From 5642826ef1be820633fe7aadbb750606e4c83fb2 Mon Sep 17 00:00:00 2001
From: Markus Frank <Markus.Frank@cern.ch>
Date: Thu, 20 Jun 2024 14:15:06 +0200
Subject: [PATCH] Try to fix some coverity problems

---
 DDG4/plugins/Geant4EventReaderHepMC.cpp       |  5 ++++
 GaudiPluginService/src/listcomponents.cpp     |  2 +-
 UtilityApps/src/graphicalScan.cpp             | 18 ++++++-------
 UtilityApps/src/materialBudget.cpp            | 26 ++++++++++++-------
 .../src/test_cellid_position_converter.cpp    | 18 ++++++-------
 5 files changed, 39 insertions(+), 30 deletions(-)

diff --git a/DDG4/plugins/Geant4EventReaderHepMC.cpp b/DDG4/plugins/Geant4EventReaderHepMC.cpp
index 3f652ec0a..c9b3e5580 100644
--- a/DDG4/plugins/Geant4EventReaderHepMC.cpp
+++ b/DDG4/plugins/Geant4EventReaderHepMC.cpp
@@ -91,6 +91,7 @@ namespace dd4hep {
 
 // C/C++ include files
 #include <cerrno>
+#include <climits>
 #include <algorithm>
 
 using namespace dd4hep::sim;
@@ -505,6 +506,10 @@ int HepMC::read_vertex(EventStream &info, std::istream& is, std::istringstream &
     delete v;
     return 0;
   }
+  if ( weights_size < 0 || weights_size > USHRT_MAX )  {
+    delete v;
+    return 0;
+  }
 #if defined(DD4HEP_DEBUG_HEP_MC_VERTEX)
   if ( id == DD4HEP_DEBUG_HEP_MC_VERTEX )   {
     printout(ALWAYS,"HepMC","++ Created Vertex ID=%d",id);
diff --git a/GaudiPluginService/src/listcomponents.cpp b/GaudiPluginService/src/listcomponents.cpp
index da8dba61f..ec5bf1f27 100644
--- a/GaudiPluginService/src/listcomponents.cpp
+++ b/GaudiPluginService/src/listcomponents.cpp
@@ -88,7 +88,7 @@ int main( int argc, char* argv[] ) {
       ++i;
     }
     if ( libs.empty() ) {
-      usage( argv0 );
+      usage( std::move(argv0) );
       return EXIT_FAILURE;
     }
   }
diff --git a/UtilityApps/src/graphicalScan.cpp b/UtilityApps/src/graphicalScan.cpp
index f39e98e53..647242924 100644
--- a/UtilityApps/src/graphicalScan.cpp
+++ b/UtilityApps/src/graphicalScan.cpp
@@ -23,17 +23,17 @@
 //
 //==========================================================================
 
-#include "TError.h"
-
-#include "TFile.h"
-#include "TH2F.h"
+#include <TError.h>
+#include <TFile.h>
+#include <TH2F.h>
 
 // Framework include files
-#include "DD4hep/Detector.h"
-#include "DD4hep/Printout.h"
-#include "DDRec/MaterialManager.h"
+#include <DD4hep/Detector.h>
+#include <DD4hep/Printout.h>
+#include <DDRec/MaterialManager.h>
 
 #include <iostream>
+#include <climits>
 #include <cerrno>
 #include <string>
 #include <map>
@@ -123,9 +123,9 @@ int main_wrapper(int argc, char** argv)   {
   if ( y0>y1 ) { double temp=y0; y0=y1; y1=temp; }
   if ( z0>z1 ) { double temp=z0; z0=z1; z1=temp; }
 
-  if ( ! ( nbins>0 && nslice>0 ) ) {
+  if ( ! (nbins>0 && nbins<USHRT_MAX && nslice>0 && nslice<USHRT_MAX) ) {
     cout << "funny # bins/slices " << endl;
-    return 1;
+    ::exit(EINVAL);
   }
 
   bool scanField(false);
diff --git a/UtilityApps/src/materialBudget.cpp b/UtilityApps/src/materialBudget.cpp
index 99064d807..e514c2ad2 100644
--- a/UtilityApps/src/materialBudget.cpp
+++ b/UtilityApps/src/materialBudget.cpp
@@ -18,22 +18,23 @@
 //
 //==========================================================================
 
-#include "TError.h"
+#include <TError.h>
 
 // Framework include files
-#include "DD4hep/Detector.h"
-#include "DD4hep/DetType.h"
-#include "DD4hep/Printout.h"
-#include "DDRec/MaterialManager.h"
+#include <DD4hep/Detector.h>
+#include <DD4hep/DetType.h>
+#include <DD4hep/Printout.h>
+#include <DDRec/MaterialManager.h>
 
-// #include "TGeoVolume.h"
-// #include "TGeoManager.h"
-// #include "TGeoNode.h"
-#include "TFile.h"
-#include "TH1F.h"
+// #include <TGeoVolume.h>
+// #include <TGeoManager.h>
+// #include <TGeoNode.h>
+#include <TFile.h>
+#include <TH1F.h>
 
 #include <cerrno>
 #include <fstream>
+#include <climits>
 
 #include "main.h"
 
@@ -219,6 +220,11 @@ int main_wrapper(int argc, char** argv)   {
   std::cout  << "theta:f/" ;
   for(auto& det : subdets){ std::cout  << det.name << "_x0:f/" << det.name << "_lam:f/" ; }
   std::cout  << std::endl ;
+
+  if ( nbins <= 0 || nbins > USHRT_MAX )  {
+    std::cout << "Unreasonable number of bins: " << nbins << std::endl;
+    ::exit(EINVAL);
+  }
   
   for(int i=0 ; i< nbins ;++i){
 
diff --git a/UtilityApps/src/test_cellid_position_converter.cpp b/UtilityApps/src/test_cellid_position_converter.cpp
index 76a223024..43e3dfc91 100644
--- a/UtilityApps/src/test_cellid_position_converter.cpp
+++ b/UtilityApps/src/test_cellid_position_converter.cpp
@@ -27,11 +27,10 @@
 
 #include <sstream>
 
-using namespace std ;
-using namespace dd4hep ;
+using namespace std;
+using namespace dd4hep;
 using namespace dd4hep::detail;
-using namespace dd4hep::rec ;
-
+using namespace dd4hep::rec;
 using namespace lcio;
 
 
@@ -181,16 +180,15 @@ int main_wrapper(int argc, char** argv ){
   std::cout << "\n ----------------------- summary  ----------------------   " << std::endl ;
 
   
-  for( auto res : tMap ){
-    
-    std::string name = res.first ;
-    unsigned total = res.second.position.passed+res.second.position.failed ;
+  for( const auto& res : tMap )  {
+    const std::string& name = res.first;
+    unsigned total      = res.second.position.passed+res.second.position.failed ;
     unsigned pos_failed = res.second.position.failed ;
-    unsigned id_failed = res.second.cellid.failed ;
+    unsigned id_failed  = res.second.cellid.failed ;
 
     
     printf(" %-30s \t  failed position: %5d  failed cellID:  %5d    of total: %5d   \n",
-	   name.c_str(), pos_failed , id_failed, total ) ;
+           name.c_str(), pos_failed , id_failed, total ) ;
 
   }
   std::cout << "\n -------------------------------------------------------- " << std::endl ;
-- 
GitLab