[Geany-Devel] CodeAi Fixes a Null Pointer Dereference

Fri May 12 17:44:43 UTC 2017

I apologize for that.  Here's the report in plain text format:

CodeAi (https://github.com/C0deAi), an automated repair tool developed
at QbitLogic (www.qbitlogic.com), suggested the following fix. Could I
submit it as a patch if it looks alright?

plugins/saveactions.c: “doc->file_type” pointer might be dereferenced
when null on line 283.  Initialization may be provided by “doc” passed
in as a function argument, but a null check would be prudent just in
case. The fix checks “doc->file_type” for null before allowing a
dereference on the following line.  A snapshot of the bug report
generated by CodeAi is attached.  A full report is available upon
request.

diff --git a/plugins/saveactions.c b/plugins/saveactions.c
@@ -280,8 +280,10 @@ static void instantsave_document_new_cb(GObject
*obj, GeanyDocument *doc, gpoint
doc->file_name = new_filename;
- if (doc->file_type->id == GEANY_FILETYPES_NONE)
+ if(doc->file_type) {
+ if (doc->file_type->id == GEANY_FILETYPES_NONE)
document_set_filetype(doc, filetypes_lookup_by_name(instantsave_default_ft));
+ }
/* force saving the file to enable all the related actions(tab name,
filetype, etc.) */
document_save_file(doc, TRUE);

Base-commit: 84253714771f48dbc7fab02f7de43f253734dee2

Please let me know if you are interested in seeing more fixes from our
tool. Thanks!

Sincerely,
Benjamin Bales
CTO QbitLogic

On Fri, May 12, 2017 at 2:53 AM, Frank Lanitz <frank at frank.uvena.de> wrote:
> Am 2017-05-11 22:34, schrieb Benjamin Bales:
>>
>> ok, I'll submit a PR with some of the fixes that I think are good.  Was
>> the
>> format of the bug report acceptable?  Our tool integrates with static
>> analyzers, and sometimes its tricky to include their reports in a way that
>> is clear and concise.  Of course, I will provide my own summary of the
>> issues, but I would like to know if you found them helpful.
>
>
>
> IMHO you should not send fancy formatted mails like this. Never ever.
> Plaintext.  It's proper readable on every client in special when it's such a
> technical subject.
>
> Beside of the format I'm afraid I did not check the content too carefully
> (as the format did also block me from fast reading).
>
> Cheers,
> Frank



-- 
Benjamin Bales
Chief Technology Officer

1050 Crown Pointe Pkwy, Ste. 840
Atlanta, GA 30338
470-554-2690

CONFIDENTIALITY NOTICE

This e-mail and any files transmitted with it are confidential and are
intended solely for the use of the individual or entity to which they
are addressed.  This communication may contain privileged attorney
material or other Property and Confidential matter.  If you are not
the intended recipient or the person responsible for delivering the
e-mail for the intended person, be advised that you have received this
e-mail in error and that any use, dissemination, forwarding, printing,
or copying of this e-mail is strictly prohibited.  If you believe you
have received this e-mail in error, please immediately delete this
e-mail and notify Benjamin Bales by telephoning 470-554-2690.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: saveactions_c_283_null_pointer_deref.png
Type: image/png
Size: 116083 bytes
Desc: not available
URL: <http://lists.geany.org/pipermail/devel/attachments/20170512/d62ef23d/attachment-0001.png>
