Bug 690130 - Possible problems found by static analysis of code
Summary: Possible problems found by static analysis of code
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: cups
Version: rawhide
Hardware: All
OS: Linux
medium
low
Target Milestone: ---
Assignee: Tim Waugh
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-03-23 12:11 UTC by Jiri Popelka
Modified: 2011-06-01 15:12 UTC (History)
4 users (show)

Fixed In Version: cups-1.4.6-15.fc15
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-04-29 13:03:19 UTC
Type: ---

Attachments (Terms of Use)
avahi.patch fixes (1.17 KB, text/plain)
2011-03-23 12:25 UTC, Jiri Popelka 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
CUPS Bugs and Features 3838 0 None None None Never

Description Jiri Popelka 2011-03-23 12:11:04 UTC 
Description of problem:
Static analysis of cups code with/without applied patches discovered
some possible problems in the code.
However I haven't found anything serious yet so the Severity is set to low.

I'm going to attach fixes with comments.

Version-Release number of selected component (if applicable):
cups-1.4.6-13.fc16


Additional info:
This time I was checking only problems added by our patches.
Next time I'm going to look at problems in upstream code,
so please leave this bug open. I'll close it when I finish it.
Comment 1 Jiri Popelka 2011-03-23 12:25:21 UTC 
Created attachment 487022 [details]
avahi.patch fixes

- initialize variable 'i' to make sure we don't dereference null variable 'elements'
- fix possible resource leak
Comment 2 Jiri Popelka 2011-03-23 12:31:19 UTC 
Created attachment 487024 [details]
lspp.patch fixes

- check return value of avc_context_to_sid()
- make the code more portable
Comment 3 Jiri Popelka 2011-03-23 12:36:48 UTC 
Created attachment 487026 [details]
icc.patch fix

- removed dead code: value of 'attr' is always 0(null) on this line
Comment 4 Tim Waugh 2011-03-23 14:43:57 UTC 
(In reply to comment #1)
> Created attachment 487022 [details]
> avahi.patch fixes

Thanks, I've updated the upstream patch in STR #3066.
Comment 5 Tim Waugh 2011-03-23 14:44:55 UTC 
(In reply to comment #2)
> Created attachment 487024 [details]
> lspp.patch fixes

Looks good.
Comment 6 Tim Waugh 2011-03-23 14:48:39 UTC 
(In reply to comment #3)
> Created attachment 487026 [details]
> icc.patch fix
> 
> - removed dead code: value of 'attr' is always 0(null) on this line

Hmm, I think attr ought to be the "DefaultColorSpace" attribute, if present, here.  CCing Richard for confirmation...
Comment 7 Richard Hughes 2011-03-24 10:50:06 UTC 
(In reply to comment #6)
> Hmm, I think attr ought to be the "DefaultColorSpace" attribute, if present,
> here.  CCing Richard for confirmation...

Yup, that patch makes sense, please apply it to rawhide. I'll do a more complete fix upstream. Thanks.

Richard.
Comment 12 Jiri Popelka 2011-04-29 13:03:19 UTC 
Problems in our patches have been fixed in cups-1.4.6-15.fc15

Patches fixing problems in upstream code were sent upstream so I'm closing this as UPSTREAM.
Comment 13 Jiri Popelka 2011-06-01 15:12:39 UTC 
Just a note that the upstream reported problems have been fixed in CUPS 1.5
Note You need to log in before you can comment on or make changes to this bug.