Uploaded image for project: 'HPCC'
  1. HPCC
  2. HPCC-18584

New Defects reported by Coverity Scan for HPCC-Platform on 23rd of October

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 7.0.0
    • Fix Version/s: 7.0.0
    • Component/s: eclrtl, ESP
    • Labels:
      None

      Description

      New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s)

       

       

        • CID 1458466:  Uninitialized members  (UNINIT_CTOR)

      /mnt/disk1/home/vamosax/build/CE/platform/HPCC-Platform/rtl/eclrtl/rtlnewkey.cpp: 1088 in RowCursor::RowCursor(RowFilter &)()

       

       

      ________________________________________________________________________________________________________

          • CID 1458466:  Uninitialized members  (UNINIT_CTOR)

      /mnt/disk1/home/vamosax/build/CE/platform/HPCC-Platform/rtl/eclrtl/rtlnewkey.cpp: 1088 in RowCursor::RowCursor(RowFilter &)()

      1082     };

      1083

      1084     //This class represents the current set of values which have been matched in the filter sets.

      1085     class RowCursor

      1086     {

      1087     public:

      >>>     CID 1458466:  Uninitialized members  (UNINIT_CTOR)

      >>>     Non-static class member "numMatched" is not initialized in this constructor nor in any functions that it calls.

      1088         RowCursor(RowFilter & _filter) : filter(_filter) {}

      1089

      1090         void selectFirst()

      1091         {

      1092             numMatched = 0;

      1093         }

       

        • CID 1458467:    (DC.WEAK_CRYPTO)

      /mnt/disk1/home/vamosax/build/CE/platform/HPCC-Platform/dali/datest/datest.cpp: 1140 in TSDSThread::threadmain()()

      /mnt/disk1/home/vamosax/build/CE/platform/HPCC-Platform/dali/datest/datest.cpp: 1141 in TSDSThread::threadmain()()

       

       

      ________________________________________________________________________________________________________

          • CID 1458467:    (DC.WEAK_CRYPTO)

      /mnt/disk1/home/vamosax/build/CE/platform/HPCC-Platform/dali/datest/datest.cpp: 1140 in TSDSThread::threadmain()()

      1134                 Owned<IRemoteConnection> conn = querySDS().connect(path, myProcessSession(), RTM_LOCK_WRITE|RTM_LOCK_SUB, 1000000);

      1135                 PrintLog("connecting to %s", path.get());

      1136                 if (!conn)

      1137                     throw MakeStringException(-1, "Failed to connect to path %s", path.get());

      1138                 IPropertyTree *root = conn->queryRoot();

      1139

      >>>     CID 1458467:    (DC.WEAK_CRYPTO)

      >>>     "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.

      1140                 root->setPropInt("TTestProp1", rand());

      1141                 root->setPropInt("TTestProp2", rand());

      1142             }

      1143             catch (IException *e)

      1144             {

      1145                 PrintExceptionLog(e, NULL);

      /mnt/disk1/home/vamosax/build/CE/platform/HPCC-Platform/dali/datest/datest.cpp: 1141 in TSDSThread::threadmain()()

      1135                 PrintLog("connecting to %s", path.get());

      1136                 if (!conn)

      1137                     throw MakeStringException(-1, "Failed to connect to path %s", path.get());

      1138                 IPropertyTree *root = conn->queryRoot();

      1139

      1140                 root->setPropInt("TTestProp1", rand());

      >>>     CID 1458467:    (DC.WEAK_CRYPTO)

      >>>     "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.

      1141                 root->setPropInt("TTestProp2", rand());

      1142             }

      1143             catch (IException *e)

      1144             {

      1145                 PrintExceptionLog(e, NULL);

      1146             }

       

        • CID 1458468:  Resource leaks  (RESOURCE_LEAK)

      /mnt/disk1/home/vamosax/build/CE/platform/HPCC-Platform/plugins/fileservices/fileservices.cpp: 2558 in fsGetEspURL()

       

       

      ________________________________________________________________________________________________________

          • CID 1458468:  Resource leaks  (RESOURCE_LEAK)

      /mnt/disk1/home/vamosax/build/CE/platform/HPCC-Platform/plugins/fileservices/fileservices.cpp: 2558 in fsGetEspURL()

      2552                                             if (username && username[0] && userPW && userPW[0])

      2553                                                 credentials.setf("%s:%s@", username, userPW);

      2554                                             else if (username && username[0])

      2555                                                 credentials.setf("%s@", username);

      2556

      2557                                             if (streq(instanceAddress.str(),"."))

      >>>     CID 1458468:  Resource leaks  (RESOURCE_LEAK)

      >>>     Failing to save or free storage allocated by "fsfResolveHostName(instanceAddress.str())" leaks it.

      2558                                                 instanceAddress = fsfResolveHostName(instanceAddress.str());

      2559

      2560                                             espURL.setf("%s://%s%s:%d", bindingProtocol.str(), credentials.str(), instanceAddress.str(), espBindingIter->query().getPropInt("@port",8010));

      2561

      2562                                             return espURL.detach();

      2563                                         }

       

       

      ________________________________________________________________________________________________________

      To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaNjvQL1JwbRRXECNADpFWbJmd1u5Ft08MVOUAWsoMXj3-2FOk3grCOW6BgQyMmqdP24-3D_V7u2yOhiGAr-2Biu54nFTzz1cdmowKR-2FlEFg5vqux4F9vuYFE2JpbY8Ypi1vMs2DaH3035E9KURPJOpl5-2FIIvqIrwKZbEsR4zqxFh8legmiCpipEwIdJpS6szYNm0mRLFDmhJOdclZ5uvzYm5I8OfZ-2BezxQe9oj-2FFdfwzAkIN72RuVerHeY22otLJLIDUaIH7rzaA2ZqJ6ndNB8voZPU-2Boe5FA6Egji7pD2wSXfz7-2FCLc-3D

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                attilavamos Attila Vamos
                Reporter:
                attilavamos Attila Vamos
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: