Address CWE-404 faults in tests for pdalc_pipeline, pdalc_pointlayout, and pdalc_pointviewiterator

jimmysoda · jimmysoda · commit a40336dc0b5b · 2019-05-15T16:13:33.000-04:00
Addresses resource leaks identified by Coverity Scan. See: * http://cwe.mitre.org/data/definitions/404.html * https://scan4.coverity.com/doc/en/cov_checker_ref.html#static_checker_RESOURCE_LEAK
diff --git a/tests/pdal/test_pdalc_pipeline.c.in b/tests/pdal/test_pdalc_pipeline.c.in
@@ -32,8 +32,9 @@
 #define __STDC_WANT_LIB_EXT1__ 1
 #endif
 
-#include <stdio.h>
 #include <assert.h>
+#include <stdio.h> // for sscanf and sscanf_s
+#include <string.h> // for strncmp
 
 #include <pdal/pdalc_pipeline.h>
 
@@ -351,14 +352,12 @@ TEST testPDALValidatePipeline(void)
     PDALPipelinePtr pipeline = PDALCreatePipeline(gPipelineJson);
     ASSERT(pipeline);
     valid = PDALValidatePipeline(pipeline);
+    PDALDisposePipeline(pipeline);
 
     if (!valid)
     {
-        PDALDisposePipeline(pipeline);
-        pipeline = NULL;
         FAILm("PDALValidatePipeline returned false for a valid pipeline");
     }
-    ASSERTm("Valid pipeline evaluated as invalid", valid);
 
     PASS();
 }
diff --git a/tests/pdal/test_pdalc_pointlayout.c.in b/tests/pdal/test_pdalc_pointlayout.c.in
@@ -28,6 +28,7 @@
  *****************************************************************************/
 
 #include <assert.h>
+#include <math.h> // for fabs
 
 #include <pdal/pdalc.h>
 
@@ -57,6 +58,8 @@ static void setup_test_pdalc_pointlayout(void *arg)
                 gLayout = PDALGetPointViewLayout(gPointView);
             }
         }
+
+        PDALDisposePointViewIterator(views);
     }
 }
 
@@ -76,9 +79,14 @@ TEST testPDALGetPointLayoutDimTypes(void)
     ASSERTm("PDALGetPointLayoutDimTypes should return non-NULL for a valid layout", types);
 
     size_t size = PDALGetDimTypeListSize(types);
-    ASSERTm("PDALGetDimTypeListSize should return more than zero for a valid list", size > 0);
 
+    // Dispose types list before assertion to avoid CWE-404
+    // See http://cwe.mitre.org/data/definitions/404.html
+    // See https://scan4.coverity.com/doc/en/cov_checker_ref.html#static_checker_RESOURCE_LEAK
     PDALDisposeDimTypeList(types);
+
+    ASSERTm("PDALGetDimTypeListSize should return more than zero for a valid list", size > 0);
+
     PASS();
 }
 
@@ -108,24 +116,38 @@ TEST testPDALFindDimType(void)
     for (size_t i = 0; i < size; ++i)
     {
         PDALDimType expected = PDALGetDimType(types, i);
-        ASSERT(idUnknown != expected.id);
-        ASSERT(typeNone != expected.type);
+
+        // Use check with FAIL instead of assertions to avoid CWE-404
+        // See http://cwe.mitre.org/data/definitions/404.html
+        // See https://scan4.coverity.com/doc/en/cov_checker_ref.html#static_checker_RESOURCE_LEAK
+
+        bool success = (idUnknown != expected.id);
+        success &= (typeNone != expected.type);
 
         char name[64];
-        ASSERT(PDALGetDimTypeInterpretationName(expected, name, 64) > 0);
-        ASSERT(PDALGetDimTypeIdName(expected, name, 64) > 0);
+        success &= (PDALGetDimTypeInterpretationName(expected, name, 64) > 0);
+        success &= (PDALGetDimTypeIdName(expected, name, 64) > 0);
 
         actual = PDALFindDimType(NULL, name);
-        ASSERT_EQ(idUnknown, actual.id);
-        ASSERT_EQ(typeNone, actual.type);
-        ASSERT_IN_RANGE(1.0, actual.scale, tolerance);
-        ASSERT_IN_RANGE(0.0, actual.offset, tolerance);
+        success &= (idUnknown == actual.id); 
+        success &= (typeNone == actual.type);
+
+        success &= (fabs(1.0 - actual.scale) < tolerance);
+        success &= (fabs(actual.offset) < tolerance);
 
         actual = PDALFindDimType(gLayout, name);
-        ASSERT_EQ(expected.id, actual.id);
-        ASSERT_EQ(expected.type, actual.type);
-        ASSERT_IN_RANGE(expected.scale, actual.scale, tolerance);
-        ASSERT_IN_RANGE(expected.offset, actual.offset, tolerance);
+        success &= (expected.id == actual.id); 
+        success &= (expected.type == actual.type);
+
+        success &= (fabs(expected.scale - actual.scale) < tolerance);
+        success &= (fabs(expected.offset - actual.offset) < tolerance);
+
+        if (!success)
+        {
+            PDALDisposeDimTypeList(types);
+            types = NULL;
+            FAILm("PDALGetPointLayoutDimTypes returned a list with an invalid element");
+        }
     }
 
     PDALDisposeDimTypeList(types);
diff --git a/tests/pdal/test_pdalc_pointviewiterator.c.in b/tests/pdal/test_pdalc_pointviewiterator.c.in
@@ -27,8 +27,6 @@
  * POSSIBILITY OF SUCH DAMAGE.
  *****************************************************************************/
 
-#include <stdlib.h>
-#include <stdio.h>
 #include <assert.h>
 
 #include <pdal/pdalc_pipeline.h>
@@ -87,8 +85,14 @@ TEST testPDALGetNextPointView(void)
     if (PDALHasNextPointView(gPointViewIterator))
     {
         PDALPointViewPtr anotherView = PDALGetNextPointView(gPointViewIterator);
-        ASSERT(anotherView);
-        ASSERT_FALSE(anotherView == view);
+
+        if (!anotherView || anotherView == view)
+        {
+            PDALDisposePointView(view);
+            view = NULL;
+            FAILm("PDALGetNextPointView returned the same view as the first view");
+        }
+
         PDALDisposePointView(anotherView);
     }
 
@@ -109,17 +113,34 @@ TEST testPDALResetPointViewIterator(void)
     while (PDALHasNextPointView(gPointViewIterator))
     {
         PDALPointViewPtr anotherView = PDALGetNextPointView(gPointViewIterator);
-        ASSERT(anotherView);
-        ASSERT_FALSE(anotherView == view);
+
+        if (!anotherView || anotherView == view)
+        {
+            PDALDisposePointView(view);
+            view = NULL;
+            FAILm("PDALGetNextPointView returned the same view as the first view");
+        }
+
         PDALDisposePointView(anotherView);
     }
 
     PDALDisposePointView(view);
 
+    // The next view should be null since we reached the end of the point view iteration
     view = PDALGetNextPointView(gPointViewIterator);
-    ASSERT_EQ(NULL, view);
-    PDALDisposePointView(view);
 
+    // Use check with FAIL instead of assertions to avoid CWE-404
+    // See http://cwe.mitre.org/data/definitions/404.html
+    // See https://scan4.coverity.com/doc/en/cov_checker_ref.html#static_checker_RESOURCE_LEAK
+
+    if (view)
+    {
+        PDALDisposePointView(view);
+        view = NULL;
+        FAILm("PDALGetNextPointView returned a non-null view immediately after PDALHasNextPointView returned false");
+    }
+
+    // The next view should be non-null since we reset the point view iterator
     PDALResetPointViewIterator(gPointViewIterator);
 
     view = PDALGetNextPointView(gPointViewIterator);
