[Digikam-devel] New Defects reported by Coverity Scan for digiKam

scan-admin at coverity.com scan-admin at coverity.com
Tue Jul 23 10:13:28 BST 2013


Hi,

Please find the latest report on new defect(s) introduced to digiKam found with Coverity Scan

Defect(s) Reported-by: Coverity Scan
Showing 7 of 37 defects
	
** CID 1042377: Uninitialized pointer field (UNINIT_CTOR)
/mnt/devel/GIT/3.x/core/libs/widgets/common/dxmlguiwindow.cpp: 77

** CID 1028686: Mixing enum types (MIXED_ENUMS)
/mnt/devel/GIT/3.x/core/libs/jpegutils/jpegutils.cpp: 515

** CID 990933: Resource leak (RESOURCE_LEAK)
/mnt/devel/GIT/3.x/extra/kipi-plugins/htmlexport/theme.cpp: 195

** CID 986605: Unintended sign extension (SIGN_EXTENSION)
/mnt/devel/GIT/3.x/core/libs/dimg/dimgscale.cpp: 2036

** CID 986604: Unintended sign extension (SIGN_EXTENSION)
/mnt/devel/GIT/3.x/core/libs/dimg/dimgscale.cpp: 1613

** CID 981257: Uncaught exception (UNCAUGHT_EXCEPT)
/mnt/devel/GIT/3.x/core/tests/qtpgftest.cpp: 47

** CID 981248: Copy into fixed size buffer (STRING_OVERFLOW)
/mnt/devel/GIT/3.x/extra/kipi-plugins/videoslideshow/magickiface/magickiface.cpp: 267


________________________________________________________________________
CID 1042377: Uninitialized pointer field (UNINIT_CTOR)

/mnt/devel/GIT/3.x/core/libs/widgets/common/dxmlguiwindow.cpp: 127 ( member_decl)
   124        KAction*                 dbStatAction;
   125        KAction*                 libsInfoAction;
   126        DAboutData*              about;
>>> Class member declaration for "anim".
   127        DLogoAction*             anim;
   128    };
   129    
   130    // --------------------------------------------------------------------------------------------------------
   131    
  

/mnt/devel/GIT/3.x/core/libs/widgets/common/dxmlguiwindow.cpp: 77 ( uninit_member)
   74            libsInfoAction         = 0;
   75            about                  = 0;
   76            dbStatAction           = 0;
>>> CID 1042377: Uninitialized pointer field (UNINIT_CTOR)
>>> Non-static class member "anim" is not initialized in this constructor nor in any functions that it calls.
   77        }
   78    
   79    public:
   80    
   81        /** Settings taken from managed window configuration to handle toolbar visibility  in full-screen mode
  
________________________________________________________________________
CID 1028686: Mixing enum types (MIXED_ENUMS)

/mnt/devel/GIT/3.x/core/libs/jpegutils/jpegutils.cpp: 515 ( mixed_enums)
   512    #endif
   513    
   514        // NOTE : Cast is fine here. See libkexiv2/rotationmatrix.h for details.
>>> CID 1028686: Mixing enum types (MIXED_ENUMS)
>>> Mixing enum types Digikam::JXFORM_CODE and KExiv2Iface::RotationMatrix::TransformationAction for "transform".
   515        transformoption.transform       = (JXFORM_CODE)action;
   516    
   517        if (transformoption.transform == JXFORM_NONE)
   518        {
   519            return true;
  
________________________________________________________________________
CID 990933: Resource leak (RESOURCE_LEAK)

/mnt/devel/GIT/3.x/extra/kipi-plugins/htmlexport/theme.cpp: 186 ( alloc_fn)
   183    
   184            for (;it!=end; ++it)
   185            {
>>> Storage is returned from allocation function "operator new(std::size_t)".
   186                Theme* const theme   = new Theme;
   187                theme->d->init(*it);
   188                QString internalName = theme->internalName();
   189    
   190                if (!internalNameList.contains(internalName))
  

/mnt/devel/GIT/3.x/extra/kipi-plugins/htmlexport/theme.cpp: 186 ( var_assign)
   183    
   184            for (;it!=end; ++it)
   185            {
>>> Assigning: "theme" = storage returned from "new KIPIHTMLExport::Theme".
   186                Theme* const theme   = new Theme;
   187                theme->d->init(*it);
   188                QString internalName = theme->internalName();
   189    
   190                if (!internalNameList.contains(internalName))
  

/mnt/devel/GIT/3.x/extra/kipi-plugins/htmlexport/theme.cpp: 188 ( noescape)
   185            {
   186                Theme* const theme   = new Theme;
   187                theme->d->init(*it);
>>> Resource "theme" is not freed or pointed-to in function "KIPIHTMLExport::Theme::internalName() const".
   188                QString internalName = theme->internalName();
   189    
   190                if (!internalNameList.contains(internalName))
   191                {
   192                    sList << Theme::Ptr(theme);
  

/mnt/devel/GIT/3.x/extra/kipi-plugins/htmlexport/theme.cpp: 195 ( leaked_storage)
   192                    sList << Theme::Ptr(theme);
   193                    internalNameList << internalName;
   194                }
>>> CID 990933: Resource leak (RESOURCE_LEAK)
>>> Variable "theme" going out of scope leaks the storage it points to.
   195            }
   196        }
   197    
   198        return sList;
   199    }
  
________________________________________________________________________
CID 986605: Unintended sign extension (SIGN_EXTENSION)

/mnt/devel/GIT/3.x/core/libs/dimg/dimgscale.cpp: 2036 ( sign_extension)
   2033                        if (XAP > 0)
   2034                        {
   2035                            pix = ypoints[dyy + y] + xpoints[x];
>>> CID 986605: Unintended sign extension (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "(ushort *)pix[2]" with type "unsigned short" (16 bits, unsigned) is promoted in "(ushort *)pix[2] * (256 - xapoints[x])" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed).  If "(ushort *)pix[2] * (256 - xapoints[x])" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
   2036                            r   = R_VAL16(pix) * INV_XAP;
   2037                            g   = G_VAL16(pix) * INV_XAP;
   2038                            b   = B_VAL16(pix) * INV_XAP;
   2039                            a   = A_VAL16(pix) * INV_XAP;
   2040                            ++pix;
  
________________________________________________________________________
CID 986604: Unintended sign extension (SIGN_EXTENSION)

/mnt/devel/GIT/3.x/core/libs/dimg/dimgscale.cpp: 1613 ( sign_extension)
   1610                            llong rr = 0, gg = 0, bb = 0;
   1611    
   1612                            pix = ypoints[dyy + y] + xpoints[x];
>>> CID 986604: Unintended sign extension (SIGN_EXTENSION)
>>> Suspicious implicit sign extension: "(ushort *)pix[2]" with type "unsigned short" (16 bits, unsigned) is promoted in "(ushort *)pix[2] * (256 - xapoints[x])" to type "int" (32 bits, signed), then sign-extended to type "long" (64 bits, signed).  If "(ushort *)pix[2] * (256 - xapoints[x])" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
   1613                            r   = R_VAL16(pix) * INV_XAP;
   1614                            g   = G_VAL16(pix) * INV_XAP;
   1615                            b   = B_VAL16(pix) * INV_XAP;
   1616                            ++pix;
   1617                            r   += R_VAL16(pix) * XAP;
  
________________________________________________________________________
CID 981257: Uncaught exception (UNCAUGHT_EXCEPT)

/mnt/devel/GIT/3.x/core/tests/qtpgftest.cpp: 47 ( root_function)
   44    
   45    using namespace Digikam;
   46    
>>> CID 981257: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main" an exception of type "IOException" is thrown and never caught.
   47    int main(int /*argc*/, char** /*argv*/)
   48    {
   49        clock_t    start, end;
   50        QImage     img;
   51        QByteArray pgfData, jpgData, pngData;
  

/mnt/devel/GIT/3.x/core/tests/qtpgftest.cpp: 74 ( fun_call_w_exception)
   71        start = clock();
   72    
   73        // Second, write QImage as PGF file using data stream
>>> Called function throws an exception of type "IOException".
   74        if (!PGFUtils::writePGFImageData(img, pgfData, 0, true))
   75        {
   76            kDebug() << "writePGFImageData failed...";
   77            return -1;
   78        }
  
________________________________________________________________________
CID 981248: Copy into fixed size buffer (STRING_OVERFLOW)

/mnt/devel/GIT/3.x/extra/kipi-plugins/videoslideshow/magickiface/magickiface.cpp: 267 ( fixed_size_dest)
   264        QString nfile = file;
   265        nfile.truncate(4096);
   266    
>>> CID 981248: Copy into fixed size buffer (STRING_OVERFLOW)
>>> You might overrun the 4096 byte fixed-size string "info->filename" by copying the return value of "QByteArray::operator char const *() const" without checking the length.
   267        strcpy(info->filename, nfile.toAscii());
   268    
   269        if (img->getImage())
   270            DestroyImage(img->getImage());
   271    
  
________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com

To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py



More information about the Digikam-devel mailing list