[GRASS-dev] Fwd: New Defects reported by Coverity Scan for grass
Glynn Clements
glynn at gclements.plus.com
Tue Nov 25 11:44:36 PST 2014
Markus Neteler wrote:
> /vector/v.net/connect.c: 145 in connect_arcs()
> >>> CID 1256093: Resource leak (RESOURCE_LEAK)
> >>> Variable "exclude_list" going out of scope leaks the storage it points to.
This is probably as simple as adding Vect_destroy_list(exclude_list)
to the end of connect_arcs().
> /lib/vector/Vlib/open_pg.c: 803 in read_p_node()
> >>> CID 1256092: Uninitialized pointer read (UNINIT)
> >>> Using uninitialized value "res" when calling "PQgetvalue".
There may be some logic which means that res is always initialised at
that point, but it's far from clear.
> /raster/r.colors/edit_colors.c: 315 in edit_colors()
> >>> CID 1256091: Uninitialized value use (UNINIT)
> >>> Using uninitialized value "input_maps.map_types".
... and others.
This appears to be a consequence of using the new option dependency
functions.
The various fields of input_maps are initialised in two blocks, one of
which is executed if opt.file->answer is non-NULL, the other if
opt.maps->answer is non-NULL.
Exactly one of these may be given, due to:
G_option_exclusive(opt.maps, opt.file, NULL);
G_option_required(opt.maps, opt.file, NULL);
However, the scanner cannot determine that this is the case,
Adding an "else G_fatal_error()" to the file-or-maps conditional
should allow it to deduce that the values cannot actually be
uninitialised (assuming that it understands what the
__attribute__((noreturn)) on G_fatal_error() means).
--
Glynn Clements <glynn at gclements.plus.com>
More information about the grass-dev
mailing list