search

j4s0n-c / trowaSoft-VCV

trowaSoft Modules for VCV Rack
Other
105 stars 17 forks source link

Static analysis issues #72

Open cschol opened 1 year ago

cschol commented 1 year ago

We are running static analysis with CodeQL and cppcheck as part of the integration process and the following issues were found:

Running cppcheck analysis...
src/Module_multiSeq.cpp:510:55: error: Undefined behavior: Variable 'addrBuff' is used as parameter and destination in sprintf(). [sprintfOverlappingData]
     sprintf(addrBuff, OSC_TOUCH_OSC_CHANGE_COLOR_FS, addrBuff);
                                                      ^
src/Module_multiSeq.cpp:516:55: error: Undefined behavior: Variable 'addrBuff' is used as parameter and destination in sprintf(). [sprintfOverlappingData]
     sprintf(addrBuff, OSC_TOUCH_OSC_CHANGE_COLOR_FS, addrBuff);
                                                      ^
src/Module_trigSeq.cpp:190:55: error: Undefined behavior: Variable 'addrBuff' is used as parameter and destination in sprintf(). [sprintfOverlappingData]
     sprintf(addrBuff, OSC_TOUCH_OSC_CHANGE_COLOR_FS, addrBuff);
                                                      ^
src/Module_voltSeq.cpp:402:55: error: Undefined behavior: Variable 'addrBuff' is used as parameter and destination in sprintf(). [sprintfOverlappingData]
     sprintf(addrBuff, OSC_TOUCH_OSC_CHANGE_COLOR_FS, addrBuff);
                                                      ^
src/Module_voltSeq.cpp:408:55: error: Undefined behavior: Variable 'addrBuff' is used as parameter and destination in sprintf(). [sprintfOverlappingData]
     sprintf(addrBuff, OSC_TOUCH_OSC_CHANGE_COLOR_FS, addrBuff);
                                                      ^
src/TSOSCCommunicator.cpp:229:15: error: Memory pointed to by 'second' is freed twice. [doubleFree]
   delete it->second; // Delete port info
              ^
src/TSOSCCommunicator.cpp:210:15: note: Memory pointed to by 'second' is freed twice.
   delete it->second; // Delete port info
              ^
src/TSOSCCommunicator.cpp:229:15: note: Memory pointed to by 'second' is freed twice.
   delete it->second; // Delete port info
              ^
src/TSOSCSequencerListener.cpp:20:9: error: Uninitialized struct member: msg.pattern [uninitStructMember]
 return msg;
        ^
src/TSOSCSequencerListener.cpp:20:9: error: Uninitialized struct member: msg.channel [uninitStructMember]
 return msg;
        ^
src/TSOSCSequencerListener.cpp:20:9: error: Uninitialized struct member: msg.step [uninitStructMember]
 return msg;
        ^
src/TSOSCSequencerListener.cpp:20:9: error: Uninitialized struct member: msg.mode [uninitStructMember]
 return msg;
        ^
src/TSOSCSequencerListener.cpp:20:9: error: Uninitialized struct member: msg.val [uninitStructMember]
 return msg;
        ^
src/TSOSCSequencerListener.cpp:28:9: error: Uninitialized struct member: msg.pattern [uninitStructMember]
 return msg;
        ^
src/TSOSCSequencerListener.cpp:28:9: error: Uninitialized struct member: msg.channel [uninitStructMember]
 return msg;
        ^
src/TSOSCSequencerListener.cpp:28:9: error: Uninitialized struct member: msg.step [uninitStructMember]
 return msg;
        ^
src/TSOSCSequencerListener.cpp:28:9: error: Uninitialized struct member: msg.val [uninitStructMember]
 return msg;
        ^
src/TSOSCSequencerListener.cpp:39:9: error: Uninitialized struct member: msg.mode [uninitStructMember]
 return msg;
        ^
src/TSOSCSequencerListener.cpp:20:9: error: Uninitialized variables: msg.pattern, msg.channel, msg.step, msg.mode, msg.val [uninitvar]
 return msg;
        ^
src/TSOSCSequencerListener.cpp:28:9: error: Uninitialized variables: msg.pattern, msg.channel, msg.step, msg.val [uninitvar]
 return msg;
        ^
src/TSOSCSequencerListener.cpp:39:9: error: Uninitialized variable: msg.mode [uninitvar]
 return msg;
        ^

Please take a look and see if any need to be addressed.

Note, that I will not hold the integration for the current version. These issues can be fixed for the next version. Thank you!

chichian commented 1 year ago

Thanks. Will fix in next push.

cschol commented 1 year ago

These are still present:

Running cppcheck analysis...
src/TSOSCSequencerListener.cpp:20:9: error: Uninitialized variables: msg.pattern, msg.channel, msg.step, msg.mode, msg.val [uninitvar]
 return msg;
        ^
src/TSOSCSequencerListener.cpp:28:9: error: Uninitialized variables: msg.pattern, msg.channel, msg.step, msg.val [uninitvar]
 return msg;
        ^
src/TSOSCSequencerListener.cpp:39:9: error: Uninitialized variable: msg.mode [uninitvar]
 return msg;
        ^

Everything else shows fixed. No rush on these. Thank you for fixing the other ones.

chichian commented 1 year ago

Thanks. My quick fix didn't work then. Will look at it again later.