Fwd: New Defects reported by Coverity Scan for Konsole

Kurt Hindenburg kurt.hindenburg at gmail.com
Fri Mar 4 17:20:46 GMT 2022


Hello all,
  This build is from master as of this morning - last commit is 0952e29f.

  Kurt

> Begin forwarded message:
> 
> From: scan-admin at coverity.com <mailto:scan-admin at coverity.com>
> Subject: New Defects reported by Coverity Scan for Konsole
> Date: March 4, 2022 at 12:16:48 PM EST
> To: kurt.hindenburg at gmail.com <mailto:kurt.hindenburg at gmail.com>
> 
> Hi,
> 
> Please find the latest report on new defect(s) introduced to Konsole found with Coverity Scan.
> 
> 4 new defect(s) introduced to Konsole found with Coverity Scan.
> 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
> 
> New defect(s) Reported-by: Coverity Scan
> Showing 4 of 4 defect(s)
> 
> 
> ** CID 350423:  Error handling issues  (CHECKED_RETURN)
> /home/kurthindenburg/Devel/KDE/src/konsole/src/Vt102Emulation.cpp: 1407 in Konsole::Vt102Emulation::processGraphicsToken(int)()
> 
> 
> ________________________________________________________________________________________________________
> *** CID 350423:  Error handling issues  (CHECKED_RETURN)
> /home/kurthindenburg/Devel/KDE/src/konsole/src/Vt102Emulation.cpp: 1407 in Konsole::Vt102Emulation::processGraphicsToken(int)()
> 1401                     stream.avail_in = imageData.size(); // size of input
> 1402                     stream.next_in = (Bytef *)data; // input char array
> 1403                     stream.avail_out = out->size(); // size of output
> 1404                     stream.next_out = (Bytef *)out->constData(); // output char array
> 1405     
> 1406                     ret = inflateInit(&stream);
>>>>    CID 350423:  Error handling issues  (CHECKED_RETURN)
>>>>    Calling "inflate(&stream, 0)" without checking return value. This library function may fail and return an error code.
> 1407                     inflate(&stream, Z_NO_FLUSH);
> 1408                     inflateEnd(&stream);
> 1409     
> 1410                     if (keys['f'] != 24 && keys['f'] != 32) {
> 1411                         imageData.clear();
> 1412                         imageData.append(*out);
> 
> ** CID 350422:  Resource leaks  (RESOURCE_LEAK)
> /home/kurthindenburg/Devel/KDE/src/konsole/src/Vt102Emulation.cpp: 1415 in Konsole::Vt102Emulation::processGraphicsToken(int)()
> 
> 
> ________________________________________________________________________________________________________
> *** CID 350422:  Resource leaks  (RESOURCE_LEAK)
> /home/kurthindenburg/Devel/KDE/src/konsole/src/Vt102Emulation.cpp: 1415 in Konsole::Vt102Emulation::processGraphicsToken(int)()
> 1409     
> 1410                     if (keys['f'] != 24 && keys['f'] != 32) {
> 1411                         imageData.clear();
> 1412                         imageData.append(*out);
> 1413                     }
> 1414                 } else {
>>>>    CID 350422:  Resource leaks  (RESOURCE_LEAK)
>>>>    Overwriting "out" in "out = NULL" leaks the storage that "out" points to.
> 1415                     out = nullptr;
> 1416                 }
> 1417                 if (keys['f'] == 24 || keys['f'] == 32) {
> 1418                     enum QImage::Format format = keys['f'] == 24 ? QImage::Format_RGB888 : QImage::Format_RGBA8888;
> 1419                     if (!out) {
> 1420                         out = new QByteArray(imageData.constData(), imageData.size());
> 
> ** CID 350421:  Uninitialized variables  (UNINIT)
> /home/kurthindenburg/Devel/KDE/src/konsole/src/Vt102Emulation.cpp: 1407 in Konsole::Vt102Emulation::processGraphicsToken(int)()
> 
> 
> ________________________________________________________________________________________________________
> *** CID 350421:  Uninitialized variables  (UNINIT)
> /home/kurthindenburg/Devel/KDE/src/konsole/src/Vt102Emulation.cpp: 1407 in Konsole::Vt102Emulation::processGraphicsToken(int)()
> 1401                     stream.avail_in = imageData.size(); // size of input
> 1402                     stream.next_in = (Bytef *)data; // input char array
> 1403                     stream.avail_out = out->size(); // size of output
> 1404                     stream.next_out = (Bytef *)out->constData(); // output char array
> 1405     
> 1406                     ret = inflateInit(&stream);
>>>>    CID 350421:  Uninitialized variables  (UNINIT)
>>>>    Using uninitialized value "stream.total_out" when calling "inflate".
> 1407                     inflate(&stream, Z_NO_FLUSH);
> 1408                     inflateEnd(&stream);
> 1409     
> 1410                     if (keys['f'] != 24 && keys['f'] != 32) {
> 1411                         imageData.clear();
> 1412                         imageData.append(*out);
> 
> ** CID 350420:  API usage errors  (INVALIDATE_ITERATOR)
> /home/kurthindenburg/Devel/KDE/src/konsole/src/Screen.cpp: 1984 in Konsole::Screen::delPlacements(int, long long, long long, int, int, int)()
> 
> 
> ________________________________________________________________________________________________________
> *** CID 350420:  API usage errors  (INVALIDATE_ITERATOR)
> /home/kurthindenburg/Devel/KDE/src/konsole/src/Screen.cpp: 1984 in Konsole::Screen::delPlacements(int, long long, long long, int, int, int)()
> 1978     }
> 1979     
> 1980     void Screen::delPlacements(int del, qint64 id, qint64 pid, int x, int y, int z)
> 1981     {
> 1982         std::vector<std::unique_ptr<TerminalGraphicsPlacement_t>>::iterator i;
> 1983         i = _graphicsPlacements.begin();
>>>>    CID 350420:  API usage errors  (INVALIDATE_ITERATOR)
>>>>    Using invalid iterator "i".
> 1984         while (i != _graphicsPlacements.end()) {
> 1985             TerminalGraphicsPlacement_t *placement = i->get();
> 1986             bool remove = false;
> 1987             switch (del) {
> 1988             case 1:
> 1989                 remove = true;
> 
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/konsole-devel/attachments/20220304/3e197a8b/attachment-0001.htm>


More information about the konsole-devel mailing list