Project Name | CID | Checker | Category | Developer Description |
---|---|---|---|---|
digiKam | 1034287 | TAINTED_SCALAR | Insecure data handling | increase a lots the security of code |
201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 |
} // convert to float grey.convertTo(image, CV_32F); const int height = image.rows - 2*d->windowSize; const int width = image.cols - 2*d->windowSize; std::vector<std::vector<std::vector<float> > > originalFeatures; d->computeOriginalFeatures(originalFeatures, image, width, height); std::vector<float> v = d->computeTransform(originalFeatures, width, height); return d->applyTransform(inputImage, v, d->outerDimH, d->outerDimW); } void FunnelReal::Private::loadTrainingData(const QString& path) { try { std::ifstream trainingInfo(path.toLocal8Bit()); trainingInfo.exceptions(std::ifstream::badbit); |
<< 1. Calling function "operator >>" taints argument "this->edgeDescDim".
225 226 227 228 229 |
trainingInfo >> numFeatureClusters >> edgeDescDim; std::vector<float> cRow(edgeDescDim, 0); centroids = std::vector<std::vector<float> >(numFeatureClusters, cRow); sigmaSq = std::vector<float>(numFeatureClusters); |
< 2. Condition "i < this->numFeatureClusters", taking true branch
231 232 |
for(int i=0; i<numFeatureClusters; i++) { |
<<< CID 1034287: Insecure data handling TAINTED_SCALAR <<< 3. Using tainted variable "this->edgeDescDim" as a loop boundary.
233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 |
for(int j=0; j<edgeDescDim; j++) { trainingInfo >> centroids[i][j]; } trainingInfo >> sigmaSq[i]; } trainingInfo >> numRandPxls; randPxls = std::vector<std::pair<int, int> >(numRandPxls); for(int j=0; j<numRandPxls; j++) trainingInfo >> randPxls[j].first >> randPxls[j].second; std::vector<float> dfCol(numFeatureClusters, 0); std::vector<std::vector<float> > logDistField(numRandPxls, dfCol); int iteration; while(true) { trainingInfo >> iteration; if(trainingInfo.eof()) break; for(int j=0; j<numRandPxls; j++) { |
1. tainted_data_argument | funnelreal.cpp:225 | |
3. tainted_data | funnelreal.cpp:233 |