[GRASS-dev] Fwd: New Defects reported by Coverity Scan for grass

Markus Neteler neteler at osgeo.org
Wed Oct 29 06:31:53 PDT 2014


Hi,

I have uploaded the current trunk (r62476), some improvements achieved!
    Analysis Summary:
       New defects found: 4
       Defects eliminated: 19

Below the 4 newly introduced issues, hoping for comments/fixes.

Markus

The results are available at http://scan.coverity.com/projects/1038

---------- Forwarded message ----------
From:  <scan-admin at coverity.com>
Date: Wed, Oct 29, 2014 at 2:19 PM
Subject: New Defects reported by Coverity Scan for grass
To: neteler at osgeo.org

Hi,

Please find the latest report on new defect(s) introduced to grass
found with Coverity Scan.

4 new defect(s) introduced to grass found with Coverity Scan.
19 defect(s), reported by Coverity Scan earlier, were marked fixed in
the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1249942:  Resource leak  (RESOURCE_LEAK)
/raster/r.viewshed/grass.cpp: 661 in save_grid_to_GRASS(grid_ *, char
*, int, outputMode_)()

** CID 1249941:  Untrusted value as argument  (TAINTED_SCALAR)

** CID 1249940:  Untrusted value as argument  (TAINTED_SCALAR)

** CID 1249939:  Uninitialized pointer read  (UNINIT)
/ps/ps.map/ps_vpoints.c: 272 in PS_vpoints_plot()


________________________________________________________________________________________________________
*** CID 1249942:  Resource leak  (RESOURCE_LEAK)
/raster/r.viewshed/grass.cpp: 661 in save_grid_to_GRASS(grid_ *, char
*, int, outputMode_)()
655             }                       /* for j */
656             Rast_put_row(outfd, outrast, type);
657         }                           /* for i */
658         G_percent(1, 1, 1);
659
660         Rast_close(outfd);
>>>     CID 1249942:  Resource leak  (RESOURCE_LEAK)
>>>     Variable "outrast" going out of scope leaks the storage it points to.
661         return;
662     }
663
664
665
666

________________________________________________________________________________________________________
*** CID 1249941:  Untrusted value as argument  (TAINTED_SCALAR)
/lib/segment/open.c: 89 in Segment_open()
83         close(SEG->fd);
84         if (-1 == (SEG->fd = open(SEG->fname, 2))) {
85      unlink(SEG->fname);
86      G_warning(_("Unable to re-open segment file"));
87      return -4;
88         }
>>>     CID 1249941:  Untrusted value as argument  (TAINTED_SCALAR)
>>>     Passing tainted variable "SEG->srows" to a tainted sink.
89         if (0 > (ret = Segment_init(SEG, SEG->fd, nseg))) {
90      close(SEG->fd);
91      unlink(SEG->fname);
92      if (ret == -1) {
93          G_warning(_("Could not read segment file"));
94          return -5;

________________________________________________________________________________________________________
*** CID 1249940:  Untrusted value as argument  (TAINTED_SCALAR)
/lib/segment/init.c: 78 in Segment_init()
72      || !read_off_t(fd, &SEG->ncols)
73      || !read_int(fd, &SEG->srows)
74      || !read_int(fd, &SEG->scols)
75      || !read_int(fd, &SEG->len))
76      return -1;
77
>>>     CID 1249940:  Untrusted value as argument  (TAINTED_SCALAR)
>>>     Passing tainted variable "SEG->srows" to a tainted sink.
78         return seg_setup(SEG);
79     }
80
81
82     static int read_int(int fd, int *n)
83     {

________________________________________________________________________________________________________
*** CID 1249939:  Uninitialized pointer read  (UNINIT)
/ps/ps.map/ps_vpoints.c: 272 in PS_vpoints_plot()
266                 }
267             }
268
269             /* draw the icon */
270             if ((vector.layer[vec].epstype == 0) ||
271                 (vector.layer[vec].epstype == 2 && !eps_exist)) {
>>>     CID 1249939:  Uninitialized pointer read  (UNINIT)
>>>     Using uninitialized value "Symb".
272                 if (Symb != NULL) {
273                     symbol_draw(sname, x, y, size, rotate,
274                                 vector.layer[vec].width);
275                 }
276             }
277         }                           /* for (line) */
278
279         fprintf(PS.fp, "\n");
280         return 0;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
http://scan.coverity.com/projects/1038?tab=overview


More information about the grass-dev mailing list