Re: New Defects reported by Coverity Scan for LyX

Stephan Witt Mon, 24 Aug 2020 22:18:06 -0700

> Am 24.08.2020 um 17:39 schrieb Jean-Marc Lasgouttes <lasgout...@lyx.org>:
> 
> Le 24/08/2020 à 12:16, scan-ad...@coverity.com a écrit :
>> Hi,
>> Please find the latest report on new defect(s) introduced to LyX found with 
>> Coverity Scan.
>> 2 new defect(s) introduced to LyX found with Coverity Scan.
>> 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
>> recent build analyzed by Coverity Scan.
>> New defect(s) Reported-by: Coverity Scan
>> Showing 2 of 2 defect(s)
>> ** CID 361431:  Null pointer dereferences  (FORWARD_NULL)
>> ________________________________________________________________________________________________________
>> *** CID 361431:  Null pointer dereferences  (FORWARD_NULL)
>> /home/lasgoutt/src/lyx/coverity/lyx/src/output_docbook.cpp: 359 in 
>> lyx::<unnamed>::makeParagraphBibliography(const lyx::Buffer &, 
>> lyx::XMLStream &, const lyx::OutputParams &, const lyx::Text &, const 
>> std::_List_const_iterator<lyx::Paragraph> &, const 
>> std::_List_const_iterator<lyx::Paragraph> &)()
>> 353                  // Don't forget the citation ID!
>> 354                  docstring attr;
>> 355                  for (auto i = 0; i < par->size(); ++i) {
>> 356                          Inset const *ip = par->getInset(0);
>> 357                          if (ip != nullptr && ip->lyxCode() == 
>> BIBITEM_CODE) {
>> 358                                  const auto * bibitem = 
>> dynamic_cast<const InsetBibitem*>(par->getInset(i));
>>>>>     CID 361431:  Null pointer dereferences  (FORWARD_NULL)
>>>>>     Passing null pointer "bibitem" to "getParam", which dereferences it.
>> 359                                  attr = from_utf8("xml:id='") + 
>> bibitem->getParam("key") + from_utf8("'");
>> 360                                  break;
>> 361                          }
>> 362                  }
>> 363                  xs << xml::StartTag(from_utf8("bibliomixed"), attr);
>> 364
> 
> Thibaut, I'll let you fix this one because the loop seems very fishy to me: 
> why let ip be the inset at position 0 (which is OK for bibitem indeed) but 
> then look at insets at all positions in paragraph?
> 
> Moreover, when it comes to identifying insets, the situation is a bit 
> unsatisfying. We have
> * lyxCode to check the type of inset
> * dynamic_cast like everywhere else
> * asInsetXxx() , which are virtual functions that date from the time when 
> dynamic-cast was not usable for us (remember 1995?).
> 
> I would propose to either define Inset::asInsetBibitem() and use that, or 
> rely only on dynamic_cast. But it is not necessary to rely on inset code IMO 
> (I try to reduce the amount of such code uses, but they creep back 
> relentlessly :).


So, this patch would be appreciated? :)

Stephan

0001-6401-avoid-use-of-lyxCode.patch
Description: Binary data

-- 
lyx-devel mailing list
lyx-devel@lists.lyx.org
http://lists.lyx.org/mailman/listinfo/lyx-devel

Re: New Defects reported by Coverity Scan for LyX

Reply via email to