libgsf r1004 - in trunk: . gsf

From: jody svn gnome org
To: svn-commits-list gnome org
Subject: libgsf r1004 - in trunk: . gsf
Date: Thu, 11 Sep 2008 23:18:15 +0000 (UTC)
Author: jody
Date: Thu Sep 11 23:18:15 2008
New Revision: 1004
URL: http://svn.gnome.org/viewvc/libgsf?rev=1004&view=rev

Log:
2008-09-11  Jody Goldberg <jody gnome org>

	* gsf/gsf-msole-utils.c (msole_prop_read) : local variable shadowed a
	  poorly named parameter.  It wasn't a bug, but it can't hurt to fix
	  it. [Coverity #189]

2008-09-10  Jody Goldberg <jody gnome org>

	* gsf/gsf-output.c (gsf_output_real_vprintf) : add va_end after the
	  G_VA_COPY. [Coverity #250]
	* gsf/gsf-output-memory.c (gsf_output_memory_vprintf) : ditto.
	  [Coverity #251]

Modified:
   trunk/ChangeLog
   trunk/NEWS
   trunk/gsf/gsf-msole-utils.c
   trunk/gsf/gsf-output-memory.c
   trunk/gsf/gsf-output.c

Modified: trunk/NEWS
==============================================================================
--- trunk/NEWS	(original)
+++ trunk/NEWS	Thu Sep 11 23:18:15 2008
@@ -1,5 +1,8 @@
 libgsf 1.14.10
 
+Jody:
+	* Patch some coverity issues [189, 250, 251]
+
 Morten:
 	* Work around sshfs bug.  [#509883]
 

Modified: trunk/gsf/gsf-msole-utils.c
==============================================================================
--- trunk/gsf/gsf-msole-utils.c	(original)
+++ trunk/gsf/gsf-msole-utils.c	Thu Sep 11 23:18:15 2008
@@ -975,7 +975,7 @@
 
 	/* dictionary is magic */
 	if (props[i].id == 0) {
-		guint32 len, id, i, n;
+		guint32 len, id, j, n;
 		gsize gslen;
 		char *name;
 		guint8 const *start = data;
@@ -988,7 +988,7 @@
 
 		d ({ g_print ("Dictionary = \n"); gsf_mem_dump (data-4, size); });
 		n = type;
-		for (i = 0 ; i < n ; i++) {
+		for (j = 0 ; j < n ; j++) {
 			id = GSF_LE_GET_GUINT32 (data);
 			len = GSF_LE_GET_GUINT32 (data + 4);
 

Modified: trunk/gsf/gsf-output-memory.c
==============================================================================
--- trunk/gsf/gsf-output-memory.c	(original)
+++ trunk/gsf/gsf-output-memory.c	Thu Sep 11 23:18:15 2008
@@ -146,15 +146,17 @@
 		 */
 		G_VA_COPY (args2, args);
 
-		len =
-			g_vsnprintf (mem->buffer + output->cur_offset,
-				     mem->capacity - output->cur_offset,
-				     format, args);
+		len = g_vsnprintf (mem->buffer + output->cur_offset,
+				   mem->capacity - output->cur_offset,
+				   format, args);
 
-		if (len < (gsf_off_t)(mem->capacity - output->cur_offset))
-			return len; /* There was sufficient space */
+		/* There was insufficient space */
+		if (len >= (gsf_off_t)(mem->capacity - output->cur_offset))
+			len = parent_class->Vprintf (output, format, args2);
 
-		return parent_class->Vprintf (output, format, args2);
+		va_end (args2);
+
+		return len;
 	}
 	return parent_class->Vprintf (output, format, args);
 }

Modified: trunk/gsf/gsf-output.c
==============================================================================
--- trunk/gsf/gsf-output.c	(original)
+++ trunk/gsf/gsf-output.c	Thu Sep 11 23:18:15 2008
@@ -609,6 +609,7 @@
 		output->printf_buf = g_strdup_vprintf (fmt, args2);
 		reslen = output->printf_buf_size = strlen (output->printf_buf);
 	}
+	va_end (args2);
 
 	if (reslen == 0 ||
 	    GET_CLASS (output)->Write (output, reslen, output->printf_buf))
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]