[GRASS-dev] New Defects reported by Coverity Scan for grass

Hi,

I have uploaded the current trunk (r62476), some improvements achieved!
    Analysis Summary:
       New defects found: 4
       Defects eliminated: 19

Below the 4 newly introduced issues, hoping for comments/fixes.

Markus

The results are available at http://scan.coverity.com/projects/1038

---------- Forwarded message ----------
From: <scan-admin@coverity.com>
Date: Wed, Oct 29, 2014 at 2:19 PM
Subject: New Defects reported by Coverity Scan for grass
To: neteler@osgeo.org

Hi,

Please find the latest report on new defect(s) introduced to grass
found with Coverity Scan.

4 new defect(s) introduced to grass found with Coverity Scan.
19 defect(s), reported by Coverity Scan earlier, were marked fixed in
the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)

** CID 1249942: Resource leak (RESOURCE_LEAK)
/raster/r.viewshed/grass.cpp: 661 in save_grid_to_GRASS(grid_ *, char
*, int, outputMode_)()

** CID 1249941: Untrusted value as argument (TAINTED_SCALAR)

** CID 1249940: Untrusted value as argument (TAINTED_SCALAR)

** CID 1249939: Uninitialized pointer read (UNINIT)
/ps/ps.map/ps_vpoints.c: 272 in PS_vpoints_plot()

________________________________________________________________________________________________________
*** CID 1249942: Resource leak (RESOURCE_LEAK)
/raster/r.viewshed/grass.cpp: 661 in save_grid_to_GRASS(grid_ *, char
*, int, outputMode_)()
655 } /* for j */
656 Rast_put_row(outfd, outrast, type);
657 } /* for i */
658 G_percent(1, 1, 1);
659
660 Rast_close(outfd);

    CID 1249942: Resource leak (RESOURCE_LEAK)
    Variable "outrast" going out of scope leaks the storage it points to.

661 return;
662 }
663
664
665
666

________________________________________________________________________________________________________
*** CID 1249941: Untrusted value as argument (TAINTED_SCALAR)
/lib/segment/open.c: 89 in Segment_open()
83 close(SEG->fd);
84 if (-1 == (SEG->fd = open(SEG->fname, 2))) {
85 unlink(SEG->fname);
86 G_warning(_("Unable to re-open segment file"));
87 return -4;
88 }

    CID 1249941: Untrusted value as argument (TAINTED_SCALAR)
    Passing tainted variable "SEG->srows" to a tainted sink.

89 if (0 > (ret = Segment_init(SEG, SEG->fd, nseg))) {
90 close(SEG->fd);
91 unlink(SEG->fname);
92 if (ret == -1) {
93 G_warning(_("Could not read segment file"));
94 return -5;

________________________________________________________________________________________________________
*** CID 1249940: Untrusted value as argument (TAINTED_SCALAR)
/lib/segment/init.c: 78 in Segment_init()
72 || !read_off_t(fd, &SEG->ncols)
73 || !read_int(fd, &SEG->srows)
74 || !read_int(fd, &SEG->scols)
75 || !read_int(fd, &SEG->len))
76 return -1;
77

    CID 1249940: Untrusted value as argument (TAINTED_SCALAR)
    Passing tainted variable "SEG->srows" to a tainted sink.

78 return seg_setup(SEG);
79 }
80
81
82 static int read_int(int fd, int *n)
83 {

________________________________________________________________________________________________________
*** CID 1249939: Uninitialized pointer read (UNINIT)
/ps/ps.map/ps_vpoints.c: 272 in PS_vpoints_plot()
266 }
267 }
268
269 /* draw the icon */
270 if ((vector.layer[vec].epstype == 0) ||
271 (vector.layer[vec].epstype == 2 && !eps_exist)) {

    CID 1249939: Uninitialized pointer read (UNINIT)
    Using uninitialized value "Symb".

272 if (Symb != NULL) {
273 symbol_draw(sname, x, y, size, rotate,
274 vector.layer[vec].width);
275 }
276 }
277 } /* for (line) */
278
279 fprintf(PS.fp, "\n");
280 return 0;

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
http://scan.coverity.com/projects/1038?tab=overview

On Wed, Oct 29, 2014 at 9:31 AM, Markus Neteler <neteler@osgeo.org> wrote:

Hi,

I have uploaded the current trunk (r62476), some improvements achieved!
    Analysis Summary:
       New defects found: 4
       Defects eliminated: 19

Below the 4 newly introduced issues, hoping for comments/fixes.

Markus

The results are available at http://scan.coverity.com/projects/1038

---------- Forwarded message ----------
From: <scan-admin@coverity.com>
Date: Wed, Oct 29, 2014 at 2:19 PM
Subject: New Defects reported by Coverity Scan for grass
To: neteler@osgeo.org

Hi,

Please find the latest report on new defect(s) introduced to grass
found with Coverity Scan.

4 new defect(s) introduced to grass found with Coverity Scan.
19 defect(s), reported by Coverity Scan earlier, were marked fixed in
the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)

** CID 1249942: Resource leak (RESOURCE_LEAK)
/raster/r.viewshed/grass.cpp: 661 in save_grid_to_GRASS(grid_ *, char
*, int, outputMode_)()

should be fixed in r62477,8

** CID 1249941: Untrusted value as argument (TAINTED_SCALAR)

** CID 1249940: Untrusted value as argument (TAINTED_SCALAR)

** CID 1249939: Uninitialized pointer read (UNINIT)
/ps/ps.map/ps_vpoints.c: 272 in PS_vpoints_plot()

should be fixed in r62479,r62480

________________________________________________________________________________________________________
*** CID 1249942: Resource leak (RESOURCE_LEAK)
/raster/r.viewshed/grass.cpp: 661 in save_grid_to_GRASS(grid_ *, char
*, int, outputMode_)()
655 } /* for j */
656 Rast_put_row(outfd, outrast, type);
657 } /* for i */
658 G_percent(1, 1, 1);
659
660 Rast_close(outfd);
>>> CID 1249942: Resource leak (RESOURCE_LEAK)
>>> Variable "outrast" going out of scope leaks the storage it points
to.
661 return;
662 }
663
664
665
666

________________________________________________________________________________________________________
*** CID 1249941: Untrusted value as argument (TAINTED_SCALAR)
/lib/segment/open.c: 89 in Segment_open()
83 close(SEG->fd);
84 if (-1 == (SEG->fd = open(SEG->fname, 2))) {
85 unlink(SEG->fname);
86 G_warning(_("Unable to re-open segment file"));
87 return -4;
88 }
>>> CID 1249941: Untrusted value as argument (TAINTED_SCALAR)
>>> Passing tainted variable "SEG->srows" to a tainted sink.
89 if (0 > (ret = Segment_init(SEG, SEG->fd, nseg))) {
90 close(SEG->fd);
91 unlink(SEG->fname);
92 if (ret == -1) {
93 G_warning(_("Could not read segment file"));
94 return -5;

________________________________________________________________________________________________________
*** CID 1249940: Untrusted value as argument (TAINTED_SCALAR)
/lib/segment/init.c: 78 in Segment_init()
72 || !read_off_t(fd, &SEG->ncols)
73 || !read_int(fd, &SEG->srows)
74 || !read_int(fd, &SEG->scols)
75 || !read_int(fd, &SEG->len))
76 return -1;
77
>>> CID 1249940: Untrusted value as argument (TAINTED_SCALAR)
>>> Passing tainted variable "SEG->srows" to a tainted sink.
78 return seg_setup(SEG);
79 }
80
81
82 static int read_int(int fd, int *n)
83 {

________________________________________________________________________________________________________
*** CID 1249939: Uninitialized pointer read (UNINIT)
/ps/ps.map/ps_vpoints.c: 272 in PS_vpoints_plot()
266 }
267 }
268
269 /* draw the icon */
270 if ((vector.layer[vec].epstype == 0) ||
271 (vector.layer[vec].epstype == 2 && !eps_exist)) {
>>> CID 1249939: Uninitialized pointer read (UNINIT)
>>> Using uninitialized value "Symb".
272 if (Symb != NULL) {
273 symbol_draw(sname, x, y, size, rotate,
274 vector.layer[vec].width);
275 }
276 }
277 } /* for (line) */
278
279 fprintf(PS.fp, "\n");
280 return 0;

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
http://scan.coverity.com/projects/1038?tab=overview
_______________________________________________
grass-dev mailing list
grass-dev@lists.osgeo.org
http://lists.osgeo.org/mailman/listinfo/grass-dev