[Spice-commits] 5 commits - gtk/channel-cursor.c gtk/controller gtk/spice-util.c
Christophe Fergau
teuf at kemper.freedesktop.org
Tue Jan 7 04:58:50 PST 2014
gtk/channel-cursor.c | 4 ++--
gtk/controller/test.c | 20 ++++++++++++--------
gtk/spice-util.c | 2 +-
3 files changed, 15 insertions(+), 11 deletions(-)
New commits:
commit 41092a33eb6e3c364a66d7e231646e7cb3f95289
Author: Christophe Fergeau <cfergeau at redhat.com>
Date: Fri Jan 3 21:04:52 2014 +0100
Use local GError in spice_convert_newlines()
spice_convert_newlines() declares a local 'err' GError but never uses it as
the function directly uses the 'error' variable passed as an argument.
Use 'err' throughout the function instead of the 'error' argument as this
looks like what was intended.
This fixes this coverity warning:
Error: DEADCODE (CWE-561): [#def144]
spice-gtk-0.22.9-fb3d/spice-gtk3-0.22.9/gtk/spice-util.c:318: assignment: Assigning: "err" = "NULL".
spice-gtk-0.22.9-fb3d/spice-gtk3-0.22.9/gtk/spice-util.c:364: null: At condition "err", the value of "err" must be NULL.
spice-gtk-0.22.9-fb3d/spice-gtk3-0.22.9/gtk/spice-util.c:364: dead_error_condition: The condition "err" cannot be true.
spice-gtk-0.22.9-fb3d/spice-gtk3-0.22.9/gtk/spice-util.c:365: dead_error_begin: Execution cannot reach this statement "g_propagate_error(error, err);".
diff --git a/gtk/spice-util.c b/gtk/spice-util.c
index 1f35629..4d26a30 100644
--- a/gtk/spice-util.c
+++ b/gtk/spice-util.c
@@ -345,7 +345,7 @@ static gchar* spice_convert_newlines(const gchar *str, gssize len,
output = g_string_sized_new(len * 2 + 1);
for (i = 0; i < len; i += length + nl) {
- length = get_line(str + i, len - i, from, &nl, error);
+ length = get_line(str + i, len - i, from, &nl, &err);
if (length < 0)
break;
commit f81d6f17ba1e217a1435dc2d99c5335288c50bdb
Author: Christophe Fergeau <cfergeau at redhat.com>
Date: Fri Jan 3 19:42:00 2014 +0100
controller: Don't call g_type_init() in test with newer glib
g_type_init() is deprecated, calling it on newer glib causes a compile-time
warning.
diff --git a/gtk/controller/test.c b/gtk/controller/test.c
index c7ae8f0..851f237 100644
--- a/gtk/controller/test.c
+++ b/gtk/controller/test.c
@@ -214,7 +214,9 @@ int main (int argc, char *argv[])
ControllerValue msg;
ssize_t read;
+#if !GLIB_CHECK_VERSION(2,36,0)
g_type_init ();
+#endif
ctrl = spice_ctrl_controller_new ();
loop = g_main_loop_new (NULL, FALSE);
g_signal_connect (ctrl, "notify", G_CALLBACK (notified), NULL);
commit b05d1c75abc956ef413035c4d7878567b15a82fc
Author: Christophe Fergeau <cfergeau at redhat.com>
Date: Fri Jan 3 19:41:03 2014 +0100
controller: Add missing #ifdef WIN32 in test
The spicec_pid variable is only used in a #ifdef WIN32 block, but it was
unconditionnally declared/initialized. This causes a gcc warning.
diff --git a/gtk/controller/test.c b/gtk/controller/test.c
index dffc7af..c7ae8f0 100644
--- a/gtk/controller/test.c
+++ b/gtk/controller/test.c
@@ -205,7 +205,9 @@ void connect_signals (gpointer obj)
int main (int argc, char *argv[])
{
+#ifdef WIN32
int spicec_pid = (argc > 1 ? atoi (argv[1]) : 0);
+#endif
char* host = (argc > 2 ? argv[2] : (char*)HOST);
int port = (argc > 3 ? atoi (argv[3]) : PORT);
char pipe_name[PIPE_NAME_MAX_LEN];
commit edc203cd3704710a65e4782f4eef7321004dc56d
Author: Christophe Fergeau <cfergeau at redhat.com>
Date: Fri Jan 3 19:23:43 2014 +0100
controller: Avoid out of string bound accesses in test
When computing the amount of data to send for static strings, the test
program is confusing sizeof() which returns the size of the string
including the trailing '\0' and strlen() which returns the size of the
string without the trailing '\0'.
This causes attempts to access one byte past the string.
This fixes this coverity warning:
Error: OVERRUN (CWE-119): [#def44]
spice-gtk-0.20/spice-gtk-0.20/gtk/controller/test.c:258:
overrun-buffer-arg: Overrunning array ""main,inputs,playback"" of 21 bytes
by passing it to a function which accesses it at byte offset 21 using
argument "22UL".
spice-gtk-0.20/spice-gtk-0.20/gtk/controller/test.c:101:5:
access_dbuff_in_call: Calling "memcpy(void * restrict, void const *
restrict, size_t)" indexes array "data" with index "data_size".
diff --git a/gtk/controller/test.c b/gtk/controller/test.c
index 289ffb8..dffc7af 100644
--- a/gtk/controller/test.c
+++ b/gtk/controller/test.c
@@ -254,15 +254,15 @@ int main (int argc, char *argv[])
send_data (CONTROLLER_HOST, (uint8_t*)host, strlen(host) + 1);
send_value (CONTROLLER_PORT, port);
send_value (CONTROLLER_SPORT, SPORT);
- send_data (CONTROLLER_PASSWORD, (uint8_t*)PWD, sizeof(PWD) + 1);
- send_data (CONTROLLER_SECURE_CHANNELS, (uint8_t*)SECURE_CHANNELS, sizeof(SECURE_CHANNELS) + 1);
- send_data (CONTROLLER_DISABLE_CHANNELS, (uint8_t*)DISABLED_CHANNELS, sizeof(DISABLED_CHANNELS) + 1);
+ send_data (CONTROLLER_PASSWORD, (uint8_t*)PWD, strlen(PWD) + 1);
+ send_data (CONTROLLER_SECURE_CHANNELS, (uint8_t*)SECURE_CHANNELS, strlen(SECURE_CHANNELS) + 1);
+ send_data (CONTROLLER_DISABLE_CHANNELS, (uint8_t*)DISABLED_CHANNELS, strlen(DISABLED_CHANNELS) + 1);
send_data (CONTROLLER_TLS_CIPHERS, (uint8_t*)TLS_CIPHERS, sizeof(TLS_CIPHERS) + 1);
- send_data (CONTROLLER_CA_FILE, (uint8_t*)CA_FILE, sizeof(CA_FILE) + 1);
- send_data (CONTROLLER_HOST_SUBJECT, (uint8_t*)HOST_SUBJECT, sizeof(HOST_SUBJECT) + 1);
- send_data (CONTROLLER_SET_TITLE, (uint8_t*)TITLE, sizeof(TITLE) + 1);
- send_data (CONTROLLER_HOTKEYS, (uint8_t*)HOTKEYS, sizeof(HOTKEYS) + 1);
- send_data (CONTROLLER_CREATE_MENU, (uint8_t*)MENU, sizeof(MENU));
+ send_data (CONTROLLER_CA_FILE, (uint8_t*)CA_FILE, strlen(CA_FILE) + 1);
+ send_data (CONTROLLER_HOST_SUBJECT, (uint8_t*)HOST_SUBJECT, strlen(HOST_SUBJECT) + 1);
+ send_data (CONTROLLER_SET_TITLE, (uint8_t*)TITLE, strlen(TITLE) + 1);
+ send_data (CONTROLLER_HOTKEYS, (uint8_t*)HOTKEYS, strlen(HOTKEYS) + 1);
+ send_data (CONTROLLER_CREATE_MENU, (uint8_t*)MENU, strlen(MENU));
send_value (CONTROLLER_FULL_SCREEN, /*CONTROLLER_SET_FULL_SCREEN |*/ CONTROLLER_AUTO_DISPLAY_RES);
commit 2db60b95d84f884c125e7d78a3385c257c330305
Author: Christophe Fergeau <cfergeau at redhat.com>
Date: Fri Jan 3 19:18:54 2014 +0100
cursor: Avoid potential sign extension issue
When doing arithmetic operations on the uint16_t cursor width and height
with integer constants, the result of the operation will be of type 'int'
as the integer constant as type 'int'.
There are 2 places which assign the result of such an operation to
an (unsigned 64 bit)) size_t variable. This means that if width/height are
big enough, the int -> size_t conversion would cause a sign extension to
happen, which is unwanted as we are only manipulating positive values.
This commit explicitly mark the constants with the correct unsigned type.
This fixes this kind of coverity warnings:
spice-gtk-0.20/spice-gtk-0.20/gtk/channel-cursor.c:388: sign_extension:
Suspicious implicit sign extension: "hdr->height" with type "unsigned
short" (16 bits, unsigned) is promoted in "4 * hdr->width * hdr->height" to
type "int" (32 bits, signed), then sign-extended to type "unsigned long"
(64 bits, unsigned). If "4 * hdr->width * hdr->height" is greater than
0x7FFFFFFF, the upper bits of the result will all be 1.
diff --git a/gtk/channel-cursor.c b/gtk/channel-cursor.c
index e056b30..d33b90a 100644
--- a/gtk/channel-cursor.c
+++ b/gtk/channel-cursor.c
@@ -366,7 +366,7 @@ static display_cursor *set_cursor(SpiceChannel *channel, SpiceCursor *scursor)
g_return_val_if_fail(scursor->data_size != 0, NULL);
- size = 4 * hdr->width * hdr->height;
+ size = 4u * hdr->width * hdr->height;
cursor = spice_malloc(sizeof(*cursor) + size);
cursor->hdr = *hdr;
cursor->default_cursor = FALSE;
@@ -404,7 +404,7 @@ static display_cursor *set_cursor(SpiceChannel *channel, SpiceCursor *scursor)
}
break;
case SPICE_CURSOR_TYPE_COLOR4:
- size = (SPICE_ALIGN(hdr->width, 2) / 2) * hdr->height;
+ size = ((unsigned int)(SPICE_ALIGN(hdr->width, 2) / 2)) * hdr->height;
for (i = 0; i < hdr->width * hdr->height; i++) {
pix_mask = get_pix_mask(data, size + (sizeof(uint32_t) << 4), i);
int idx = (i & 1) ? (data[i >> 1] & 0x0f) : ((data[i >> 1] & 0xf0) >> 4);
More information about the Spice-commits
mailing list