMS)
/mnt/devel/GIT/3.x/core/libs/jpegutils/jpegutils.cpp: 515 ( mixed_enums)
512 #endif
513
514 // NOTE : Cast is fine here. See libkexiv2/rotationmatrix.h for details.
>>> CID 1028686: Mixing enum types (MIXED_ENUMS)
>>> Mixing enum types Digikam::JXFORM_CODE and KExiv2Iface::RotationMatrix::TransformationAction for "transform".
515 transformoption.transform = (JXFORM_CODE)action;
516
517 if (transformoption.transform == JXFORM_NONE)
518 {
519 return true;
________________________________________________________________________
CID 990933: Resource leak (RESOURCE_LEAK)
/mnt/devel/GIT/3.x/extra/kipi-plugins/htmlexport/theme.cpp: 186 ( alloc_fn)
183
184 for (;it!=end; ++it)
185 {
>>> Storage is returned from allocation function "operator new(std::size_t)".
186 Theme* const theme = new Theme;
187 theme->d->init(*it);
188 QString internalName = theme->internalName();
189
190 if (!internalNameList.contains(internalName))
/mnt/devel/GIT/3.x/extra/kipi-plugins/htmlexport/theme.cpp: 186 ( var_assign)
183
184 for (;it!=end; ++it)
185 {
>>> Assigning: "theme" = storage returned from "new KIPIHTMLExport::Theme".
186 Theme* const theme = new Theme;
187 theme->d->init(*it);
188 QString internalName = theme->internalName();
189
190 if (!internalNameList.contains(internalName))
/mnt/devel/GIT/3.x/extra/kipi-plugins/htmlexport/theme.cpp: 188 ( noescape)
185 {
186 Theme* const theme = new Theme;
187 theme->d->init(*it);
>>> Resource "theme" is not freed or pointed-to in function "KIPIHTMLExport::Theme::internalName() const".
188 QString internalName = theme->internalName();
189
190 if (!internalNameList.contains(internalName))
191 {
192 sList << Theme::Ptr(theme);
/mnt/devel/GIT/3.x/extra/kipi-plugins/htmlexport/theme.cpp: 195 ( leaked_storage)
192 sList << Theme::Ptr(theme);
193 internalNameList << internalName;
194 }
>>> CID 990933: Resource leak (RESOURCE_LEAK)
>>> Variable "theme" going out of scope leaks the storage it points to.
195 }
196 }
197
198 return sList;
199 }
________________________________________________________________________
CID 986605: Unintended sign extension (SIGN_EXTENSION)
/mnt/devel/GIT/3.x/core/libs/dimg/dimgscale.cpp: 2036 ( sign_extension)
2033 if (XAP > 0)
2034 {
2035 pix = ypoints[dyy + y] + xpoints[x];
>>> CID 986605: Unintended sign extension (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "(ushort *)pix[2]" with type "unsigned short" (16 bits, unsigned) is promoted in "(ushort *)pix[2] * (256 - xapoints[x])" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed). If "(ushort *)pix[2] * (256 - xapoints[x])" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
2036 r = R_VAL16(pix) * INV_XAP;
2037 g = G_VAL16(pix) * INV_XAP;
2038 b = B_VAL16(pix) * INV_XAP;
2039 a = A_VAL16(pix) * INV_XAP;
2040 ++pix;
________________________________________________________________________
CID 986604: Unintended sign extension (SIGN_EXTENSION)
/mnt/devel/GIT/3.x/core/libs/dimg/dimgscale.cpp: 1613 ( sign_extension)
1610 llong rr = 0, gg = 0, bb = 0;
1611
1612 pix = ypoints[dyy + y] + xpoints[x];
>>> CID 986604: Unintended sign extension (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "(ushort *)pix[2]" with type "unsigned short" (16 bits, unsigned) is promoted in "(ushort *)pix[2] * (256 - xapoints[x])" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed). If "(ushort *)pix[2] * (256 - xapoints[x])" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
1613 r = R_VAL16(pix) * INV_XAP;
1614 g = G_VAL16(pix) * INV_XAP;
1615 b = B_VAL16(pix) * INV_XAP;
1616 ++pix;
1617 r += R_VAL16(pix) * XAP;
________________________________________________________________________
CID 981257: Uncaught exception (UNCAUGHT_EXCEPT)
/mnt/devel/GIT/3.x/core/tests/qtpgftest.cpp: 47 ( root_function)
44
45 using namespace Digikam;
46
>>> CID 981257: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main" an exception of type "IOException" is thrown and never caught.
47 int main(int /*argc*/, char** /*argv*/)
48 {
49 clock_t start, end;
50 QImage img;
51 QByteArray pgfData, jpgData, pngData;
/mnt/devel/GIT/3.x/core/tests/qtpgftest.cpp: 74 ( fun_call_w_exception)
71 start = clock();
72
73 // Second, write QImage as PGF file using data stream
>>> Called function throws an exception of type "IOException".
74 if (!PGFUtils::writePGFImageData(img, pgfData, 0, true))
75 {
76 kDebug() << "writePGFImageData failed...";
77 return -1;
78 }
________________________________________________________________________
CID 981248: Copy into fixed size buffer (STRING_OVERFLOW)
/mnt/devel/GIT/3.x/extra/kipi-plugins/videoslideshow/magickiface/magickiface.cpp: 267 ( fixed_size_dest)
264 QString nfile = file;
265 nfile.truncate(4096);
266
>>> CID 981248: Copy into fixed size buffer (STRING_OVERFLOW)
>>> You might overrun the 4096 byte fixed-size string "info->filename" by copying the return value of "QByteArray::operator char const *() const" without checking the length.
267 strcpy(info->filename, nfile.toAscii());
268
269 if (img->getImage())
270 DestroyImage(img->getImage());
271
________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
More information about the Digikam-devel
mailing list