[Digikam-devel] New Defects reported by Coverity Scan for digiKam
scan-admin at coverity.com
scan-admin at coverity.com
Sat Sep 5 15:24:41 BST 2015
Hi,
Please find the latest report on new defect(s) introduced to digiKam found with Coverity Scan.
63 new defect(s) introduced to digiKam found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 63 defect(s)
** CID 1323075: (USE_AFTER_FREE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPUtils-FileInfo.cpp: 693 in DngXmpSdk::AppendSubtree(const DngXmpSdk::XMP_Node *, DngXmpSdk::XMP_Node *, bool, bool)()
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPUtils-FileInfo.cpp: 719 in DngXmpSdk::AppendSubtree(const DngXmpSdk::XMP_Node *, DngXmpSdk::XMP_Node *, bool, bool)()
________________________________________________________________________________________________________
*** CID 1323075: (USE_AFTER_FREE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPUtils-FileInfo.cpp: 693 in DngXmpSdk::AppendSubtree(const DngXmpSdk::XMP_Node *, DngXmpSdk::XMP_Node *, bool, bool)()
687
688 // To merge a struct process the fields recursively. E.g. add simple missing fields. The
689 // recursive call to AppendSubtree will handle deletion for fields with empty values.
690
691 for ( size_t sourceNum = 0, sourceLim = sourceNode->children.size(); sourceNum != sourceLim; ++sourceNum ) {
692 const XMP_Node * sourceField = sourceNode->children[sourceNum];
>>> CID 1323075: (USE_AFTER_FREE)
>>> Passing freed pointer "destNode" as an argument to "AppendSubtree".
693 AppendSubtree ( sourceField, destNode, replaceOld, deleteEmpty );
694 if ( deleteEmpty && destNode->children.empty() ) {
695 delete ( destNode );
696 destParent->children.erase ( destPos );
697 }
698 }
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPUtils-FileInfo.cpp: 719 in DngXmpSdk::AppendSubtree(const DngXmpSdk::XMP_Node *, DngXmpSdk::XMP_Node *, bool, bool)()
713 if ( deleteEmpty && sourceItem->value.empty() ) {
714
715 if ( destIndex != -1 ) {
716 delete ( destNode->children[destIndex] );
717 destNode->children.erase ( destNode->children.begin() + destIndex );
718 if ( destNode->children.empty() ) {
>>> CID 1323075: (USE_AFTER_FREE)
>>> "operator delete" frees "destNode".
719 delete ( destNode );
720 destParent->children.erase ( destPos );
721 }
722 }
723
724 } else {
** CID 1323074: Incorrect expression (UNUSED_VALUE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1176 in DngXmpSdk::RDF_ParseTypeCollectionPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)()
________________________________________________________________________________________________________
*** CID 1323074: Incorrect expression (UNUSED_VALUE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1176 in DngXmpSdk::RDF_ParseTypeCollectionPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)()
1170 // nodeElementList
1171 // end-element()
1172
1173 static void
1174 RDF_ParseTypeCollectionPropertyElement ( XMP_Node * xmpParent, const XML_Node & xmlNode, bool isTopLevel )
1175 {
>>> CID 1323074: Incorrect expression (UNUSED_VALUE)
>>> Assigning value from "(void *)&xmpParent" to "DngXmpSdk::voidVoidPtr" here, but that stored value is overwritten before it can be used.
1176 IgnoreParam(xmpParent); IgnoreParam(xmlNode); IgnoreParam(isTopLevel);
1177
1178 XMP_Throw ( "ParseTypeCollection property element not allowed", kXMPErr_BadXMP );
1179
1180 } // RDF_ParseTypeCollectionPropertyElement
1181
** CID 1323073: Incorrect expression (UNUSED_VALUE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1176 in DngXmpSdk::RDF_ParseTypeCollectionPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)()
________________________________________________________________________________________________________
*** CID 1323073: Incorrect expression (UNUSED_VALUE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1176 in DngXmpSdk::RDF_ParseTypeCollectionPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)()
1170 // nodeElementList
1171 // end-element()
1172
1173 static void
1174 RDF_ParseTypeCollectionPropertyElement ( XMP_Node * xmpParent, const XML_Node & xmlNode, bool isTopLevel )
1175 {
>>> CID 1323073: Incorrect expression (UNUSED_VALUE)
>>> Assigning value from "(void *)xmlNode" to "DngXmpSdk::voidVoidPtr" here, but that stored value is overwritten before it can be used.
1176 IgnoreParam(xmpParent); IgnoreParam(xmlNode); IgnoreParam(isTopLevel);
1177
1178 XMP_Throw ( "ParseTypeCollection property element not allowed", kXMPErr_BadXMP );
1179
1180 } // RDF_ParseTypeCollectionPropertyElement
1181
** CID 1323072: Incorrect expression (UNUSED_VALUE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1113 in DngXmpSdk::RDF_ParseTypeLiteralPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)()
________________________________________________________________________________________________________
*** CID 1323072: Incorrect expression (UNUSED_VALUE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1113 in DngXmpSdk::RDF_ParseTypeLiteralPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)()
1107 // literal
1108 // end-element()
1109
1110 static void
1111 RDF_ParseTypeLiteralPropertyElement ( XMP_Node * xmpParent, const XML_Node & xmlNode, bool isTopLevel )
1112 {
>>> CID 1323072: Incorrect expression (UNUSED_VALUE)
>>> Assigning value from "(void *)&xmpParent" to "DngXmpSdk::voidVoidPtr" here, but that stored value is overwritten before it can be used.
1113 IgnoreParam(xmpParent); IgnoreParam(xmlNode); IgnoreParam(isTopLevel);
1114
1115 XMP_Throw ( "ParseTypeLiteral property element not allowed", kXMPErr_BadXMP );
1116
1117 } // RDF_ParseTypeLiteralPropertyElement
1118
** CID 1323071: Incorrect expression (UNUSED_VALUE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1113 in DngXmpSdk::RDF_ParseTypeLiteralPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)()
________________________________________________________________________________________________________
*** CID 1323071: Incorrect expression (UNUSED_VALUE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1113 in DngXmpSdk::RDF_ParseTypeLiteralPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)()
1107 // literal
1108 // end-element()
1109
1110 static void
1111 RDF_ParseTypeLiteralPropertyElement ( XMP_Node * xmpParent, const XML_Node & xmlNode, bool isTopLevel )
1112 {
>>> CID 1323071: Incorrect expression (UNUSED_VALUE)
>>> Assigning value from "(void *)xmlNode" to "DngXmpSdk::voidVoidPtr" here, but that stored value is overwritten before it can be used.
1113 IgnoreParam(xmpParent); IgnoreParam(xmlNode); IgnoreParam(isTopLevel);
1114
1115 XMP_Throw ( "ParseTypeLiteral property element not allowed", kXMPErr_BadXMP );
1116
1117 } // RDF_ParseTypeLiteralPropertyElement
1118
** CID 1323070: Incorrect expression (UNUSED_VALUE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1195 in DngXmpSdk::RDF_ParseTypeOtherPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)()
________________________________________________________________________________________________________
*** CID 1323070: Incorrect expression (UNUSED_VALUE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1195 in DngXmpSdk::RDF_ParseTypeOtherPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)()
1189 // propertyEltList
1190 // end-element()
1191
1192 static void
1193 RDF_ParseTypeOtherPropertyElement ( XMP_Node * xmpParent, const XML_Node & xmlNode, bool isTopLevel )
1194 {
>>> CID 1323070: Incorrect expression (UNUSED_VALUE)
>>> Assigning value from "(void *)&xmpParent" to "DngXmpSdk::voidVoidPtr" here, but that stored value is overwritten before it can be used.
1195 IgnoreParam(xmpParent); IgnoreParam(xmlNode); IgnoreParam(isTopLevel);
1196
1197 XMP_Throw ( "ParseTypeOther property element not allowed", kXMPErr_BadXMP );
1198
1199 } // RDF_ParseTypeOtherPropertyElement
1200
** CID 1323069: Incorrect expression (UNUSED_VALUE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1195 in DngXmpSdk::RDF_ParseTypeOtherPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)()
________________________________________________________________________________________________________
*** CID 1323069: Incorrect expression (UNUSED_VALUE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1195 in DngXmpSdk::RDF_ParseTypeOtherPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)()
1189 // propertyEltList
1190 // end-element()
1191
1192 static void
1193 RDF_ParseTypeOtherPropertyElement ( XMP_Node * xmpParent, const XML_Node & xmlNode, bool isTopLevel )
1194 {
>>> CID 1323069: Incorrect expression (UNUSED_VALUE)
>>> Assigning value from "(void *)xmlNode" to "DngXmpSdk::voidVoidPtr" here, but that stored value is overwritten before it can be used.
1195 IgnoreParam(xmpParent); IgnoreParam(xmlNode); IgnoreParam(isTopLevel);
1196
1197 XMP_Throw ( "ParseTypeOther property element not allowed", kXMPErr_BadXMP );
1198
1199 } // RDF_ParseTypeOtherPropertyElement
1200
** CID 1323068: Control flow issues (UNREACHABLE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPIterator.cpp: 581 in DngXmpSdk::XMPIterator::XMPIterator(const char *, const char *, unsigned long)()
________________________________________________________________________________________________________
*** CID 1323068: Control flow issues (UNREACHABLE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPIterator.cpp: 581 in DngXmpSdk::XMPIterator::XMPIterator(const char *, const char *, unsigned long)()
575 XMPIterator::XMPIterator ( XMP_StringPtr schemaNS,
576 XMP_StringPtr propName,
577 XMP_OptionBits options ) : info(IterInfo(options,0)), clientRefs(0)
578 {
579
580 XMP_Throw ( "Unimplemented XMPIterator constructor for global tables", kXMPErr_Unimplemented );
>>> CID 1323068: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "p = &schemaNS;".
581 void * p; p = &schemaNS; p = &propName; p = &options; // Avoid unused param warnings.
582
583 } // XMPIterator for global tables
584
585 // -------------------------------------------------------------------------------------------------
586 // ~XMPIterator
** CID 1323067: Control flow issues (UNREACHABLE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPMeta.cpp: 1379 in DngXmpSdk::XMPMeta::DeleteAlias(const char *, const char *)()
________________________________________________________________________________________________________
*** CID 1323067: Control flow issues (UNREACHABLE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPMeta.cpp: 1379 in DngXmpSdk::XMPMeta::DeleteAlias(const char *, const char *)()
1373 XMPMeta::DeleteAlias ( XMP_StringPtr aliasNS,
1374 XMP_StringPtr aliasProp )
1375 {
1376
1377 XMP_Assert ( (aliasNS != 0) && (aliasProp != 0) ); // Enforced by wrapper.
1378 XMP_Throw ( "Unimplemented method XMPMeta::DeleteAlias", kXMPErr_Unimplemented ); // *** #error "write me"
>>> CID 1323067: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "p = &aliasNS;".
1379 void * p; p = &aliasNS; p = &aliasProp; // Avoid unused param warnings.
1380
1381 } // DeleteAlias
1382
1383
1384 // -------------------------------------------------------------------------------------------------
** CID 1323066: Control flow issues (UNREACHABLE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPMeta.cpp: 1616 in DngXmpSdk::XMPMeta::SetObjectOptions(unsigned long)()
________________________________________________________________________________________________________
*** CID 1323066: Control flow issues (UNREACHABLE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPMeta.cpp: 1616 in DngXmpSdk::XMPMeta::SetObjectOptions(unsigned long)()
1610
1611 void
1612 XMPMeta::SetObjectOptions ( XMP_OptionBits options )
1613 {
1614
1615 XMP_Throw ( "Unimplemented method XMPMeta::SetObjectOptions", kXMPErr_Unimplemented );
>>> CID 1323066: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "p = &options;".
1616 void * p; p = &options; // Avoid unused param warnings.
1617
1618 } // SetObjectOptions
1619
1620
1621 // -------------------------------------------------------------------------------------------------
** CID 1323065: Control flow issues (UNREACHABLE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPMeta.cpp: 1029 in DngXmpSdk::XMPMeta::SetGlobalOptions(unsigned long)()
________________________________________________________________________________________________________
*** CID 1323065: Control flow issues (UNREACHABLE)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPMeta.cpp: 1029 in DngXmpSdk::XMPMeta::SetGlobalOptions(unsigned long)()
1023
1024 /* class-static */ void
1025 XMPMeta::SetGlobalOptions ( XMP_OptionBits options )
1026 {
1027
1028 XMP_Throw ( "Unimplemented method XMPMeta::SetGlobalOptions", kXMPErr_Unimplemented );
>>> CID 1323065: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "p = &options;".
1029 void * p; p = &options; // Avoid unused param warnings.
1030
1031 } // SetGlobalOptions
1032
1033
1034 // -------------------------------------------------------------------------------------------------
** CID 1323064: Uninitialized members (UNINIT_CTOR)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/include/client-glue/WXMP_Common.hpp: 31 in DngXmpSdk::WXMP_Result::WXMP_Result()()
________________________________________________________________________________________________________
*** CID 1323064: Uninitialized members (UNINIT_CTOR)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/include/client-glue/WXMP_Common.hpp: 31 in DngXmpSdk::WXMP_Result::WXMP_Result()()
25 struct WXMP_Result {
26 XMP_StringPtr errMessage;
27 void * ptrResult;
28 double floatResult;
29 XMP_Uns64 int64Result;
30 XMP_Uns32 int32Result;
>>> CID 1323064: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "int32Result" is not initialized in this constructor nor in any functions that it calls.
31 WXMP_Result() : errMessage(0) {};
32 };
33
34 #if __cplusplus
35 extern "C" {
36 #endif
** CID 1323063: (UNCAUGHT_EXCEPT)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)()
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)()
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)()
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)()
________________________________________________________________________________________________________
*** CID 1323063: (UNCAUGHT_EXCEPT)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)()
1113 }
1114
1115 /*****************************************************************************/
1116
1117 // Parses tags that should only appear in IFD 0 or the main image IFD.
1118
>>> CID 1323063: (UNCAUGHT_EXCEPT)
>>> In function "dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, uint32, uint32, uint32, uint32, uint64)" an exception of type "dng_exception" is thrown and never caught.
1119 bool dng_exif::Parse_ifd0_main (dng_stream &stream,
1120 dng_shared & /* shared */,
1121 uint32 parentCode,
1122 uint32 tagCode,
1123 uint32 tagType,
1124 uint32 tagCount,
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)()
1113 }
1114
1115 /*****************************************************************************/
1116
1117 // Parses tags that should only appear in IFD 0 or the main image IFD.
1118
>>> CID 1323063: (UNCAUGHT_EXCEPT)
>>> In function "dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, uint32, uint32, uint32, uint32, uint64)" an exception of type "dng_exception" is thrown and never caught.
1119 bool dng_exif::Parse_ifd0_main (dng_stream &stream,
1120 dng_shared & /* shared */,
1121 uint32 parentCode,
1122 uint32 tagCode,
1123 uint32 tagType,
1124 uint32 tagCount,
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)()
1113 }
1114
1115 /*****************************************************************************/
1116
1117 // Parses tags that should only appear in IFD 0 or the main image IFD.
1118
>>> CID 1323063: (UNCAUGHT_EXCEPT)
>>> In function "dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, uint32, uint32, uint32, uint32, uint64)" an exception of type "dng_exception" is thrown and never caught.
1119 bool dng_exif::Parse_ifd0_main (dng_stream &stream,
1120 dng_shared & /* shared */,
1121 uint32 parentCode,
1122 uint32 tagCode,
1123 uint32 tagType,
1124 uint32 tagCount,
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)()
1113 }
1114
1115 /*****************************************************************************/
1116
1117 // Parses tags that should only appear in IFD 0 or the main image IFD.
1118
>>> CID 1323063: (UNCAUGHT_EXCEPT)
>>> In function "dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, uint32, uint32, uint32, uint32, uint64)" an exception of type "dng_exception" is thrown and never caught.
1119 bool dng_exif::Parse_ifd0_main (dng_stream &stream,
1120 dng_shared & /* shared */,
1121 uint32 parentCode,
1122 uint32 tagCode,
1123 uint32 tagType,
1124 uint32 tagCount,
** CID 1323062: Insecure data handling (TAINTED_SCALAR)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 443 in dng_info::ParseIFD(dng_host &, dng_stream &, dng_exif *, dng_shared *, dng_ifd *, unsigned long, long, unsigned int)()
________________________________________________________________________________________________________
*** CID 1323062: Insecure data handling (TAINTED_SCALAR)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 443 in dng_info::ParseIFD(dng_host &, dng_stream &, dng_exif *, dng_shared *, dng_ifd *, unsigned long, long, unsigned int)()
437 }
438
439 #endif
440
441 uint32 prev_tag_code = 0;
442
>>> CID 1323062: Insecure data handling (TAINTED_SCALAR)
>>> Using tainted variable "ifdEntries" as a loop boundary.
443 for (uint32 tag_index = 0; tag_index < ifdEntries; tag_index++)
444 {
445
446 stream.SetReadPosition (ifdOffset + 2 + tag_index * 12);
447
448 uint32 tagCode = stream.Get_uint16 ();
** CID 1323061: (TAINTED_SCALAR)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 1641 in dng_info::ParseDNGPrivateData(dng_host &, dng_stream &)()
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 1744 in dng_info::ParseDNGPrivateData(dng_host &, dng_stream &)()
________________________________________________________________________________________________________
*** CID 1323061: (TAINTED_SCALAR)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 1641 in dng_info::ParseDNGPrivateData(dng_host &, dng_stream &)()
1635
1636 for (uint32 parsePass = 1; parsePass <= 2; parsePass++)
1637 {
1638
1639 stream.SetReadPosition (crwTagStart);
1640
>>> CID 1323061: (TAINTED_SCALAR)
>>> Using tainted variable "entries" as a loop boundary.
1641 for (uint32 index = 0; index < entries; index++)
1642 {
1643
1644 uint32 tagCode = stream.Get_uint16 ();
1645
1646 uint32 tagCount = stream.Get_uint32 ();
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 1744 in dng_info::ParseDNGPrivateData(dng_host &, dng_stream &)()
1738
1739 #endif
1740
1741 uint16 order_mark = stream.Get_uint16 ();
1742 uint32 entries = stream.Get_uint16 ();
1743
>>> CID 1323061: (TAINTED_SCALAR)
>>> Using tainted variable "entries" as a loop boundary.
1744 for (uint32 index = 0; index < entries; index++)
1745 {
1746
1747 uint32 tagCode = code32 ? stream.Get_uint32 ()
1748 : stream.Get_uint16 ();
1749
** CID 1323060: Insecure data handling (TAINTED_SCALAR)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 673 in dng_info::ParseMakerNoteIFD(dng_host &, dng_stream &, unsigned long, unsigned long, long, unsigned long, unsigned long, unsigned int)()
________________________________________________________________________________________________________
*** CID 1323060: Insecure data handling (TAINTED_SCALAR)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 673 in dng_info::ParseMakerNoteIFD(dng_host &, dng_stream &, unsigned long, unsigned long, long, unsigned long, unsigned long, unsigned int)()
667 {
668 return false;
669 }
670
671 // Scan IFD to verify all the tag types are all valid.
672
>>> CID 1323060: Insecure data handling (TAINTED_SCALAR)
>>> Using tainted variable "ifdEntries" as a loop boundary.
673 for (tagIndex = 0; tagIndex < ifdEntries; tagIndex++)
674 {
675
676 stream.SetReadPosition (ifdOffset + 2 + tagIndex * 12 + 2);
677
678 tagType = stream.Get_uint16 ();
** CID 1323059: Insecure data handling (TAINTED_SCALAR)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_iptc.cpp: 191 in dng_iptc::ParseString(dng_stream &, dng_string &, dng_iptc::CharSet)()
________________________________________________________________________________________________________
*** CID 1323059: Insecure data handling (TAINTED_SCALAR)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_iptc.cpp: 191 in dng_iptc::ParseString(dng_stream &, dng_string &, dng_iptc::CharSet)()
185 dng_memory_data buffer (length + 1);
186
187 char *c = buffer.Buffer_char ();
188
189 stream.Get (c, length);
190
>>> CID 1323059: Insecure data handling (TAINTED_SCALAR)
>>> Using tainted variable "length" as an index to pointer "c".
191 c [length] = 0;
192
193 switch (charSet)
194 {
195
196 case kCharSetUTF8:
** CID 1323058: Insecure data handling (TAINTED_SCALAR)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 346 in dng_info::ValidateIFD(dng_stream &, unsigned long, long)()
________________________________________________________________________________________________________
*** CID 1323058: Insecure data handling (TAINTED_SCALAR)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 346 in dng_info::ValidateIFD(dng_stream &, unsigned long, long)()
340 {
341 return false;
342 }
343
344 // Check each entry.
345
>>> CID 1323058: Insecure data handling (TAINTED_SCALAR)
>>> Using tainted variable "ifdEntries" as a loop boundary.
346 for (uint32 tag_index = 0; tag_index < ifdEntries; tag_index++)
347 {
348
349 stream.SetReadPosition (ifdOffset + 2 + tag_index * 12);
350
351 stream.Skip (2); // Ignore tag code.
** CID 1323057: Insecure data handling (TAINTED_SCALAR)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_shared.cpp: 888 in dng_camera_profile_info::ParseExtended(dng_stream &)()
________________________________________________________________________________________________________
*** CID 1323057: Insecure data handling (TAINTED_SCALAR)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_shared.cpp: 888 in dng_camera_profile_info::ParseExtended(dng_stream &)()
882
883 if (ifdEntries < 1)
884 {
885 return false;
886 }
887
>>> CID 1323057: Insecure data handling (TAINTED_SCALAR)
>>> Using tainted variable "ifdEntries" as a loop boundary.
888 for (uint32 tag_index = 0; tag_index < ifdEntries; tag_index++)
889 {
890
891 stream.SetReadPosition (startPosition + 8 + 2 + tag_index * 12);
892
893 uint16 tagCode = stream.Get_uint16 ();
** CID 1323056: API usage errors (PW.PRINTF_ARG_MISMATCH)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPUtils.cpp: 1114 in ()
________________________________________________________________________________________________________
*** CID 1323056: API usage errors (PW.PRINTF_ARG_MISMATCH)
/home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPUtils.cpp: 1114 in ()
1108 XMP_Throw ( "Invalid time zone values", kXMPErr_BadParam );
1109 }
1110
1111 if ( tempDate.tzSign == 0 ) {
1112 *sConvertedValue += 'Z';
1113 } else {
>>> CID 1323056: API usage errors (PW.PRINTF_ARG_MISMATCH)
>>> argument is incompatible with corresponding format string conversion
1114 snprintf ( buffer, sizeof(buffer), "+%02d:%02d", tempDate.tzHour, tempDate.tzMinute ); // AUDIT: Using sizeof for snprintf length is safe.
1115 if ( tempDate.tzSign < 0 ) buffer[0] = '-';
1116 *sConvertedValue += buffer;
1117 }
1118
1119 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/digikam?tab=overview
To manage Coverity Scan email notifications for "digikam-devel at kde.org", click https://scan.coverity.com/subscriptions/edit?email=digikam-devel%40kde.org&token=621bfe7450f4a870432a2a9c106aa3a8
More information about the Digikam-devel
mailing list