[prev in list] [next in list] [prev in thread] [next in thread]
List: helix-filesystem-dev
Subject: [Filesystem-dev] CR: FORWARD_NULL_5 - Fixes for coverity checker
From: "Chandra Bhushan Kumar" <ext-chandra.2.kumar () nokia ! com>
Date: 2011-04-26 5:38:22
Message-ID: XESEFE101SVMum03yMJ00000318 () xesefe101 ! nee ! nokia ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
"Nokia submits this code under the terms of a commercial contribution
agreement with Real Networks, and I am authorized to contribute this code
under said agreement."
Modified by: ext-chandra.2.kumar@nokia.com
Reviewed by: Shetty Girish <girish.shetty@nokia.com>
RC Id: TBD
Date: 04/26/2011
Project: SymbianMmf_wm
Synopsis: Coverity tool can find the instances where NULL is explicitly
dereferenced or a pointer is checked against null but then dereferenced
anyway.
Overview:
Case 1: A pointer having NULL value in an independent path and being
dereferenced or passed as argument to the other called function.
Case 2: A pointer is being dereferenced after checked against NULL in a
function and in later part it's being dereference without any check in same
independent path.
Fix:
Case 1: Checking pointer against NULL for each independent path where the
variable being used\ dereferenced .
"Eg. A pointer declared and initialized with NULL. In some if
condition memory is allocated, if it takes false path and being dereference
this is an erronomous condition. Hence checking against NULL is mandatory"
Case 2: Checking for NULL value of a pointer if it is not being checked in
later part of the function.
"Eg. In a sequence of code if a pointer is dereferenced twice or
more, and check is performed against NULL for first dereferecing, then check
also requires for later dereferences."
Files modified & changes:
ext/mw/helixext/helix_ren/src/filesystem/data/datafsys.cpp
ext/mw/helixext/helix_ren/src/filesystem/http/httpfsys.cpp
ext/mw/helixext/helix_ren/src/filesystem/httplite/httpfileobj.cpp
Image Size and Heap Use impact: No major impact
Module Release testing (STIF) : Passed
Test case(s) Added : No
Memory leak check performed : N/A
Platforms and Profiles Functionality verified: armv5
MCL Branch: 420 brizo
Diff files: Attached
[Attachment #5 (text/html)]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.6000.17095" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=Arial size=2>"Nokia submits this code under the terms of a
commercial contribution agreement with Real Networks, and I am authorized to
contribute this code under said agreement."<BR> <BR>Modified by: <A
href="mailto:ext-chandra.2.kumar@nokia.com">ext-chandra.2.kumar@nokia.com</A><BR> <BR>Reviewed \
by: Shetty Girish <<A
href="mailto:girish.shetty@nokia.com">girish.shetty@nokia.com</A>><BR> <BR>RC \
Id: TBD<BR> <BR>Date: 04/26/2011<BR> <BR>Project: SymbianMmf_wm
<BR> <BR>Synopsis: Coverity tool can find the instances where NULL is
explicitly dereferenced or a pointer is checked against null but then
dereferenced anyway.<BR> <BR>Overview: <BR>Case 1: A pointer having NULL
value in an independent path and being dereferenced or passed as argument to the
other called function.<BR>Case 2: A pointer is being dereferenced after checked
against NULL in a function and in later part it's being dereference without any
check in same independent path. <BR> <BR>Fix: <BR>Case 1: Checking pointer
against NULL for each independent path where the variable being used\
dereferenced .<BR> "Eg. A pointer
declared and initialized with NULL. In some if condition memory is allocated, if
it takes false path and being dereference this is an erronomous condition. Hence
checking against NULL is mandatory"<BR> <BR>Case 2: Checking for NULL value
of a pointer if it is not being checked in later part of the
function.<BR> "Eg. In a sequence of
code if a pointer is dereferenced twice or more, and check is performed against
NULL for first dereferecing, then check also requires for later
dereferences."<BR> <BR>Files modified & changes:
<BR>ext/mw/helixext/helix_ren/src/filesystem/data/datafsys.cpp<BR>ext/mw/helixext/heli \
x_ren/src/filesystem/http/httpfsys.cpp<BR>ext/mw/helixext/helix_ren/src/filesystem/httplite/httpfileobj.cpp</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial size=2>Image Size and Heap Use impact: No major
impact<BR> <BR>Module Release testing (STIF) : Passed<BR> <BR>Test
case(s) Added : No<BR> <BR>Memory leak check performed :
N/A<BR> <BR>Platforms and Profiles Functionality verified: armv5
<BR> <BR>MCL Branch: 420 brizo<BR> <BR>Diff files:
Attached</FONT></DIV></BODY></HTML>
["Diff_httpfsys.cpp.txt" (text/plain)]
diff --git a/ext/mw/helixext/helix_ren/src/filesystem/http/httpfsys.cpp \
b/ext/mw/helixext/helix_ren/src/filesystem/http/httpfsys.cpp
--- a/ext/mw/helixext/helix_ren/src/filesystem/http/httpfsys.cpp
+++ b/ext/mw/helixext/helix_ren/src/filesystem/http/httpfsys.cpp
@@ -1514,7 +1522,7 @@
}
#endif
- if (m_bInitialized)
+ if (m_bInitialized && m_pFileResponse)
{
if (m_LastError == HXR_OK)
{
@@ -1794,6 +1802,7 @@
HX_ASSERT(m_pFileResponse) ;
if (m_pFileResponse)
{
+//This case is false positive. 'status' is being passed with 'pBuffer' to indicate \
success/ failure of operation. m_pFileResponse->ReadDone(status, pBuffer);
}
@@ -6050,7 +6059,7 @@
{
char* pTemp = NULL;
- if (m_bOnServer)
+ if (m_bOnServer && m_pRequest)
{
// Check for a bitrate parameter. If it exists, remove it
// from the URL we are about to request
@@ -8724,7 +8733,7 @@
}
HX_RELEASE(pUnknown);
- if (m_bMangleCookies)
+ if (m_bMangleCookies && m_pRequest)
{
// If cookie mangling is enabled,
// mangle all received Set-Cookie values
["Diff_datafsys.cpp.txt" (text/plain)]
ext/mw/helixext/helix_ren/src/filesystem/data/datafsys.cpp
@@ -777,18 +777,18 @@
HX_RESULT hresult = HXR_OK;
HX_RELEASE(m_pRequest);
+ const char* pURL = NULL;
+ IHXValues* pHeaders = 0;
+ IHXBuffer* pBuffer0 = 0;
m_pRequest = pRequest;
+
+ HX_ADDREF(m_pRequest) ;
if (m_pRequest)
{
- m_pRequest->AddRef();
+ hresult = m_pRequest->GetURL(pURL);
}
- const char* pURL;
- IHXValues* pHeaders = 0;
- IHXBuffer* pBuffer0 = 0;
- hresult = m_pRequest->GetURL(pURL);
-
if (hresult != HXR_OK)
{
goto RequestError;
["Diff_httpfileobj.cpp.txt" (text/plain)]
ext/mw/helixext/helix_ren/src/filesystem/httplite/httpfileobj.cpp
@@ -995,7 +995,7 @@
IHXBuffer* pBuff = m_pPendingReadInfo.pPendingReadBuff;
m_pPendingReadInfo.pPendingReadBuff = NULL;
- if (m_pFileResponse)
+ if (m_pFileResponse && pBuff )
{
MLOG_HTTP("\t0x%08x::CHXHTTPFileObject::ReadBlockDone(%s) calling \
ReadDone(HXR_OK,0x%08x) bufsize=%lu\n", this, StrRep(status),pBuff,
_______________________________________________
Filesystem-dev mailing list
Filesystem-dev@helixcommunity.org
http://lists.helixcommunity.org/mailman/listinfo/filesystem-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic