uselessAssignmentPtrArg
  • In that case, parameter "ptrs" is used as another local variable of the function. The developer knows what she's doing even though it is not the best of practices.
    • ]]>         insecureCmdLineArgs
  • This code is a compiler used to generate C code out of CORBA IDL files at compilation time. It takes files included in the filesystem distribution which names are short enough to not trigger an overflow. The overflow is sill possible since most filesystems allow for up to 255 characters in file names which added to the ".cnf" string would exceed the buffer size.
  • After quality control we decided to bump it up to "quality".
    • ]]>         memleak
  • Memory is indeed leaked as the original pointer stored in "ptmpstr" is lost at every iteration of the loop.

    I don't think the leek is significant but it is an easy fix.
    • ]]>         memleak
  • Memory is indeed leaked as the original pointer stored in "ptmpstr" is lost at every iteration of the loop.

    I don't think the leek is significant but it is an easy fix.
    • ]]>         memleak
  • Memory is indeed leaked as the original pointer stored in "ptmpstr" is lost at every iteration of the loop.

    I don't think the leek is significant but it is an easy fix.
    • ]]>         uselessAssignmentPtrArg
  • Pointer "resultData" is a dead store. It is useless indeed to set it to NULL and it is never used anyway.
  • I should add that it is not worth fixing this issue since it has no incidence whatsoever on the execution of the program.
    • ]]>         uninitstring
  • String "u3_host_exec_path" could potentially be as long as "MAX_PATH" so when concatenated to string "\\*.pid" would overflow buffer "dir_spec".

    As unlikely as it might seem, it is easy to fix so I rate it as quality.
    • ]]>         nullPointer
  • Pointer "loal" is never null when calling function "load_loal_error()" so no NPD ever occurs. It is indeed redundant to check for it but does not infer on the execution of the program.
    • ]]>         uninitMemberVar
  • Method "getSize()" returning private member "m_size" is never used so the lack of initialization will never cause problems.

    It would be easy to fix anyhow.
    • ]]>         memleakOnRealloc