Coverity Scan - Static Analysis

Sample of Defect

Project Name	CID	Checker	Category	Developer Description
Chocobo1/qBittorrent	43714	OVERRUN	Memory - illegal accesses	Although the detected out-of-bounds access is not likely to be exploited; the important part is: Coverity give us a chance to rethink/review code section which we overlooked before and ultimately lead the project to a more successful & stable state.

File: /src/core/misc.cpp

        QProcess python_proc;
        python_proc.start("python", QStringList() << "--version", QIODevice::ReadOnly);
        if (!python_proc.waitForFinished()) return -1;
        if (python_proc.exitCode() < 0) return -1;
        QByteArray output = python_proc.readAllStandardOutput();
        if (output.isEmpty())
            output = python_proc.readAllStandardError();
        const QByteArray version_str = output.split(' ').last();
        qDebug() << "Python version is:" << version_str.trimmed();
        if (version_str.startsWith("3."))
            version = 3;
        else
            version = 2;
    }
    return version;
}

// return best userfriendly storage unit (B, KiB, MiB, GiB, TiB)
// use Binary prefix standards from IEC 60027-2
// see http://en.wikipedia.org/wiki/Kilobyte
// value must be given in bytes
// to send numbers instead of strings with suffixes
QString misc::friendlyUnit(qreal val, bool is_speed)
{

 < 1. Condition "val < 0", taking false branch

298
299

    if (val < 0)
        return QCoreApplication::translate("misc", "Unknown", "Unknown (size)");

 << 2. Assigning: "i" = "0".

    int i = 0;

 < 3. Condition "val >= 1024.", taking true branch

 << 4. Incrementing "i". The value of "i" is now 1.

 < 5. Condition "i++ < 6", taking true branch

 < 7. Condition "val >= 1024.", taking true branch

 < 8. Condition "i++ < 6", taking true branch

 << 9. Checking "i++ < 6" implies that "i" may be up to 6 on the true branch.

 < 11. Condition "val >= 1024.", taking true branch

 < 12. Condition "i++ < 6", taking false branch

 << 13. Checking "i++ < 6" implies that "i" is 8 on the false branch.

    while(val >= 1024. && i++<6)

 < 6. Jumping back to the beginning of the loop

 < 10. Jumping back to the beginning of the loop

302
303

        val /= 1024.;
    QString ret;

 < 14. Condition "i == 0", taking false branch

304
305
306

    if (i == 0)
        ret = QString::number((long)val) + " " + QCoreApplication::translate("misc", units[0].source, units[0].comment);
    else

 <<< CID 43714: Memory - illegal accesses OVERRUN
 <<< 15. Overrunning array "units" of 5 16-byte elements at element index 8 (byte offset 128) using index "i" (which evaluates to 8).

        ret = accurateDoubleToString(val, 1) + " " + QCoreApplication::translate("misc", units[i].source, units[i].comment);
    if (is_speed)
        ret += QCoreApplication::translate("misc", "/s", "per second");
    return ret;
}

bool misc::isPreviewable(const QString& extension)
{
    static QSet<QString> multimedia_extensions;
    if (multimedia_extensions.empty()) {
        multimedia_extensions.insert("3GP");
        multimedia_extensions.insert("AAC");
        multimedia_extensions.insert("AC3");
        multimedia_extensions.insert("AIF");
        multimedia_extensions.insert("AIFC");
        multimedia_extensions.insert("AIFF");
        multimedia_extensions.insert("ASF");
        multimedia_extensions.insert("AU");
        multimedia_extensions.insert("AVI");
        multimedia_extensions.insert("FLAC");
        multimedia_extensions.insert("FLV");
        multimedia_extensions.insert("M3U");
        multimedia_extensions.insert("M4A");
        multimedia_extensions.insert("M4P");
        multimedia_extensions.insert("M4V");
        multimedia_extensions.insert("MID");
        multimedia_extensions.insert("MKV");

Events:

	2. assignment	misc.cpp:300
	4. incr	misc.cpp:301
	9. cond_at_most	misc.cpp:301
	13. cond_const	misc.cpp:301
	15. overrun-local	misc.cpp:307

Sample of Defect

About Synopsys

Communities and resources