New Defects reported by Coverity Scan for digiKam

scan-admin at coverity.com scan-admin at coverity.com
Tue Dec 20 21:26:56 GMT 2016 

Hi,

Please find the latest report on new defect(s) introduced to digiKam found with Coverity Scan.

4 new defect(s) introduced to digiKam found with Coverity Scan.
16 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1397407:  Integer handling issues  (SIGN_EXTENSION)
/home/gilles/Devel/5.x/core/libs/rawengine/libraw/src/libraw_cxx.cpp: 3531 in LibRaw::kodak_thumb_loader()()


________________________________________________________________________________________________________
*** CID 1397407:  Integer handling issues  (SIGN_EXTENSION)
/home/gilles/Devel/5.x/core/libs/rawengine/libraw/src/libraw_cxx.cpp: 3531 in LibRaw::kodak_thumb_loader()()
3525     }
3526     
3527     #define THUMB_READ_BEYOND  16384
3528     
3529     void LibRaw::kodak_thumb_loader()
3530     {
>>>     CID 1397407:  Integer handling issues  (SIGN_EXTENSION)
>>>     Suspicious implicit sign extension: "this->imgdata.thumbnail.twidth" with type "unsigned short" (16 bits, unsigned) is promoted in "this->imgdata.thumbnail.theight * this->imgdata.thumbnail.twidth / 3" to type "int" (32 bits, signed), then sign-extended to type "long long" (64 bits, signed).  If "this->imgdata.thumbnail.theight * this->imgdata.thumbnail.twidth / 3" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
3531     	INT64 est_datasize = T.theight * T.twidth / 3; // is 0.3 bytes per pixel good estimate?
3532     	if (ID.toffset < 0)
3533     		throw LIBRAW_EXCEPTION_IO_CORRUPT;
3534     
3535     	if (ID.toffset + est_datasize > ID.input->size() + THUMB_READ_BEYOND)
3536     		throw LIBRAW_EXCEPTION_IO_EOF;

** CID 1397406:  Integer handling issues  (SIGN_EXTENSION)
/home/gilles/Devel/5.x/core/libs/rawengine/libraw/src/libraw_cxx.cpp: 3531 in LibRaw::kodak_thumb_loader()()


________________________________________________________________________________________________________
*** CID 1397406:  Integer handling issues  (SIGN_EXTENSION)
/home/gilles/Devel/5.x/core/libs/rawengine/libraw/src/libraw_cxx.cpp: 3531 in LibRaw::kodak_thumb_loader()()
3525     }
3526     
3527     #define THUMB_READ_BEYOND  16384
3528     
3529     void LibRaw::kodak_thumb_loader()
3530     {
>>>     CID 1397406:  Integer handling issues  (SIGN_EXTENSION)
>>>     Suspicious implicit sign extension: "this->imgdata.thumbnail.theight" with type "unsigned short" (16 bits, unsigned) is promoted in "this->imgdata.thumbnail.theight * this->imgdata.thumbnail.twidth / 3" to type "int" (32 bits, signed), then sign-extended to type "long long" (64 bits, signed).  If "this->imgdata.thumbnail.theight * this->imgdata.thumbnail.twidth / 3" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
3531     	INT64 est_datasize = T.theight * T.twidth / 3; // is 0.3 bytes per pixel good estimate?
3532     	if (ID.toffset < 0)
3533     		throw LIBRAW_EXCEPTION_IO_CORRUPT;
3534     
3535     	if (ID.toffset + est_datasize > ID.input->size() + THUMB_READ_BEYOND)
3536     		throw LIBRAW_EXCEPTION_IO_EOF;

** CID 1397405:  Control flow issues  (DEADCODE)
/home/gilles/Devel/5.x/core/utilities/presentation/audio/presentationaudiolist.cpp: 138 in Digikam::PresentationAudioListItem::slotMediaStateChanged(QtAV::MediaStatus)()


________________________________________________________________________________________________________
*** CID 1397405:  Control flow issues  (DEADCODE)
/home/gilles/Devel/5.x/core/utilities/presentation/audio/presentationaudiolist.cpp: 138 in Digikam::PresentationAudioListItem::slotMediaStateChanged(QtAV::MediaStatus)()
132             showErrorDialog(err.string());
133         }
134     }
135     
136     void PresentationAudioListItem::slotMediaStateChanged(QtAV::MediaStatus status)
137     {
>>>     CID 1397405:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach the expression "status != QtAV::StalledMedia" inside this statement: "if (status != QtAV::Unknown...".
138         if (status != QtAV::UnknownMediaStatus ||
139             status != QtAV::NoMedia            ||
140             status != QtAV::StalledMedia       ||
141             status != QtAV::InvalidMedia)
142         {
143             showErrorDialog(i18n("No detail available"));

** CID 1397404:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/home/gilles/Devel/5.x/core/utilities/presentation/audio/presentationaudiolist.cpp: 138 in Digikam::PresentationAudioListItem::slotMediaStateChanged(QtAV::MediaStatus)()


________________________________________________________________________________________________________
*** CID 1397404:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/home/gilles/Devel/5.x/core/utilities/presentation/audio/presentationaudiolist.cpp: 138 in Digikam::PresentationAudioListItem::slotMediaStateChanged(QtAV::MediaStatus)()
132             showErrorDialog(err.string());
133         }
134     }
135     
136     void PresentationAudioListItem::slotMediaStateChanged(QtAV::MediaStatus status)
137     {
>>>     CID 1397404:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
>>>     The "or" condition "status != QtAV::UnknownMediaStatus || status != QtAV::NoMedia || status != QtAV::StalledMedia || status != QtAV::InvalidMedia" will always be true because "status" cannot be equal to two different values at the same time, so it must be not equal to at least one of them.
138         if (status != QtAV::UnknownMediaStatus ||
139             status != QtAV::NoMedia            ||
140             status != QtAV::StalledMedia       ||
141             status != QtAV::InvalidMedia)
142         {
143             showErrorDialog(i18n("No detail available"));


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZIlZa20oQ0xtvekoaSXYBwgZYh7yqZ4T857KvBwnvzEg-3D-3D_Vulo-2FzB1zz6bqp-2F-2Bl-2FpBD-2BzKk1Nu56XtBupWJitvnTA4hzmwC2EI7TkyOLPdeI-2Bj2I90Q3NjPcRk2bWdGhxyS570nTOXhcXvS1vpZ-2F0vYua0lgrCB2SP5SKV1Jg5BBQLnkVq2j4JzzUJIB1TmWuCz4ROQo-2BHqg-2F43UoaV3Ani-2FfK9r8q1hsv2UNGOJZHg-2Fo8qc4hINWbCG0kzdRa5wE7EUtH6IuKADtu-2B5y-2FSDNcaHs-3D

To manage Coverity Scan email notifications for "digikam-devel at kde.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4g-2BkTwi3e7HlDkvMAkUMj2-2FFhZ2O-2BELTTy-2Fl1ea1gxKqmntchu8-2BeAOkExRtki0102MqL9th0o1rOws5-2F-2FQDFdjkpeJaB-2FdUMxPk-2B7ZQUGV0-3D_Vulo-2FzB1zz6bqp-2F-2Bl-2FpBD-2BzKk1Nu56XtBupWJitvnTA4hzmwC2EI7TkyOLPdeI-2BjE8JHPhyhLnl56H5GJhBeC4tsfxC0nCSZ7UMhbgT8CcajShpcS3CQ49V5kNdDiSItRiyFmXCix-2F7GyG8YjgejDDrVLOs-2BEUYZLl5Wrv-2FncEbdKPJ6BFUkPVeFJHRoD91TR9VRbeHO2-2BhY1U7Fb2VQ3ePkRbEkw3ID5JchchmD3KI-3D

More information about the Digikam-devel mailing list