Примеры ошибок, обнаруженных с помощью диагностики V778
V778. Two similar code fragments. Perhaps, it is a typo and 'X' variable should be used instead of 'Y'.
LLVM/Clang
V778 Two similar code fragments were found. Perhaps, this is a typo and 'FS' variable should be used instead of 'TS'. hexagonearlyifconv.cpp 549
bool HexagonEarlyIfConversion::isProfitable(....) const
{
....
unsigned TS = 0, FS = 0, Spare = 0;
if (FP.TrueB) {
TS = std::distance(FP.TrueB->begin(),
FP.TrueB->getFirstTerminator());
if (TS < HEXAGON_PACKET_SIZE)
Spare += HEXAGON_PACKET_SIZE-TS; // <=
}
if (FP.FalseB) {
FS = std::distance(FP.FalseB->begin(),
FP.FalseB->getFirstTerminator());
if (FS < HEXAGON_PACKET_SIZE)
Spare += HEXAGON_PACKET_SIZE-TS; // <=
}
unsigned TotalIn = TS+FS;
....
}
.NET CoreCLR
V778 Two similar code fragments were found. Perhaps, this is a typo and 'IMAGE_LOADED_FOR_INTROSPECTION' variable should be used instead of 'IMAGE_LOADED'. cee_dac peimage.cpp 811
void PEImage::EnumMemoryRegions(CLRDataEnumMemoryFlags flags)
{
....
if (m_pLayouts[IMAGE_LOADED].IsValid() &&
m_pLayouts[IMAGE_LOADED]!=NULL)
m_pLayouts[IMAGE_LOADED]->EnumMemoryRegions(flags);
if (m_pLayouts[IMAGE_LOADED_FOR_INTROSPECTION].IsValid() &&
m_pLayouts[IMAGE_LOADED]!=NULL) // <=
m_pLayouts[IMAGE_LOADED_FOR_INTROSPECTION]->
EnumMemoryRegions(flags);
}
.NET CoreCLR
V778 Two similar code fragments were found. Perhaps, this is a typo and 'weight2' variable should be used instead of 'weight1'. clrjit lclvars.cpp 2702
int __cdecl Compiler::RefCntCmp(const void* op1, const void* op2)
{
....
if (weight1)
{
....
if (varTypeIsGC(dsc1->TypeGet()))
{
weight1 += BB_UNITY_WEIGHT / 2;
}
if (dsc1->lvRegister)
{
weight1 += BB_UNITY_WEIGHT / 2;
}
}
if (weight1)
{
....
if (varTypeIsGC(dsc2->TypeGet()))
{
weight1 += BB_UNITY_WEIGHT / 2; // <=
}
if (dsc2->lvRegister)
{
weight2 += BB_UNITY_WEIGHT / 2;
}
}
....
}
.NET CoreCLR
V778 Two similar code fragments were found. Perhaps, this is a typo and 'g_szBuf_ProperName' variable should be used instead of 'g_szBuf_UnquotedProperName'. ildasm dasm.cpp 486
void Uninit()
{
....
if (g_szBuf_UnquotedProperName != NULL)
{
SDELETE(g_szBuf_UnquotedProperName);
}
if (g_szBuf_UnquotedProperName != NULL) // <=
{
SDELETE(g_szBuf_ProperName);
}
....
}
FreeBSD Kernel
V778 Two similar code fragments were found. Perhaps, this is a typo and 'cap_resy' variable should be used instead of 'cap_resx'. cyapa.c 1458
static int
cyapa_raw_input(struct cyapa_softc *sc,
struct cyapa_regs *regs, int freq)
{
....
if (sc->delta_x > sc->cap_resx)
sc->delta_x = sc->cap_resx;
if (sc->delta_x < -sc->cap_resx)
sc->delta_x = -sc->cap_resx;
if (sc->delta_y > sc->cap_resx) // <=
sc->delta_y = sc->cap_resy;
if (sc->delta_y < -sc->cap_resy)
sc->delta_y = -sc->cap_resy;
....
}
Aspell
V778 Two similar code fragments were found. Perhaps, this is a typo and 'others_' variable should be used instead of 'first_'. config.cpp 185
void Config::del()
{
while (first_) {
Entry * tmp = first_->next;
delete first_;
first_ = tmp;
}
while (others_) {
Entry * tmp = others_->next;
delete first_;
others_ = tmp;
}
....
}
Tizen
V778 Two similar code fragments were found. Perhaps, this is a typo and 'm_navigatorToolbar' variable should be used instead of 'm_modulesToolbar'. BookmarkManagerUI.cpp 66
BookmarkManagerUI::~BookmarkManagerUI()
{
BROWSER_LOGD("[%s:%d] ", __PRETTY_FUNCTION__, __LINE__);
if (m_modulesToolbar) {
evas_object_smart_callback_del(m_modulesToolbar,
"language,changed", _modules_toolbar_language_changed);
evas_object_del(m_modulesToolbar);
}
if (m_navigatorToolbar) {
evas_object_smart_callback_del(m_navigatorToolbar,
"language,changed", _navigation_toolbar_language_changed);
evas_object_del(m_modulesToolbar);
}
....
}
PDFium
V778 CWE-682 Two similar code fragments were found. Perhaps, this is a typo and 'res_y' variable should be used instead of 'res_x'. cfx_imagetransformer.cpp 201
void Transform(int x, int y, int* x1,
int* y1, int* res_x, int* res_y) const
{
....
if (*res_x < 0 && *res_x > -kBase)
*res_x = kBase + *res_x;
if (*res_y < 0 && *res_x > -kBase)
*res_y = kBase + *res_y;
}
}
A typo. No check: *res_y > -kBase.
SwiftShader
V778 CWE-682 Two similar code fragments were found. Perhaps, this is a typo and 'SymTab' variable should be used instead of 'ShStrTab'. iceelfobjectwriter.cpp 194
class ELFObjectWriter {
....
ELFStringTableSection *ShStrTab;
ELFSymbolTableSection *SymTab;
ELFStringTableSection *StrTab;
....
};
void ELFObjectWriter::assignSectionNumbersInfo(
SectionList &AllSections)
{
....
ShStrTab->setNumber(CurSectionNumber++);
ShStrTab->setNameStrIndex(
ShStrTab->getIndex(ShStrTab->getName()));
AllSections.push_back(ShStrTab);
SymTab->setNumber(CurSectionNumber++);
SymTab->setNameStrIndex(ShStrTab->getIndex(SymTab->getName()));
AllSections.push_back(SymTab);
StrTab->setNumber(CurSectionNumber++);
StrTab->setNameStrIndex(ShStrTab->getIndex(StrTab->getName()));
AllSections.push_back(StrTab);
....
}
Apparently, this code was written using the Copy-Paste method. In doing so, in the second block of text one forgot to change hStrTab->getIndex with SymTab->getIndex. And in the third did not replace hStrTab->getIndex with StrTab->getIndex.
EA WebKit
V778 CWE-682 Two similar code fragments were found. Perhaps, this is a typo and 'height' variable should be used instead of 'width'. ng_fragment_builder.cc 326
void NGFragmentBuilder::ComputeInlineContainerFragments(....)
{
....
value.start_fragment_union_rect.size.width =
std::max(descendant.offset_to_container_box.left +
descendant.fragment->Size().width -
value.start_fragment_union_rect.offset.left,
value.start_fragment_union_rect.size.width);
value.start_fragment_union_rect.size.height =
std::max(descendant.offset_to_container_box.top +
descendant.fragment->Size().height -
value.start_fragment_union_rect.offset.top,
value.start_fragment_union_rect.size.width); // <=
....
}
Apparently, this code was written using the Copy-Paste method. At the very end one forgot to change width with height.
Android
V778 CWE-682 Two similar code fragments were found. Perhaps, this is a typo and 'abort' variable should be used instead of 'continu'. btif_rc.cc 1554
static void btif_rc_upstreams_evt(....)
{
....
case AVRC_PDU_REQUEST_CONTINUATION_RSP: {
BTIF_TRACE_EVENT(
"%s() REQUEST CONTINUATION: target_pdu: 0x%02d",
__func__, pavrc_cmd->continu.target_pdu);
tAVRC_RESPONSE avrc_rsp;
if (p_dev->rc_connected == TRUE) {
memset(&(avrc_rsp.continu), 0, sizeof(tAVRC_NEXT_RSP));
avrc_rsp.continu.opcode =
opcode_from_pdu(AVRC_PDU_REQUEST_CONTINUATION_RSP);
avrc_rsp.continu.pdu = AVRC_PDU_REQUEST_CONTINUATION_RSP;
avrc_rsp.continu.status = AVRC_STS_NO_ERROR;
avrc_rsp.continu.target_pdu = pavrc_cmd->continu.target_pdu;
send_metamsg_rsp(p_dev, -1, label, ctype, &avrc_rsp);
}
} break;
case AVRC_PDU_ABORT_CONTINUATION_RSP: {
BTIF_TRACE_EVENT(
"%s() ABORT CONTINUATION: target_pdu: 0x%02d", __func__,
pavrc_cmd->abort.target_pdu);
tAVRC_RESPONSE avrc_rsp;
if (p_dev->rc_connected == TRUE) {
memset(&(avrc_rsp.abort), 0, sizeof(tAVRC_NEXT_RSP));
avrc_rsp.abort.opcode =
opcode_from_pdu(AVRC_PDU_ABORT_CONTINUATION_RSP);
avrc_rsp.abort.pdu = AVRC_PDU_ABORT_CONTINUATION_RSP;
avrc_rsp.abort.status = AVRC_STS_NO_ERROR;
avrc_rsp.abort.target_pdu = pavrc_cmd->continu.target_pdu;
send_metamsg_rsp(p_dev, -1, label, ctype, &avrc_rsp);
}
}
break;
....
}
Godot Engine
V778 CWE-682 Two similar code fragments were found. Perhaps, this is a typo and 'v_scroll' variable should be used instead of 'h_scroll'. scroll_container.cpp 249
void ScrollContainer::_notification(int p_what) {
....
if (h_scroll->is_visible_in_tree() && h_scroll->get_parent() == this)
size.y -= h_scroll->get_minimum_size().y;
if (v_scroll->is_visible_in_tree() && v_scroll->get_parent() == this)
size.x -= h_scroll->get_minimum_size().x;
....
}
LibrePCB
V778 CWE-682 Two similar code fragments were found. Perhaps, this is a typo and 'eMaxPair' variable should be used instead of 'e'. clipper.cpp 2999
void Clipper::DoMaxima(TEdge *e)
{
....
if (e->OutIdx >= 0)
{
AddOutPt(e, e->Top);
e->OutIdx = Unassigned;
}
DeleteFromAEL(e);
if (eMaxPair->OutIdx >= 0)
{
AddOutPt(eMaxPair, e->Top); // <=
eMaxPair->OutIdx = Unassigned;
}
DeleteFromAEL(eMaxPair);
....
}
Apparently, this code was written using the Copy-Paste method. In doing so, in the second block of text one forgot to change e->Top with eMaxPair->Top.
LLVM/Clang
V778 [CWE-682] Two similar code fragments were found. Perhaps, this is a typo and 'Op1' variable should be used instead of 'Op0'. InstCombineCompares.cpp 5507
Instruction *InstCombiner::visitFCmpInst(FCmpInst &I) {
....
if (!match(Op0, m_PosZeroFP()) && isKnownNeverNaN(Op0, &TLI)) {
I.setOperand(0, ConstantFP::getNullValue(Op0->getType()));
return &I;
}
if (!match(Op1, m_PosZeroFP()) && isKnownNeverNaN(Op1, &TLI)) {
I.setOperand(1, ConstantFP::getNullValue(Op0->getType())); // <=
return &I;
}
....
}
GCC
V778 Two similar code fragments were found. Perhaps, this is a typo and 's2' variable should be used instead of 's'. cfgcleanup.c 2126
static bool
try_crossjump_to_edge (int mode, edge e1, edge e2,
enum replace_direction dir)
{
....
if (FORWARDER_BLOCK_P (s->dest))
s->dest->count += s->count ();
if (FORWARDER_BLOCK_P (s2->dest))
s2->dest->count -= s->count ();
....
}
Newton Game Dynamics
V778 Two similar code fragments were found. Perhaps, this is a typo and 'm_colorChannel' variable should be used instead of 'm_binormalChannel'. dgMeshEffect1.cpp 1887
void dgMeshEffect::EndBuildFace ()
{
....
if (m_attrib.m_binormalChannel.m_count) <=
{
attibutes.m_binormalChannel.
PushBack(m_attrib.m_binormalChannel[m_constructionIndex + i]);
}
if (m_attrib.m_binormalChannel.m_count) <=
{
attibutes.m_colorChannel.
PushBack(m_attrib.m_colorChannel[m_constructionIndex + i]);
}
Amnesia: The Dark Descent
V778 Two similar code fragments were found. Perhaps, this is a typo and 'mvSearcherIDs' variable should be used instead of 'mvAttackerIDs'. LuxSavedGameTypes.cpp 615
void cLuxMusicHandler_SaveData::ToMusicHandler(....)
{
....
// Enemies
//Attackers
for(size_t i=0; i<mvAttackerIDs.Size(); ++i)
{
iLuxEntity *pEntity = apMap
->GetEntityByID(mvAttackerIDs[i]);
if(....)
{
....
}
else
{
Warning("....", mvAttackerIDs[i]);
}
}
//Searchers
for(size_t i=0; i<mvSearcherIDs.Size(); ++i)
{
iLuxEntity *pEntity = apMap->GetEntityByID(mvSearcherIDs[i]);
if(....)
{
....
}
else
{
Warning("....", mvAttackerIDs[i]);
}
}
}
MuseScore
V778 Two similar code fragments were found. Perhaps, this is a typo and 'description' variable should be used instead of 'name'. instrumentsreader.cpp 407
void InstrumentsReader::fillByDeffault(Instrument& instrument) const
{
....
if (instrument.name.isEmpty() && !instrument.longNames.isEmpty()) {
instrument.name = instrument.longNames[0].name();
}
if (instrument.description.isEmpty() && !instrument.longNames.isEmpty()) {
instrument.description = instrument.longNames[0].name();
}
....
}
YTsaurus
V778 Two similar code fragments were found. Perhaps, this is a typo and 'LeaderUpdatePeriod' variable should be used instead of 'LimitUpdatePeriod'. distributed_throttler.cpp:942, distributed_throttler.cpp:939
void Reconfigure(TDistributedThrottlerConfigPtr config) override
{
MemberClient_->Reconfigure(config->MemberClient);
DiscoveryClient_->Reconfigure(config->DiscoveryClient);
auto oldConfig = Config_.Acquire();
if (oldConfig->LimitUpdatePeriod != config->LimitUpdatePeriod)
{
UpdateLimitsExecutor_->SetPeriod(config->LimitUpdatePeriod); // <=
}
if (oldConfig->LeaderUpdatePeriod != config->LeaderUpdatePeriod)
{
UpdateLeaderExecutor_->SetPeriod(config->LimitUpdatePeriod); // <=
}
....
Config_.Store(std::move(config));
}
YTsaurus
V778 Two similar code fragments were found. Perhaps, this is a typo and 'r' variable should be used instead of 'q'. parser.c:4771:1
static void xmlParseCommentComplex(xmlParserCtxtPtr ctxt, xmlChar *buf,
size_t len, size_t size)
{
....
q = CUR_CHAR(ql);
....
if (!IS_CHAR(q))
{
xmlFatalErrMsgInt(ctxt, XML_ERR_INVALID_CHAR,
"xmlParseComment: invalid xmlChar value %d\n",
q);
....
}
....
r = CUR_CHAR(rl);
....
if (!IS_CHAR(r))
{
xmlFatalErrMsgInt(ctxt, XML_ERR_INVALID_CHAR,
"xmlParseComment: invalid xmlChar value %d\n",
q); // <=
xmlFree (buf);
return;
}
....
}
GZDoom
V778 Two similar code fragments were found. Perhaps, this is a typo and 'bottom' variable should be used instead of 'top'. hw_vertexbuilder.cpp 407
static void CreateIndexedFlatVertices(FFlatVertexBuffer* fvb,
TArray<sector_t>& sectors)
{
....
for (auto& sec : sectors)
{
for (auto ff : sec.e->XFloor.ffloors)
{
if (ff->top.model == &sec)
{
ff->top.vindex = sec.iboindex[ff->top.isceiling];
}
if (ff->bottom.model == &sec)
{
ff->bottom.vindex = sec.iboindex[ff->top.isceiling];
}
}
}
}
Godot Engine
V778 Two similar code fragments were found. Perhaps, this is a typo and 'y' variable should be used instead of 'x'. font.cpp 1970
Error FontFile::load_bitmap_font(const String &p_path)
{
if (kpk.x >= 0x80 && kpk.x <= 0xFF) // <=
{
kpk.x = _oem_to_unicode[encoding][kpk.x - 0x80];
} else if (kpk.x > 0xFF){
WARN_PRINT(vformat("Invalid BMFont OEM character %x "
"(should be 0x00-0xFF).", kpk.x)); // <=
kpk.x = 0x00;
}
if (kpk.y >= 0x80 && kpk.y <= 0xFF) // <=
{
kpk.y = _oem_to_unicode[encoding][kpk.y - 0x80];
} else if (kpk.y > 0xFF){
WARN_PRINT(vformat("Invalid BMFont OEM character %x"
"(should be 0x00-0xFF).", kpk.x)); // <=
kpk.y = 0x00;
}
....
}