On 13 May 2017 at 03:44, Benjamin Bales benjamin.bales@qbitlogic.com wrote:
I apologize for that. Here's the report in plain text format:
CodeAi (https://github.com/C0deAi), an automated repair tool developed at QbitLogic (www.qbitlogic.com), suggested the following fix. Could I submit it as a patch if it looks alright?
plugins/saveactions.c: “doc->file_type” pointer might be dereferenced when null on line 283. Initialization may be provided by “doc” passed in as a function argument, but a null check would be prudent just in case. The fix checks “doc->file_type” for null before allowing a dereference on the following line. A snapshot of the bug report generated by CodeAi is attached. A full report is available upon request.
diff --git a/plugins/saveactions.c b/plugins/saveactions.c @@ -280,8 +280,10 @@ static void instantsave_document_new_cb(GObject *obj, GeanyDocument *doc, gpoint doc->file_name = new_filename;
- if (doc->file_type->id == GEANY_FILETYPES_NONE)
- if(doc->file_type) {
- if (doc->file_type->id == GEANY_FILETYPES_NONE)
Actually thats the wrong fix, `document_set_filetype()` still needs to be called, it should be `if(doc->file_type == NULL || doc->file_type->id == GEANY_FILETYPES_NONE)` the same as line 272.
But actually a better fix would be just moving line 284 to after 275 and pass ft as the second argument, thus only calling `filetypes_lookup_by_name()` once and removing the suspect `if` altogether.
And actually the comment is likely wrong, file_type is no longer left NULL, its set to GEANY_FILETYPES_NONE if no filetype is set AFAICT, but that needs interfile tracing to document.c and filetypes.c and to find.
document_set_filetype(doc, filetypes_lookup_by_name(instantsave_default_ft));
- }
/* force saving the file to enable all the related actions(tab name, filetype, etc.) */ document_save_file(doc, TRUE);
Base-commit: 84253714771f48dbc7fab02f7de43f253734dee2
Please let me know if you are interested in seeing more fixes from our tool. Thanks!
Sincerely, Benjamin Bales CTO QbitLogic
On Fri, May 12, 2017 at 2:53 AM, Frank Lanitz frank@frank.uvena.de wrote:
Am 2017-05-11 22:34, schrieb Benjamin Bales:
ok, I'll submit a PR with some of the fixes that I think are good. Was the format of the bug report acceptable? Our tool integrates with static analyzers, and sometimes its tricky to include their reports in a way that is clear and concise. Of course, I will provide my own summary of the issues, but I would like to know if you found them helpful.
IMHO you should not send fancy formatted mails like this. Never ever. Plaintext. It's proper readable on every client in special when it's such a technical subject.
Beside of the format I'm afraid I did not check the content too carefully (as the format did also block me from fast reading).
Cheers, Frank
-- Benjamin Bales Chief Technology Officer
1050 Crown Pointe Pkwy, Ste. 840 Atlanta, GA 30338 470-554-2690
CONFIDENTIALITY NOTICE
This e-mail and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to which they are addressed. This communication may contain privileged attorney material or other Property and Confidential matter. If you are not the intended recipient or the person responsible for delivering the e-mail for the intended person, be advised that you have received this e-mail in error and that any use, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you believe you have received this e-mail in error, please immediately delete this e-mail and notify Benjamin Bales by telephoning 470-554-2690.
Devel mailing list Devel@lists.geany.org https://lists.geany.org/cgi-bin/mailman/listinfo/devel