| Project Name | CID | Checker | Category | Developer Description |
|---|---|---|---|---|
| digiKam | 1339819 | CHECKED_RETURN | Error handling issues | This introduce severe dysfunctions in digiKam database interface which can let temp table create in DB while application is shutdown... |
30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
// Local includes #include "digikam_debug.h" #include "coredbbackend.h" namespace Digikam { CoreDbPrivilegesChecker::CoreDbPrivilegesChecker(const DbEngineParameters& parameters) { m_parameters = parameters; } CoreDbPrivilegesChecker::~CoreDbPrivilegesChecker() { } bool CoreDbPrivilegesChecker::checkPrivileges(QStringList& insufficientRights) { bool result = true; DbEngineLocking fromLocking; CoreDbBackend fromDBbackend(&fromLocking, QLatin1String("PrivilegesCheckDatabase")); |
< 1. Condition "!fromDBbackend.open(this->m_parameters)", taking false branch
54 55 56 57 |
if (!fromDBbackend.open(m_parameters)) { return false; } |
< 1. Example 1: "this->checkPriv(fromDBbackend, QString const(QLatin1String("CheckPriv_CREATE_TABLE")))" has its value checked in "this->checkPriv(fromDBbackend, QString const(QLatin1String("CheckPriv_CREATE_TABLE")))".
< 2. Condition "!this->checkPriv(fromDBbackend, QString const(QLatin1String("CheckPriv_CREATE_TABLE")))", taking true branch
59 60 61 62 |
if (!checkPriv(fromDBbackend, QLatin1String("CheckPriv_CREATE_TABLE"))) { insufficientRights.append(QLatin1String("CREATE TABLE")); result = false; |
< 3. Falling through to end of if statement
63 |
} |
< 1. Example 2: "this->checkPriv(fromDBbackend, QString const(QLatin1String("CheckPriv_ALTER_TABLE")))" has its value checked in "this->checkPriv(fromDBbackend, QString const(QLatin1String("CheckPriv_ALTER_TABLE")))".
64 65 66 67 68 |
else if (!checkPriv(fromDBbackend, QLatin1String("CheckPriv_ALTER_TABLE"))) { insufficientRights.append(QLatin1String("ALTER TABLE")); result = false; } |
< 1. Example 3: "this->checkPriv(fromDBbackend, QString const(QLatin1String("CheckPriv_CREATE_TRIGGER")))" has its value checked in "this->checkPriv(fromDBbackend, QString const(QLatin1String("CheckPriv_CREATE_TRIGGER")))".
69 70 71 72 73 |
else if (!checkPriv(fromDBbackend, QLatin1String("CheckPriv_CREATE_TRIGGER"))) { insufficientRights.append(QLatin1String("CREATE TRIGGER")); result = false; } |
< 1. Example 4: "this->checkPriv(fromDBbackend, QString const(QLatin1String("CheckPriv_DROP_TRIGGER")))" has its value checked in "this->checkPriv(fromDBbackend, QString const(QLatin1String("CheckPriv_DROP_TRIGGER")))".
74 75 76 77 78 |
else if (!checkPriv(fromDBbackend, QLatin1String("CheckPriv_DROP_TRIGGER"))) { insufficientRights.append(QLatin1String("DROP TRIGGER")); result = false; } |
< 1. Example 5: "this->checkPriv(fromDBbackend, QString const(QLatin1String("CheckPriv_DROP_TABLE")))" has its value checked in "this->checkPriv(fromDBbackend, QString const(QLatin1String("CheckPriv_DROP_TABLE")))".
79 80 81 82 83 84 85 |
else if (!checkPriv(fromDBbackend, QLatin1String("CheckPriv_DROP_TABLE"))) { insufficientRights.append(QLatin1String("DROP TABLE")); result = false; } // Try to delete this table in any case |
<<< CID 1339819: Error handling issues CHECKED_RETURN <<< 4. Calling "checkPriv" without checking return value (as is done elsewhere 5 out of 6 times).
86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 |
checkPriv(fromDBbackend, QLatin1String("CheckPriv_Cleanup")); return result; } bool CoreDbPrivilegesChecker::checkPriv(CoreDbBackend& dbBackend, const QString& dbActionName) { QMap<QString, QVariant> bindingMap; // now perform the copy action QList<QString> columnNames; BdEngineBackend::QueryState queryStateResult = dbBackend.execDBAction(dbBackend.getDBAction(dbActionName), bindingMap); if (queryStateResult != BdEngineBackend::NoErrors && dbBackend.lastSQLError().isValid() && dbBackend.lastSQLError().number() != 0) { qCDebug(DIGIKAM_COREDB_LOG) << "Core database: error while creating a trigger. Details: " << dbBackend.lastSQLError(); return false; } return true; } } // namespace Digikam |
| 1. example_checked | coredbchecker.cpp:59 | |
| 1. example_checked | coredbchecker.cpp:64 | |
| 1. example_checked | coredbchecker.cpp:69 | |
| 1. example_checked | coredbchecker.cpp:74 | |
| 1. example_checked | coredbchecker.cpp:79 | |
| 4. check_return | coredbchecker.cpp:86 |