[Debian-med-packaging] Bug#858081: freemedforms-emr: wrong unit conversion between kilograms and grams for patient weight

Jerome Pinguet jerome at jerome.cc
Sat Mar 18 02:01:10 UTC 2017 

Package: freemedforms-emr
Version: 0.9.4-1
Severity: normal
Tags: upstream

file plugins/basewidgetsplugin/measurementwidget.cpp
line 339
weight value recorded in grams is 10 times lower than actual weight
double val = m_Measurement->m_value->value();
             double val = m_Measurement->m_value->value();
             switch (m_Measurement->m_units->currentIndex()) {
             switch (m_Measurement->m_units->currentIndex()) {
             case 0: return val;
             case 0: return val;
-            case 1: return val*100.;
+            case 1: return val*1000.;       // 1 kilogram = 1000 grams
             case 2: return val*28.3495231; // 1 ounce = 28.3495231 grams
             case 2: return val*28.3495231; // 1 ounce = 28.3495231 grams
             case 3: return val*453.59237;  // 1 pound = 453.59237 grams
             case 3: return val*453.59237;  // 1 pound = 453.59237 grams
             }

An other bug that "compensate" the first one but, unfortunately, NOT IN ALL
CASES:

plugins/drugsbaseplugin/prescriptionprinter.cpp
line 379
-
.arg(QString::number(patient()->data(Core::IPatient::WeightInGrams).toDouble()
/ 100, 'f', 2))
+
.arg(QString::number(patient()->data(Core::IPatient::WeightInGrams).toDouble()
/ 1000, 'f', 2))

Problem: if pediatric patient weight is entered in kilograms it will be stored
in (wrongly calculated) grams in the database, then a token
Patient.Metrics.WeightInGrams (see
plugins/coreplugin/constants_tokensandsettings.h)
 can be used in a form to print pediatric patient weight in grams for
prescriptions, which would result in a printed weight ten times lower than the
actual weight and could lead to an insufficient intake of drugs resulting in
patient's harm.

To ensure the security of patients, this bug should be fixed as soon as
possible or the package removed from the archive.



-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (750, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

More information about the Debian-med-packaging mailing list