So here is the first round!
Code: Select all
Please find the latest report on new defect(s) introduced to OpenMW/openmw found with Coverity Scan.
25 new defect(s) introduced to OpenMW/openmw found with Coverity Scan.
13 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 25 defect(s)
** CID 152188: Uninitialized members (UNINIT_CTOR)
/apps/openmw/mwmechanics/aifollow.cpp: 61 in MWMechanics::AiFollow::AiFollow(const ESM::AiSequence::AiFollow *)()
________________________________________________________________________________________________________
*** CID 152188: Uninitialized members (UNINIT_CTOR)
/apps/openmw/mwmechanics/aifollow.cpp: 61 in MWMechanics::AiFollow::AiFollow(const ESM::AiSequence::AiFollow *)()
55 // mDuration isn't saved in the save file, so just giving it "1" for now if the package has a duration.
56 // The exact value of mDuration only matters for repeating packages
57 if (mRemainingDuration != 0)
58 mDuration = 1;
59 else
60 mDuration = 0;
>>> CID 152188: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "mAlwaysFollow" is not initialized in this constructor nor in any functions that it calls.
61 }
62
63 bool AiFollow::execute (const MWWorld::Ptr& actor, CharacterController& characterController, AiState& state, float duration)
64 {
65 MWWorld::Ptr target = getTarget();
66
** CID 152187: Insecure data handling (TAINTED_SCALAR)
/components/nif/nifstream.cpp: 96 in Nif::NIFStream::getString()()
________________________________________________________________________________________________________
*** CID 152187: Insecure data handling (TAINTED_SCALAR)
/components/nif/nifstream.cpp: 96 in Nif::NIFStream::getString()()
90 inp->read(&str[0], length);
91
92 return &str[0];
93 }
94 std::string NIFStream::getString()
95 {
>>> CID 152187: Insecure data handling (TAINTED_SCALAR)
>>> Assigning: "size" = "read_le32", which taints "size".
96 size_t size = read_le32();
97 return getString(size);
98 }
99 std::string NIFStream::getVersionString()
100 {
101 std::string result;
** CID 152186: Uninitialized members (UNINIT_CTOR)
/apps/opencs/view/render/instancemode.cpp: 97 in CSVRender::InstanceMode::InstanceMode(CSVRender::WorldspaceWidget *, QWidget *)()
________________________________________________________________________________________________________
*** CID 152186: Uninitialized members (UNINIT_CTOR)
/apps/opencs/view/render/instancemode.cpp: 97 in CSVRender::InstanceMode::InstanceMode(CSVRender::WorldspaceWidget *, QWidget *)()
91
92 CSVRender::InstanceMode::InstanceMode (WorldspaceWidget *worldspaceWidget, QWidget *parent)
93 : EditMode (worldspaceWidget, QIcon (":placeholder"), Mask_Reference, "Instance editing",
94 parent), mSubMode (0), mSubModeId ("move"), mSelectionMode (0), mDragMode (DragMode_None),
95 mDragAxis (-1), mLocked (false)
96 {
>>> CID 152186: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "mUnitScaleDist" is not initialized in this constructor nor in any functions that it calls.
97 }
98
99 void CSVRender::InstanceMode::activate (CSVWidget::SceneToolbar *toolbar)
100 {
101 if (!mSubMode)
102 {
** CID 152182: Uninitialized members (UNINIT_CTOR)
/apps/opencs/model/prefs/shortcutsetting.cpp: 27 in CSMPrefs::ShortcutSetting::ShortcutSetting(CSMPrefs::Category *, Settings::Manager *, QMutex *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
________________________________________________________________________________________________________
*** CID 152182: Uninitialized members (UNINIT_CTOR)
/apps/opencs/model/prefs/shortcutsetting.cpp: 27 in CSMPrefs::ShortcutSetting::ShortcutSetting(CSMPrefs::Category *, Settings::Manager *, QMutex *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
21 , mEditorPos(0)
22 {
23 for (int i = 0; i < MaxKeys; ++i)
24 {
25 mEditorKeys[i] = 0;
26 }
>>> CID 152182: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "mButton" is not initialized in this constructor nor in any functions that it calls.
27 }
28
29 std::pair<QWidget*, QWidget*> ShortcutSetting::makeWidgets(QWidget* parent)
30 {
31 QKeySequence sequence;
32 State::get().getShortcutManager().getSequence(getKey(), sequence);
** CID 152181: Low impact quality (MISSING_MOVE_ASSIGNMENT)
/apps/openmw/mwworld/refdata.hpp: 29 in ()
________________________________________________________________________________________________________
*** CID 152181: Low impact quality (MISSING_MOVE_ASSIGNMENT)
/apps/openmw/mwworld/refdata.hpp: 29 in ()
23
24 namespace MWWorld
25 {
26
27 class CustomData;
28
>>> CID 152181: Low impact quality (MISSING_MOVE_ASSIGNMENT)
>>> Class "MWWorld::RefData" may benefit from adding a move assignment operator. See other events which show the copy assignment operator being applied to rvalue(s), where a move assignment may be faster.
29 class RefData
30 {
31 SceneUtil::PositionAttitudeTransform* mBaseNode;
32
33 MWScript::Locals mLocals;
34
** CID 152177: Low impact quality (MISSING_MOVE_ASSIGNMENT)
/apps/openmw/mwworld/livecellref.hpp: 22 in ()
________________________________________________________________________________________________________
*** CID 152177: Low impact quality (MISSING_MOVE_ASSIGNMENT)
/apps/openmw/mwworld/livecellref.hpp: 22 in ()
16 {
17 class Ptr;
18 class ESMStore;
19 class Class;
20
21 /// Used to create pointers to hold any type of LiveCellRef<> object.
>>> CID 152177: Low impact quality (MISSING_MOVE_ASSIGNMENT)
>>> Class "MWWorld::LiveCellRefBase" may benefit from adding a move assignment operator. See other events which show the copy assignment operator being applied to rvalue(s), where a move assignment may be faster.
22 struct LiveCellRefBase
23 {
24 const Class *mClass;
25
26 /** Information about this instance, such as 3D location and rotation
27 * and individual type-dependent data.
** CID 152173: API usage errors (SWAPPED_ARGUMENTS)
________________________________________________________________________________________________________
*** CID 152173: API usage errors (SWAPPED_ARGUMENTS)
/apps/openmw/mwmechanics/aicombat.cpp: 33 in <unnamed>::getZAngleToDir(const osg::Vec3f &)()
27
28 osg::Vec3f AimDirToMovingTarget(const MWWorld::Ptr& actor, const MWWorld::Ptr& target, const osg::Vec3f& vLastTargetPos,
29 float duration, int weapType, float strength);
30
31 float getZAngleToDir(const osg::Vec3f& dir)
32 {
>>> CID 152173: API usage errors (SWAPPED_ARGUMENTS)
>>> The positions of arguments in the call to "atan2" do not match the ordering of the parameters:
* "dir->x()" is passed to "__y"
* "dir->y()" is passed to "__x"
33 return std::atan2(dir.x(), dir.y());
34 }
35
36 float getXAngleToDir(const osg::Vec3f& dir)
37 {
38 return -std::asin(dir.z() / dir.length());
** CID 152171: Uninitialized members (UNINIT_CTOR)
/apps/opencs/model/prefs/modifiersetting.cpp: 20 in CSMPrefs::ModifierSetting::ModifierSetting(CSMPrefs::Category *, Settings::Manager *, QMutex *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
________________________________________________________________________________________________________
*** CID 152171: Uninitialized members (UNINIT_CTOR)
/apps/opencs/model/prefs/modifiersetting.cpp: 20 in CSMPrefs::ModifierSetting::ModifierSetting(CSMPrefs::Category *, Settings::Manager *, QMutex *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
14 {
15 ModifierSetting::ModifierSetting(Category* parent, Settings::Manager* values, QMutex* mutex, const std::string& key,
16 const std::string& label)
17 : Setting(parent, values, mutex, key, label)
18 , mEditorActive(false)
19 {
>>> CID 152171: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "mButton" is not initialized in this constructor nor in any functions that it calls.
20 }
21
22 std::pair<QWidget*, QWidget*> ModifierSetting::makeWidgets(QWidget* parent)
23 {
24 int modifier = 0;
25 State::get().getShortcutManager().getModifier(getKey(), modifier);
** CID 152167: Uninitialized members (UNINIT_CTOR)
/components/files/escape.cpp: 14 in Files::escape_hash_filter::escape_hash_filter()()
________________________________________________________________________________________________________
*** CID 152167: Uninitialized members (UNINIT_CTOR)
/components/files/escape.cpp: 14 in Files::escape_hash_filter::escape_hash_filter()()
8 const int escape_hash_filter::sEscape = '@';
9 const int escape_hash_filter::sEscapeIdentifier = 'a';
10 const int escape_hash_filter::sHashIdentifier = 'h';
11
12 escape_hash_filter::escape_hash_filter() : mNext(), mSeenNonWhitespace(false), mFinishLine(false)
13 {
>>> CID 152167: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "mPrevious" is not initialized in this constructor nor in any functions that it calls.
14 }
15
16 escape_hash_filter::~escape_hash_filter()
17 {
18 }
19
** CID 152166: Low impact quality (MISSING_MOVE_ASSIGNMENT)
/components/esm/variant.hpp: 25 in ()
________________________________________________________________________________________________________
*** CID 152166: Low impact quality (MISSING_MOVE_ASSIGNMENT)
/components/esm/variant.hpp: 25 in ()
19 VT_Float,
20 VT_String
21 };
22
23 class VariantDataBase;
24
>>> CID 152166: Low impact quality (MISSING_MOVE_ASSIGNMENT)
>>> Class "ESM::Variant" may benefit from adding a move assignment operator. See other events which show the copy assignment operator being applied to rvalue(s), where a move assignment may be faster.
25 class Variant
26 {
27 VarType mType;
28 VariantDataBase *mData;
29
30 public:
** CID 152165: Incorrect expression (IDENTICAL_BRANCHES)
/apps/opencs/view/prefs/moc_keybindingpage.cxx: 76 in CSVPrefs::KeyBindingPage::qt_metacall(QMetaObject::Call, int, void **)()
________________________________________________________________________________________________________
*** CID 152165: Incorrect expression (IDENTICAL_BRANCHES)
/apps/opencs/view/prefs/moc_keybindingpage.cxx: 76 in CSVPrefs::KeyBindingPage::qt_metacall(QMetaObject::Call, int, void **)()
70 return PageBase::qt_metacast(_clname);
71 }
72
73 int CSVPrefs::KeyBindingPage::qt_metacall(QMetaObject::Call _c, int _id, void **_a)
74 {
75 _id = PageBase::qt_metacall(_c, _id, _a);
>>> CID 152165: Incorrect expression (IDENTICAL_BRANCHES)
>>> The same code is executed when the condition "_id < 0" is true or false, because the code in the if-then branch and after the if statement is identical. Should the if statement be removed?
76 if (_id < 0)
77 return _id;
78 return _id;
79 }
** CID 152164: Incorrect expression (IDENTICAL_BRANCHES)
/apps/opencs/view/render/moc_instancemovemode.cxx: 78 in CSVRender::InstanceMoveMode::qt_metacall(QMetaObject::Call, int, void **)()
________________________________________________________________________________________________________
*** CID 152164: Incorrect expression (IDENTICAL_BRANCHES)
/apps/opencs/view/render/moc_instancemovemode.cxx: 78 in CSVRender::InstanceMoveMode::qt_metacall(QMetaObject::Call, int, void **)()
72 }
73
74 int CSVRender::InstanceMoveMode::qt_metacall(QMetaObject::Call _c, int _id, void **_a)
75 {
76 typedef CSVWidget::ModeButton QMocSuperClass;
77 _id = QMocSuperClass::qt_metacall(_c, _id, _a);
>>> CID 152164: Incorrect expression (IDENTICAL_BRANCHES)
>>> The same code is executed when the condition "_id < 0" is true or false, because the code in the if-then branch and after the if statement is identical. Should the if statement be removed?
78 if (_id < 0)
79 return _id;
80 return _id;
81 }
** CID 152163: Null pointer dereferences (FORWARD_NULL)
/apps/opencs/view/render/pathgrid.cpp: 461 in CSVRender::Pathgrid::applyRemoveEdges(CSMWorld::CommandMacro &)()
________________________________________________________________________________________________________
*** CID 152163: Null pointer dereferences (FORWARD_NULL)
/apps/opencs/view/render/pathgrid.cpp: 461 in CSVRender::Pathgrid::applyRemoveEdges(CSMWorld::CommandMacro &)()
455 {
456 rowsToRemove.insert(row);
457 }
458 }
459 }
460
>>> CID 152163: Null pointer dereferences (FORWARD_NULL)
>>> Assigning: "model" = "dynamic_cast <CSMWorld::IdTree *>(this->mData->getTableModel(CSMWorld::UniversalId const(Type_Pathgrids)))".
461 CSMWorld::IdTree* model = dynamic_cast<CSMWorld::IdTree*>(mData.getTableModel(
462 CSMWorld::UniversalId::Type_Pathgrids));
463
464 int parentColumn = mPathgridCollection.findColumnIndex(CSMWorld::Columns::ColumnId_PathgridEdges);
465
466 std::set<int, std::greater<int> >::iterator row;
** CID 152162: Incorrect expression (IDENTICAL_BRANCHES)
/apps/opencs/view/world/moc_globalcreator.cxx: 76 in CSVWorld::GlobalCreator::qt_metacall(QMetaObject::Call, int, void **)()
________________________________________________________________________________________________________
*** CID 152162: Incorrect expression (IDENTICAL_BRANCHES)
/apps/opencs/view/world/moc_globalcreator.cxx: 76 in CSVWorld::GlobalCreator::qt_metacall(QMetaObject::Call, int, void **)()
70 return GenericCreator::qt_metacast(_clname);
71 }
72
73 int CSVWorld::GlobalCreator::qt_metacall(QMetaObject::Call _c, int _id, void **_a)
74 {
75 _id = GenericCreator::qt_metacall(_c, _id, _a);
>>> CID 152162: Incorrect expression (IDENTICAL_BRANCHES)
>>> The same code is executed when the condition "_id < 0" is true or false, because the code in the if-then branch and after the if statement is identical. Should the if statement be removed?
76 if (_id < 0)
77 return _id;
78 return _id;
79 }
** CID 152161: Incorrect expression (IDENTICAL_BRANCHES)
/apps/opencs/model/prefs/moc_shortcutmanager.cxx: 76 in CSMPrefs::ShortcutManager::qt_metacall(QMetaObject::Call, int, void **)()
________________________________________________________________________________________________________
*** CID 152161: Incorrect expression (IDENTICAL_BRANCHES)
/apps/opencs/model/prefs/moc_shortcutmanager.cxx: 76 in CSMPrefs::ShortcutManager::qt_metacall(QMetaObject::Call, int, void **)()
70 return QObject::qt_metacast(_clname);
71 }
72
73 int CSMPrefs::ShortcutManager::qt_metacall(QMetaObject::Call _c, int _id, void **_a)
74 {
75 _id = QObject::qt_metacall(_c, _id, _a);
>>> CID 152161: Incorrect expression (IDENTICAL_BRANCHES)
>>> The same code is executed when the condition "_id < 0" is true or false, because the code in the if-then branch and after the if statement is identical. Should the if statement be removed?
76 if (_id < 0)
77 return _id;
78 return _id;
79 }
** CID 152160: (FORWARD_NULL)
/apps/opencs/view/render/pathgrid.cpp: 385 in CSVRender::Pathgrid::applyRemoveNodes(CSMWorld::CommandMacro &)()
/apps/opencs/view/render/pathgrid.cpp: 360 in CSVRender::Pathgrid::applyRemoveNodes(CSMWorld::CommandMacro &)()
________________________________________________________________________________________________________
*** CID 152160: (FORWARD_NULL)
/apps/opencs/view/render/pathgrid.cpp: 385 in CSVRender::Pathgrid::applyRemoveNodes(CSMWorld::CommandMacro &)()
379 int edge0Column = mPathgridCollection.searchNestedColumnIndex(parentColumn,
380 CSMWorld::Columns::ColumnId_PathgridEdge0);
381
382 int edge1Column = mPathgridCollection.searchNestedColumnIndex(parentColumn,
383 CSMWorld::Columns::ColumnId_PathgridEdge1);
384
>>> CID 152160: (FORWARD_NULL)
>>> Passing null pointer "model" to "index", which dereferences it. (The dereference happens because this is a virtual function call.)
385 QModelIndex parent = model->index(recordIndex, parentColumn);
386
387 for (size_t edge = 0; edge < source->mEdges.size(); ++edge)
388 {
389 int adjustment0 = 0;
390 int adjustment1 = 0;
/apps/opencs/view/render/pathgrid.cpp: 360 in CSVRender::Pathgrid::applyRemoveNodes(CSMWorld::CommandMacro &)()
354
355 void Pathgrid::applyRemoveNodes(CSMWorld::CommandMacro& commands)
356 {
357 const CSMWorld::Pathgrid* source = getPathgridSource();
358 if (source)
359 {
>>> CID 152160: (FORWARD_NULL)
>>> Assigning: "model" = "dynamic_cast <CSMWorld::IdTree *>(this->mData->getTableModel(CSMWorld::UniversalId const(Type_Pathgrids)))".
360 CSMWorld::IdTree* model = dynamic_cast<CSMWorld::IdTree*>(mData.getTableModel(
361 CSMWorld::UniversalId::Type_Pathgrids));
362
363 // Want to remove nodes from end of list first
364 std::sort(mSelected.begin(), mSelected.end(), std::greater<int>());
365
** CID 152159: Null pointer dereferences (FORWARD_NULL)
/apps/opencs/view/render/pathgrid.cpp: 648 in CSVRender::Pathgrid::addEdge(CSMWorld::CommandMacro &, const CSMWorld::Pathgrid &, unsigned short, unsigned short)()
________________________________________________________________________________________________________
*** CID 152159: Null pointer dereferences (FORWARD_NULL)
/apps/opencs/view/render/pathgrid.cpp: 648 in CSVRender::Pathgrid::addEdge(CSMWorld::CommandMacro &, const CSMWorld::Pathgrid &, unsigned short, unsigned short)()
642 int edge0Column = mPathgridCollection.searchNestedColumnIndex(parentColumn,
643 CSMWorld::Columns::ColumnId_PathgridEdge0);
644
645 int edge1Column = mPathgridCollection.searchNestedColumnIndex(parentColumn,
646 CSMWorld::Columns::ColumnId_PathgridEdge1);
647
>>> CID 152159: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "model" to "index", which dereferences it. (The dereference happens because this is a virtual function call.)
648 QModelIndex parent = model->index(recordIndex, parentColumn);
649 int row = static_cast<int>(source.mEdges.size());
650
651 if (edgeExists(source, node1, node2) == -1)
652 {
653 commands.push(new CSMWorld::AddNestedCommand(*model, mId, row, parentColumn));
** CID 152158: Incorrect expression (DIVIDE_BY_ZERO)
/apps/esmtool/esmtool.cpp: 510 in clone(Arguments &)()
________________________________________________________________________________________________________
*** CID 152158: Incorrect expression (DIVIDE_BY_ZERO)
/apps/esmtool/esmtool.cpp: 510 in clone(Arguments &)()
504 }
505 }
506
507 esm.endRecord(typeName.toString());
508
509 saved++;
>>> CID 152158: Incorrect expression (DIVIDE_BY_ZERO)
>>> In expression "saved / (float)recordCount", division by expression "recordCount" which may be zero has undefined behavior.
510 int perc = (int)((saved / (float)recordCount)*100);
511 if (perc % 10 == 0)
512 {
513 std::cerr << "\r" << perc << "%";
514 }
515 }
** CID 152157: (FORWARD_NULL)
/apps/opencs/view/render/pathgrid.cpp: 251 in CSVRender::Pathgrid::applyPoint(CSMWorld::CommandMacro &, const osg::Vec3d &)()
/apps/opencs/view/render/pathgrid.cpp: 227 in CSVRender::Pathgrid::applyPoint(CSMWorld::CommandMacro &, const osg::Vec3d &)()
________________________________________________________________________________________________________
*** CID 152157: (FORWARD_NULL)
/apps/opencs/view/render/pathgrid.cpp: 251 in CSVRender::Pathgrid::applyPoint(CSMWorld::CommandMacro &, const osg::Vec3d &)()
245 int posYColumn = mPathgridCollection.searchNestedColumnIndex(parentColumn,
246 CSMWorld::Columns::ColumnId_PathgridPosY);
247
248 int posZColumn = mPathgridCollection.searchNestedColumnIndex(parentColumn,
249 CSMWorld::Columns::ColumnId_PathgridPosZ);
250
>>> CID 152157: (FORWARD_NULL)
>>> Passing null pointer "model" to "index", which dereferences it. (The dereference happens because this is a virtual function call.)
251 QModelIndex parent = model->index(recordIndex, parentColumn);
252 int row = static_cast<int>(source->mPoints.size());
253
254 // Add node to end of list
255 commands.push(new CSMWorld::AddNestedCommand(*model, mId, row, parentColumn));
256 commands.push(new CSMWorld::ModifyCommand(*model, model->index(row, posXColumn, parent), posX));
/apps/opencs/view/render/pathgrid.cpp: 227 in CSVRender::Pathgrid::applyPoint(CSMWorld::CommandMacro &, const osg::Vec3d &)()
221 mPathgridGeode->removeDrawable(mDragGeometry);
222 mDragGeometry = 0;
223 }
224
225 void Pathgrid::applyPoint(CSMWorld::CommandMacro& commands, const osg::Vec3d& worldPos)
226 {
>>> CID 152157: (FORWARD_NULL)
>>> Assigning: "model" = "dynamic_cast <CSMWorld::IdTree *>(this->mData->getTableModel(CSMWorld::UniversalId const(Type_Pathgrids)))".
227 CSMWorld::IdTree* model = dynamic_cast<CSMWorld::IdTree*>(mData.getTableModel(
228 CSMWorld::UniversalId::Type_Pathgrids));
229
230 const CSMWorld::Pathgrid* source = getPathgridSource();
231 if (source)
232 {
** CID 152156: Incorrect expression (IDENTICAL_BRANCHES)
/apps/opencs/view/render/moc_cameracontroller.cxx: 76 in CSVRender::CameraController::qt_metacall(QMetaObject::Call, int, void **)()
________________________________________________________________________________________________________
*** CID 152156: Incorrect expression (IDENTICAL_BRANCHES)
/apps/opencs/view/render/moc_cameracontroller.cxx: 76 in CSVRender::CameraController::qt_metacall(QMetaObject::Call, int, void **)()
70 return QObject::qt_metacast(_clname);
71 }
72
73 int CSVRender::CameraController::qt_metacall(QMetaObject::Call _c, int _id, void **_a)
74 {
75 _id = QObject::qt_metacall(_c, _id, _a);
>>> CID 152156: Incorrect expression (IDENTICAL_BRANCHES)
>>> The same code is executed when the condition "_id < 0" is true or false, because the code in the if-then branch and after the if statement is identical. Should the if statement be removed?
76 if (_id < 0)
77 return _id;
78 return _id;
79 }
80 static const uint qt_meta_data_CSVRender__FreeCameraController[] = {
81
https://scan.coverity.com/projects/open ... b=overview
You'll need to login via your github account.