Back to success stories

Sample of Defect

Project Name CID Checker Category Developer Description
kortemik/OpenTechBFG 35785 RESOURCE_LEAK Resource leaks Even documented "we don't need to care, I think" issue can become an issue when one does not check the background implementation. Coverity did help us find the cause for a memory hog.
File: /home/travis/build/kortemik/OpenTechBFG/neo/swf/SWF_Image.cpp 
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401

                v = ( v + 3 ) >> 2;
                
                // Allways allocate a single pixel border around the images so there won't be any edge
                // bleeds.  This can often be hidden in in the round-up to DXT size.
                if( ( v << 2 ) - pack.trueSize[i] < 2 )
                {
                        v++;
                }
                pack.allocSize[i] = v;
        }
        packImages.Append( pack );
        
        entry->material = NULL;
}

/*
========================
idSWF::JPEGTables
Reads jpeg table data, there can only be one of these in the file, and it has to come before any DefineBits tags
We don't have to worry about clearing the jpeg object because jpeglib will automagically overwrite any tables that are already set (I think?)
========================
*/
void idSWF::JPEGTables( idSWFBitStream& bitstream )
{
 
 < 1. Condition "bitstream->Length() == 0", taking false branch
402
403
404
405
406
407

        if( bitstream.Length() == 0 )
        {
                // no clue why this happens
                return;
        }
        int width, height;
 
 << 2. Storage is returned from allocation function "Load".
 <<< CID 35785: Resource leaks RESOURCE_LEAK
 <<< 3. Ignoring storage allocated by "this->jpeg.Load(bitstream->ReadData(bitstream->Length()), bitstream->Length(), width, height)" leaks it.
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433

        jpeg.Load( bitstream.ReadData( bitstream.Length() ), bitstream.Length(), width, height );
}

/*
========================
idSWF::DefineBits
Reads a partial jpeg image, using the tables set by the JPEGTables tag
========================
*/
void idSWF::DefineBits( idSWFBitStream& bitstream )
{
        uint16 characterID = bitstream.ReadU16();
        
        int jpegSize = bitstream.Length() - sizeof( uint16 );
        
        int width, height;
        byte* imageData = jpeg.Load( bitstream.ReadData( jpegSize ), jpegSize, width, height );
        if( imageData == NULL )
        {
                return;
        }
        
        LoadImage( characterID, imageData, width, height );
        
        Mem_Free( imageData );
}
Events:
2. alloc_fn SWF_Image.cpp:408
3. leaked_storage SWF_Image.cpp:408

About Synopsys

Communities and resources