Bug 372872

Summary: Possible Null-Pointer dereference in AlbumManager [patch]
Product: [Applications] digikam Reporter: Mario Frank <mario.frank>
Component: Searches-SimilarityAssignee: Digikam Developers <digikam-bugs-null>
Status: RESOLVED FIXED    
Severity: normal CC: caulier.gilles, mario.frank
Priority: NOR    
Version: 5.4.0   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: https://commits.kde.org/digikam/b5a252ea99b1bd77b581d88b68aa9ba8a2c1b4c8 Version Fixed In: 5.4.0
Attachments: Patch for the possible NULL Pointer derefernce

Description Mario Frank 2016-11-24 07:34:50 UTC 
Created attachment 102429 [details]
Patch for the possible NULL Pointer derefernce

As reported by coverty scan:
*** CID 1394671:  Null pointer dereferences  (FORWARD_NULL)
/home/gilles/Devel/5.x/core/libs/album/albummanager.cpp: 2080 in Digikam::AlbumManager::findSAlbumsBySearchType(int) const()
2074     
2075     QList<SAlbum*> AlbumManager::findSAlbumsBySearchType(int searchType) const
2076     {
2077         QList<SAlbum*> albums;
2078         for (Album* album = d->rootSAlbum->firstChild(); album; album = album->next())
2079         {
>>>     CID 1394671:  Null pointer dereferences  (FORWARD_NULL)
>>>     Assigning: "sAlbum" = "dynamic_cast <Digikam::SAlbum *>(album)".
2080             SAlbum* sAlbum = dynamic_cast<SAlbum*>(album);
2081             if (sAlbum->searchType() == searchType)
2082             {
2083                 albums.append(sAlbum);
2084             }
2085         }

As I understand that, either firstChild() may return NULL which is processed by dynamic_cast and this may also return NULL.
I prevent that by explicitly checking for NULL.
Comment 1 caulier.gilles 2016-11-24 10:27:22 UTC 
Confirmed by Coverity Static analyzer :

1 new defect(s) introduced to digiKam found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1394671:  Null pointer dereferences  (FORWARD_NULL)
/home/gilles/Devel/5.x/core/libs/album/albummanager.cpp: 2080 in Digikam::AlbumManager::findSAlbumsBySearchType(int) const()


________________________________________________________________________________________________________
*** CID 1394671:  Null pointer dereferences  (FORWARD_NULL)
/home/gilles/Devel/5.x/core/libs/album/albummanager.cpp: 2080 in Digikam::AlbumManager::findSAlbumsBySearchType(int) const()
2074
2075     QList<SAlbum*> AlbumManager::findSAlbumsBySearchType(int searchType) const
2076     {
2077         QList<SAlbum*> albums;
2078         for (Album* album = d->rootSAlbum->firstChild(); album; album = album->next())
2079         {
>>>     CID 1394671:  Null pointer dereferences  (FORWARD_NULL)
>>>     Assigning: "sAlbum" = "dynamic_cast <Digikam::SAlbum *>(album)".
2080             SAlbum* sAlbum = dynamic_cast<SAlbum*>(album);
2081             if (sAlbum->searchType() == searchType)
2082             {
2083                 albums.append(sAlbum);
2084             }
2085         }
Comment 2 caulier.gilles 2016-11-24 10:29:14 UTC 
Git commit b5a252ea99b1bd77b581d88b68aa9ba8a2c1b4c8 by Gilles Caulier.
Committed on 24/11/2016 at 10:28.
Pushed by cgilles into branch 'master'.

apply patch #102429 from Mario Frank
FIXED-IN: 5.4.0

M  +2    -1    NEWS
M  +6    -3    libs/album/albummanager.cpp

https://commits.kde.org/digikam/b5a252ea99b1bd77b581d88b68aa9ba8a2c1b4c8