00:11.16 |
CIA-128 |
BRL-CAD: 03brlcad * r50094
10/brlcad/trunk/src/libbu/badmagic.c: refactor a few lines so
there's just one call to bu_bomb() |
00:32.06 |
*** join/#brlcad jbschw
(183b1a66@gateway/web/freenode/ip.24.59.26.102) |
00:36.19 |
CIA-128 |
BRL-CAD: 03brlcad * r50095
10/brlcad/trunk/src/librt/primitives/nmg/nmg_inter.c: check fu1 and
fu2 for null to quell CID 249. false-positive, but good to handle
make explicit anyways. |
00:44.42 |
CIA-128 |
BRL-CAD: 03brlcad * r50096
10/brlcad/trunk/src/libged/put_comb.c: make sure we don't
dereference a null directory pointer. should fix forward_null
defect from cid 298. |
00:52.20 |
CIA-128 |
BRL-CAD: 03brlcad * r50097
10/brlcad/trunk/src/librt/primitives/extrude/extrude.c: make sure
we don't dereference a null outer_loop pointer. detected by
coverity forward_null check, cid 302. |
00:57.26 |
CIA-128 |
BRL-CAD: 03brlcad * r50098
10/brlcad/trunk/src/librt/primitives/nmg/nmg.c: unclear what it
means to have a null shell at this point, so just make sure we
don't dereference one instead of returning error. should fix
coverity forward_null defect, cid 304. |
01:02.22 |
CIA-128 |
BRL-CAD: 03brlcad * r50099
10/brlcad/trunk/src/librt/primitives/pipe/pipe.c: big ws messy
cleanup. |
01:08.19 |
CIA-128 |
BRL-CAD: 03brlcad * r50100
10/brlcad/trunk/src/librt/primitives/pipe/pipe.c: make sure we
don't dereference a null pp3 pointer if we're near the end of the
point list. check if we're on the last segment before skipping to
the next point. should fix coverity cid 305 forward_null
defect. |
01:39.04 |
CIA-128 |
BRL-CAD: 03n_reed * r50101 10/brlcad/trunk/
(regress/CMakeLists.txt src/other/perplex.dist): ignore some
files |
01:51.10 |
CIA-128 |
BRL-CAD: 03brlcad * r50102
10/brlcad/trunk/src/librt/vshoot.c: |
01:51.10 |
CIA-128 |
BRL-CAD: make sure HeadSeg isn't null before
we go dereferencing it to free segments. |
01:51.10 |
CIA-128 |
BRL-CAD: can't push the check up into
RT_FREE_SEG_LIST() because not all list heads are |
01:51.10 |
CIA-128 |
BRL-CAD: pointers (which would provoke a
warning that a check is always true). fixes a |
01:51.10 |
CIA-128 |
BRL-CAD: coverity forward_null defect, cid
308. |
02:17.59 |
CIA-128 |
BRL-CAD: 03brlcad * r50103
10/brlcad/trunk/include/bu.h: |
02:17.59 |
CIA-128 |
BRL-CAD: if we cast the pointer and the head
pointer, we will avoid a pointer-type |
02:17.59 |
CIA-128 |
BRL-CAD: mismatch if someone happens to use a
non bu_list type. arguably an error, but |
02:17.59 |
CIA-128 |
BRL-CAD: there's nothing that technically
requires the head pointer actually be a bu_list |
02:17.59 |
CIA-128 |
BRL-CAD: struct. that change lets us fix
BU_LIST_FOR_CIRC() which was being used in nmg |
02:18.00 |
CIA-128 |
BRL-CAD: code with non-bu types. |
02:22.34 |
CIA-128 |
BRL-CAD: 03brlcad * r50104
10/brlcad/trunk/src/proc-db/vegetation.c: make my old code match
current project style conventions |
02:49.00 |
CIA-128 |
BRL-CAD: 03brlcad * r50105
10/brlcad/trunk/src/proc-db/vegetation.c: looks like coverity
caught another memory management bug. we were wiping out the plant
structure when the code was supposed to be initializing this point.
should fix coverity forward_null cid 316 issue. |
03:02.27 |
CIA-128 |
BRL-CAD: 03brlcad * r50106
10/brlcad/trunk/NEWS: the vegitation memory corruption should be
user visible. detected by coverity and fixed by initializing the
right pointer. |
03:12.39 |
*** join/#brlcad bhinesley
(~bhinesley@adsl-108-79-235-86.dsl.bkfd14.sbcglobal.net) |
04:22.38 |
*** join/#brlcad stevegt_
(~stevegt@c-69-181-134-76.hsd1.ca.comcast.net) |
04:22.43 |
CIA-128 |
BRL-CAD: 03brlcad * r50107
10/brlcad/trunk/src/conv/intaval/write_brl.cpp: |
04:22.43 |
CIA-128 |
BRL-CAD: convert the array index into an
explicit case where we manually wrap around. |
04:22.43 |
CIA-128 |
BRL-CAD: this should overflow and underflow
reports from coverity and makes the intent |
04:22.43 |
CIA-128 |
BRL-CAD: hopefully a little more clear that
this is some sort of wrapping convolution. |
04:22.43 |
CIA-128 |
BRL-CAD: 'should' preserve existing behavior
but warrants testing (anyone have a tgf |
04:22.44 |
CIA-128 |
BRL-CAD: handy?) since it's prime for an
off-by-one error. cid 323. |
04:31.41 |
CIA-128 |
BRL-CAD: 03brlcad * r50108
10/brlcad/trunk/TODO: fixed an overflow and underflow issue that
'should' preserve existing behavior but warrants testing (anyone
have a tgf handy?) since it's prime for an off-by-one error. cid
323. |
04:32.18 |
CIA-128 |
BRL-CAD: 03brlcad * r50109
10/brlcad/trunk/src/conv/intaval/write_brl.cpp: add missing
semi-colons. |
04:41.05 |
CIA-128 |
BRL-CAD: 03brlcad * r50110
10/brlcad/trunk/src/conv/intaval/write_brl.cpp: style
consistency |
04:57.46 |
CIA-128 |
BRL-CAD: 03brlcad * r50111
10/brlcad/trunk/src/anim/anim_hardtrack.c: carl didn't document why
he made num_wheels initialize to -1 but it will result in a
negative memory allocation if the stream scan fails. reported by
negative_returns coverity check, cid 370 |
05:03.26 |
CIA-128 |
BRL-CAD: 03brlcad * r50112
10/brlcad/trunk/src/anim/anim_track.c: same issue as anim_hardtrack
(looks to be a functional code merge). init to -1 is problematic.
untested, but go back to zero. cid 371. |
05:26.16 |
CIA-128 |
BRL-CAD: 03brlcad * r50113
10/brlcad/trunk/src/fb/gif-fb.c: convert to libbu memory
management, tidy up |
05:48.39 |
CIA-128 |
BRL-CAD: 03brlcad * r50114
10/brlcad/trunk/src/fb/gif-fb.c: check a range in order to
'untaint' the parsed input data. should fix coverity tainted_scalar
cid 1474. |
05:50.49 |
CIA-128 |
BRL-CAD: 03brlcad * r50115
10/brlcad/trunk/src/fb/gif-fb.c: another tainted_scalar, cid 1474,
for background. |
05:59.38 |
*** join/#brlcad bhinesley
(~bhinesley@108.220.116.134) |
06:10.15 |
CIA-128 |
BRL-CAD: 03brlcad * r50116
10/brlcad/trunk/src/gtools/remapid.c: range-check the last
component value to quell a tainted_scalar coverity check, cid
1476. |
06:16.38 |
CIA-128 |
BRL-CAD: 03brlcad * r50117
10/brlcad/trunk/src/halftone/sharpen.c: stash the buffer value
before using it as an index so we can range check it. should quell
tainted_scalar report, cid 1477. |
06:23.12 |
*** join/#brlcad andrei_
(~andrei_@86.123.124.39) |
06:33.04 |
CIA-128 |
BRL-CAD: 03brlcad * r50118
10/brlcad/trunk/src/halftone/sharpen.c: another set of
tainted_scalar issues, cid 1477. |
06:37.15 |
andrei_ |
hello |
06:37.59 |
andrei_ |
sorry for the absence, visited my parents this
easter, I ll get home today and I ll try to catch up :) |
06:54.46 |
*** join/#brlcad jordisayol
(~jordisayo@unaffiliated/jordisayol) |
06:56.25 |
CIA-128 |
BRL-CAD: 03brlcad * r50119
10/brlcad/trunk/src/irprep/irdisp.c: check the range of inputs
after scanf, should address tainted_scalar from cid 1479. |
06:58.45 |
CIA-128 |
BRL-CAD: 03brlcad * r50120
10/brlcad/trunk/src/sig/fhor.c: check the range of inputs after
atoi, should address tainted_scalar from cid 1490. |
07:11.01 |
CIA-128 |
BRL-CAD: 03brlcad * r50121
10/brlcad/trunk/src/sig/ihist.c: initialize memory and range check
zerop index. cov cid 1491. |
07:20.30 |
CIA-128 |
BRL-CAD: 03brlcad * r50122
10/brlcad/trunk/src/sig/imod.c: check range of tainted array index
before use. cov cid 1492. |
07:34.06 |
CIA-128 |
BRL-CAD: 03brlcad * r50123
10/brlcad/trunk/src/sig/smod.c: range check the iobuf index. cov
cid 1493. |
07:37.17 |
*** join/#brlcad Al_Da_Best
(~Al_Da_Bes@elvyn-248-109.halls.student.lut.ac.uk) |
07:43.59 |
CIA-128 |
BRL-CAD: 03brlcad * r50124
10/brlcad/trunk/src/sig/syn.c: check the upper bounds too.
hopefully clears tainted_scalar cid 1494. |
07:47.08 |
CIA-128 |
BRL-CAD: 03brlcad * r50125
10/brlcad/trunk/src/sig/syn.c: more bounds checking |
07:55.05 |
*** join/#brlcad stas
(~stas@188.24.35.114) |
08:04.40 |
CIA-128 |
BRL-CAD: 03brlcad * r50126
10/brlcad/trunk/src/sig/umod.c: add some range checks to quell cid
1495. |
08:09.59 |
*** join/#brlcad Jak_o_Shadows
(~Fake@unaffiliated/jak-o-shadows/x-0479135) |
08:18.37 |
*** join/#brlcad Neil___
(~chatzilla@117.229.24.10) |
09:18.21 |
brlcad |
and that's all of them ... starting run11
now |
12:30.58 |
*** join/#brlcad Neil___
(~chatzilla@117.229.99.11) |
14:36.20 |
CIA-128 |
BRL-CAD: 03starseeker * r50127
10/brlcad/trunk/src/util/CMakeLists.txt: make pc_test logic more
robust |
14:44.18 |
brlcad |
lovely .. half as many as before, but back up
to over a hundred with the new scan (more than 3/4 were thought to
have been resolved) |
15:51.43 |
CIA-128 |
BRL-CAD: 03brlcad * r50128
10/brlcad/trunk/src/librt/shoot.c: yet another attempt at quelling
cid 98, array_vs_singleton. since the other assertion is that
lastcell is a nugridnode, test for it before blindly using it for
cutp iteration. |
16:06.55 |
CIA-128 |
BRL-CAD: 03brlcad * r50129
10/brlcad/trunk/src/librt/primitives/nmg/nmg_inter.c: hit_v cannot
be null here, revert 49986. (cid 169) |
16:11.44 |
CIA-128 |
BRL-CAD: 03brlcad * r50130
10/brlcad/trunk/src/irprep/secpass.c: join the second typeout
comparison with an if/else since both can't be true. add some
bounds tests on the tainted input too. cid 180. |
16:20.09 |
CIA-128 |
BRL-CAD: 03brlcad * r50131
10/brlcad/trunk/src/irprep/secpass.c: massive ws style cleanup,
eliminate dead comment code, remove authorship and editing history
comments. |
16:39.12 |
CIA-128 |
BRL-CAD: 03brlcad * r50132
10/brlcad/trunk/src/librt/search.c: |
16:39.13 |
CIA-128 |
BRL-CAD: vastly simplify the logic by just
checking what we need piecewise. reduces |
16:39.13 |
CIA-128 |
BRL-CAD: about 50 lines to 15. hopefully
addresses the deadcode condition being reported |
16:39.13 |
CIA-128 |
BRL-CAD: in cid 212 due to the now-singular
path through the if/else cases. |
16:57.24 |
CIA-128 |
BRL-CAD: 03starseeker * r50133
10/brlcad/trunk/src/rt/rtexample.c: initialize cur with
RT_CURVATURE_INIT_ZERO - hopefully will address CID 1615 |
17:09.39 |
CIA-128 |
BRL-CAD: 03starseeker * r50134
10/brlcad/trunk/src/vfont/getfont.c: Make a stab at resolving CID
1613 |
17:09.59 |
*** join/#brlcad Neil___
(~chatzilla@117.229.62.189) |
17:20.44 |
CIA-128 |
BRL-CAD: 03brlcad * r50135 10/brlcad/trunk/
(include/raytrace.h src/librt/db5_io.c): change some of the
sanity/bounds checks during object reads to ensure we don't
overflow/underflow (cid 322). change db5_decode_length() to return
a size_t since the value is always a sizeof size. |
17:36.09 |
CIA-128 |
BRL-CAD: 03brlcad * r50136
10/brlcad/trunk/src/conv/ply-g.c: already quelled cid 325
(integer_overflow), but can we fake it out? it's not an integer, so
maybe using a double temp might make that clear. |
17:48.22 |
CIA-128 |
BRL-CAD: 03brlcad * r50137
10/brlcad/trunk/src/liboptical/sh_toyota.c: probably wont fix the
overflow issues but should pinpoint how many coverity is
detecting. |
17:57.41 |
*** join/#brlcad merzo
(~merzo@11-122-132-95.pool.ukrtel.net) |
18:08.35 |
CIA-128 |
BRL-CAD: 03brlcad * r50138 10/brlcad/trunk/ (4
files in 2 dirs): the 'syn' sine synthesis tool is incurring a
maintenance cost with no expressed benefit, remove it as obsolete.
overflow/underflow issues in coverity, crashes on simple testing,
tainted inputs, and more |
18:13.13 |
CIA-128 |
BRL-CAD: 03brlcad * r50139
10/brlcad/trunk/src/util/sun-pix.c: looks like cid 332 is caused by
use of unsigned long instead of the implicit uint32_t type it's
using it as. change getlong() to return 32-bit type so we hopefully
avoid all truncation propagation. |
18:18.07 |
CIA-128 |
BRL-CAD: 03brlcad * r50140
10/brlcad/trunk/src/librt/db_scan.c: make sure we don't try to
fseek to a negative address if ftell() fails. just assume rewind
worked and scan from position 0. |
18:34.51 |
CIA-128 |
BRL-CAD: 03brlcad * r50141
10/brlcad/trunk/src/util/sun-pix.c: non-lib private functions
should be static |
20:03.15 |
*** join/#brlcad stevegt_
(~stevegt@cislunar.TerraLuna.Org) |
20:13.00 |
CIA-128 |
BRL-CAD: 03brlcad * r50142
10/brlcad/trunk/src/librt/comb/comb.c: cast and set to temp outside
of the function call to quell false-positive negative_retursn
warning (cid 384) |
20:20.32 |
CIA-128 |
BRL-CAD: 03brlcad * r50143
10/brlcad/trunk/src/librt/primitives/arb8/arb8.c: subtract using
the first arb symbol, not by the current value of that symbol
hardcoded |
20:22.22 |
CIA-128 |
BRL-CAD: 03brlcad * r50144
10/brlcad/trunk/src/librt/primitives/arb8/arb8.c: try to quell the
warning by using a temporary |
20:37.14 |
CIA-128 |
BRL-CAD: 03brlcad * r50145
10/brlcad/trunk/src/libged/wdb_vdraw.c: be explicit with the check
to make sure we don't exceed BN_VLIST_CHUNK, responding to cid 420
OVERRUN_STATIC check. note cmd[i+1] so we have to stop one less
than the capacity. |
20:41.12 |
CIA-128 |
BRL-CAD: 03brlcad * r50146
10/brlcad/trunk/src/libged/wdb_vdraw.c: oops, list is decreasing,
so leave off the check |
20:45.36 |
CIA-128 |
BRL-CAD: 03brlcad * r50147
10/brlcad/trunk/src/libged/vdraw.c: |
20:45.36 |
CIA-128 |
BRL-CAD: do the same to the non-wdb version of
vdraw. note that this looks like it was a |
20:45.36 |
CIA-128 |
BRL-CAD: bonefide vlist off-by-one issue since
it was shifting cmd values down from +1 |
20:45.36 |
CIA-128 |
BRL-CAD: and +1 could exceed BN_VLIST_CHUNK.
perhaps related to some of the wireframe |
20:45.36 |
CIA-128 |
BRL-CAD: instability. |
20:48.06 |
CIA-128 |
BRL-CAD: 03brlcad * r50148
10/brlcad/trunk/src/librt/opennurbs_ext.cpp: fix a couple memory
leaks detected by coverity, cid 488. |
21:08.05 |
CIA-128 |
BRL-CAD: 03brlcad * r50149
10/brlcad/trunk/src/libged/tree.c: if multiple -o arguments are
given, it'll clobber the existing fdout. detected by RESOURCE_LEAK
check, cid 498. |
21:13.34 |
CIA-128 |
BRL-CAD: 03brlcad * r50150
10/brlcad/trunk/src/libfb/fbserv_obj.c: check for null buffer since
we use it. REVERSE_INULL check cid 545. |
21:15.27 |
CIA-128 |
BRL-CAD: 03brlcad * r50151
10/brlcad/trunk/src/conv/jack/g-jack.c: write alloc size. int not
pointer. SIZEOF_MISMATCH cid 1264 |
21:17.44 |
CIA-128 |
BRL-CAD: 03brlcad * r50152
10/brlcad/trunk/src/mged/animedit.c: another wrong malloc sizeof()
detected, cid 1271 |
21:43.14 |
CIA-128 |
BRL-CAD: 03brlcad * r50153
10/brlcad/trunk/src/bwish/input.c: Try a different way to validated
the tainted buffer from read(). check the bounds being used. cid
1461. |
22:04.31 |
CIA-128 |
BRL-CAD: 03brlcad * r50154
10/brlcad/trunk/src/conv/ply-g.c: bounds-check vcount since it's
tainted. cid 1471 |
22:09.06 |
CIA-128 |
BRL-CAD: 03brlcad * r50155
10/brlcad/trunk/src/fb/fbanim.c: quell coverity cid 1473, since it
doesn't seem to notice that bu_exit() never returns. |
22:13.13 |
CIA-128 |
BRL-CAD: 03brlcad * r50156
10/brlcad/trunk/src/fb/gif2fb.c: we're in main() so just return
when we're preceeded by a printing statement. should quell cid
1475. |
22:20.50 |
brlcad |
about a third done with the ones remaining in
run11 |
22:22.02 |
starseeker |
can Coverity give us a clue on what we have to
do to reliably clear the tainted scalar issues? |
22:23.34 |
starseeker |
bwish/input.c:134: error: comparison is always
false due to limited range of data type |
22:29.48 |
brlcad |
it has been, not sure what you mean |
22:29.51 |
CIA-128 |
BRL-CAD: 03brlcad * r50157
10/brlcad/trunk/src/bwish/input.c: increase the range so the check
isn't always true where char are unsigned |
22:30.01 |
brlcad |
we woulen't be down to just a few remaining if
they weren't getting cleared |
22:31.01 |
brlcad |
they're mostly all fixed now -- there's only
like three that came back |
22:31.14 |
brlcad |
and that's just because coverity doesn't
realize bu_exit() never returns |
22:37.09 |
brlcad |
easy enough to convert them to
return |
22:38.17 |
starseeker |
ah - k |
22:54.01 |
CIA-128 |
BRL-CAD: 03n_reed * r50158
10/brlcad/trunk/src/ (464 files in 14 dirs): Apply SCL git d6d7c48
changes. SCLP23 macros replaced with simple SDAI_ prefix. |
23:25.50 |
brlcad |
nice n_reed! |
23:26.04 |
brlcad |
that was a monster of a merge |
23:32.21 |
*** join/#brlcad Stattrav_
(~Stattrav@61.12.114.82) |
23:40.56 |
n_reed |
PITA is what it was |
23:41.12 |
brlcad |
:) |
23:47.08 |
starseeker |
confirms step-g works as well
on openbook part d as it was prior to the merge -
nice |