Re: Code review needed ,spotted by Coverity

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ok, I'm almost done with the various Coverity defects.

The only ones left are not trivial and requires much more knowledge of
fontconfig internal than I have, so I'll explain the defects spot and
let people with more knowledge tell me if it is a real bug or if I
should close defect as false alarm :

-defect #984 in fcdir.c / FcDirScanConfig :
FcGlobalCacheReadDir might be call with config == NULL, which will call
FcConfigInodeMatchFontDir which deferences config without checking for
NULL value. I'm not sure how to fix this.

-defect #759 in fccharset.c / FcCharSetSubtractCount :
*bm might be NULL because of assignment to bi.leaf->map and then it is
accessed without any NULL test. I don't know if bi.leaf->map is never
NULL.

-defects #783, #784, #785, #786 : 
* if config->maxObjects == 0, but config->substPattern or
config->substFont are not NULL, st, while NULL, will be accessed
* at line 1497, there is a test against thisValue being NULL (so, it
might be NULL), but FcConfigDel called at line 1506 might deferences
thisValue, causing a crash.
* at line 1463, l might be leaked if switch (e->op) is handled by
default case). I don't know if it is possible.

Oh and I think I found a coverity bug ;) (defect #782)..

There are two other memleaks in doc/edit-sgml.c but I don't know if it
is worth trying to fix (defects #744, #745, leaking ss and ls in
DoReplace).

But now, we are done ;)
-- 
Frederic Crozat <fcrozat@xxxxxxxxxxxx>
Mandriva


_______________________________________________
Fontconfig mailing list
Fontconfig@xxxxxxxxxxxxxxxxxxxxx
http://lists.freedesktop.org/mailman/listinfo/fontconfig

[Index of Archives]     [Fedora Fonts]     [Fedora Users]     [Fedora Cloud]     [Kernel]     [Fedora Packaging]     [Fedora Desktop]     [PAM]     [Gimp Graphics Editor]     [Yosemite News]

  Powered by Linux