Login

10-03-2008, 08:55 AM

[eluser]Aethedor[/eluser]
If done some (quick) code auditing and seen that on several places, the return values of called functions are not handled properly. Specially towards error values. Below is a list of my findings of the files in /libararies.

libraries/Email.php
attach(), line 368
specs say @return string, function returns NULL
validate_email(), line 684
function returns FALSE on error, but NULL on success. should be TRUE.
function is called on several places in class, but return value is not checked.
_build_message(), line 959
function returns FALSE on error, but NULL on success. should be TRUE.
function is called on several places in class, but return value is not checked.
_spool_email(), line 1370
function is called on line 1327, but return value is not checked.
_smtp_connect(), line 1532
function returns FALSE on error, but NULL on success. should be TRUE.
_send_command(), line 1560
function is called on several places in class, but return value is not checked.
function is called on line 1476, but return value is not checked.
_smtp_authenticate(), line 1625
function is called on line 1477, but return value is not checked.
_send_data(), line 1679
function is called on several places in class, but return value is not checked.

libraries/Ftp.php
delete_dir(), line 370
function should check return value of delete_dir on line 390 and return FALSE on error
mirror(), line 482
return value of mirror() (line 507) not checked for errors. return FALSE on error.
return value of upload() (line 515) not checked for errors. return FALSE on error.

libraries/Hook.php
_call_hook(), line 91
return value of _run_hook() (line 102, 107) not checked for errors. return FALSE on error.
specs say @return mixed, function returns boolean.
_run_hook(), line 124
return value on line 140 is not a boolean

libraries/Image_lib.php
initialize(), line 128
specs say @return void, function returns boolean.
image_process_netpbm(), line 628
return value of copy() (line 696) and unlink() (line 697) not checked for errors, return FALSE on error.
size_calculator(), line 1383
return value NULL should be FALSE (line 1386).

libraries/Language.php
load(), line 52
specs say @return void, function returns TRUE and string
not defined variable used ($lang) on line 86

libraries/Loader.php
library(), line 74
function returns FALSE on error, but NULL on success. should be TRUE. (specs even say @return void)
database(), line 194
function should return object, but at the end of the function it returns NULL.
dbutil(), line 231
specs say @return string, function returns NULL.
dbforge(), line 261
specs say @return string, function returns NULL.
view(), line 298
specs say @return void, function returns !void;
_ci_load(), line 630
specs say @return void, function returns string (line 720).
_ci_autoloader(), 889,
specs say @return void, function returns FALSE on error (line 895).

libraries/Output.php
_write_cache(), line 281
return values of flock and fwrite not checked for errors (line 307).
_display_cache(), line 324
specs say @return void, function retuns boolean.
return value of flock not checked for errors, line 350.

libraries/URI.php
_fetch_uri_string(), line 60
specs say @return string, function returns NULL

libraries/User_agent.php
_compile_data(), line 133
specs say @return bool, function returns NULL
call to function should check for error code, line 70

libraries/Session.php
sess_read(), line 183
specs say @return void, function returns boolean.

libraries/Validation.php
set_select(), line 648
function returns NULL at the end, not ''.
set_radio(), line 674
function returns NULL at the end, not ''.

libraries/Zip.php
read_dir(), line 236,
returns NULL on opendir() error.
archive(), line 296
return value of flock() and fwrite() not checked.