-
I just had a look at source code file
OpenIPMI-2.0.14/lib/ipmi_smi.c,
around line 1122 is the code
cleanup_con(ipmi_con_t *ipmi)
{
smi_data_t *smi = (smi_data_t *) ipmi->con_data;
os_handler_t *handlers = ipmi->os_hnd;
if (ipmi) {
So it seems that parameter ipmi is used, then tested for NULL.
This would be much better the other way around. Suggest code rework.
2009-12-31 14:08:23 UTC in Open IPMI
-
I just had a look at source code file
net-snmp-5.4.2.1/agent/mibgroup/hardware/cpu/cpu_kstat.c,
around line 60 is code
state[sizeof(ctype)-1] = '\0';
but
char ctype[15], ftype[15], state[10];
so there is an index of 14 into an array of size 10. Suggest code rework.
A little later in the same file is the same problem again.
2009-12-31 12:06:49 UTC in net-snmp
-
I just had a look at source code file mjpegtools-1.9.0/mplex/aunitbuffer.hpp,
around line 14 is the code
for( std::deque::iterator i = buf.begin(); i < buf.end(); ++i )
The compare looks wrong to me, because the order of the iterators
is undefined. Suggest new code
for( std::deque::iterator i = buf.begin(); i != buf.end(); ++i )
2009-12-31 10:55:01 UTC in The MJPEG/Linux square
-
I just had a look at source code file gwc-0.21-10/audio_util.c,
around line 220 is the following code
char buf[80] ;
sprintf(buf, "Failed to open output device %s, check settings->miscellaneous for device information", output_device) ;
The buffer size of 80 looks to small to me. Suggest increase
to something more reasonable.
2009-12-29 15:24:07 UTC in Gnome Wave Cleaner
-
I just had a look at source code file
giflib-4.1.6/lib/dgif_lib.c, around line 590.
There is code
File = Private->File;
and then a few lines later
if (Private) {
free((char *)Private);
Private = NULL;
}
Suggest check variable "Private" before use, not after.
2009-12-29 14:19:18 UTC in giflib -- A library for processing GIFs
-
For source code file albumshaper-2.1/src/backend/tools/guiTools.h,
line 32 is the source code
QString clipPhotoText(const QString in);
Suggest new code
QString clipPhotoText(const QString & in);
and the prototype in guiTools.cpp will need to change as well.
2009-12-23 10:38:02 UTC in Album Shaper
-
Around line 87 of source code file commandconf.c
is
tmp=(char*)malloc(sizeof(char)
*(strlen(after)+strlen(line)+2));
strcat(tmp,after);
You can't cat onto uninitialised data
Suggest new code
tmp=(char*)malloc(sizeof(char)
*(strlen(after)+strlen(line)+2));
strcpy(tmp,after);.
2009-12-23 10:30:30 UTC in aide
-
I just had a look at hunspell-1.2.8
For the source code file hunspell-1.2.8/src/tools/hzip.c
around line 250 is the source code
tempfile = tmpfile();
but I fail to notice a matching call to fclose. This looks like a
resource leak to me. Suggest add call to fclose somewhere near the end of
the routine.
2009-11-18 13:43:43 UTC in Hunspell
-
I just had a look at the cdrdao-1.2.2-310.14 package.
For the source code file cdrdao-1.2.2/utils/cue2toc.c,
function read_cue, around line 340 is the source code
} else if (NULL == (f = fopen(cuefile, "r"))) {
but I fail to detect a matching call to fclose. This looks
like a resource leak to me. Suggest add call to fclose near
the end of the routine.
2009-10-24 12:30:47 UTC in cdrdao
-
For source code file w3m-0.5.2/buffer.c
function readBufferCache
I notice the following code
cache = fopen(buf->savecache, "r");
if (cache == NULL || fread1(clnum, cache) || fread1(tlnum, cache)) {
buf->savecache = NULL;
return -1;
}
so if the return is taken, then cache is a resource leak.
Suggest new code
cache = fopen(buf->savecache, "r");.
2009-10-21 12:43:42 UTC in w3m
