Ubuntu
notify-osd package

Coverity FORWARD_NULL - CID 10691

Bug #943709 reported by Product Strategy Coverity Bug Uploader on 2012-03-01

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	notify-osd (Ubuntu)	Confirmed	Low	Unassigned

Bug Description

This bug is exported from the Coverity Integration Manager on Canonical's servers. For information on how this is done please see this website: https://wiki.ubuntu.com/CanonicalProductStrategy/Coverity
CID: 10691
Checker: FORWARD_NULL
Category: No category available
CWE definition: http://cwe.mitre.org/data/definitions/476.html
File: /tmp/buildd/notify-osd-0.9.33/src/stack.c
Function: stack_get_slot_position()
Code snippet:
885 gint* x,
886 gint* y)
887 {
888 // sanity checks
At conditional: "!x" taking True branch
At conditional: "!y" taking False branch
CID 10691 - FORWARD_NULL
Comparing "x" to null implies that "x" might be null.
889 if (!x && !y)
890 return;
891
At conditional: "!self" taking True branch
892 if (!self || !IS_STACK (self))
893 {
CID 10691 - FORWARD_NULL
Dereferencing null variable "x".
894 *x = -1;

Tags:

Revision history for this message

Product Strategy Coverity Bug Uploader (coverity-uploader) wrote on 2012-03-01: notify-osd-oneiric: /tmp/buildd/notify-osd-0.9.33/src/stack.c

notify-osd-oneiric: /tmp/buildd/notify-osd-0.9.33/src/stack.c Edit (140.6 KiB, text/html)

Source file with Coverity annotations.

Changed in notify-osd:
importance:	Undecided → High

Revision history for this message

Charles Kerr (charlesk) wrote on 2012-03-04:

Coverity is right about the potential NULL dereference -- it looks like maybe (!x && !y) could be replaced with (!x || !y).

Even though the bug exists, it doesn't look like any of stack_get_slot_position()'s callers ever trigger it.

Apologies in advance if I'm stepping into someone else's code here... I've just been looking through the Coverity tickets to see what kind of issues or nonissues it's reporting :)

Changed in notify-osd:
importance:	High → Low
status:	New → Confirmed

Matthew Paul Thomas (mpt) on 2014-02-11

no longer affects:	notify-osd/oneiric
affects:	notify-osd → notify-osd (Ubuntu)

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

notify-osd-oneiric: /tmp/buildd/notify-osd-0.9.33/src/stack.c Edit

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntunotify-osd package