New Defects reported by Coverity Scan for digiKam
Locked
New Defects reported by Coverity Scan for digiKam
 
|
Hi, Please find the latest report on new defect(s) introduced to digiKam found with Coverity Scan. 63 new defect(s) introduced to digiKam found with Coverity Scan. 2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 20 of 63 defect(s) ** CID 1323075: (USE_AFTER_FREE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPUtils-FileInfo.cpp: 693 in DngXmpSdk::AppendSubtree(const DngXmpSdk::XMP_Node *, DngXmpSdk::XMP_Node *, bool, bool)() /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPUtils-FileInfo.cpp: 719 in DngXmpSdk::AppendSubtree(const DngXmpSdk::XMP_Node *, DngXmpSdk::XMP_Node *, bool, bool)() ________________________________________________________________________________________________________ *** CID 1323075: (USE_AFTER_FREE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPUtils-FileInfo.cpp: 693 in DngXmpSdk::AppendSubtree(const DngXmpSdk::XMP_Node *, DngXmpSdk::XMP_Node *, bool, bool)() 687 688 // To merge a struct process the fields recursively. E.g. add simple missing fields. The 689 // recursive call to AppendSubtree will handle deletion for fields with empty values. 690 691 for ( size_t sourceNum = 0, sourceLim = sourceNode->children.size(); sourceNum != sourceLim; ++sourceNum ) { 692 const XMP_Node * sourceField = sourceNode->children[sourceNum]; >>> CID 1323075: (USE_AFTER_FREE) >>> Passing freed pointer "destNode" as an argument to "AppendSubtree". 693 AppendSubtree ( sourceField, destNode, replaceOld, deleteEmpty ); 694 if ( deleteEmpty && destNode->children.empty() ) { 695 delete ( destNode ); 696 destParent->children.erase ( destPos ); 697 } 698 } /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPUtils-FileInfo.cpp: 719 in DngXmpSdk::AppendSubtree(const DngXmpSdk::XMP_Node *, DngXmpSdk::XMP_Node *, bool, bool)() 713 if ( deleteEmpty && sourceItem->value.empty() ) { 714 715 if ( destIndex != -1 ) { 716 delete ( destNode->children[destIndex] ); 717 destNode->children.erase ( destNode->children.begin() + destIndex ); 718 if ( destNode->children.empty() ) { >>> CID 1323075: (USE_AFTER_FREE) >>> "operator delete" frees "destNode". 719 delete ( destNode ); 720 destParent->children.erase ( destPos ); 721 } 722 } 723 724 } else { ** CID 1323074: Incorrect expression (UNUSED_VALUE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1176 in DngXmpSdk::RDF_ParseTypeCollectionPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)() ________________________________________________________________________________________________________ *** CID 1323074: Incorrect expression (UNUSED_VALUE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1176 in DngXmpSdk::RDF_ParseTypeCollectionPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)() 1170 // nodeElementList 1171 // end-element() 1172 1173 static void 1174 RDF_ParseTypeCollectionPropertyElement ( XMP_Node * xmpParent, const XML_Node & xmlNode, bool isTopLevel ) 1175 { >>> CID 1323074: Incorrect expression (UNUSED_VALUE) >>> Assigning value from "(void *)&xmpParent" to "DngXmpSdk::voidVoidPtr" here, but that stored value is overwritten before it can be used. 1176 IgnoreParam(xmpParent); IgnoreParam(xmlNode); IgnoreParam(isTopLevel); 1177 1178 XMP_Throw ( "ParseTypeCollection property element not allowed", kXMPErr_BadXMP ); 1179 1180 } // RDF_ParseTypeCollectionPropertyElement 1181 ** CID 1323073: Incorrect expression (UNUSED_VALUE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1176 in DngXmpSdk::RDF_ParseTypeCollectionPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)() ________________________________________________________________________________________________________ *** CID 1323073: Incorrect expression (UNUSED_VALUE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1176 in DngXmpSdk::RDF_ParseTypeCollectionPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)() 1170 // nodeElementList 1171 // end-element() 1172 1173 static void 1174 RDF_ParseTypeCollectionPropertyElement ( XMP_Node * xmpParent, const XML_Node & xmlNode, bool isTopLevel ) 1175 { >>> CID 1323073: Incorrect expression (UNUSED_VALUE) >>> Assigning value from "(void *)xmlNode" to "DngXmpSdk::voidVoidPtr" here, but that stored value is overwritten before it can be used. 1176 IgnoreParam(xmpParent); IgnoreParam(xmlNode); IgnoreParam(isTopLevel); 1177 1178 XMP_Throw ( "ParseTypeCollection property element not allowed", kXMPErr_BadXMP ); 1179 1180 } // RDF_ParseTypeCollectionPropertyElement 1181 ** CID 1323072: Incorrect expression (UNUSED_VALUE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1113 in DngXmpSdk::RDF_ParseTypeLiteralPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)() ________________________________________________________________________________________________________ *** CID 1323072: Incorrect expression (UNUSED_VALUE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1113 in DngXmpSdk::RDF_ParseTypeLiteralPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)() 1107 // literal 1108 // end-element() 1109 1110 static void 1111 RDF_ParseTypeLiteralPropertyElement ( XMP_Node * xmpParent, const XML_Node & xmlNode, bool isTopLevel ) 1112 { >>> CID 1323072: Incorrect expression (UNUSED_VALUE) >>> Assigning value from "(void *)&xmpParent" to "DngXmpSdk::voidVoidPtr" here, but that stored value is overwritten before it can be used. 1113 IgnoreParam(xmpParent); IgnoreParam(xmlNode); IgnoreParam(isTopLevel); 1114 1115 XMP_Throw ( "ParseTypeLiteral property element not allowed", kXMPErr_BadXMP ); 1116 1117 } // RDF_ParseTypeLiteralPropertyElement 1118 ** CID 1323071: Incorrect expression (UNUSED_VALUE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1113 in DngXmpSdk::RDF_ParseTypeLiteralPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)() ________________________________________________________________________________________________________ *** CID 1323071: Incorrect expression (UNUSED_VALUE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1113 in DngXmpSdk::RDF_ParseTypeLiteralPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)() 1107 // literal 1108 // end-element() 1109 1110 static void 1111 RDF_ParseTypeLiteralPropertyElement ( XMP_Node * xmpParent, const XML_Node & xmlNode, bool isTopLevel ) 1112 { >>> CID 1323071: Incorrect expression (UNUSED_VALUE) >>> Assigning value from "(void *)xmlNode" to "DngXmpSdk::voidVoidPtr" here, but that stored value is overwritten before it can be used. 1113 IgnoreParam(xmpParent); IgnoreParam(xmlNode); IgnoreParam(isTopLevel); 1114 1115 XMP_Throw ( "ParseTypeLiteral property element not allowed", kXMPErr_BadXMP ); 1116 1117 } // RDF_ParseTypeLiteralPropertyElement 1118 ** CID 1323070: Incorrect expression (UNUSED_VALUE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1195 in DngXmpSdk::RDF_ParseTypeOtherPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)() ________________________________________________________________________________________________________ *** CID 1323070: Incorrect expression (UNUSED_VALUE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1195 in DngXmpSdk::RDF_ParseTypeOtherPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)() 1189 // propertyEltList 1190 // end-element() 1191 1192 static void 1193 RDF_ParseTypeOtherPropertyElement ( XMP_Node * xmpParent, const XML_Node & xmlNode, bool isTopLevel ) 1194 { >>> CID 1323070: Incorrect expression (UNUSED_VALUE) >>> Assigning value from "(void *)&xmpParent" to "DngXmpSdk::voidVoidPtr" here, but that stored value is overwritten before it can be used. 1195 IgnoreParam(xmpParent); IgnoreParam(xmlNode); IgnoreParam(isTopLevel); 1196 1197 XMP_Throw ( "ParseTypeOther property element not allowed", kXMPErr_BadXMP ); 1198 1199 } // RDF_ParseTypeOtherPropertyElement 1200 ** CID 1323069: Incorrect expression (UNUSED_VALUE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1195 in DngXmpSdk::RDF_ParseTypeOtherPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)() ________________________________________________________________________________________________________ *** CID 1323069: Incorrect expression (UNUSED_VALUE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/ParseRDF.cpp: 1195 in DngXmpSdk::RDF_ParseTypeOtherPropertyElement(DngXmpSdk::XMP_Node *, const DngXmpSdk::XML_Node &, bool)() 1189 // propertyEltList 1190 // end-element() 1191 1192 static void 1193 RDF_ParseTypeOtherPropertyElement ( XMP_Node * xmpParent, const XML_Node & xmlNode, bool isTopLevel ) 1194 { >>> CID 1323069: Incorrect expression (UNUSED_VALUE) >>> Assigning value from "(void *)xmlNode" to "DngXmpSdk::voidVoidPtr" here, but that stored value is overwritten before it can be used. 1195 IgnoreParam(xmpParent); IgnoreParam(xmlNode); IgnoreParam(isTopLevel); 1196 1197 XMP_Throw ( "ParseTypeOther property element not allowed", kXMPErr_BadXMP ); 1198 1199 } // RDF_ParseTypeOtherPropertyElement 1200 ** CID 1323068: Control flow issues (UNREACHABLE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPIterator.cpp: 581 in DngXmpSdk::XMPIterator::XMPIterator(const char *, const char *, unsigned long)() ________________________________________________________________________________________________________ *** CID 1323068: Control flow issues (UNREACHABLE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPIterator.cpp: 581 in DngXmpSdk::XMPIterator::XMPIterator(const char *, const char *, unsigned long)() 575 XMPIterator::XMPIterator ( XMP_StringPtr schemaNS, 576 XMP_StringPtr propName, 577 XMP_OptionBits options ) : info(IterInfo(options,0)), clientRefs(0) 578 { 579 580 XMP_Throw ( "Unimplemented XMPIterator constructor for global tables", kXMPErr_Unimplemented ); >>> CID 1323068: Control flow issues (UNREACHABLE) >>> This code cannot be reached: "p = &schemaNS;". 581 void * p; p = &schemaNS; p = &propName; p = &options; // Avoid unused param warnings. 582 583 } // XMPIterator for global tables 584 585 // ------------------------------------------------------------------------------------------------- 586 // ~XMPIterator ** CID 1323067: Control flow issues (UNREACHABLE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPMeta.cpp: 1379 in DngXmpSdk::XMPMeta::DeleteAlias(const char *, const char *)() ________________________________________________________________________________________________________ *** CID 1323067: Control flow issues (UNREACHABLE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPMeta.cpp: 1379 in DngXmpSdk::XMPMeta::DeleteAlias(const char *, const char *)() 1373 XMPMeta::DeleteAlias ( XMP_StringPtr aliasNS, 1374 XMP_StringPtr aliasProp ) 1375 { 1376 1377 XMP_Assert ( (aliasNS != 0) && (aliasProp != 0) ); // Enforced by wrapper. 1378 XMP_Throw ( "Unimplemented method XMPMeta::DeleteAlias", kXMPErr_Unimplemented ); // *** #error "write me" >>> CID 1323067: Control flow issues (UNREACHABLE) >>> This code cannot be reached: "p = &aliasNS;". 1379 void * p; p = &aliasNS; p = &aliasProp; // Avoid unused param warnings. 1380 1381 } // DeleteAlias 1382 1383 1384 // ------------------------------------------------------------------------------------------------- ** CID 1323066: Control flow issues (UNREACHABLE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPMeta.cpp: 1616 in DngXmpSdk::XMPMeta::SetObjectOptions(unsigned long)() ________________________________________________________________________________________________________ *** CID 1323066: Control flow issues (UNREACHABLE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPMeta.cpp: 1616 in DngXmpSdk::XMPMeta::SetObjectOptions(unsigned long)() 1610 1611 void 1612 XMPMeta::SetObjectOptions ( XMP_OptionBits options ) 1613 { 1614 1615 XMP_Throw ( "Unimplemented method XMPMeta::SetObjectOptions", kXMPErr_Unimplemented ); >>> CID 1323066: Control flow issues (UNREACHABLE) >>> This code cannot be reached: "p = &options;". 1616 void * p; p = &options; // Avoid unused param warnings. 1617 1618 } // SetObjectOptions 1619 1620 1621 // ------------------------------------------------------------------------------------------------- ** CID 1323065: Control flow issues (UNREACHABLE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPMeta.cpp: 1029 in DngXmpSdk::XMPMeta::SetGlobalOptions(unsigned long)() ________________________________________________________________________________________________________ *** CID 1323065: Control flow issues (UNREACHABLE) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPMeta.cpp: 1029 in DngXmpSdk::XMPMeta::SetGlobalOptions(unsigned long)() 1023 1024 /* class-static */ void 1025 XMPMeta::SetGlobalOptions ( XMP_OptionBits options ) 1026 { 1027 1028 XMP_Throw ( "Unimplemented method XMPMeta::SetGlobalOptions", kXMPErr_Unimplemented ); >>> CID 1323065: Control flow issues (UNREACHABLE) >>> This code cannot be reached: "p = &options;". 1029 void * p; p = &options; // Avoid unused param warnings. 1030 1031 } // SetGlobalOptions 1032 1033 1034 // ------------------------------------------------------------------------------------------------- ** CID 1323064: Uninitialized members (UNINIT_CTOR) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/include/client-glue/WXMP_Common.hpp: 31 in DngXmpSdk::WXMP_Result::WXMP_Result()() ________________________________________________________________________________________________________ *** CID 1323064: Uninitialized members (UNINIT_CTOR) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/include/client-glue/WXMP_Common.hpp: 31 in DngXmpSdk::WXMP_Result::WXMP_Result()() 25 struct WXMP_Result { 26 XMP_StringPtr errMessage; 27 void * ptrResult; 28 double floatResult; 29 XMP_Uns64 int64Result; 30 XMP_Uns32 int32Result; >>> CID 1323064: Uninitialized members (UNINIT_CTOR) >>> Non-static class member "int32Result" is not initialized in this constructor nor in any functions that it calls. 31 WXMP_Result() : errMessage(0) {}; 32 }; 33 34 #if __cplusplus 35 extern "C" { 36 #endif ** CID 1323063: (UNCAUGHT_EXCEPT) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)() /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)() /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)() /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)() ________________________________________________________________________________________________________ *** CID 1323063: (UNCAUGHT_EXCEPT) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)() 1113 } 1114 1115 /*****************************************************************************/ 1116 1117 // Parses tags that should only appear in IFD 0 or the main image IFD. 1118 >>> CID 1323063: (UNCAUGHT_EXCEPT) >>> In function "dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, uint32, uint32, uint32, uint32, uint64)" an exception of type "dng_exception" is thrown and never caught. 1119 bool dng_exif::Parse_ifd0_main (dng_stream &stream, 1120 dng_shared & /* shared */, 1121 uint32 parentCode, 1122 uint32 tagCode, 1123 uint32 tagType, 1124 uint32 tagCount, /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)() 1113 } 1114 1115 /*****************************************************************************/ 1116 1117 // Parses tags that should only appear in IFD 0 or the main image IFD. 1118 >>> CID 1323063: (UNCAUGHT_EXCEPT) >>> In function "dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, uint32, uint32, uint32, uint32, uint64)" an exception of type "dng_exception" is thrown and never caught. 1119 bool dng_exif::Parse_ifd0_main (dng_stream &stream, 1120 dng_shared & /* shared */, 1121 uint32 parentCode, 1122 uint32 tagCode, 1123 uint32 tagType, 1124 uint32 tagCount, /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)() 1113 } 1114 1115 /*****************************************************************************/ 1116 1117 // Parses tags that should only appear in IFD 0 or the main image IFD. 1118 >>> CID 1323063: (UNCAUGHT_EXCEPT) >>> In function "dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, uint32, uint32, uint32, uint32, uint64)" an exception of type "dng_exception" is thrown and never caught. 1119 bool dng_exif::Parse_ifd0_main (dng_stream &stream, 1120 dng_shared & /* shared */, 1121 uint32 parentCode, 1122 uint32 tagCode, 1123 uint32 tagType, 1124 uint32 tagCount, /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_exif.cpp: 1119 in dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, unsigned int, unsigned int, unsigned int, unsigned int, unsigned long)() 1113 } 1114 1115 /*****************************************************************************/ 1116 1117 // Parses tags that should only appear in IFD 0 or the main image IFD. 1118 >>> CID 1323063: (UNCAUGHT_EXCEPT) >>> In function "dng_exif::Parse_ifd0_main(dng_stream &, dng_shared &, uint32, uint32, uint32, uint32, uint64)" an exception of type "dng_exception" is thrown and never caught. 1119 bool dng_exif::Parse_ifd0_main (dng_stream &stream, 1120 dng_shared & /* shared */, 1121 uint32 parentCode, 1122 uint32 tagCode, 1123 uint32 tagType, 1124 uint32 tagCount, ** CID 1323062: Insecure data handling (TAINTED_SCALAR) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 443 in dng_info::ParseIFD(dng_host &, dng_stream &, dng_exif *, dng_shared *, dng_ifd *, unsigned long, long, unsigned int)() ________________________________________________________________________________________________________ *** CID 1323062: Insecure data handling (TAINTED_SCALAR) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 443 in dng_info::ParseIFD(dng_host &, dng_stream &, dng_exif *, dng_shared *, dng_ifd *, unsigned long, long, unsigned int)() 437 } 438 439 #endif 440 441 uint32 prev_tag_code = 0; 442 >>> CID 1323062: Insecure data handling (TAINTED_SCALAR) >>> Using tainted variable "ifdEntries" as a loop boundary. 443 for (uint32 tag_index = 0; tag_index < ifdEntries; tag_index++) 444 { 445 446 stream.SetReadPosition (ifdOffset + 2 + tag_index * 12); 447 448 uint32 tagCode = stream.Get_uint16 (); ** CID 1323061: (TAINTED_SCALAR) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 1641 in dng_info::ParseDNGPrivateData(dng_host &, dng_stream &)() /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 1744 in dng_info::ParseDNGPrivateData(dng_host &, dng_stream &)() ________________________________________________________________________________________________________ *** CID 1323061: (TAINTED_SCALAR) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 1641 in dng_info::ParseDNGPrivateData(dng_host &, dng_stream &)() 1635 1636 for (uint32 parsePass = 1; parsePass <= 2; parsePass++) 1637 { 1638 1639 stream.SetReadPosition (crwTagStart); 1640 >>> CID 1323061: (TAINTED_SCALAR) >>> Using tainted variable "entries" as a loop boundary. 1641 for (uint32 index = 0; index < entries; index++) 1642 { 1643 1644 uint32 tagCode = stream.Get_uint16 (); 1645 1646 uint32 tagCount = stream.Get_uint32 (); /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 1744 in dng_info::ParseDNGPrivateData(dng_host &, dng_stream &)() 1738 1739 #endif 1740 1741 uint16 order_mark = stream.Get_uint16 (); 1742 uint32 entries = stream.Get_uint16 (); 1743 >>> CID 1323061: (TAINTED_SCALAR) >>> Using tainted variable "entries" as a loop boundary. 1744 for (uint32 index = 0; index < entries; index++) 1745 { 1746 1747 uint32 tagCode = code32 ? stream.Get_uint32 () 1748 : stream.Get_uint16 (); 1749 ** CID 1323060: Insecure data handling (TAINTED_SCALAR) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 673 in dng_info::ParseMakerNoteIFD(dng_host &, dng_stream &, unsigned long, unsigned long, long, unsigned long, unsigned long, unsigned int)() ________________________________________________________________________________________________________ *** CID 1323060: Insecure data handling (TAINTED_SCALAR) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 673 in dng_info::ParseMakerNoteIFD(dng_host &, dng_stream &, unsigned long, unsigned long, long, unsigned long, unsigned long, unsigned int)() 667 { 668 return false; 669 } 670 671 // Scan IFD to verify all the tag types are all valid. 672 >>> CID 1323060: Insecure data handling (TAINTED_SCALAR) >>> Using tainted variable "ifdEntries" as a loop boundary. 673 for (tagIndex = 0; tagIndex < ifdEntries; tagIndex++) 674 { 675 676 stream.SetReadPosition (ifdOffset + 2 + tagIndex * 12 + 2); 677 678 tagType = stream.Get_uint16 (); ** CID 1323059: Insecure data handling (TAINTED_SCALAR) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_iptc.cpp: 191 in dng_iptc::ParseString(dng_stream &, dng_string &, dng_iptc::CharSet)() ________________________________________________________________________________________________________ *** CID 1323059: Insecure data handling (TAINTED_SCALAR) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_iptc.cpp: 191 in dng_iptc::ParseString(dng_stream &, dng_string &, dng_iptc::CharSet)() 185 dng_memory_data buffer (length + 1); 186 187 char *c = buffer.Buffer_char (); 188 189 stream.Get (c, length); 190 >>> CID 1323059: Insecure data handling (TAINTED_SCALAR) >>> Using tainted variable "length" as an index to pointer "c". 191 c [length] = 0; 192 193 switch (charSet) 194 { 195 196 case kCharSetUTF8: ** CID 1323058: Insecure data handling (TAINTED_SCALAR) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 346 in dng_info::ValidateIFD(dng_stream &, unsigned long, long)() ________________________________________________________________________________________________________ *** CID 1323058: Insecure data handling (TAINTED_SCALAR) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_info.cpp: 346 in dng_info::ValidateIFD(dng_stream &, unsigned long, long)() 340 { 341 return false; 342 } 343 344 // Check each entry. 345 >>> CID 1323058: Insecure data handling (TAINTED_SCALAR) >>> Using tainted variable "ifdEntries" as a loop boundary. 346 for (uint32 tag_index = 0; tag_index < ifdEntries; tag_index++) 347 { 348 349 stream.SetReadPosition (ifdOffset + 2 + tag_index * 12); 350 351 stream.Skip (2); // Ignore tag code. ** CID 1323057: Insecure data handling (TAINTED_SCALAR) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_shared.cpp: 888 in dng_camera_profile_info::ParseExtended(dng_stream &)() ________________________________________________________________________________________________________ *** CID 1323057: Insecure data handling (TAINTED_SCALAR) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/dng_sdk/dng_shared.cpp: 888 in dng_camera_profile_info::ParseExtended(dng_stream &)() 882 883 if (ifdEntries < 1) 884 { 885 return false; 886 } 887 >>> CID 1323057: Insecure data handling (TAINTED_SCALAR) >>> Using tainted variable "ifdEntries" as a loop boundary. 888 for (uint32 tag_index = 0; tag_index < ifdEntries; tag_index++) 889 { 890 891 stream.SetReadPosition (startPosition + 8 + 2 + tag_index * 12); 892 893 uint16 tagCode = stream.Get_uint16 (); ** CID 1323056: API usage errors (PW.PRINTF_ARG_MISMATCH) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPUtils.cpp: 1114 in () ________________________________________________________________________________________________________ *** CID 1323056: API usage errors (PW.PRINTF_ARG_MISMATCH) /home/gilles/Devel/5.x/core/libs/3rdparty/dngwriter/extra/xmp_sdk/XMPCore/XMPUtils.cpp: 1114 in () 1108 XMP_Throw ( "Invalid time zone values", kXMPErr_BadParam ); 1109 } 1110 1111 if ( tempDate.tzSign == 0 ) { 1112 *sConvertedValue += 'Z'; 1113 } else { >>> CID 1323056: API usage errors (PW.PRINTF_ARG_MISMATCH) >>> argument is incompatible with corresponding format string conversion 1114 snprintf ( buffer, sizeof(buffer), "+%02d:%02d", tempDate.tzHour, tempDate.tzMinute ); // AUDIT: Using sizeof for snprintf length is safe. 1115 if ( tempDate.tzSign < 0 ) buffer[0] = '-'; 1116 *sConvertedValue += buffer; 1117 } 1118 1119 } ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/digikam?tab=overview To manage Coverity Scan email notifications for "[hidden email]", click https://scan.coverity.com/subscriptions/edit?email=digikam-devel%40kde.org&token=621bfe7450f4a870432a2a9c106aa3a8 _______________________________________________ Digikam-devel mailing list [hidden email] https://mail.kde.org/mailman/listinfo/digikam-devel |
«
Return to digikam-devel
|
1 view|%1 views
| Free forum by Nabble | Edit this page |