New Defects reported by Coverity Scan for digiKam
scan-admin at coverity.com
scan-admin at coverity.com
Mon Aug 30 08:42:15 BST 2021
Hi,
Please find the latest report on new defect(s) introduced to digiKam found with Coverity Scan.
16 new defect(s) introduced to digiKam found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 16 of 16 defect(s)
** CID 1490878: (DC.WEAK_CRYPTO)
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/vptree.h: 182 in TSNE::VpTree<TSNE::DataPoint, (&TSNE::euclidean_distance_squared)>::buildFromPoints(int, int)()
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/vptree.h: 182 in TSNE::VpTree<TSNE::DataPoint, (&TSNE::euclidean_distance)>::buildFromPoints(int, int)()
________________________________________________________________________________________________________
*** CID 1490878: (DC.WEAK_CRYPTO)
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/vptree.h: 182 in TSNE::VpTree<TSNE::DataPoint, (&TSNE::euclidean_distance_squared)>::buildFromPoints(int, int)()
176 Node* node = new Node();
177 node->index = lower;
178
179 if (upper - lower > 1) { // if we did not arrive at leaf yet
180
181 // Choose an arbitrary point and move it to the start
>>> CID 1490878: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
182 int i = (int) ((double)rand() / (double)RAND_MAX * (upper - lower - 1)) + lower;
183 std::swap(_items[lower], _items[i]);
184
185 // Partition around the median distance
186 int median = (upper + lower) / 2;
187 std::nth_element(_items.begin() + lower + 1,
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/vptree.h: 182 in TSNE::VpTree<TSNE::DataPoint, (&TSNE::euclidean_distance)>::buildFromPoints(int, int)()
176 Node* node = new Node();
177 node->index = lower;
178
179 if (upper - lower > 1) { // if we did not arrive at leaf yet
180
181 // Choose an arbitrary point and move it to the start
>>> CID 1490878: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
182 int i = (int) ((double)rand() / (double)RAND_MAX * (upper - lower - 1)) + lower;
183 std::swap(_items[lower], _items[i]);
184
185 // Partition around the median distance
186 int median = (upper + lower) / 2;
187 std::nth_element(_items.begin() + lower + 1,
** CID 1490877: Error handling issues (CHECKED_RETURN)
/home/gilles/Devel/7.x/core/utilities/setup/downloader/filesdownloader.cpp: 217 in Digikam::FilesDownloader::startDownload()()
________________________________________________________________________________________________________
*** CID 1490877: Error handling issues (CHECKED_RETURN)
/home/gilles/Devel/7.x/core/utilities/setup/downloader/filesdownloader.cpp: 217 in Digikam::FilesDownloader::startDownload()()
211 connect(d->buttons->button(QDialogButtonBox::Ok), SIGNAL(clicked()),
212 this, SLOT(slotDownload()));
213
214 connect(d->buttons->button(QDialogButtonBox::Cancel), SIGNAL(clicked()),
215 this, SLOT(reject()));
216
>>> CID 1490877: Error handling issues (CHECKED_RETURN)
>>> Calling "exec" without checking return value (as is done elsewhere 19 out of 23 times).
217 exec();
218 }
219
220 void FilesDownloader::slotDownload()
221 {
222 d->buttons->button(QDialogButtonBox::Ok)->setEnabled(false);
** CID 1490876: (UNINIT)
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/tsne.cpp: 567 in TSNE::TSNE<TSNE::SplitTree, (&TSNE::euclidean_distance)>::symmetrizeMatrix(int **, int **, float **, int)()
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/tsne.cpp: 567 in TSNE::TSNE<TSNE::SplitTree, (&TSNE::euclidean_distance_squared)>::symmetrizeMatrix(int **, int **, float **, int)()
________________________________________________________________________________________________________
*** CID 1490876: (UNINIT)
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/tsne.cpp: 567 in TSNE::TSNE<TSNE::SplitTree, (&TSNE::euclidean_distance)>::symmetrizeMatrix(int **, int **, float **, int)()
561 }
562 }
563 }
564
565 // Divide the result by two
566 for (int i = 0; i < no_elem; i++) {
>>> CID 1490876: (UNINIT)
>>> Using uninitialized value "sym_val_P[i]".
567 sym_val_P[i] /= 2.0;
568 }
569
570 // Return symmetrized matrices
571 free(*_row_P); *_row_P = sym_row_P;
572 free(*_col_P); *_col_P = sym_col_P;
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/tsne.cpp: 567 in TSNE::TSNE<TSNE::SplitTree, (&TSNE::euclidean_distance_squared)>::symmetrizeMatrix(int **, int **, float **, int)()
561 }
562 }
563 }
564
565 // Divide the result by two
566 for (int i = 0; i < no_elem; i++) {
>>> CID 1490876: (UNINIT)
>>> Using uninitialized value "sym_val_P[i]".
567 sym_val_P[i] /= 2.0;
568 }
569
570 // Return symmetrized matrices
571 free(*_row_P); *_row_P = sym_row_P;
572 free(*_col_P); *_col_P = sym_col_P;
** CID 1490875: Error handling issues (CHECKED_RETURN)
/home/gilles/Devel/7.x/core/app/items/views/digikamitemview.cpp: 653 in Digikam::DigikamItemView::rename()()
________________________________________________________________________________________________________
*** CID 1490875: Error handling issues (CHECKED_RETURN)
/home/gilles/Devel/7.x/core/app/items/views/digikamitemview.cpp: 653 in Digikam::DigikamItemView::rename()()
647 setFocus();
648 qApp->processEvents();
649
650 if (!newNamesList.isEmpty())
651 {
652 QPointer<AdvancedRenameProcessDialog> dlg2 = new AdvancedRenameProcessDialog(newNamesList, this);
>>> CID 1490875: Error handling issues (CHECKED_RETURN)
>>> Calling "exec" without checking return value (as is done elsewhere 19 out of 23 times).
653 dlg2->exec();
654
655 imageFilterModel()->invalidate();
656 urls = dlg2->failedUrls();
657 delete dlg2;
658 }
** CID 1490874: Performance inefficiencies (PASS_BY_VALUE)
/home/gilles/Devel/7.x/core/tests/facesengine/recognition/tsne_cli.cpp: 58 in extractTrainData(std::pair<cv::Mat, cv::Mat>, int)()
________________________________________________________________________________________________________
*** CID 1490874: Performance inefficiencies (PASS_BY_VALUE)
/home/gilles/Devel/7.x/core/tests/facesengine/recognition/tsne_cli.cpp: 58 in extractTrainData(std::pair<cv::Mat, cv::Mat>, int)()
52 predictors.push_back(predictor);
53 }
54
55 return std::make_pair(predictors, labels);
56 }
57
>>> CID 1490874: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter data of type "std::pair<cv::Mat, cv::Mat>" (size 192 bytes) by value.
58 cv::Mat extractTrainData(std::pair<cv::Mat, cv::Mat> data, int nbPoints)
59 {
60 cv::Mat trainData;
61 std::unordered_map<int, int> counters;
62
63 for (int i = 0; i < data.first.rows; ++i)
** CID 1490873: Uninitialized members (UNINIT_CTOR)
/home/gilles/Devel/7.x/core/utilities/facemanagement/workers/recognitionworker.cpp: 48 in Digikam::RecognitionWorker::Private::Private(Digikam::FacePipeline::Private *)()
________________________________________________________________________________________________________
*** CID 1490873: Uninitialized members (UNINIT_CTOR)
/home/gilles/Devel/7.x/core/utilities/facemanagement/workers/recognitionworker.cpp: 48 in Digikam::RecognitionWorker::Private::Private(Digikam::FacePipeline::Private *)()
42 public:
43 explicit Private(FacePipeline::Private* const dd)
44 : imageRetriever(dd),
45 recognizer(nullptr),
46 buffer(100)
47 {
>>> CID 1490873: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "threshold" is not initialized in this constructor nor in any functions that it calls.
48 }
49
50 ~Private()
51 {
52 delete recognizer;
53 }
** CID 1490872: Error handling issues (CHECKED_RETURN)
/home/gilles/Devel/7.x/core/app/main/digikamapp_tools.cpp: 141 in Digikam::DigikamApp::slotDatabaseMigration()()
________________________________________________________________________________________________________
*** CID 1490872: Error handling issues (CHECKED_RETURN)
/home/gilles/Devel/7.x/core/app/main/digikamapp_tools.cpp: 141 in Digikam::DigikamApp::slotDatabaseMigration()()
135 }
136 }
137
138 void DigikamApp::slotDatabaseMigration()
139 {
140 DatabaseMigrationDialog dlg(this);
>>> CID 1490872: Error handling issues (CHECKED_RETURN)
>>> Calling "exec" without checking return value (as is done elsewhere 19 out of 23 times).
141 dlg.exec();
142 }
143
** CID 1490871: Performance inefficiencies (PASS_BY_VALUE)
/home/gilles/Devel/7.x/core/tests/facesengine/recognition/tsne_cli.cpp: 75 in save(std::pair<cv::Mat, cv::Mat>, const QString &)()
________________________________________________________________________________________________________
*** CID 1490871: Performance inefficiencies (PASS_BY_VALUE)
/home/gilles/Devel/7.x/core/tests/facesengine/recognition/tsne_cli.cpp: 75 in save(std::pair<cv::Mat, cv::Mat>, const QString &)()
69 }
70 }
71
72 return trainData;
73 }
74
>>> CID 1490871: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter data of type "std::pair<cv::Mat, cv::Mat>" (size 192 bytes) by value.
75 void save(std::pair<cv::Mat, cv::Mat> data, const QString& fileName)
76 {
77 QFile file(fileName);
78 if (!file.open(QIODevice::WriteOnly))
79 {
80 qDebug() << file.errorString();
** CID 1490870: Resource leaks (CTOR_DTOR_LEAK)
/home/gilles/Devel/7.x/core/tests/facesengine/recognition/extract_cli.cpp: 56 in Extractor::Extractor()()
________________________________________________________________________________________________________
*** CID 1490870: Resource leaks (CTOR_DTOR_LEAK)
/home/gilles/Devel/7.x/core/tests/facesengine/recognition/extract_cli.cpp: 56 in Extractor::Extractor()()
50 return std::shared_ptr<QCommandLineParser>(parser);
51 }
52
53 class Extractor {
54 public:
55 explicit Extractor() {
>>> CID 1490870: Resource leaks (CTOR_DTOR_LEAK)
>>> Allocating memory by calling "new Digikam::FaceDetector".
56 m_detector = new Digikam::FaceDetector();
57 m_net = cv::dnn::readNetFromTensorflow("../scripts/facenet_opencv_dnn/models/graph_final.pb");
58 }
59
60 QImage* detect(const QImage& faceImg) const;
61 cv::Mat getFaceEmbedding(cv::Mat faceImage);
** CID 1490869: (DC.WEAK_CRYPTO)
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/tsne.cpp: 612 in TSNE::TSNE<TSNE::SplitTree, (&TSNE::euclidean_distance_squared)>::randn()()
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/tsne.cpp: 612 in TSNE::TSNE<TSNE::SplitTree, (&TSNE::euclidean_distance)>::randn()()
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/tsne.cpp: 613 in TSNE::TSNE<TSNE::SplitTree, (&TSNE::euclidean_distance)>::randn()()
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/tsne.cpp: 613 in TSNE::TSNE<TSNE::SplitTree, (&TSNE::euclidean_distance_squared)>::randn()()
________________________________________________________________________________________________________
*** CID 1490869: (DC.WEAK_CRYPTO)
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/tsne.cpp: 612 in TSNE::TSNE<TSNE::SplitTree, (&TSNE::euclidean_distance_squared)>::randn()()
606
607 // Generates a Gaussian random number
608 template <class treeT, float (*dist_fn)( const DataPoint&, const DataPoint&)>
609 float TSNE<treeT, dist_fn>::randn() {
610 float x, radius;
611 do {
>>> CID 1490869: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
612 x = 2 * ((double)rand() / ((double) RAND_MAX + 1)) - 1;
613 float y = 2 * ((double)rand() / ((double) RAND_MAX + 1)) - 1;
614 radius = (x * x) + (y * y);
615 } while ((radius >= 1.0) || (radius == 0.0));
616 radius = sqrt(-2 * log(radius) / radius);
617 x *= radius;
618 return x;
619 }
620
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/tsne.cpp: 612 in TSNE::TSNE<TSNE::SplitTree, (&TSNE::euclidean_distance)>::randn()()
606
607 // Generates a Gaussian random number
608 template <class treeT, float (*dist_fn)( const DataPoint&, const DataPoint&)>
609 float TSNE<treeT, dist_fn>::randn() {
610 float x, radius;
611 do {
>>> CID 1490869: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
612 x = 2 * ((double)rand() / ((double) RAND_MAX + 1)) - 1;
613 float y = 2 * ((double)rand() / ((double) RAND_MAX + 1)) - 1;
614 radius = (x * x) + (y * y);
615 } while ((radius >= 1.0) || (radius == 0.0));
616 radius = sqrt(-2 * log(radius) / radius);
617 x *= radius;
618 return x;
619 }
620
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/tsne.cpp: 613 in TSNE::TSNE<TSNE::SplitTree, (&TSNE::euclidean_distance)>::randn()()
607 // Generates a Gaussian random number
608 template <class treeT, float (*dist_fn)( const DataPoint&, const DataPoint&)>
609 float TSNE<treeT, dist_fn>::randn() {
610 float x, radius;
611 do {
612 x = 2 * ((double)rand() / ((double) RAND_MAX + 1)) - 1;
>>> CID 1490869: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
613 float y = 2 * ((double)rand() / ((double) RAND_MAX + 1)) - 1;
614 radius = (x * x) + (y * y);
615 } while ((radius >= 1.0) || (radius == 0.0));
616 radius = sqrt(-2 * log(radius) / radius);
617 x *= radius;
618 return x;
619 }
620
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/tsne.cpp: 613 in TSNE::TSNE<TSNE::SplitTree, (&TSNE::euclidean_distance_squared)>::randn()()
607 // Generates a Gaussian random number
608 template <class treeT, float (*dist_fn)( const DataPoint&, const DataPoint&)>
609 float TSNE<treeT, dist_fn>::randn() {
610 float x, radius;
611 do {
612 x = 2 * ((double)rand() / ((double) RAND_MAX + 1)) - 1;
>>> CID 1490869: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
613 float y = 2 * ((double)rand() / ((double) RAND_MAX + 1)) - 1;
614 radius = (x * x) + (y * y);
615 } while ((radius >= 1.0) || (radius == 0.0));
616 radius = sqrt(-2 * log(radius) / radius);
617 x *= radius;
618 return x;
619 }
620
** CID 1490868: Uninitialized members (UNINIT_CTOR)
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/vptree.h: 51 in TSNE::DataPoint::DataPoint(const TSNE::DataPoint&)()
________________________________________________________________________________________________________
*** CID 1490868: Uninitialized members (UNINIT_CTOR)
/home/gilles/Devel/7.x/core/libs/facesengine/multicore_tsne/vptree.h: 51 in TSNE::DataPoint::DataPoint(const TSNE::DataPoint&)()
45 DataPoint(const DataPoint& other) { // this makes a deep copy -- should not free anything
46 if (this != &other) {
47 _D = other.dimensionality();
48 _ind = other.index();
49 _x = other._x;
50 }
>>> CID 1490868: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "_x" is not initialized in this constructor nor in any functions that it calls.
51 }
52
53 DataPoint& operator= (const DataPoint& other) { // asignment should free old object
54 if (this != &other) {
55 _D = other.dimensionality();
56 _ind = other.index();
** CID 1490668: Low impact quality (MISSING_MOVE_ASSIGNMENT)
/home/gilles/Devel/7.x/core/utilities/setup/downloader/filesdownloader.h: 41 in ()
________________________________________________________________________________________________________
*** CID 1490668: Low impact quality (MISSING_MOVE_ASSIGNMENT)
/home/gilles/Devel/7.x/core/utilities/setup/downloader/filesdownloader.h: 41 in ()
35
36 namespace Digikam
37 {
38
39 // ----------------------------------------------------------------------------
40
>>> CID 1490668: Low impact quality (MISSING_MOVE_ASSIGNMENT)
>>> Class "Digikam::DownloadInfo" may benefit from adding a move assignment operator. See other events which show the copy assignment operator being applied to rvalues, where a move assignment may be faster.
41 class DIGIKAM_EXPORT DownloadInfo
42 {
43 public:
44
45 DownloadInfo();
46 DownloadInfo(const QString& _path,
** CID 1473105: Resource leaks (CTOR_DTOR_LEAK)
________________________________________________________________________________________________________
*** CID 1473105: Resource leaks (CTOR_DTOR_LEAK)
/usr/include/c++/10/bits/hashtable.h: 272 in std::_Hashtable<int, std::pair<const int, int>, std::allocator<std::pair<const int, int>>, std::__detail::_Select1st, std::equal_to<int>, std::hash<int>, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<(bool)0, (bool)0, (bool)1>>::_Scoped_node::_Scoped_node<const std::piecewise_construct_t &, std::tuple<const int &>, std::tuple<>>(std::__detail::_Hashtable_alloc<std::allocator<std::__detail::_Hash_node<std::pair<const int, int>, (bool)0>>> *, T1 &&...)()
266 : _M_h(__h), _M_node(__n) { }
267
268 // Allocate a node and construct an element within it.
269 template<typename... _Args>
270 _Scoped_node(__hashtable_alloc* __h, _Args&&... __args)
271 : _M_h(__h),
>>> CID 1473105: Resource leaks (CTOR_DTOR_LEAK)
>>> Calling allocation function "_M_allocate_node".
272 _M_node(__h->_M_allocate_node(std::forward<_Args>(__args)...))
273 { }
274
275 // Destroy element and deallocate node.
276 ~_Scoped_node() { if (_M_node) _M_h->_M_deallocate_node(_M_node); };
277
** CID 1467488: Low impact quality (MISSING_MOVE_ASSIGNMENT)
/home/gilles/Devel/7.x/core/utilities/facemanagement/threads/facepipelinepackage.h: 58 in ()
________________________________________________________________________________________________________
*** CID 1467488: Low impact quality (MISSING_MOVE_ASSIGNMENT)
/home/gilles/Devel/7.x/core/utilities/facemanagement/threads/facepipelinepackage.h: 58 in ()
52 class FacePreviewLoader;
53 class FaceItemRetriever;
54 class ParallelPipes;
55 class ScanStateFilter;
56 class ExtractionWorker;
57
>>> CID 1467488: Low impact quality (MISSING_MOVE_ASSIGNMENT)
>>> Class "Digikam::FacePipelineFaceTagsIface" may benefit from adding a move assignment operator. See other events which show the copy assignment operator being applied to rvalues, where a move assignment may be faster.
58 class FacePipelineFaceTagsIface : public FaceTagsIface
59 {
60 public:
61
62 enum Role
63 {
** CID 1460539: Low impact quality (MISSING_MOVE_ASSIGNMENT)
/home/gilles/Devel/7.x/core/libs/database/item/containers/itemposition.h: 46 in ()
________________________________________________________________________________________________________
*** CID 1460539: Low impact quality (MISSING_MOVE_ASSIGNMENT)
/home/gilles/Devel/7.x/core/libs/database/item/containers/itemposition.h: 46 in ()
40 namespace Digikam
41 {
42
43 class CoreDbAccess;
44 class ItemPositionPriv;
45
>>> CID 1460539: Low impact quality (MISSING_MOVE_ASSIGNMENT)
>>> Class "Digikam::ItemPosition" may benefit from adding a move assignment operator. See other events which show the copy assignment operator being applied to rvalues, where a move assignment may be faster.
46 class DIGIKAM_DATABASE_EXPORT ItemPosition
47 {
48
49 public:
50
51 /**
** CID 1455772: Low impact quality (MISSING_MOVE_ASSIGNMENT)
/home/gilles/Devel/7.x/core/libs/database/item/containers/iteminfo.h: 77 in ()
________________________________________________________________________________________________________
*** CID 1455772: Low impact quality (MISSING_MOVE_ASSIGNMENT)
/home/gilles/Devel/7.x/core/libs/database/item/containers/iteminfo.h: 77 in ()
71 *
72 * NOTE: access rules for all methods in this class:
73 * ItemInfoData members shall be accessed only under CoreDbAccess lock.
74 * The id and albumId are the exception to this rule, as they are
75 * primitive and will never change during the lifetime of an object.
76 */
>>> CID 1455772: Low impact quality (MISSING_MOVE_ASSIGNMENT)
>>> Class "Digikam::ItemInfo" may benefit from adding a move assignment operator. See other events which show the copy assignment operator being applied to rvalues, where a move assignment may be faster.
77 class DIGIKAM_DATABASE_EXPORT ItemInfo
78 {
79 public:
80
81 typedef DatabaseFields::Hash<QVariant> DatabaseFieldsHashRaw;
82
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp2OAl-2Fauo86CB28HCT0-2BnD-2F6eFMYt863B1-2B0FLvU5y-2FRWSl8rMA4vGwCkGPp0f1hg-3Dk3ju_IpEMwFcbl-2BY9RHaL2m6a3nuAxB4hfm4MTniX0gHjADVB-2FOGPelrhF0w8wdykn46S907tBJyOi66ZuJkkG-2BBufiAiZu1lwlcyNcIgBJAeS1Lz7h4wPSRmBXQluce9czAta067tQuWLgQwrc4PF8QH6m3qEaabc5NbD2pTMIPux5-2Besd6lbJPm9p29SKTX-2Bgn-2B1Vn9WImSGTz23NIQdCM-2B5g-3D-3D
More information about the Digikam-devel
mailing list