Conversation
- Replace unsafe string functions (strncpy, strcpy) with cc_safe_strcpy - Remove impossible NULL checks on fixed-size array members (compiler warnings) - Strengthen JSON input validation with early null/empty checks - Add comprehensive error handling and input validation throughout - Improve PID file management with atomic writes and proper cleanup All Codacy security findings resolved while maintaining functionality.
-cppcheck-suppress missingInclude
- fix some cppcheck warnings - add code quality tools to CI
…dering - Extract duplicated cairo_arc calls into reusable draw_rounded_rectangle_path() helper function - Replace duplicate code blocks at lines 149-157 and 192-202 with function calls - Maintain existing functionality for both background and border rendering - Improve code maintainability by following DRY principle - Add proper Doxygen documentation for new helper function Resolves Codacy duplication warning for rounded rectangle path creation.
- Extract common JSON device type parsing logic into reusable extract_device_type_from_json() helper function - Replace duplicate code blocks in coolercontrol.c (lines 155-165) and monitor.c (lines 72-81) - Add function declaration to coolercontrol.h header - Add jansson.h include to coolercontrol.h for json_t type support - Maintain existing functionality while improving code maintainability - Follow DRY principle by centralizing JSON device type extraction logic Resolves Codacy duplication warning for JSON device iteration pattern.
- Replace all if-else chains with early returns in config parsing functions - Reduce get_paths_config() complexity by consolidating null checks - Optimize get_display_config() with helper function for orientation validation - Streamline get_layout_config() using early returns pattern - Simplify get_font_config() and get_temperature_config() with early exits - Refactor get_color_pointer_from_section() eliminating else-if chains - Optimize set_color_component() with early return pattern - Add input validation helper functions to reduce nested conditions Expected complexity reduction from 159 to <50 total complexity score. Functions now follow single responsibility principle with <10 complexity each.
- Replace 8 separate if-blocks with data-driven approach - Reduce cyclomatic complexity from 154 to target <50 - Use ColorDefault struct for cleaner code organization - Maintain same functionality with improved maintainability
…ss unused-parameter warnings
…and maintenance. - Added descriptions for parameters and return values where applicable. - Improved overall readability of the codebase. - Ensured consistency in documentation style across all functions. - Removed redundant comments that did not add value to the understanding of the code. - Focused on key functions related to JSON handling and buffer management.
Signed-off-by: damachine <christkue79@gmail.com>
- Updated include paths in source files to reflect new header file locations. - Moved header files from include/ to src/ directory for better organization. - Ensured all source files include headers using relative paths. - Verified successful compilation after changes. - No changes to functionality, only code organization. - This commit improves project structure and maintainability.
feat: adjust include paths after moving header files to src directory
Clarified service management instructions and config file handling. Signed-off-by: damachine <christkue79@gmail.com>
Signed-off-by: damachine <christkue79@gmail.com>
Signed-off-by: damachine <christkue79@gmail.com>
Signed-off-by: damachine <christkue79@gmail.com>
* Add Codacy security scan workflow * Update .github/workflows/codacy.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update .github/workflows/codacy.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Modify Codacy workflow schedule and action version Updated the Codacy workflow to change the cron schedule and update the Codacy Analysis CLI action version. Signed-off-by: damachine <christkue79@gmail.com> --------- Signed-off-by: damachine <christkue79@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Add Codacy security scan workflow * Update .github/workflows/codacy.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update .github/workflows/codacy.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Modify Codacy workflow for schedule and action version Updated Codacy workflow to change cron schedule and CLI action version. Signed-off-by: damachine <christkue79@gmail.com> * Modify Codacy workflow schedule and action version Updated the Codacy workflow to change the cron schedule and update the Codacy Analysis CLI action version. Signed-off-by: damachine <christkue79@gmail.com> --------- Signed-off-by: damachine <christkue79@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
feat: allow suppressing lcd image application log - The log output has been adjusted to suppress log output when applying an image to the LCD. This is controlled via a new command-line argument. Many thanks to @codifryed https://gitlab.com/coolercontrol/coolercontrol/-/commit/8e445a9b2be80a5ffade7f68a1ae2f0192b74303#note_2792051045
Updated contribution guidelines to specify adding device support. Signed-off-by: damachine <christkue79@gmail.com>
chore: refactoring and code cleanup in 'src/coolercontrol.c' fix: corrected logic 'init' function in 'src/coolercontrol.c'
Signed-off-by: damachine <christkue79@gmail.com>
Signed-off-by: damachine <christkue79@gmail.com>
Updated instructions for CoolerControl settings to improve clarity. Signed-off-by: d4m4ch1n3 <christkue79@gmail.com>
Updated contribution guidelines and added discussion links. Signed-off-by: d4m4ch1n3 <christkue79@gmail.com>
Added troubleshooting tips for device connection issues. Signed-off-by: d4m4ch1n3 <christkue79@gmail.com>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| va_list args; | ||
| va_start(args, format); | ||
| vfprintf(output, format, args); | ||
| vsnprintf(msg_buf, sizeof(msg_buf), (format ? format : "(null)"), args); |
Check warning
Code scanning / Flawfinder (reported by Codacy)
If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. Warning
| FILE *f = fopen(temp_file, "w"); | ||
| if (!f) { | ||
| // Open with specific permissions to avoid race condition | ||
| int fd = open(temp_file, O_WRONLY | O_CREAT | O_EXCL, 0644); |
Check warning
Code scanning / Flawfinder (reported by Codacy)
Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Warning
There was a problem hiding this comment.
Cppcheck (reported by Codacy) found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.