Coverity- Critical and High priority issue fixes

[trupthi1403]

Summary: Fix for lock, missing_lock, uninitialized fields, uncaught exception, out-of-bounds and Pointer to local outside scope
Type: Fix
Test Plan: UT/CT, Fullstack
Jira: RDKEMW-17768

[github-actions]

Pull request must be merged with a description containing the required fields,

Summary:
Type: Feature/Fix/Cleanup
Test Plan:
Jira:

If there is no jira releated to this change, please put 'Jira: NO-JIRA'.

Description can be changed by editing the top comment on your pull request and making a new commit.

[Copilot]

Pull request overview

This PR targets a set of Coverity-reported issues across the server manager, media pipeline (client/server), GStreamer player, and IPC layers—primarily around locking, initialization, and exception-safety.

Changes:

• Adds/adjusts locking to address potential data races (e.g., ActiveRequests map access, GstSrc finalizer).
• Initializes previously-uninitialized members/fields (e.g., NeedMediaData, MediaPipeline, GstDecryptor).
• Refactors IPC code to reduce lock lifetimes / improve analyzer clarity, and adds destructor exception handling.

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
serverManager/service/source/ServerManagerService.cpp	Updates startup log message text.
media/server/main/source/NeedMediaData.cpp	Initializes m_maxMediaBytes to avoid uninitialized use.
media/server/main/source/ActiveRequests.cpp	Adds mutex locking around request map access in addSegment() / getSegments().
media/server/gstplayer/source/GstSrc.cpp	Adds object lock during URI free in finalize.
media/server/gstplayer/source/GstGenericPlayer.cpp	Wraps destructor cleanup calls in try/catch.
media/server/gstplayer/source/GstDecryptor.cpp	Initializes decryption service pointer.
media/client/main/source/MediaPipeline.cpp	Initializes m_attachingSource; adjusts flush locking/flow.
media/client/ipc/source/IpcModule.cpp	Splits weak/shared channel acquisition for analyzer clarity.
ipc/server/source/IpcServerImpl.cpp	Narrows lock scope by copying required state out under lock.
ipc/common/source/NamedSocket.cpp	Adjusts sysconf handling to avoid unsigned conversion pitfalls.
ipc/client/source/IpcChannelImpl.cpp	Refactors locking in error handling and CallMethod send path.
common/source/LinuxUtils.cpp	Adjusts sysconf handling to avoid unsigned conversion pitfalls.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[github-actions]

Coverage statistics of your commit:
WARNING: Lines coverage decreased from: 84.3% to 84.2%
Functions coverage stays unchanged and is: 92.6%

[github-actions]

Coverage statistics of your commit:
WARNING: Lines coverage decreased from: 84.3% to 84.2%
Functions coverage stays unchanged and is: 92.6%

[Copilot]

Pull request overview

Copilot reviewed 11 out of 11 changed files in this pull request and generated 5 comments.

Comments suppressed due to low confidence (1)

media/server/main/source/ActiveRequests.cpp:136

• getSegments() takes the mutex but returns a reference to data owned by m_requestMap. Once the function returns the lock is released, so another thread can erase()/clear() and invalidate the returned reference, leading to use-after-free/data races. Consider changing the API to return a copy (by value) or moving/extracting the segments under the lock (e.g., an extractSegments()/consumeSegments() that returns/moves the vector and removes the request) so callers never hold a dangling reference.

const IMediaPipeline::MediaSegmentVector &ActiveRequests::getSegments(std::uint32_t requestId) const
{
    std::unique_lock<std::mutex> lock{m_mutex};
    auto requestIter{m_requestMap.find(requestId)};
    if (requestIter != m_requestMap.end())
    {
        return requestIter->second.getSegments();
    }

[Copilot]

Pull request overview

Copilot reviewed 11 out of 11 changed files in this pull request and generated no new comments.

Comments suppressed due to low confidence (1)

media/server/main/source/ActiveRequests.cpp:136

• getSegments() now takes m_mutex only for the map lookup, but returns a const & to ActiveRequestsData::m_segments and releases the lock immediately when the function returns. Callers can then iterate that vector while other threads call addSegment()/erase()/clear() under the same mutex, which is a data race and can lead to use-after-free/reallocation. To make this thread-safe, return a value/copy (snapshot) of the segment vector (or another owned container), or provide an API that performs the consumer operation while holding the lock (e.g., callback-based access).

const IMediaPipeline::MediaSegmentVector &ActiveRequests::getSegments(std::uint32_t requestId) const
{
    std::unique_lock<std::mutex> lock{m_mutex};
    auto requestIter{m_requestMap.find(requestId)};
    if (requestIter != m_requestMap.end())
    {
        return requestIter->second.getSegments();
    }

[Copilot]

Pull request overview

Copilot reviewed 11 out of 11 changed files in this pull request and generated 3 comments.

Comments suppressed due to low confidence (3)

media/server/main/source/ActiveRequests.cpp:135

• getSegments() now takes m_mutex, but it returns a const reference to internal storage and releases the lock before the caller can iterate the vector. That means callers can still observe concurrent mutation (or invalidation on erase) without protection. To make the locking meaningful, return a copy/snapshot of the segments (copy under the lock) or change the API to execute a caller-supplied callback while holding the lock.

    std::unique_lock<std::mutex> lock{m_mutex};
    auto requestIter{m_requestMap.find(requestId)};
    if (requestIter != m_requestMap.end())
    {
        return requestIter->second.getSegments();

ipc/common/source/NamedSocket.cpp:301

• Same sysconf handling issue as getSocketOwnerId(): sysconf(_SC_GETGR_R_SIZE_MAX) can legally return -1 with errno unchanged (indeterminate limit). Consider checking errno and using a fallback buffer size / ERANGE-retry strategy so group lookup still works in that case.

    // sysconf returns long; -1 on error. Store as int64_t to avoid unsigned conversion issues.
    const int64_t bufferSizeLong = sysconf(_SC_GETGR_R_SIZE_MAX);
    if (!socketGroup.empty() && bufferSizeLong > 0)
    {
        const size_t kBufferSize = static_cast<size_t>(bufferSizeLong);

common/source/LinuxUtils.cpp:65

• sysconf(_SC_GETGR_R_SIZE_MAX) may return -1 with errno unchanged to indicate an indeterminate limit. The current check (bufferSizeLong > 0) will skip group lookup in that case. Consider checking errno and using a fallback buffer size (and/or retrying on ERANGE) so ownership changes still work when sysconf doesn't provide a limit.

    // sysconf returns long; -1 on error. Store as int64_t to avoid unsigned conversion issues.
    const int64_t bufferSizeLong = sysconf(_SC_GETGR_R_SIZE_MAX);
    if (!fileGroup.empty() && bufferSizeLong > 0)
    {
        const size_t kBufferSize = static_cast<size_t>(bufferSizeLong);

[github-actions]

Coverage statistics of your commit:
WARNING: Lines coverage decreased from: 84.3% to 84.2%
Functions coverage stays unchanged and is: 92.6%