[prev in list] [next in list] [prev in thread] [next in thread] 

List:       helix-filesystem-dev
Subject:    [Filesystem-dev] CR: FORWARD_NULL_5 - Fixes for coverity checker
From:       "Chandra Bhushan Kumar" <ext-chandra.2.kumar () nokia ! com>
Date:       2011-04-26 5:38:22
Message-ID: XESEFE101SVMum03yMJ00000318 () xesefe101 ! nee ! nokia ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


"Nokia submits this code under the terms of a commercial contribution
agreement with Real Networks, and I am authorized to contribute this code
under said agreement."
 
Modified by: ext-chandra.2.kumar@nokia.com
 
Reviewed by: Shetty Girish <girish.shetty@nokia.com>
 
RC Id: TBD
 
Date: 04/26/2011
 
Project: SymbianMmf_wm 
 
Synopsis: Coverity tool can find the instances where NULL is explicitly
dereferenced or a pointer is checked against null but then dereferenced
anyway.
 
Overview: 
Case 1: A pointer having NULL value in an independent path and being
dereferenced or passed as argument to the other called function.
Case 2: A pointer is being dereferenced after checked against NULL in a
function and in later part it's being dereference without any check in same
independent path. 
 
Fix: 
Case 1: Checking pointer against NULL for each independent path where the
variable being used\ dereferenced .
        "Eg. A pointer declared and initialized with NULL. In some if
condition memory is allocated, if it takes false path and being dereference
this is an erronomous condition. Hence checking against NULL is mandatory"
 
Case 2: Checking for NULL value of a pointer if it is not being checked in
later part of the function.
        "Eg. In a sequence of code if a pointer is dereferenced twice or
more, and check is performed against NULL for first dereferecing, then check
also requires for later dereferences."
 
Files modified & changes: 
ext/mw/helixext/helix_ren/src/filesystem/data/datafsys.cpp
ext/mw/helixext/helix_ren/src/filesystem/http/httpfsys.cpp
ext/mw/helixext/helix_ren/src/filesystem/httplite/httpfileobj.cpp
 
Image Size and Heap Use impact: No major impact
 
Module Release testing (STIF) : Passed
 
Test case(s) Added : No
 
Memory leak check performed : N/A
 
Platforms and Profiles Functionality verified: armv5 
 
MCL Branch: 420 brizo
 
Diff files: Attached

[Attachment #5 (text/html)]

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.6000.17095" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=Arial size=2>"Nokia submits this code under the terms of a 
commercial contribution agreement with Real Networks, and I am authorized to 
contribute this code under said agreement."<BR>&nbsp;<BR>Modified by: <A 
href="mailto:ext-chandra.2.kumar@nokia.com">ext-chandra.2.kumar@nokia.com</A><BR>&nbsp;<BR>Reviewed \
                
by: Shetty Girish &lt;<A 
href="mailto:girish.shetty@nokia.com">girish.shetty@nokia.com</A>&gt;<BR>&nbsp;<BR>RC \
                
Id: TBD<BR>&nbsp;<BR>Date: 04/26/2011<BR>&nbsp;<BR>Project: SymbianMmf_wm 
<BR>&nbsp;<BR>Synopsis: Coverity tool can find the instances where NULL is 
explicitly dereferenced or a pointer is checked against null but then 
dereferenced anyway.<BR>&nbsp;<BR>Overview: <BR>Case 1: A pointer having NULL 
value in an independent path and being dereferenced or passed as argument to the 
other called function.<BR>Case 2: A pointer is being dereferenced after checked 
against NULL in a function and in later part it's being dereference without any 
check in same independent path. <BR>&nbsp;<BR>Fix: <BR>Case 1: Checking pointer 
against NULL for each independent path where the variable being used\ 
dereferenced .<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "Eg. A pointer 
declared and initialized with NULL. In some if condition memory is allocated, if 
it takes false path and being dereference this is an erronomous condition. Hence 
checking against NULL is mandatory"<BR>&nbsp;<BR>Case 2: Checking for NULL value 
of a pointer if it is not being checked in later part of the 
function.<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "Eg. In a sequence of 
code if a pointer is dereferenced twice or more, and check is performed against 
NULL for first dereferecing, then check also requires for later 
dereferences."<BR>&nbsp;<BR>Files modified &amp; changes: 
<BR>ext/mw/helixext/helix_ren/src/filesystem/data/datafsys.cpp<BR>ext/mw/helixext/heli \
x_ren/src/filesystem/http/httpfsys.cpp<BR>ext/mw/helixext/helix_ren/src/filesystem/httplite/httpfileobj.cpp</FONT></DIV>
 <DIV>&nbsp;</DIV>
<DIV><FONT face=Arial size=2>Image Size and Heap Use impact: No major 
impact<BR>&nbsp;<BR>Module Release testing (STIF) : Passed<BR>&nbsp;<BR>Test 
case(s) Added : No<BR>&nbsp;<BR>Memory leak check performed : 
N/A<BR>&nbsp;<BR>Platforms and Profiles Functionality verified: armv5 
<BR>&nbsp;<BR>MCL Branch: 420 brizo<BR>&nbsp;<BR>Diff files: 
Attached</FONT></DIV></BODY></HTML>


["Diff_httpfsys.cpp.txt" (text/plain)]

diff --git a/ext/mw/helixext/helix_ren/src/filesystem/http/httpfsys.cpp \
                b/ext/mw/helixext/helix_ren/src/filesystem/http/httpfsys.cpp
--- a/ext/mw/helixext/helix_ren/src/filesystem/http/httpfsys.cpp
+++ b/ext/mw/helixext/helix_ren/src/filesystem/http/httpfsys.cpp
@@ -1514,7 +1522,7 @@
     }
 #endif
-    if (m_bInitialized)
+    if (m_bInitialized && m_pFileResponse)
     {
         if (m_LastError == HXR_OK)
         {
@@ -1794,6 +1802,7 @@
     HX_ASSERT(m_pFileResponse) ;
     if (m_pFileResponse)
     {
+//This case is false positive. 'status' is being passed with 'pBuffer' to indicate \
success/ failure of operation.  m_pFileResponse->ReadDone(status, pBuffer);
     } 

@@ -6050,7 +6059,7 @@
     {
         char* pTemp = NULL; 

-        if (m_bOnServer)
+        if (m_bOnServer && m_pRequest)
         {
             // Check for a bitrate parameter. If it exists, remove it
             // from the URL we are about to request
@@ -8724,7 +8733,7 @@
             }
             HX_RELEASE(pUnknown); 

-            if (m_bMangleCookies)
+            if (m_bMangleCookies && m_pRequest)
             {
                 // If cookie mangling is enabled,
                 // mangle all received Set-Cookie values


["Diff_datafsys.cpp.txt" (text/plain)]

ext/mw/helixext/helix_ren/src/filesystem/data/datafsys.cpp
@@ -777,18 +777,18 @@
     HX_RESULT hresult = HXR_OK;
 
     HX_RELEASE(m_pRequest);
	
+    const char* pURL = NULL;
+    IHXValues* pHeaders = 0;
+    IHXBuffer* pBuffer0 = 0;
     m_pRequest = pRequest;
+	
+    HX_ADDREF(m_pRequest) ;
     if (m_pRequest)
     {
-	m_pRequest->AddRef();
+	hresult = m_pRequest->GetURL(pURL);
     }
 
-    const char* pURL;
-    IHXValues* pHeaders = 0;
-    IHXBuffer* pBuffer0 = 0;
-    hresult = m_pRequest->GetURL(pURL);
-
     if (hresult != HXR_OK)
     {
 	goto RequestError;

["Diff_httpfileobj.cpp.txt" (text/plain)]

ext/mw/helixext/helix_ren/src/filesystem/httplite/httpfileobj.cpp
@@ -995,7 +995,7 @@
             IHXBuffer* pBuff = m_pPendingReadInfo.pPendingReadBuff;
             m_pPendingReadInfo.pPendingReadBuff = NULL;
 
-            if (m_pFileResponse)
+            if (m_pFileResponse && pBuff )
             {
                 MLOG_HTTP("\t0x%08x::CHXHTTPFileObject::ReadBlockDone(%s) calling \
ReadDone(HXR_OK,0x%08x) bufsize=%lu\n",  this, StrRep(status),pBuff,



_______________________________________________
Filesystem-dev mailing list
Filesystem-dev@helixcommunity.org
http://lists.helixcommunity.org/mailman/listinfo/filesystem-dev


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic