| 00:11.16 | CIA-128 | BRL-CAD: 03brlcad * r50094 10/brlcad/trunk/src/libbu/badmagic.c: refactor a few lines so there's just one call to bu_bomb() |
| 00:32.06 | *** join/#brlcad jbschw (183b1a66@gateway/web/freenode/ip.24.59.26.102) | |
| 00:36.19 | CIA-128 | BRL-CAD: 03brlcad * r50095 10/brlcad/trunk/src/librt/primitives/nmg/nmg_inter.c: check fu1 and fu2 for null to quell CID 249. false-positive, but good to handle make explicit anyways. |
| 00:44.42 | CIA-128 | BRL-CAD: 03brlcad * r50096 10/brlcad/trunk/src/libged/put_comb.c: make sure we don't dereference a null directory pointer. should fix forward_null defect from cid 298. |
| 00:52.20 | CIA-128 | BRL-CAD: 03brlcad * r50097 10/brlcad/trunk/src/librt/primitives/extrude/extrude.c: make sure we don't dereference a null outer_loop pointer. detected by coverity forward_null check, cid 302. |
| 00:57.26 | CIA-128 | BRL-CAD: 03brlcad * r50098 10/brlcad/trunk/src/librt/primitives/nmg/nmg.c: unclear what it means to have a null shell at this point, so just make sure we don't dereference one instead of returning error. should fix coverity forward_null defect, cid 304. |
| 01:02.22 | CIA-128 | BRL-CAD: 03brlcad * r50099 10/brlcad/trunk/src/librt/primitives/pipe/pipe.c: big ws messy cleanup. |
| 01:08.19 | CIA-128 | BRL-CAD: 03brlcad * r50100 10/brlcad/trunk/src/librt/primitives/pipe/pipe.c: make sure we don't dereference a null pp3 pointer if we're near the end of the point list. check if we're on the last segment before skipping to the next point. should fix coverity cid 305 forward_null defect. |
| 01:39.04 | CIA-128 | BRL-CAD: 03n_reed * r50101 10/brlcad/trunk/ (regress/CMakeLists.txt src/other/perplex.dist): ignore some files |
| 01:51.10 | CIA-128 | BRL-CAD: 03brlcad * r50102 10/brlcad/trunk/src/librt/vshoot.c: |
| 01:51.10 | CIA-128 | BRL-CAD: make sure HeadSeg isn't null before we go dereferencing it to free segments. |
| 01:51.10 | CIA-128 | BRL-CAD: can't push the check up into RT_FREE_SEG_LIST() because not all list heads are |
| 01:51.10 | CIA-128 | BRL-CAD: pointers (which would provoke a warning that a check is always true). fixes a |
| 01:51.10 | CIA-128 | BRL-CAD: coverity forward_null defect, cid 308. |
| 02:17.59 | CIA-128 | BRL-CAD: 03brlcad * r50103 10/brlcad/trunk/include/bu.h: |
| 02:17.59 | CIA-128 | BRL-CAD: if we cast the pointer and the head pointer, we will avoid a pointer-type |
| 02:17.59 | CIA-128 | BRL-CAD: mismatch if someone happens to use a non bu_list type. arguably an error, but |
| 02:17.59 | CIA-128 | BRL-CAD: there's nothing that technically requires the head pointer actually be a bu_list |
| 02:17.59 | CIA-128 | BRL-CAD: struct. that change lets us fix BU_LIST_FOR_CIRC() which was being used in nmg |
| 02:18.00 | CIA-128 | BRL-CAD: code with non-bu types. |
| 02:22.34 | CIA-128 | BRL-CAD: 03brlcad * r50104 10/brlcad/trunk/src/proc-db/vegetation.c: make my old code match current project style conventions |
| 02:49.00 | CIA-128 | BRL-CAD: 03brlcad * r50105 10/brlcad/trunk/src/proc-db/vegetation.c: looks like coverity caught another memory management bug. we were wiping out the plant structure when the code was supposed to be initializing this point. should fix coverity forward_null cid 316 issue. |
| 03:02.27 | CIA-128 | BRL-CAD: 03brlcad * r50106 10/brlcad/trunk/NEWS: the vegitation memory corruption should be user visible. detected by coverity and fixed by initializing the right pointer. |
| 03:12.39 | *** join/#brlcad bhinesley (~bhinesley@adsl-108-79-235-86.dsl.bkfd14.sbcglobal.net) | |
| 04:22.38 | *** join/#brlcad stevegt_ (~stevegt@c-69-181-134-76.hsd1.ca.comcast.net) | |
| 04:22.43 | CIA-128 | BRL-CAD: 03brlcad * r50107 10/brlcad/trunk/src/conv/intaval/write_brl.cpp: |
| 04:22.43 | CIA-128 | BRL-CAD: convert the array index into an explicit case where we manually wrap around. |
| 04:22.43 | CIA-128 | BRL-CAD: this should overflow and underflow reports from coverity and makes the intent |
| 04:22.43 | CIA-128 | BRL-CAD: hopefully a little more clear that this is some sort of wrapping convolution. |
| 04:22.43 | CIA-128 | BRL-CAD: 'should' preserve existing behavior but warrants testing (anyone have a tgf |
| 04:22.44 | CIA-128 | BRL-CAD: handy?) since it's prime for an off-by-one error. cid 323. |
| 04:31.41 | CIA-128 | BRL-CAD: 03brlcad * r50108 10/brlcad/trunk/TODO: fixed an overflow and underflow issue that 'should' preserve existing behavior but warrants testing (anyone have a tgf handy?) since it's prime for an off-by-one error. cid 323. |
| 04:32.18 | CIA-128 | BRL-CAD: 03brlcad * r50109 10/brlcad/trunk/src/conv/intaval/write_brl.cpp: add missing semi-colons. |
| 04:41.05 | CIA-128 | BRL-CAD: 03brlcad * r50110 10/brlcad/trunk/src/conv/intaval/write_brl.cpp: style consistency |
| 04:57.46 | CIA-128 | BRL-CAD: 03brlcad * r50111 10/brlcad/trunk/src/anim/anim_hardtrack.c: carl didn't document why he made num_wheels initialize to -1 but it will result in a negative memory allocation if the stream scan fails. reported by negative_returns coverity check, cid 370 |
| 05:03.26 | CIA-128 | BRL-CAD: 03brlcad * r50112 10/brlcad/trunk/src/anim/anim_track.c: same issue as anim_hardtrack (looks to be a functional code merge). init to -1 is problematic. untested, but go back to zero. cid 371. |
| 05:26.16 | CIA-128 | BRL-CAD: 03brlcad * r50113 10/brlcad/trunk/src/fb/gif-fb.c: convert to libbu memory management, tidy up |
| 05:48.39 | CIA-128 | BRL-CAD: 03brlcad * r50114 10/brlcad/trunk/src/fb/gif-fb.c: check a range in order to 'untaint' the parsed input data. should fix coverity tainted_scalar cid 1474. |
| 05:50.49 | CIA-128 | BRL-CAD: 03brlcad * r50115 10/brlcad/trunk/src/fb/gif-fb.c: another tainted_scalar, cid 1474, for background. |
| 05:59.38 | *** join/#brlcad bhinesley (~bhinesley@108.220.116.134) | |
| 06:10.15 | CIA-128 | BRL-CAD: 03brlcad * r50116 10/brlcad/trunk/src/gtools/remapid.c: range-check the last component value to quell a tainted_scalar coverity check, cid 1476. |
| 06:16.38 | CIA-128 | BRL-CAD: 03brlcad * r50117 10/brlcad/trunk/src/halftone/sharpen.c: stash the buffer value before using it as an index so we can range check it. should quell tainted_scalar report, cid 1477. |
| 06:23.12 | *** join/#brlcad andrei_ (~andrei_@86.123.124.39) | |
| 06:33.04 | CIA-128 | BRL-CAD: 03brlcad * r50118 10/brlcad/trunk/src/halftone/sharpen.c: another set of tainted_scalar issues, cid 1477. |
| 06:37.15 | andrei_ | hello |
| 06:37.59 | andrei_ | sorry for the absence, visited my parents this easter, I ll get home today and I ll try to catch up :) |
| 06:54.46 | *** join/#brlcad jordisayol (~jordisayo@unaffiliated/jordisayol) | |
| 06:56.25 | CIA-128 | BRL-CAD: 03brlcad * r50119 10/brlcad/trunk/src/irprep/irdisp.c: check the range of inputs after scanf, should address tainted_scalar from cid 1479. |
| 06:58.45 | CIA-128 | BRL-CAD: 03brlcad * r50120 10/brlcad/trunk/src/sig/fhor.c: check the range of inputs after atoi, should address tainted_scalar from cid 1490. |
| 07:11.01 | CIA-128 | BRL-CAD: 03brlcad * r50121 10/brlcad/trunk/src/sig/ihist.c: initialize memory and range check zerop index. cov cid 1491. |
| 07:20.30 | CIA-128 | BRL-CAD: 03brlcad * r50122 10/brlcad/trunk/src/sig/imod.c: check range of tainted array index before use. cov cid 1492. |
| 07:34.06 | CIA-128 | BRL-CAD: 03brlcad * r50123 10/brlcad/trunk/src/sig/smod.c: range check the iobuf index. cov cid 1493. |
| 07:37.17 | *** join/#brlcad Al_Da_Best (~Al_Da_Bes@elvyn-248-109.halls.student.lut.ac.uk) | |
| 07:43.59 | CIA-128 | BRL-CAD: 03brlcad * r50124 10/brlcad/trunk/src/sig/syn.c: check the upper bounds too. hopefully clears tainted_scalar cid 1494. |
| 07:47.08 | CIA-128 | BRL-CAD: 03brlcad * r50125 10/brlcad/trunk/src/sig/syn.c: more bounds checking |
| 07:55.05 | *** join/#brlcad stas (~stas@188.24.35.114) | |
| 08:04.40 | CIA-128 | BRL-CAD: 03brlcad * r50126 10/brlcad/trunk/src/sig/umod.c: add some range checks to quell cid 1495. |
| 08:09.59 | *** join/#brlcad Jak_o_Shadows (~Fake@unaffiliated/jak-o-shadows/x-0479135) | |
| 08:18.37 | *** join/#brlcad Neil___ (~chatzilla@117.229.24.10) | |
| 09:18.21 | brlcad | and that's all of them ... starting run11 now |
| 12:30.58 | *** join/#brlcad Neil___ (~chatzilla@117.229.99.11) | |
| 14:36.20 | CIA-128 | BRL-CAD: 03starseeker * r50127 10/brlcad/trunk/src/util/CMakeLists.txt: make pc_test logic more robust |
| 14:44.18 | brlcad | lovely .. half as many as before, but back up to over a hundred with the new scan (more than 3/4 were thought to have been resolved) |
| 15:51.43 | CIA-128 | BRL-CAD: 03brlcad * r50128 10/brlcad/trunk/src/librt/shoot.c: yet another attempt at quelling cid 98, array_vs_singleton. since the other assertion is that lastcell is a nugridnode, test for it before blindly using it for cutp iteration. |
| 16:06.55 | CIA-128 | BRL-CAD: 03brlcad * r50129 10/brlcad/trunk/src/librt/primitives/nmg/nmg_inter.c: hit_v cannot be null here, revert 49986. (cid 169) |
| 16:11.44 | CIA-128 | BRL-CAD: 03brlcad * r50130 10/brlcad/trunk/src/irprep/secpass.c: join the second typeout comparison with an if/else since both can't be true. add some bounds tests on the tainted input too. cid 180. |
| 16:20.09 | CIA-128 | BRL-CAD: 03brlcad * r50131 10/brlcad/trunk/src/irprep/secpass.c: massive ws style cleanup, eliminate dead comment code, remove authorship and editing history comments. |
| 16:39.12 | CIA-128 | BRL-CAD: 03brlcad * r50132 10/brlcad/trunk/src/librt/search.c: |
| 16:39.13 | CIA-128 | BRL-CAD: vastly simplify the logic by just checking what we need piecewise. reduces |
| 16:39.13 | CIA-128 | BRL-CAD: about 50 lines to 15. hopefully addresses the deadcode condition being reported |
| 16:39.13 | CIA-128 | BRL-CAD: in cid 212 due to the now-singular path through the if/else cases. |
| 16:57.24 | CIA-128 | BRL-CAD: 03starseeker * r50133 10/brlcad/trunk/src/rt/rtexample.c: initialize cur with RT_CURVATURE_INIT_ZERO - hopefully will address CID 1615 |
| 17:09.39 | CIA-128 | BRL-CAD: 03starseeker * r50134 10/brlcad/trunk/src/vfont/getfont.c: Make a stab at resolving CID 1613 |
| 17:09.59 | *** join/#brlcad Neil___ (~chatzilla@117.229.62.189) | |
| 17:20.44 | CIA-128 | BRL-CAD: 03brlcad * r50135 10/brlcad/trunk/ (include/raytrace.h src/librt/db5_io.c): change some of the sanity/bounds checks during object reads to ensure we don't overflow/underflow (cid 322). change db5_decode_length() to return a size_t since the value is always a sizeof size. |
| 17:36.09 | CIA-128 | BRL-CAD: 03brlcad * r50136 10/brlcad/trunk/src/conv/ply-g.c: already quelled cid 325 (integer_overflow), but can we fake it out? it's not an integer, so maybe using a double temp might make that clear. |
| 17:48.22 | CIA-128 | BRL-CAD: 03brlcad * r50137 10/brlcad/trunk/src/liboptical/sh_toyota.c: probably wont fix the overflow issues but should pinpoint how many coverity is detecting. |
| 17:57.41 | *** join/#brlcad merzo (~merzo@11-122-132-95.pool.ukrtel.net) | |
| 18:08.35 | CIA-128 | BRL-CAD: 03brlcad * r50138 10/brlcad/trunk/ (4 files in 2 dirs): the 'syn' sine synthesis tool is incurring a maintenance cost with no expressed benefit, remove it as obsolete. overflow/underflow issues in coverity, crashes on simple testing, tainted inputs, and more |
| 18:13.13 | CIA-128 | BRL-CAD: 03brlcad * r50139 10/brlcad/trunk/src/util/sun-pix.c: looks like cid 332 is caused by use of unsigned long instead of the implicit uint32_t type it's using it as. change getlong() to return 32-bit type so we hopefully avoid all truncation propagation. |
| 18:18.07 | CIA-128 | BRL-CAD: 03brlcad * r50140 10/brlcad/trunk/src/librt/db_scan.c: make sure we don't try to fseek to a negative address if ftell() fails. just assume rewind worked and scan from position 0. |
| 18:34.51 | CIA-128 | BRL-CAD: 03brlcad * r50141 10/brlcad/trunk/src/util/sun-pix.c: non-lib private functions should be static |
| 20:03.15 | *** join/#brlcad stevegt_ (~stevegt@cislunar.TerraLuna.Org) | |
| 20:13.00 | CIA-128 | BRL-CAD: 03brlcad * r50142 10/brlcad/trunk/src/librt/comb/comb.c: cast and set to temp outside of the function call to quell false-positive negative_retursn warning (cid 384) |
| 20:20.32 | CIA-128 | BRL-CAD: 03brlcad * r50143 10/brlcad/trunk/src/librt/primitives/arb8/arb8.c: subtract using the first arb symbol, not by the current value of that symbol hardcoded |
| 20:22.22 | CIA-128 | BRL-CAD: 03brlcad * r50144 10/brlcad/trunk/src/librt/primitives/arb8/arb8.c: try to quell the warning by using a temporary |
| 20:37.14 | CIA-128 | BRL-CAD: 03brlcad * r50145 10/brlcad/trunk/src/libged/wdb_vdraw.c: be explicit with the check to make sure we don't exceed BN_VLIST_CHUNK, responding to cid 420 OVERRUN_STATIC check. note cmd[i+1] so we have to stop one less than the capacity. |
| 20:41.12 | CIA-128 | BRL-CAD: 03brlcad * r50146 10/brlcad/trunk/src/libged/wdb_vdraw.c: oops, list is decreasing, so leave off the check |
| 20:45.36 | CIA-128 | BRL-CAD: 03brlcad * r50147 10/brlcad/trunk/src/libged/vdraw.c: |
| 20:45.36 | CIA-128 | BRL-CAD: do the same to the non-wdb version of vdraw. note that this looks like it was a |
| 20:45.36 | CIA-128 | BRL-CAD: bonefide vlist off-by-one issue since it was shifting cmd values down from +1 |
| 20:45.36 | CIA-128 | BRL-CAD: and +1 could exceed BN_VLIST_CHUNK. perhaps related to some of the wireframe |
| 20:45.36 | CIA-128 | BRL-CAD: instability. |
| 20:48.06 | CIA-128 | BRL-CAD: 03brlcad * r50148 10/brlcad/trunk/src/librt/opennurbs_ext.cpp: fix a couple memory leaks detected by coverity, cid 488. |
| 21:08.05 | CIA-128 | BRL-CAD: 03brlcad * r50149 10/brlcad/trunk/src/libged/tree.c: if multiple -o arguments are given, it'll clobber the existing fdout. detected by RESOURCE_LEAK check, cid 498. |
| 21:13.34 | CIA-128 | BRL-CAD: 03brlcad * r50150 10/brlcad/trunk/src/libfb/fbserv_obj.c: check for null buffer since we use it. REVERSE_INULL check cid 545. |
| 21:15.27 | CIA-128 | BRL-CAD: 03brlcad * r50151 10/brlcad/trunk/src/conv/jack/g-jack.c: write alloc size. int not pointer. SIZEOF_MISMATCH cid 1264 |
| 21:17.44 | CIA-128 | BRL-CAD: 03brlcad * r50152 10/brlcad/trunk/src/mged/animedit.c: another wrong malloc sizeof() detected, cid 1271 |
| 21:43.14 | CIA-128 | BRL-CAD: 03brlcad * r50153 10/brlcad/trunk/src/bwish/input.c: Try a different way to validated the tainted buffer from read(). check the bounds being used. cid 1461. |
| 22:04.31 | CIA-128 | BRL-CAD: 03brlcad * r50154 10/brlcad/trunk/src/conv/ply-g.c: bounds-check vcount since it's tainted. cid 1471 |
| 22:09.06 | CIA-128 | BRL-CAD: 03brlcad * r50155 10/brlcad/trunk/src/fb/fbanim.c: quell coverity cid 1473, since it doesn't seem to notice that bu_exit() never returns. |
| 22:13.13 | CIA-128 | BRL-CAD: 03brlcad * r50156 10/brlcad/trunk/src/fb/gif2fb.c: we're in main() so just return when we're preceeded by a printing statement. should quell cid 1475. |
| 22:20.50 | brlcad | about a third done with the ones remaining in run11 |
| 22:22.02 | starseeker | can Coverity give us a clue on what we have to do to reliably clear the tainted scalar issues? |
| 22:23.34 | starseeker | bwish/input.c:134: error: comparison is always false due to limited range of data type |
| 22:29.48 | brlcad | it has been, not sure what you mean |
| 22:29.51 | CIA-128 | BRL-CAD: 03brlcad * r50157 10/brlcad/trunk/src/bwish/input.c: increase the range so the check isn't always true where char are unsigned |
| 22:30.01 | brlcad | we woulen't be down to just a few remaining if they weren't getting cleared |
| 22:31.01 | brlcad | they're mostly all fixed now -- there's only like three that came back |
| 22:31.14 | brlcad | and that's just because coverity doesn't realize bu_exit() never returns |
| 22:37.09 | brlcad | easy enough to convert them to return |
| 22:38.17 | starseeker | ah - k |
| 22:54.01 | CIA-128 | BRL-CAD: 03n_reed * r50158 10/brlcad/trunk/src/ (464 files in 14 dirs): Apply SCL git d6d7c48 changes. SCLP23 macros replaced with simple SDAI_ prefix. |
| 23:25.50 | brlcad | nice n_reed! |
| 23:26.04 | brlcad | that was a monster of a merge |
| 23:32.21 | *** join/#brlcad Stattrav_ (~Stattrav@61.12.114.82) | |
| 23:40.56 | n_reed | PITA is what it was |
| 23:41.12 | brlcad | :) |
| 23:47.08 | starseeker | confirms step-g works as well on openbook part d as it was prior to the merge - nice |