[dia] [scan-build] Null dereference (robustness against broken files)

From: Hans Breuer <hans src gnome org>
To: svn-commits-list gnome org
Cc:
Subject: [dia] [scan-build] Null dereference (robustness against broken files)
Date: Sun, 6 Dec 2009 19:03:00 +0000 (UTC)
commit 534629b1aab566f18ed7407cb831dd51edaa79b0
Author: Hans Breuer <hans breuer org>
Date:   Sun Dec 6 17:47:02 2009 +0100

    [scan-build] Null dereference (robustness against broken files)
    
    An XML file with objects missing 'text' composite could
    crash Dia. Now we are initializing Object::text with defaults
    for the pathologic case.

 README                            |    4 +++-
 lib/libdia.def                    |    1 +
 lib/text.c                        |   17 +++++++++++++++++
 lib/text.h                        |    1 +
 objects/FS/flow-ortho.c           |   12 +++++++++---
 objects/FS/flow.c                 |   12 +++++++++---
 objects/FS/function.c             |    7 ++++++-
 objects/flowchart/box.c           |    2 ++
 objects/flowchart/diamond.c       |    2 ++
 objects/flowchart/ellipse.c       |    2 ++
 objects/flowchart/parallelogram.c |    2 ++
 11 files changed, 54 insertions(+), 8 deletions(-)
---
diff --git a/README b/README
index ab51a42..0e8f8d8 100644
--- a/README
+++ b/README
@@ -81,6 +81,8 @@ To use it just run ./configure and make through the scan-build script, like:
 PATH=/mnt/Home/from-svn/llvm/Release/bin:$PATH /mnt/Home/from-svn/llvm/tools/clang/utils/scan-build ./configure --enable-debug=yes
   and
 PATH=/mnt/Home/from-svn/llvm/Release/bin:$PATH /mnt/Home/from-svn/llvm/tools/clang/utils/scan-build -v -v make -j3
+  view with
+PATH=/mnt/Home/from-svn/llvm/Release/bin:$PATH /mnt/Home/from-svn/llvm/tools/clang/tools/scan-view/scan-view
 
-(given an unistalled checkout of llvm to /mnt/Home/from-svn/llvm)
+(given an uninstalled checkout of llvm to /mnt/Home/from-svn/llvm)
 
diff --git a/lib/libdia.def b/lib/libdia.def
index e417c8b..43fbfd3 100644
--- a/lib/libdia.def
+++ b/lib/libdia.def
@@ -661,6 +661,7 @@ EXPORTS
  nearest_pow
 
  new_text
+ new_text_default
  text_calc_boundingbox
  text_copy
  text_delete_all
diff --git a/lib/text.c b/lib/text.c
index d67a16b..16d1861 100644
--- a/lib/text.c
+++ b/lib/text.c
@@ -32,6 +32,7 @@
 #include "diagramdata.h"
 #include "objchange.h"
 #include "textline.h"
+#include "attributes.h"
 
 static int text_key_event(Focus *focus, 
 			  guint keystate, guint keysym,
@@ -301,6 +302,22 @@ new_text(const char *string, DiaFont *font, real height,
   return text;
 }
 
+/*!
+ * Fallback function returning a default initialized text object.
+ */
+Text *
+new_text_default(Point *pos, Color *color, Alignment align)
+{
+  Text *text;
+  DiaFont *font;
+  real font_height;
+
+  attributes_get_default_font(&font, &font_height);
+  text = new_text("", font, font_height, pos, color, align); 
+  dia_font_unref(font);
+  return text;
+}
+
 Text *
 text_copy(Text *text)
 {
diff --git a/lib/text.h b/lib/text.h
index 190c1fd..6bc2ec8 100644
--- a/lib/text.h
+++ b/lib/text.h
@@ -59,6 +59,7 @@ struct _Text {
 /* makes an internal copy of the string */
 Text *new_text(const char *string, DiaFont *font, real height,
 	       Point *pos, Color *color, Alignment align);
+Text *new_text_default(Point *pos, Color *color, Alignment align);
 void text_destroy(Text *text);
 Text *text_copy(Text *text);
 gchar *text_get_line(Text *text, int line);
diff --git a/objects/FS/flow-ortho.c b/objects/FS/flow-ortho.c
index 81b87cb..2b842aa 100644
--- a/objects/FS/flow-ortho.c
+++ b/objects/FS/flow-ortho.c
@@ -86,7 +86,7 @@ Color orthflow_color_signal   = { 0.0f, 0.0f, 1.0f };
 #define ORTHFLOW_WIDTH 0.1
 #define ORTHFLOW_MATERIAL_WIDTH 0.2
 #define ORTHFLOW_DASHLEN 0.4
-#define ORTHFLOW_FONTHEIGHT 0.6
+#define ORTHFLOW_FONTHEIGHT 0.8
 #define ORTHFLOW_ARROWLEN 0.8
 #define ORTHFLOW_ARROWWIDTH 0.5
 #define HANDLE_MOVE_TEXT (HANDLE_CUSTOM2)
@@ -419,9 +419,9 @@ orthflow_create(Point *startpoint,
   p = *startpoint ;
   p.y += 0.1 * ORTHFLOW_FONTHEIGHT ;
   orthflow->textpos = p;
-  font = dia_font_new_from_style(DIA_FONT_SANS, 0.8);
+  font = dia_font_new_from_style(DIA_FONT_SANS, ORTHFLOW_FONTHEIGHT);
 
-  orthflow->text = new_text("", font, 0.8, &p, &color_black, ALIGN_CENTER);
+  orthflow->text = new_text("", font, ORTHFLOW_FONTHEIGHT, &p, &color_black, ALIGN_CENTER);
   dia_font_unref(font);  
   text_get_attributes(orthflow->text, &orthflow->attrs);
 
@@ -573,6 +573,12 @@ orthflow_load(ObjectNode obj_node, int version, const char *filename)
   attr = object_find_attribute(obj_node, "text");
   if (attr != NULL)
     orthflow->text = data_text(attribute_first_data(attr));
+  else { /* paranoid */
+    DiaFont *font = dia_font_new_from_style(DIA_FONT_SANS, ORTHFLOW_FONTHEIGHT);
+
+    orthflow->text = new_text("", font, ORTHFLOW_FONTHEIGHT, &obj->position, &color_black, ALIGN_CENTER);
+    dia_font_unref(font);
+  }
 
   attr = object_find_attribute(obj_node, "type");
   if (attr != NULL)
diff --git a/objects/FS/flow.c b/objects/FS/flow.c
index 0277c68..074e392 100644
--- a/objects/FS/flow.c
+++ b/objects/FS/flow.c
@@ -65,7 +65,7 @@ struct _Flow {
 #define FLOW_WIDTH 0.1
 #define FLOW_MATERIAL_WIDTH 0.2
 #define FLOW_DASHLEN 0.4
-#define FLOW_FONTHEIGHT 0.6
+#define FLOW_FONTHEIGHT 0.8
 #define FLOW_ARROWLEN 0.8
 #define FLOW_ARROWWIDTH 0.5
 #define HANDLE_MOVE_TEXT (HANDLE_CUSTOM1)
@@ -404,9 +404,9 @@ flow_create(Point *startpoint,
   point_add( &p, &conn->endpoints[0] ) ;
   flow->textpos = p;
 
-  font = dia_font_new_from_style(DIA_FONT_SANS, 0.8);
+  font = dia_font_new_from_style(DIA_FONT_SANS, FLOW_FONTHEIGHT);
 
-  flow->text = new_text("", font, 0.8, &p, &color_black, ALIGN_CENTER);
+  flow->text = new_text("", font, FLOW_FONTHEIGHT, &p, &color_black, ALIGN_CENTER);
   dia_font_unref(font);  
   text_get_attributes(flow->text, &flow->attrs);
 
@@ -541,6 +541,12 @@ flow_load(ObjectNode obj_node, int version, const char *filename)
   attr = object_find_attribute(obj_node, "text");
   if (attr != NULL)
     flow->text = data_text(attribute_first_data(attr));
+  else { /* pathologic */
+    DiaFont *font = dia_font_new_from_style(DIA_FONT_SANS, FLOW_FONTHEIGHT);
+
+    flow->text = new_text("", font, FLOW_FONTHEIGHT, &obj->position, &color_black, ALIGN_CENTER);
+    dia_font_unref(font);  
+  }
 
   attr = object_find_attribute(obj_node, "type");
   if (attr != NULL)
diff --git a/objects/FS/function.c b/objects/FS/function.c
index 074a8e9..370c39d 100644
--- a/objects/FS/function.c
+++ b/objects/FS/function.c
@@ -70,7 +70,7 @@ struct _FunctionChange {
   char*			text ;
 };
 
-#define FUNCTION_FONTHEIGHT 0.6
+#define FUNCTION_FONTHEIGHT 0.8
 #define FUNCTION_BORDERWIDTH_SCALE 6.0
 #define FUNCTION_MARGIN_SCALE 3.0
 #define FUNCTION_MARGIN_X 2.4
@@ -563,6 +563,11 @@ function_load(ObjectNode obj_node, int version, const char *filename)
   attr = object_find_attribute(obj_node, "text");
   if (attr != NULL)
     pkg->text = data_text(attribute_first_data(attr));
+  else { /* paranoid */
+    DiaFont *font = dia_font_new_from_style (DIA_FONT_SANS,FUNCTION_FONTHEIGHT);
+    pkg->text = new_text("", font, FUNCTION_FONTHEIGHT, &obj->position, &color_black, ALIGN_CENTER);
+    dia_font_unref(font);
+  }
 
   attr = object_find_attribute(obj_node, "is_wish");
   if (attr != NULL)
diff --git a/objects/flowchart/box.c b/objects/flowchart/box.c
index d9870cb..9b67927 100644
--- a/objects/flowchart/box.c
+++ b/objects/flowchart/box.c
@@ -752,6 +752,8 @@ box_load(ObjectNode obj_node, int version, const char *filename)
   attr = object_find_attribute(obj_node, "text");
   if (attr != NULL)
     box->text = data_text(attribute_first_data(attr));
+  else /* paranoid */
+    box->text = new_text_default(&obj->position, &box->border_color, ALIGN_CENTER);
 
   element_init(elem, 8, NUM_CONNECTIONS);
 
diff --git a/objects/flowchart/diamond.c b/objects/flowchart/diamond.c
index 705aea6..0bbbdba 100644
--- a/objects/flowchart/diamond.c
+++ b/objects/flowchart/diamond.c
@@ -635,6 +635,8 @@ diamond_load(ObjectNode obj_node, int version, const char *filename)
   attr = object_find_attribute(obj_node, "text");
   if (attr != NULL)
     diamond->text = data_text(attribute_first_data(attr));
+  else /* paranoid */
+    diamond->text = new_text_default(&obj->position, &diamond->border_color, ALIGN_CENTER);
 
   element_init(elem, 8, NUM_CONNECTIONS);
 
diff --git a/objects/flowchart/ellipse.c b/objects/flowchart/ellipse.c
index 6f75afc..2542604 100644
--- a/objects/flowchart/ellipse.c
+++ b/objects/flowchart/ellipse.c
@@ -612,6 +612,8 @@ ellipse_load(ObjectNode obj_node, int version, const char *filename)
   attr = object_find_attribute(obj_node, "text");
   if (attr != NULL)
     ellipse->text = data_text(attribute_first_data(attr));
+  else
+    ellipse->text = new_text_default(&obj->position, &ellipse->border_color, ALIGN_CENTER);
 
   element_init(elem, 8, NUM_CONNECTIONS);
 
diff --git a/objects/flowchart/parallelogram.c b/objects/flowchart/parallelogram.c
index c2e1e91..c7e20b1 100644
--- a/objects/flowchart/parallelogram.c
+++ b/objects/flowchart/parallelogram.c
@@ -699,6 +699,8 @@ pgram_load(ObjectNode obj_node, int version, const char *filename)
   attr = object_find_attribute(obj_node, "text");
   if (attr != NULL)
     pgram->text = data_text(attribute_first_data(attr));
+  else /* paranoid */
+    pgram->text = new_text_default(&obj->position, &pgram->border_color, ALIGN_CENTER);
 
   element_init(elem, 8, NUM_CONNECTIONS);
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]