Csound Csound-dev Csound-tekno Search About

[Cs-dev] Code than needs review after Coverity

Date2014-01-28 13:12
Fromjohn ffitch
Subject[Cs-dev] Code than needs review after Coverity
Help with these would be appreciated

Opcodes/dss4cs/src/*.c contains many problems such as the getenv issue
mentioned before

1163480  Out-of-bounds access    InOut/libmpadec/layer3.c       line  935
1163516  Nesting level does not match Opcodes/spat3d.c          line  864
1163517  Nesting level does not match Opcodes/pitch.c           line 1910
1163518  Nesting level does not match Opcodes/pitch.c           line 1964
1163519  Nesting level does not match Opcodes/pitch.c           line 1710
1163521  Nesting level does not match Opcodes/dsputil.c         line  297
1163532  Double lock             InOut/rtjack.c                 line  534
1163533  Double lock             InOut/rtjack.c                 line  864
1163571  Resource leak           Opcodes/dssi4cs/src/dssi4cs.c  line  452
1163729  Time of check time of use      Top/one_file.c          line  134
1163732  Use of untrusted string value  Top/one_file.c          line   98

==John ffitch

------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable 
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Csound-devel mailing list
Csound-devel@lists.sourceforge.net
Date2014-01-28 13:58
FromVictor Lazzarini
SubjectRe: [Cs-dev] Code than needs review after Coverity
Reviewed all except for dssi code, 1163480 (could not locate the out-of-bound access)
1163729 and 163732 (not sure).

Victor
On 28 Jan 2014, at 13:12, john ffitch  wrote:

> Help with these would be appreciated
> 
> Opcodes/dss4cs/src/*.c contains many problems such as the getenv issue
> mentioned before
> 
> 1163480  Out-of-bounds access    InOut/libmpadec/layer3.c       line  935
> 1163516  Nesting level does not match Opcodes/spat3d.c          line  864
> 1163517  Nesting level does not match Opcodes/pitch.c           line 1910
> 1163518  Nesting level does not match Opcodes/pitch.c           line 1964
> 1163519  Nesting level does not match Opcodes/pitch.c           line 1710
> 1163521  Nesting level does not match Opcodes/dsputil.c         line  297
> 1163532  Double lock             InOut/rtjack.c                 line  534
> 1163533  Double lock             InOut/rtjack.c                 line  864
> 1163571  Resource leak           Opcodes/dssi4cs/src/dssi4cs.c  line  452
> 1163729  Time of check time of use      Top/one_file.c          line  134
> 1163732  Use of untrusted string value  Top/one_file.c          line   98
> 
> ==John ffitch
> 
> ------------------------------------------------------------------------------
> WatchGuard Dimension instantly turns raw network data into actionable 
> security intelligence. It gives you real-time visual feedback on key
> security issues and trends.  Skip the complicated setup - simply import
> a virtual appliance and go from zero to informed in seconds.
> http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
> _______________________________________________
> Csound-devel mailing list
> Csound-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/csound-devel


------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable 
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Csound-devel mailing list
Csound-devel@lists.sourceforge.net