pjproject icon indicating copy to clipboard operation
pjproject copied to clipboard

Published 20 hours ago verified publisher icon pjsip

Fix coverity warning

Open trengginas opened this issue 7 months ago • 0 comments

Warnings from coverity:

*** CID 1547500:  Integer handling issues  (INTEGER_OVERFLOW)
/pjsip/src/pjsip-ua/sip_100rel.c: 293 in pjsip_100rel_create_prack()
287             dd->uac_state_list = uac_state;
288         }
289     
290         /* If this is from new INVITE transaction, reset UAC state. */
291         if (rdata->msg_info.cseq->cseq != uac_state->cseq) {
292             uac_state->cseq = rdata->msg_info.cseq->cseq;
>>>     CID 1547500:  Integer handling issues  (INTEGER_OVERFLOW)
>>>     Expression "rseq - 1U", which is equal to 4294967295, where "rseq" is known to be equal to 0, underflows the type that receives it, an unsigned integer 32 bits wide.
293             uac_state->rseq = rseq - 1;
294         }
295     
296         /* Ignore provisional response retransmission */
297         if (rseq <= uac_state->rseq) {
298             /* This should have been handled before */

From ref, the RSeq value must be set to 1 to 2**32 -1. The patch will check for the RSeq value and make sure it is greater than 1.

*** CID 1547498:  Error handling issues  (CHECKED_RETURN)
/pjmedia/src/pjmedia/endpoint.c: 806 in pjmedia_endpt_create_video_sdp()
800             /* Must support RTP packetization */
801             if ((codec_info[i].packings & PJMEDIA_VID_PACKING_PACKETS) == 0)
802             {
803                 continue;
804             }
805     
>>>     CID 1547498:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "pjmedia_vid_codec_mgr_get_default_param" without checking return value (as is done elsewhere 8 out of 10 times).
806             pjmedia_vid_codec_mgr_get_default_param(NULL, &codec_info[i],
807                                                     &codec_param);
808     
809             fmt = &m->desc.fmt[m->desc.fmt_count++];
810             fmt->ptr = (char*) pj_pool_alloc(pool, 8);
811             fmt->slen = pj_utoa(codec_info[i].pt, fmt->ptr);

Fix by adding check to the return value from pjmedia_vid_codec_mgr_get_default_param().

*** CID 1547497:  Incorrect expression  (COPY_PASTE_ERROR)
/pjlib/src/pjlib-test/ioq_tcp.c: 890 in compliance_test_2()
884                 server[i].sock = PJ_INVALID_SOCKET;
885             }
886     
887             if (client[i].key != NULL) {
888                 pj_ioqueue_unregister(client[i].key);
889                 client[i].key = NULL;
>>>     CID 1547497:  Incorrect expression  (COPY_PASTE_ERROR)
>>>     "server" in "server[i].sock" looks like a copy-paste error.
890                 server[i].sock = PJ_INVALID_SOCKET;
891             } else if (client[i].sock != PJ_INVALID_SOCKET) {
892                 pj_sock_close(client[i].sock);
893                 client[i].sock = PJ_INVALID_SOCKET;
894             }
895         }

It should be client sock.

trengginas avatar Jun 26 '24 03:06 trengginas