Uploaded image for project: 'HPCC'
  1. HPCC
  2. HPCC-20046

New Defects reported by Coverity Scan for HPCC-Platform on 09th of July.

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Unresourced
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 7.0.0
    • Fix Version/s: None
    • Component/s: Roxie
    • Labels:
      None
    • Environment:
      OBT

      Description

      5 new defect(s) introduced to HPCC-Platform found with Coverity Scan.

      ________________________________________________________________________________________________________
      
      *** CID 1366121:  Insecure data handling  (TAINTED_SCALAR)
      
      /mnt/disk1/home/vamosax/build/CE/platform/HPCC-Platform/roxie/udplib/uttest.cpp: 721 in main()
      
      715                 const char *startrange = dash-1;
      
      716                 while (isdigit(startrange[-1]))
      
      717                     startrange--;
      
      718                 char *endptr;
      
      719                 unsigned firstnum = atoi(startrange);
      
      720                 unsigned lastnum = strtol(dash+1, &endptr, 10);
      
      >>>     CID 1366121:  Insecure data handling  (TAINTED_SCALAR)
      
      >>>     Using tainted variable "lastnum" as a loop boundary.
      
      721                 while (firstnum <= lastnum)
      
      722                 {
      
      723                     StringBuffer ipstr;
      
      724                     ipstr.append(startrange - ip, ip).append(firstnum).append(endptr);
      
      725                     unsigned nodeIdx = addRoxieNode(ipstr.str());
      
      726                     const IpAddress &nodeIP = getNodeAddress(nodeIdx);
      
      ________________________________________________________________________________________________________
      
      *** CID 1366118:  Error handling issues  (UNCAUGHT_EXCEPT)
      
      /mnt/disk1/home/vamosax/build/CE/platform/HPCC-Platform/roxie/udplib/uttest.cpp: 589 in main()
      
      583         unsigned elapsed = msTick() - start;
      
      584         DBGLOG("Complete in %d.%03d seconds", elapsed / 1000, elapsed % 1000);
      
      585         DBGLOG("sequential=%d, skewFactor %f", (int) simpleSequential, slowNodeSkew);
      
      586         delete[] slaves;
      
      587     }
      
      588
      
      >>>     CID 1366118:  Error handling issues  (UNCAUGHT_EXCEPT)
      
      >>>     In function "main(int, char **)" an exception of type "IJSOCK_Exception *" is thrown and never caught.
      
      589     int main(int argc, char * argv[] )
      
      590     {
      
      591         InitModuleObjects();
      
      592         if (argc < 2)
      
      593             usage();
      
      594         strdup("Make sure leak checking is working");
      
      ________________________________________________________________________________________________________
      
      *** CID 1143538:    (UNCAUGHT_EXCEPT)
      
      /mnt/disk1/home/vamosax/build/CE/platform/HPCC-Platform/roxie/udplib/uttest.cpp: 589 in main()
      
      583         unsigned elapsed = msTick() - start;
      
      584         DBGLOG("Complete in %d.%03d seconds", elapsed / 1000, elapsed % 1000);
      
      585         DBGLOG("sequential=%d, skewFactor %f", (int) simpleSequential, slowNodeSkew);
      
      586         delete[] slaves;
      
      587     }
      
      588
      
      >>>     CID 1143538:    (UNCAUGHT_EXCEPT)
      
      >>>     In function "main(int, char **)" an exception of type "IOSException *" is thrown and never caught.
      
      589     int main(int argc, char * argv[] )
      
      590     {
      
      591         InitModuleObjects();
      
      592         if (argc < 2)
      
      593             usage();
      
      594         strdup("Make sure leak checking is working");
      ________________________________________________________________________________________________________
      
      *** CID 1143537:    (UNCAUGHT_EXCEPT)
      
      /mnt/disk1/home/vamosax/build/CE/platform/HPCC-Platform/roxie/udplib/uttest.cpp: 589 in main()
      
      583         unsigned elapsed = msTick() - start;
      
      584         DBGLOG("Complete in %d.%03d seconds", elapsed / 1000, elapsed % 1000);
      
      585         DBGLOG("sequential=%d, skewFactor %f", (int) simpleSequential, slowNodeSkew);
      
      586         delete[] slaves;
      
      587     }
      
      588
      
      >>>     CID 1143537:    (UNCAUGHT_EXCEPT)
      
      >>>     In function "main(int, char **)" an exception of type "IException *" is thrown and never caught.
      
      589     int main(int argc, char * argv[] )
      
      590     {
      
      591         InitModuleObjects();
      
      592         if (argc < 2)
      
      593             usage();
      
      594         strdup("Make sure leak checking is working");
      
      ________________________________________________________________________________________________________
      
      *** CID 1142391:  Integer handling issues  (DIVIDE_BY_ZERO)
      
      /mnt/disk1/home/vamosax/build/CE/platform/HPCC-Platform/roxie/udplib/uttest.cpp: 304 in testNxN()()
      
      298             unsigned dest = 0;
      
      299             unsigned start = msTick();
      
      300             unsigned last = start;
      
      301             if (sendSize)
      
      302             {
      
      303                 unsigned n = dontSendToSelf ? numNodes -1 : numNodes;
      
      >>>     CID 1142391:  Integer handling issues  (DIVIDE_BY_ZERO)
      
      >>>     In expression "sendSize /= 100U * n", division by expression "100U * n" which may be zero has undefined behavior.
      
      304                 sendSize /= 100*n;
      
      305                 sendSize *= 100*n;
      
      306             }
      
      307             for (;;)
      
      308             {
      
      309                 do {
      
      ________________________________________________________________________________________________________
      
       

      To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaNjvQL1JwbRRXECNADpFWbJmd1u5Ft08MVOUAWsoMXj3-2FOk3grCOW6BgQyMmqdP24-3D_V7u2yOhiGAr-2Biu54nFTzz1cdmowKR-2FlEFg5vqux4F9sLa3sRHEsye6RiwDYPq6mkGVRgK-2B-2FSJGyWEcXI0hVdtAN1P-2F6W8EF3H7x2rGbu6tS3u8IR-2FKpTUMDg711AGoogvF9izYDYzc5mVUkw-2BnTmvwUdZ7yZ9GfdVfX1xk3smAXyJ2cyPJEhhb4OU1TdxqRb8gd-2FaTCbKWgOpsm4nehIKdxeATXS6Fx3GmDe9tiUTkk-3D

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              attilavamos Attila Vamos
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: