Error: GCC_ANALYZER_WARNING: [#def1] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c: scope_hint: In function ‘bdz_alloc_graph3’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:70:28: warning[-Wanalyzer-imprecise-fp-arithmetic]: use of floating-point arithmetic here might yield unexpected results gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:70:28: note: only use operands of an integer type inside the size argument # 68| { # 69| graph3->edges=malloc(nedges*sizeof(bdz_edge_t)); # 70|-> graph3->first_edge=malloc(nvertices*sizeof(cmph_uint32)); # 71| graph3->vert_degree=malloc((size_t)nvertices); # 72| }; Error: GCC_ANALYZER_WARNING: [#def2] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:71:29: warning[-Wanalyzer-imprecise-fp-arithmetic]: use of floating-point arithmetic here might yield unexpected results gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:71:29: note: only use operands of an integer type inside the size argument # 69| graph3->edges=malloc(nedges*sizeof(bdz_edge_t)); # 70| graph3->first_edge=malloc(nvertices*sizeof(cmph_uint32)); # 71|-> graph3->vert_degree=malloc((size_t)nvertices); # 72| }; # 73| static void bdz_init_graph3(bdz_graph3_t * graph3, cmph_uint32 nedges, cmph_uint32 nvertices) Error: GCC_ANALYZER_WARNING (CWE-688): [#def3] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c: scope_hint: In function ‘bdz_init_graph3’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:75:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘graph3.first_edge’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 73| static void bdz_init_graph3(bdz_graph3_t * graph3, cmph_uint32 nedges, cmph_uint32 nvertices) # 74| { # 75|-> memset(graph3->first_edge,0xff,nvertices*sizeof(cmph_uint32)); # 76| memset(graph3->vert_degree,0,(size_t)nvertices); # 77| graph3->nedges=0; Error: GCC_ANALYZER_WARNING (CWE-688): [#def4] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:76:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘graph3.vert_degree’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 74| { # 75| memset(graph3->first_edge,0xff,nvertices*sizeof(cmph_uint32)); # 76|-> memset(graph3->vert_degree,0,(size_t)nvertices); # 77| graph3->nedges=0; # 78| }; Error: GCC_ANALYZER_WARNING (CWE-688): [#def5] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c: scope_hint: In function ‘bdz_generate_queue’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:166:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘marked_edge’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 164| cmph_uint32 tmp_edge; # 165| cmph_uint8 * marked_edge =malloc((size_t)(nedges >> 3) + 1); # 166|-> memset(marked_edge, 0, (size_t)(nedges >> 3) + 1); # 167| # 168| for(i=0;i<nedges;i++){ Error: GCC_ANALYZER_WARNING (CWE-457): [#def6] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:169:19: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>.vertices[0]’ # 167| # 168| for(i=0;i<nedges;i++){ # 169|-> v0=graph3->edges[i].vertices[0]; # 170| v1=graph3->edges[i].vertices[1]; # 171| v2=graph3->edges[i].vertices[2]; Error: GCC_ANALYZER_WARNING (CWE-476): [#def7] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:176:52: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘queue’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c: scope_hint: In function ‘bdz_generate_queue’ # 174| graph3->vert_degree[v2]==1){ # 175| if(!GETBIT(marked_edge,i)) { # 176|-> queue[queue_head++]=i; # 177| SETBIT(marked_edge,i); # 178| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def8] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c: scope_hint: In function ‘bdz_new’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:354:20: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘mphf’ # 352| #endif # 353| mphf = (cmph_t *)malloc(sizeof(cmph_t)); # 354|-> mphf->algo = mph->algo; # 355| bdzf = (bdz_data_t *)malloc(sizeof(bdz_data_t)); # 356| bdzf->g = bdz->g; Error: GCC_ANALYZER_WARNING (CWE-476): [#def9] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:356:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘bdzf’ # 354| mphf->algo = mph->algo; # 355| bdzf = (bdz_data_t *)malloc(sizeof(bdz_data_t)); # 356|-> bdzf->g = bdz->g; # 357| bdz->g = NULL; //transfer memory ownership # 358| bdzf->hl = bdz->hl; Error: GCC_ANALYZER_WARNING: [#def10] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c: scope_hint: In function ‘assigning’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:422:32: warning[-Wanalyzer-imprecise-fp-arithmetic]: use of floating-point arithmetic here might yield unexpected results gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:422:32: note: only use operands of an integer type inside the size argument # 420| cmph_uint8 * marked_vertices =malloc((size_t)(bdz->n >> 3) + 1); # 421| cmph_uint32 sizeg = (cmph_uint32)ceil(bdz->n/4.0); # 422|-> bdz->g = (cmph_uint8 *)calloc((size_t)(sizeg), sizeof(cmph_uint8)); # 423| memset(marked_vertices, 0, (size_t)(bdz->n >> 3) + 1); # 424| memset(bdz->g, 0xff, (size_t)(sizeg)); Error: GCC_ANALYZER_WARNING (CWE-688): [#def11] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:423:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘marked_vertices’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 421| cmph_uint32 sizeg = (cmph_uint32)ceil(bdz->n/4.0); # 422| bdz->g = (cmph_uint8 *)calloc((size_t)(sizeg), sizeof(cmph_uint8)); # 423|-> memset(marked_vertices, 0, (size_t)(bdz->n >> 3) + 1); # 424| memset(bdz->g, 0xff, (size_t)(sizeg)); # 425| Error: GCC_ANALYZER_WARNING (CWE-688): [#def12] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:424:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*bdz.g’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 422| bdz->g = (cmph_uint8 *)calloc((size_t)(sizeg), sizeof(cmph_uint8)); # 423| memset(marked_vertices, 0, (size_t)(bdz->n >> 3) + 1); # 424|-> memset(bdz->g, 0xff, (size_t)(sizeg)); # 425| # 426| for(i=nedges-1;i+1>0;i--){ Error: GCC_ANALYZER_WARNING (CWE-476): [#def13] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c: scope_hint: In function ‘ranking’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:468:27: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*bdz.ranktable’ # 466| bdz->ranktable = (cmph_uint32 *)calloc((size_t)bdz->ranktablesize, sizeof(cmph_uint32)); # 467| // ranktable computation # 468|-> bdz->ranktable[0] = 0; # 469| i = 1; # 470| while(1) Error: GCC_ANALYZER_WARNING (CWE-476): [#def14] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:468:27: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘calloc((long unsigned int)*bdz.ranktablesize, 4)’ # 466| bdz->ranktable = (cmph_uint32 *)calloc((size_t)bdz->ranktablesize, sizeof(cmph_uint32)); # 467| // ranktable computation # 468|-> bdz->ranktable[0] = 0; # 469| i = 1; # 470| while(1) Error: GCC_ANALYZER_WARNING (CWE-789): [#def15] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c: scope_hint: In function ‘bdz_load’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:543:23: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘buflen’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:543:23: note: heap-based allocation # 541| nbytes = fread(&buflen, sizeof(cmph_uint32), (size_t)1, f); # 542| DEBUGP("Hash state has %u bytes\n", buflen); # 543|-> buf = (char *)malloc((size_t)buflen); # 544| nbytes = fread(buf, (size_t)buflen, (size_t)1, f); # 545| bdz->hl = hash_state_load(buf, buflen); Error: GCC_ANALYZER_WARNING: [#def16] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:554:32: warning[-Wanalyzer-imprecise-fp-arithmetic]: use of floating-point arithmetic here might yield unexpected results gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz.c:554:32: note: only use operands of an integer type inside the size argument # 552| nbytes = fread(&(bdz->r), sizeof(cmph_uint32), (size_t)1, f); # 553| sizeg = (cmph_uint32)ceil(bdz->n/4.0); # 554|-> bdz->g = (cmph_uint8 *)calloc((size_t)(sizeg), sizeof(cmph_uint8)); # 555| nbytes = fread(bdz->g, sizeg*sizeof(cmph_uint8), (size_t)1, f); # 556| Error: GCC_ANALYZER_WARNING: [#def17] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c: scope_hint: In function ‘bdz_ph_alloc_graph3’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:57:28: warning[-Wanalyzer-imprecise-fp-arithmetic]: use of floating-point arithmetic here might yield unexpected results gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:57:28: note: only use operands of an integer type inside the size argument # 55| { # 56| graph3->edges=malloc(nedges*sizeof(bdz_ph_edge_t)); # 57|-> graph3->first_edge=malloc(nvertices*sizeof(cmph_uint32)); # 58| graph3->vert_degree=malloc((size_t)nvertices); # 59| }; Error: GCC_ANALYZER_WARNING: [#def18] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:58:29: warning[-Wanalyzer-imprecise-fp-arithmetic]: use of floating-point arithmetic here might yield unexpected results gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:58:29: note: only use operands of an integer type inside the size argument # 56| graph3->edges=malloc(nedges*sizeof(bdz_ph_edge_t)); # 57| graph3->first_edge=malloc(nvertices*sizeof(cmph_uint32)); # 58|-> graph3->vert_degree=malloc((size_t)nvertices); # 59| }; # 60| static void bdz_ph_init_graph3(bdz_ph_graph3_t * graph3, cmph_uint32 nedges, cmph_uint32 nvertices) Error: GCC_ANALYZER_WARNING (CWE-688): [#def19] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c: scope_hint: In function ‘bdz_ph_init_graph3’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:62:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘graph3.first_edge’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 60| static void bdz_ph_init_graph3(bdz_ph_graph3_t * graph3, cmph_uint32 nedges, cmph_uint32 nvertices) # 61| { # 62|-> memset(graph3->first_edge,0xff,nvertices*sizeof(cmph_uint32)); # 63| memset(graph3->vert_degree,0,(size_t)nvertices); # 64| graph3->nedges=0; Error: GCC_ANALYZER_WARNING (CWE-688): [#def20] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:63:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘graph3.vert_degree’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 61| { # 62| memset(graph3->first_edge,0xff,nvertices*sizeof(cmph_uint32)); # 63|-> memset(graph3->vert_degree,0,(size_t)nvertices); # 64| graph3->nedges=0; # 65| }; Error: GCC_ANALYZER_WARNING (CWE-688): [#def21] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c: scope_hint: In function ‘bdz_ph_generate_queue’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:153:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘marked_edge’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 151| cmph_uint32 tmp_edge; # 152| cmph_uint8 * marked_edge =malloc((size_t)(nedges >> 3) + 1); # 153|-> memset(marked_edge, 0, (size_t)(nedges >> 3) + 1); # 154| # 155| for(i=0;i<nedges;i++){ Error: GCC_ANALYZER_WARNING (CWE-457): [#def22] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:156:19: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>.vertices[0]’ # 154| # 155| for(i=0;i<nedges;i++){ # 156|-> v0=graph3->edges[i].vertices[0]; # 157| v1=graph3->edges[i].vertices[1]; # 158| v2=graph3->edges[i].vertices[2]; Error: GCC_ANALYZER_WARNING (CWE-476): [#def23] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:163:52: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘queue’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c: scope_hint: In function ‘bdz_ph_generate_queue’ # 161| graph3->vert_degree[v2]==1){ # 162| if(!GETBIT(marked_edge,i)) { # 163|-> queue[queue_head++]=i; # 164| SETBIT(marked_edge,i); # 165| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def24] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c: scope_hint: In function ‘bdz_ph_new’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:324:20: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘mphf’ # 322| #endif # 323| mphf = (cmph_t *)malloc(sizeof(cmph_t)); # 324|-> mphf->algo = mph->algo; # 325| bdz_phf = (bdz_ph_data_t *)malloc(sizeof(bdz_ph_data_t)); # 326| bdz_phf->g = bdz_ph->g; Error: GCC_ANALYZER_WARNING (CWE-476): [#def25] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:326:20: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘bdz_phf’ # 324| mphf->algo = mph->algo; # 325| bdz_phf = (bdz_ph_data_t *)malloc(sizeof(bdz_ph_data_t)); # 326|-> bdz_phf->g = bdz_ph->g; # 327| bdz_ph->g = NULL; //transfer memory ownership # 328| bdz_phf->hl = bdz_ph->hl; Error: GCC_ANALYZER_WARNING: [#def26] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c: scope_hint: In function ‘assigning’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:387:35: warning[-Wanalyzer-imprecise-fp-arithmetic]: use of floating-point arithmetic here might yield unexpected results gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:387:35: note: only use operands of an integer type inside the size argument # 385| cmph_uint8 * marked_vertices =malloc((size_t)(bdz_ph->n >> 3) + 1); # 386| cmph_uint32 sizeg = (cmph_uint32)ceil(bdz_ph->n/4.0); # 387|-> bdz_ph->g = (cmph_uint8 *)calloc((size_t)sizeg, sizeof(cmph_uint8)); # 388| memset(marked_vertices, 0, (size_t)(bdz_ph->n >> 3) + 1); # 389| //memset(bdz_ph->g, 0xff, sizeg); Error: GCC_ANALYZER_WARNING (CWE-688): [#def27] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:388:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘marked_vertices’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 386| cmph_uint32 sizeg = (cmph_uint32)ceil(bdz_ph->n/4.0); # 387| bdz_ph->g = (cmph_uint8 *)calloc((size_t)sizeg, sizeof(cmph_uint8)); # 388|-> memset(marked_vertices, 0, (size_t)(bdz_ph->n >> 3) + 1); # 389| //memset(bdz_ph->g, 0xff, sizeg); # 390| Error: GCC_ANALYZER_WARNING: [#def28] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c: scope_hint: In function ‘bdz_ph_optimization’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:432:44: warning[-Wanalyzer-imprecise-fp-arithmetic]: use of floating-point arithmetic here might yield unexpected results gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:432:44: note: only use operands of an integer type inside the size argument # 430| cmph_uint8 byte = 0; # 431| cmph_uint32 sizeg = (cmph_uint32)ceil(bdz_ph->n/5.0); # 432|-> cmph_uint8 * new_g = (cmph_uint8 *)calloc((size_t)sizeg, sizeof(cmph_uint8)); # 433| cmph_uint8 value; # 434| cmph_uint32 idx; Error: GCC_ANALYZER_WARNING (CWE-476): [#def29] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:438:18: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_g’ # 436| { # 437| idx = i/5; # 438|-> byte = new_g[idx]; # 439| value = GETVALUE(bdz_ph->g, i); # 440| byte = (cmph_uint8) (byte + value*pow3_table[i%5U]); Error: GCC_ANALYZER_WARNING (CWE-789): [#def30] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c: scope_hint: In function ‘bdz_ph_load’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:498:23: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘buflen’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:498:23: note: heap-based allocation # 496| nbytes = fread(&buflen, sizeof(cmph_uint32), (size_t)1, f); # 497| DEBUGP("Hash state has %u bytes\n", buflen); # 498|-> buf = (char *)malloc((size_t)buflen); # 499| nbytes = fread(buf, (size_t)buflen, (size_t)1, f); # 500| bdz_ph->hl = hash_state_load(buf, buflen); Error: GCC_ANALYZER_WARNING: [#def31] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:509:35: warning[-Wanalyzer-imprecise-fp-arithmetic]: use of floating-point arithmetic here might yield unexpected results gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:509:35: note: only use operands of an integer type inside the size argument # 507| nbytes = fread(&(bdz_ph->r), sizeof(cmph_uint32), (size_t)1, f); # 508| sizeg = (cmph_uint32)ceil(bdz_ph->n/5.0); # 509|-> bdz_ph->g = (cmph_uint8 *)calloc((size_t)sizeg, sizeof(cmph_uint8)); # 510| nbytes = fread(bdz_ph->g, sizeg*sizeof(cmph_uint8), (size_t)1, f); # 511| Error: GCC_ANALYZER_WARNING (CWE-476): [#def32] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:5: included_from: Included from here. gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h:80:48: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*bdz_ph.g + (sizetype)(i >> 2)’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:439:21: note: in expansion of macro ‘GETVALUE’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bdz_ph.c:439:21: note: in expansion of macro ‘GETVALUE’ # 78| * GETVALUE(array, i) is a macro that get a value for a 2-bit integer stored in an array. # 79| */ # 80|-> #define GETVALUE(array, i) ((cmph_uint8)((array[i >> 2] >> ((i & 0x00000003U) << 1U)) & 0x00000003U)) # 81| # 82| Error: GCC_ANALYZER_WARNING (CWE-476): [#def33] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_rank.c:6: included_from: Included from here. gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h: scope_hint: In function ‘set_bits_value’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h:121:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘bits_table’ # 119| register cmph_uint32 shift2 = 32 - shift1; # 120| # 121|-> bits_table[word_idx] &= ~((string_mask) << shift1); # 122| bits_table[word_idx] |= bits_string << shift1; # 123| Error: GCC_ANALYZER_WARNING (CWE-1335): [#def34] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h:126:59: warning[-Wanalyzer-shift-count-overflow]: shift by count (‘32’) >= precision of type (‘32’) # 124| if(shift2 < string_length) # 125| { # 126|-> bits_table[word_idx+1] &= ~((string_mask) >> shift2); # 127| bits_table[word_idx+1] |= bits_string >> shift2; # 128| }; Error: GCC_ANALYZER_WARNING (CWE-1335): [#def35] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h:127:55: warning[-Wanalyzer-shift-count-overflow]: shift by count (‘32’) >= precision of type (‘32’) # 125| { # 126| bits_table[word_idx+1] &= ~((string_mask) >> shift2); # 127|-> bits_table[word_idx+1] |= bits_string >> shift2; # 128| }; # 129| }; Error: GCC_ANALYZER_WARNING (CWE-1335): [#def36] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h: scope_hint: In function ‘get_bits_value’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h:142:56: warning[-Wanalyzer-shift-count-overflow]: shift by count (‘32’) >= precision of type (‘32’) # 140| # 141| if(shift2 < string_length) # 142|-> bits_string |= (bits_table[word_idx+1] << shift2) & string_mask; # 143| # 144| return bits_string; Error: GCC_ANALYZER_WARNING (CWE-476): [#def37] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h: scope_hint: In function ‘set_bits_at_pos’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h:154:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘bits_table’ # 152| register cmph_uint32 string_mask = (1U << string_length) - 1; # 153| # 154|-> bits_table[word_idx] &= ~((string_mask) << shift1); # 155| bits_table[word_idx] |= bits_string << shift1; # 156| if(shift2 < string_length) Error: GCC_ANALYZER_WARNING (CWE-1335): [#def38] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h:158:59: warning[-Wanalyzer-shift-count-overflow]: shift by count (‘32’) >= precision of type (‘32’) # 156| if(shift2 < string_length) # 157| { # 158|-> bits_table[word_idx+1] &= ~((string_mask) >> shift2); # 159| bits_table[word_idx+1] |= bits_string >> shift2; # 160| } Error: GCC_ANALYZER_WARNING (CWE-1335): [#def39] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h:159:55: warning[-Wanalyzer-shift-count-overflow]: shift by count (‘32’) >= precision of type (‘32’) # 157| { # 158| bits_table[word_idx+1] &= ~((string_mask) >> shift2); # 159|-> bits_table[word_idx+1] |= bits_string >> shift2; # 160| } # 161| }; Error: GCC_ANALYZER_WARNING (CWE-1335): [#def40] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h: scope_hint: In function ‘get_bits_at_pos’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h:174:56: warning[-Wanalyzer-shift-count-overflow]: shift by count (‘32’) >= precision of type (‘32’) # 172| # 173| if(shift2 < string_length) # 174|-> bits_string |= (bits_table[word_idx+1] << shift2) & string_mask; # 175| return bits_string; # 176| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def41] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c: scope_hint: In function ‘bmz_new’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c:79:47: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*bmz.hashes + (long unsigned int)i * 8’ # 77| # 78| bmz->hashes = (hash_state_t **)malloc(sizeof(hash_state_t *)*3); # 79|-> for(i = 0; i < 3; ++i) bmz->hashes[i] = NULL; # 80| # 81| do Error: GCC_ANALYZER_WARNING (CWE-688): [#def42] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c:136:11: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘visited’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 134| DEBUGP("Searching step\n"); # 135| visited = (cmph_uint8 *)malloc((size_t)bmz->n/8 + 1); # 136|-> memset(visited, 0, (size_t)bmz->n/8 + 1); # 137| used_edges = (cmph_uint8 *)malloc((size_t)bmz->m/8 + 1); # 138| memset(used_edges, 0, (size_t)bmz->m/8 + 1); Error: GCC_ANALYZER_WARNING (CWE-688): [#def43] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c:138:11: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘used_edges’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 136| memset(visited, 0, (size_t)bmz->n/8 + 1); # 137| used_edges = (cmph_uint8 *)malloc((size_t)bmz->m/8 + 1); # 138|-> memset(used_edges, 0, (size_t)bmz->m/8 + 1); # 139| free(bmz->g); # 140| bmz->g = (cmph_uint32 *)calloc((size_t)bmz->n, sizeof(cmph_uint32)); Error: CPPCHECK_WARNING (CWE-401): [#def44] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c:321: error[memleakOnRealloc]: Common realloc mistake: 'unused_g_values' nulled but not freed upon failure # 319| if(nunused_g_values == unused_g_values_capacity) # 320| { # 321|-> unused_g_values = (cmph_uint32 *)realloc(unused_g_values, (unused_g_values_capacity + BUFSIZ)*sizeof(cmph_uint32)); # 322| unused_g_values_capacity += BUFSIZ; # 323| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def45] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c: scope_hint: In function ‘bmz_traverse_critical_nodes_heuristic’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c:324:85: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘unused_g_values’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c:7: included_from: Included from here. gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c:310:61: note: in expansion of macro ‘GETBIT’ # 322| unused_g_values_capacity += BUFSIZ; # 323| } # 324|-> unused_g_values[nunused_g_values++] = next_g; # 325| # 326| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def46] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c: scope_hint: In function ‘bmz_load’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c:500:21: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘bmz’ # 498| mphf->data = bmz; # 499| nbytes = fread(&nhashes, sizeof(cmph_uint32), (size_t)1, f); # 500|-> bmz->hashes = (hash_state_t **)malloc(sizeof(hash_state_t *)*(nhashes + 1)); # 501| bmz->hashes[nhashes] = NULL; # 502| DEBUGP("Reading %u hashes\n", nhashes); Error: GCC_ANALYZER_WARNING (CWE-789): [#def47] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c:500:40: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘(long unsigned int)(nhashes + 1) * 8’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c:500:40: note: heap-based allocation # 498| mphf->data = bmz; # 499| nbytes = fread(&nhashes, sizeof(cmph_uint32), (size_t)1, f); # 500|-> bmz->hashes = (hash_state_t **)malloc(sizeof(hash_state_t *)*(nhashes + 1)); # 501| bmz->hashes[nhashes] = NULL; # 502| DEBUGP("Reading %u hashes\n", nhashes); Error: GCC_ANALYZER_WARNING (CWE-823): [#def48] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c:501:30: warning[-Wanalyzer-tainted-offset]: use of attacker-controlled value ‘(long unsigned int)nhashes * 8’ as offset without upper-bounds checking # 499| nbytes = fread(&nhashes, sizeof(cmph_uint32), (size_t)1, f); # 500| bmz->hashes = (hash_state_t **)malloc(sizeof(hash_state_t *)*(nhashes + 1)); # 501|-> bmz->hashes[nhashes] = NULL; # 502| DEBUGP("Reading %u hashes\n", nhashes); # 503| for (i = 0; i < nhashes; ++i) Error: GCC_ANALYZER_WARNING (CWE-789): [#def49] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c:508:31: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘buflen’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c:508:31: note: heap-based allocation # 506| nbytes = fread(&buflen, sizeof(cmph_uint32), (size_t)1, f); # 507| DEBUGP("Hash state has %u bytes\n", buflen); # 508|-> buf = (char *)malloc((size_t)buflen); # 509| nbytes = fread(buf, (size_t)buflen, (size_t)1, f); # 510| state = hash_state_load(buf, buflen); Error: GCC_ANALYZER_WARNING (CWE-401): [#def50] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz.c:516:18: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ # 514| # 515| DEBUGP("Reading m and n\n"); # 516|-> nbytes = fread(&(bmz->n), sizeof(cmph_uint32), (size_t)1, f); # 517| nbytes = fread(&(bmz->m), sizeof(cmph_uint32), (size_t)1, f); # 518| Error: GCC_ANALYZER_WARNING (CWE-476): [#def51] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c: scope_hint: In function ‘bmz8_new’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c:83:48: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*bmz8.hashes + (long unsigned int)i * 8’ # 81| # 82| bmz8->hashes = (hash_state_t **)malloc(sizeof(hash_state_t *)*3); # 83|-> for(i = 0; i < 3; ++i) bmz8->hashes[i] = NULL; # 84| # 85| do Error: GCC_ANALYZER_WARNING (CWE-688): [#def52] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c:142:11: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘visited’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 140| DEBUGP("Searching step\n"); # 141| visited = (cmph_uint8 *)malloc((size_t)bmz8->n/8 + 1); # 142|-> memset(visited, 0, (size_t)bmz8->n/8 + 1); # 143| used_edges = (cmph_uint8 *)malloc((size_t)bmz8->m/8 + 1); # 144| memset(used_edges, 0, (size_t)bmz8->m/8 + 1); Error: GCC_ANALYZER_WARNING (CWE-688): [#def53] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c:144:11: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘used_edges’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 142| memset(visited, 0, (size_t)bmz8->n/8 + 1); # 143| used_edges = (cmph_uint8 *)malloc((size_t)bmz8->m/8 + 1); # 144|-> memset(used_edges, 0, (size_t)bmz8->m/8 + 1); # 145| free(bmz8->g); # 146| bmz8->g = (cmph_uint8 *)calloc((size_t)bmz8->n, sizeof(cmph_uint8)); Error: CPPCHECK_WARNING (CWE-401): [#def54] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c:330: error[memleakOnRealloc]: Common realloc mistake: 'unused_g_values' nulled but not freed upon failure # 328| if(nunused_g_values == unused_g_values_capacity) # 329| { # 330|-> unused_g_values = (cmph_uint8*)realloc(unused_g_values, ((size_t)(unused_g_values_capacity + BUFSIZ))*sizeof(cmph_uint8)); # 331| unused_g_values_capacity += (cmph_uint8)BUFSIZ; # 332| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def55] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c: scope_hint: In function ‘bmz8_traverse_critical_nodes_heuristic’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c:333:85: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘unused_g_values’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c:7: included_from: Included from here. gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c:319:61: note: in expansion of macro ‘GETBIT’ # 331| unused_g_values_capacity += (cmph_uint8)BUFSIZ; # 332| } # 333|-> unused_g_values[nunused_g_values++] = next_g; # 334| # 335| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def56] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c: scope_hint: In function ‘bmz8_load’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c:510:22: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘bmz8’ # 508| mphf->data = bmz8; # 509| nbytes = fread(&nhashes, sizeof(cmph_uint8), (size_t)1, f); # 510|-> bmz8->hashes = (hash_state_t **)malloc(sizeof(hash_state_t *)*(size_t)(nhashes + 1)); # 511| bmz8->hashes[nhashes] = NULL; # 512| DEBUGP("Reading %u hashes\n", nhashes); Error: GCC_ANALYZER_WARNING (CWE-789): [#def57] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c:510:41: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘(long unsigned int)((int)nhashes + 1) * 8’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c:510:41: note: heap-based allocation # 508| mphf->data = bmz8; # 509| nbytes = fread(&nhashes, sizeof(cmph_uint8), (size_t)1, f); # 510|-> bmz8->hashes = (hash_state_t **)malloc(sizeof(hash_state_t *)*(size_t)(nhashes + 1)); # 511| bmz8->hashes[nhashes] = NULL; # 512| DEBUGP("Reading %u hashes\n", nhashes); Error: GCC_ANALYZER_WARNING (CWE-823): [#def58] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c:511:31: warning[-Wanalyzer-tainted-offset]: use of attacker-controlled value ‘(long unsigned int)nhashes * 8’ as offset without upper-bounds checking # 509| nbytes = fread(&nhashes, sizeof(cmph_uint8), (size_t)1, f); # 510| bmz8->hashes = (hash_state_t **)malloc(sizeof(hash_state_t *)*(size_t)(nhashes + 1)); # 511|-> bmz8->hashes[nhashes] = NULL; # 512| DEBUGP("Reading %u hashes\n", nhashes); # 513| for (i = 0; i < nhashes; ++i) Error: GCC_ANALYZER_WARNING (CWE-789): [#def59] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c:518:31: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘buflen’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c:518:31: note: heap-based allocation # 516| nbytes = fread(&buflen, sizeof(cmph_uint32), (size_t)1, f); # 517| DEBUGP("Hash state has %u bytes\n", buflen); # 518|-> buf = (char *)malloc((size_t)buflen); # 519| nbytes = fread(buf, (size_t)buflen, (size_t)1, f); # 520| state = hash_state_load(buf, buflen); Error: GCC_ANALYZER_WARNING (CWE-401): [#def60] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bmz8.c:526:18: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ # 524| # 525| DEBUGP("Reading m and n\n"); # 526|-> nbytes = fread(&(bmz8->n), sizeof(cmph_uint8), (size_t)1, f); # 527| nbytes = fread(&(bmz8->m), sizeof(cmph_uint8), (size_t)1, f); # 528| Error: GCC_ANALYZER_WARNING: [#def61] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c: scope_hint: In function ‘brz_new’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:155:38: warning[-Wanalyzer-imprecise-fp-arithmetic]: use of floating-point arithmetic here might yield unexpected results gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:155:38: note: only use operands of an integer type inside the size argument # 153| brz->k = (cmph_uint32)ceil(brz->m/((double)brz->b)); # 154| DEBUGP("k: %u\n", brz->k); # 155|-> brz->size = (cmph_uint8 *) calloc((size_t)brz->k, sizeof(cmph_uint8)); # 156| # 157| // Clustering the keys by graph id. Error: GCC_ANALYZER_WARNING (CWE-476): [#def62] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c: scope_hint: In function ‘brz_gen_mphf’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:265:31: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buckets_size’ # 263| fprintf(stderr, "Flushing %u\n", nkeys_in_buffer); # 264| } # 265|-> value = buckets_size[0]; # 266| sum = 0; # 267| keylen1 = 0; Error: GCC_ANALYZER_WARNING (CWE-688): [#def63] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:288:25: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘filename’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_sprintf’ must be non-null # 286| } # 287| filename = (char *)calloc(strlen((char *)(brz->tmp_dir)) + 11, sizeof(char)); # 288|-> sprintf(filename, "%s%u.cmph",brz->tmp_dir, nflushes); # 289| tmp_fd = fopen(filename, "wb"); # 290| free(filename); Error: GCC_ANALYZER_WARNING (CWE-476): [#def64] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:294:69: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘keys_index’ # 292| for(i = 0; i < nkeys_in_buffer; i++) # 293| { # 294|-> memcpy(&keylen1, buffer + keys_index[i], sizeof(keylen1)); # 295| nbytes = fwrite(buffer + keys_index[i], (size_t)1, keylen1 + sizeof(keylen1), tmp_fd); # 296| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def65] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:295:42: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘fopen(filename, "wb")’ where non-null expected gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/cmph.h:5: included_from: Included from here. gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.h:4: included_from: Included from here. gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:2: included_from: Included from here. /usr/include/stdio.h:735:15: note: argument 4 of ‘fwrite’ must be non-null # 293| { # 294| memcpy(&keylen1, buffer + keys_index[i], sizeof(keylen1)); # 295|-> nbytes = fwrite(buffer + keys_index[i], (size_t)1, keylen1 + sizeof(keylen1), tmp_fd); # 296| } # 297| nkeys_in_buffer = 0; Error: GCC_ANALYZER_WARNING (CWE-688): [#def66] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:302:25: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘fopen(filename, "wb")’ where non-null expected /usr/include/stdio.h:184:12: note: argument 1 of ‘fclose’ must be non-null # 300| nflushes++; # 301| free(keys_index); # 302|-> fclose(tmp_fd); # 303| } # 304| memcpy(buffer + memory_usage, &keylen, sizeof(keylen)); Error: GCC_ANALYZER_WARNING (CWE-476): [#def67] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:304:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buffer’ # 302| fclose(tmp_fd); # 303| } # 304|-> memcpy(buffer + memory_usage, &keylen, sizeof(keylen)); # 305| memcpy(buffer + memory_usage + sizeof(keylen), key, (size_t)keylen); # 306| memory_usage += keylen + (cmph_uint32)sizeof(keylen); Error: GCC_ANALYZER_WARNING (CWE-476): [#def68] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:328:23: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buckets_size’ # 326| fprintf(stderr, "Flushing %u\n", nkeys_in_buffer); # 327| } # 328|-> value = buckets_size[0]; # 329| sum = 0; # 330| keylen1 = 0; Error: GCC_ANALYZER_WARNING (CWE-688): [#def69] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:350:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘filename’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_sprintf’ must be non-null # 348| } # 349| filename = (char *)calloc(strlen((char *)(brz->tmp_dir)) + 11, sizeof(char)); # 350|-> sprintf(filename, "%s%u.cmph",brz->tmp_dir, nflushes); # 351| tmp_fd = fopen(filename, "wb"); # 352| free(filename); Error: GCC_ANALYZER_WARNING (CWE-476): [#def70] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:356:61: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘keys_index’ # 354| for(i = 0; i < nkeys_in_buffer; i++) # 355| { # 356|-> memcpy(&keylen1, buffer + keys_index[i], sizeof(keylen1)); # 357| nbytes = fwrite(buffer + keys_index[i], (size_t)1, keylen1 + sizeof(keylen1), tmp_fd); # 358| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def71] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:357:34: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘fopen(filename, "wb")’ where non-null expected /usr/include/stdio.h:735:15: note: argument 4 of ‘fwrite’ must be non-null # 355| { # 356| memcpy(&keylen1, buffer + keys_index[i], sizeof(keylen1)); # 357|-> nbytes = fwrite(buffer + keys_index[i], (size_t)1, keylen1 + sizeof(keylen1), tmp_fd); # 358| } # 359| nkeys_in_buffer = 0; Error: GCC_ANALYZER_WARNING (CWE-476): [#def72] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:413:28: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buffer_h0’ # 411| { # 412| i = brz_min_index(buffer_h0, nflushes); # 413|-> cur_bucket = buffer_h0[i]; # 414| key = (char *)buffer_manager_read_key(buff_manager, i, &keylen); # 415| if(key) Error: GCC_ANALYZER_WARNING (CWE-476): [#def73] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:422:53: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘keys_vd’ # 420| h0 = hash(brz->h0, key+sizeof(keylen), keylen) % brz->k; # 421| if (h0 != buffer_h0[i]) break; # 422|-> keys_vd[nkeys_vd++] = (cmph_uint8 *)key; # 423| key = NULL; //transfer memory ownership # 424| e++; Error: GCC_ANALYZER_WARNING (CWE-476): [#def74] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:430:53: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘keys_vd’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:16: included_from: Included from here. # 428| { # 429| assert(nkeys_vd < brz->size[cur_bucket]); # 430|-> keys_vd[nkeys_vd++] = buffer_merge[i]; # 431| buffer_merge[i] = NULL; //transfer memory ownership # 432| e++; Error: GCC_ANALYZER_WARNING (CWE-476): [#def75] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:430:67: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buffer_merge’ # 428| { # 429| assert(nkeys_vd < brz->size[cur_bucket]); # 430|-> keys_vd[nkeys_vd++] = buffer_merge[i]; # 431| buffer_merge[i] = NULL; //transfer memory ownership # 432| e++; Error: GCC_ANALYZER_WARNING (CWE-476): [#def76] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:440:45: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘keys_vd’ # 438| { # 439| assert(nkeys_vd < brz->size[cur_bucket]); # 440|-> keys_vd[nkeys_vd++] = buffer_merge[i]; # 441| buffer_merge[i] = NULL; //transfer memory ownership # 442| e++; Error: GCC_ANALYZER_WARNING (CWE-476): [#def77] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:440:59: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buffer_merge’ # 438| { # 439| assert(nkeys_vd < brz->size[cur_bucket]); # 440|-> keys_vd[nkeys_vd++] = buffer_merge[i]; # 441| buffer_merge[i] = NULL; //transfer memory ownership # 442| e++; Error: GCC_ANALYZER_WARNING (CWE-476): [#def78] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c: scope_hint: In function ‘brz_copy_partial_fch_mphf’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:541:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buf’ # 539| *buflen = buflenh1 + buflenh2 + n + 2U * (cmph_uint32)sizeof(cmph_uint32); # 540| buf = (char *)malloc((size_t)(*buflen)); # 541|-> memcpy(buf, &buflenh1, sizeof(cmph_uint32)); # 542| memcpy(buf+sizeof(cmph_uint32), bufh1, (size_t)buflenh1); # 543| memcpy(buf+sizeof(cmph_uint32)+buflenh1, &buflenh2, sizeof(cmph_uint32)); Error: GCC_ANALYZER_WARNING (CWE-476): [#def79] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c: scope_hint: In function ‘brz_copy_partial_bmz8_mphf’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:562:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buf’ # 560| *buflen = buflenh1 + buflenh2 + n + 2U * (cmph_uint32)sizeof(cmph_uint32); # 561| buf = (char *)malloc((size_t)(*buflen)); # 562|-> memcpy(buf, &buflenh1, sizeof(cmph_uint32)); # 563| memcpy(buf+sizeof(cmph_uint32), bufh1, (size_t)buflenh1); # 564| memcpy(buf+sizeof(cmph_uint32)+buflenh1, &buflenh2, sizeof(cmph_uint32)); Error: GCC_ANALYZER_WARNING (CWE-476): [#def80] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c: scope_hint: In function ‘brz_load’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:610:67: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘brz’ # 608| nbytes = fread(&(brz->algo), sizeof(brz->algo), (size_t)1, f); // Reading algo. # 609| nbytes = fread(&(brz->k), sizeof(cmph_uint32), (size_t)1, f); # 610|-> brz->size = (cmph_uint8 *) malloc(sizeof(cmph_uint8)*brz->k); # 611| nbytes = fread(brz->size, sizeof(cmph_uint8)*(brz->k), (size_t)1, f); # 612| brz->h1 = (hash_state_t **)malloc(sizeof(hash_state_t *)*brz->k); Error: GCC_ANALYZER_WARNING (CWE-789): [#def81] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:622:31: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘buflen’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:622:31: note: heap-based allocation # 620| nbytes = fread(&buflen, sizeof(cmph_uint32), (size_t)1, f); # 621| DEBUGP("Hash state 1 has %u bytes\n", buflen); # 622|-> buf = (char *)malloc((size_t)buflen); # 623| nbytes = fread(buf, (size_t)buflen, (size_t)1, f); # 624| brz->h1[i] = hash_state_load(buf, buflen); Error: GCC_ANALYZER_WARNING (CWE-789): [#def82] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:629:31: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘buflen’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:629:31: note: heap-based allocation # 627| nbytes = fread(&buflen, sizeof(cmph_uint32), (size_t)1, f); # 628| DEBUGP("Hash state 2 has %u bytes\n", buflen); # 629|-> buf = (char *)malloc((size_t)buflen); # 630| nbytes = fread(buf, (size_t)buflen, (size_t)1, f); # 631| brz->h2[i] = hash_state_load(buf, buflen); Error: GCC_ANALYZER_WARNING: [#def83] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:644:43: warning[-Wanalyzer-imprecise-fp-arithmetic]: use of floating-point arithmetic here might yield unexpected results gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:644:43: note: only use operands of an integer type inside the size argument # 642| } # 643| DEBUGP("g_i has %u bytes\n", n); # 644|-> brz->g[i] = (cmph_uint8 *)calloc((size_t)n, sizeof(cmph_uint8)); # 645| nbytes = fread(brz->g[i], sizeof(cmph_uint8)*n, (size_t)1, f); # 646| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def84] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:645:35: warning[-Wanalyzer-malloc-leak]: leak of ‘calloc((long unsigned int)n, 1)’ # 643| DEBUGP("g_i has %u bytes\n", n); # 644| brz->g[i] = (cmph_uint8 *)calloc((size_t)n, sizeof(cmph_uint8)); # 645|-> nbytes = fread(brz->g[i], sizeof(cmph_uint8)*n, (size_t)1, f); # 646| } # 647| //loading h0 Error: GCC_ANALYZER_WARNING (CWE-789): [#def85] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:650:23: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘buflen’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/brz.c:650:23: note: heap-based allocation # 648| nbytes = fread(&buflen, sizeof(cmph_uint32), (size_t)1, f); # 649| DEBUGP("Hash state has %u bytes\n", buflen); # 650|-> buf = (char *)malloc((size_t)buflen); # 651| nbytes = fread(buf, (size_t)buflen, (size_t)1, f); # 652| brz->h0 = hash_state_load(buf, buflen); Error: GCC_ANALYZER_WARNING (CWE-688): [#def86] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/buffer_entry.c: scope_hint: In function ‘buffer_entry_read_key’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/buffer_entry.c:72:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*buffer_entry.buff + (sizetype)*buffer_entry.pos’ where non-null expected <built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null # 70| buffer_entry_load(buffer_entry); # 71| } # 72|-> memcpy(keylen + copied_bytes, buffer_entry->buff + buffer_entry->pos, (size_t)lacked_bytes); # 73| buffer_entry->pos += lacked_bytes; # 74| Error: GCC_ANALYZER_WARNING (CWE-476): [#def87] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/buffer_entry.c:78:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buf’ # 76| copied_bytes = 0; # 77| buf = (cmph_uint8 *)malloc(*keylen + sizeof(*keylen)); # 78|-> memcpy(buf, keylen, sizeof(*keylen)); # 79| if((buffer_entry->pos + lacked_bytes) > buffer_entry->nbytes) { # 80| copied_bytes = buffer_entry->nbytes - buffer_entry->pos; Error: GCC_ANALYZER_WARNING (CWE-688): [#def88] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/buffer_entry.c:87:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*buffer_entry.buff + (sizetype)*buffer_entry.pos’ where non-null expected <built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null # 85| buffer_entry_load(buffer_entry); # 86| } # 87|-> memcpy(buf+sizeof(*keylen)+copied_bytes, buffer_entry->buff + buffer_entry->pos, (size_t)lacked_bytes); # 88| buffer_entry->pos += lacked_bytes; # 89| return buf; Error: GCC_ANALYZER_WARNING (CWE-476): [#def89] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/buffer_manager.c: scope_hint: In function ‘buffer_manager_new’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/buffer_manager.c:28:49: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘calloc((long unsigned int)nentries, 8)’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/buffer_manager.c:4: included_from: Included from here. # 26| for(i = 0; i < buff_manager->nentries; i++) # 27| { # 28|-> buff_manager->buffer_entries[i] = buffer_entry_new(memory_avail_entry); # 29| } # 30| return buff_manager; Error: GCC_ANALYZER_WARNING (CWE-476): [#def90] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd.c: scope_hint: In function ‘chd_new’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd.c:133:43: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘vals_table’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd.c:13: included_from: Included from here. gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd.c:131:21: note: in expansion of macro ‘GETBIT32’ # 131| if(!GETBIT32(occup_table, i)) # 132| { # 133|-> vals_table[idx++] = i; # 134| } # 135| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def91] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd.c:146:20: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘mphf’ # 144| # 145| mphf = (cmph_t *)malloc(sizeof(cmph_t)); # 146|-> mphf->algo = mph->algo; # 147| chdf = (chd_data_t *)malloc(sizeof(chd_data_t)); # 148| Error: GCC_ANALYZER_WARNING (CWE-476): [#def92] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd.c:149:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘chdf’ # 147| chdf = (chd_data_t *)malloc(sizeof(chd_data_t)); # 148| # 149|-> chdf->packed_cr = packed_cr; # 150| packed_cr = NULL; //transfer memory ownership # 151| Error: GCC_ANALYZER_WARNING (CWE-476): [#def93] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd.c: scope_hint: In function ‘chd_load’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd.c:186:64: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘chd’ # 184| nbytes = fread(&chd->packed_chd_phf_size, sizeof(cmph_uint32), (size_t)1, fd); # 185| DEBUGP("Loading CHD_PH perfect hash function with %u bytes to disk\n", chd->packed_chd_phf_size); # 186|-> chd->packed_chd_phf = (cmph_uint8 *) calloc((size_t)chd->packed_chd_phf_size,(size_t)1); # 187| nbytes = fread(chd->packed_chd_phf, chd->packed_chd_phf_size, (size_t)1, fd); # 188| Error: GCC_ANALYZER_WARNING (CWE-401): [#def94] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd.c:189:18: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ # 187| nbytes = fread(chd->packed_chd_phf, chd->packed_chd_phf_size, (size_t)1, fd); # 188| # 189|-> nbytes = fread(&chd->packed_cr_size, sizeof(cmph_uint32), (size_t)1, fd); # 190| DEBUGP("Loading Compressed rank structure, which has %u bytes\n", chd->packed_cr_size); # 191| chd->packed_cr = (cmph_uint8 *) calloc((size_t)chd->packed_cr_size, (size_t)1); Error: GCC_ANALYZER_WARNING (CWE-476): [#def95] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c:87:67: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘tmp_map_item’ # 85| register chd_ph_item_t * tmp_item; # 86| register chd_ph_map_item_t * tmp_map_item = map_items + item_idx; # 87|-> register chd_ph_bucket_t * bucket = buckets + tmp_map_item->bucket_num; # 88| tmp_item = items + bucket->items_list; # 89| Error: GCC_ANALYZER_WARNING (CWE-457): [#def96] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c: scope_hint: In function ‘chd_ph_bucket_insert’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c:87:67: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*tmp_map_item.bucket_num’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c:6: included_from: Included from here. # 85| register chd_ph_item_t * tmp_item; # 86| register chd_ph_map_item_t * tmp_map_item = map_items + item_idx; # 87|-> register chd_ph_bucket_t * bucket = buckets + tmp_map_item->bucket_num; # 88| tmp_item = items + bucket->items_list; # 89| Error: GCC_ANALYZER_WARNING (CWE-476): [#def97] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c: scope_hint: In function ‘chd_ph_mapping’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c:248:37: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘map_item’ # 246| # 247| g = hl[0] % chd_ph->nbuckets; # 248|-> map_item->f = hl[1] % chd_ph->n; # 249| map_item->h = hl[2] % (chd_ph->n - 1) + 1; # 250| map_item->bucket_num=g; Error: GCC_ANALYZER_WARNING (CWE-476): [#def98] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c: scope_hint: In function ‘chd_ph_ordering’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c:314:38: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘sorted_lists’ # 312| sorted_lists[bucket_size].size++; # 313| }; # 314|-> sorted_lists[1].buckets_list = 0; # 315| // Determine final position of list of buckets into the contiguous array that will store all the buckets # 316| for(i = 2; i <= max_bucket_size; i++) Error: GCC_ANALYZER_WARNING (CWE-476): [#def99] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c: scope_hint: In function ‘chd_ph_new’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c:808:20: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘mphf’ # 806| # 807| mphf = (cmph_t *)malloc(sizeof(cmph_t)); # 808|-> mphf->algo = mph->algo; # 809| chd_phf = (chd_ph_data_t *)malloc(sizeof(chd_ph_data_t)); # 810| Error: GCC_ANALYZER_WARNING (CWE-476): [#def100] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c:811:21: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘chd_phf’ # 809| chd_phf = (chd_ph_data_t *)malloc(sizeof(chd_ph_data_t)); # 810| # 811|-> chd_phf->cs = chd_ph->cs; # 812| chd_ph->cs = NULL; //transfer memory ownership # 813| chd_phf->hl = chd_ph->hl; Error: GCC_ANALYZER_WARNING (CWE-789): [#def101] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c: scope_hint: In function ‘chd_ph_load’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c:850:23: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘buflen’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c:850:23: note: heap-based allocation # 848| nbytes = fread(&buflen, sizeof(cmph_uint32), (size_t)1, fd); # 849| DEBUGP("Hash state has %u bytes\n", buflen); # 850|-> buf = (char *)malloc((size_t)buflen); # 851| nbytes = fread(buf, (size_t)buflen, (size_t)1, fd); # 852| chd_ph->hl = hash_state_load(buf, buflen); Error: GCC_ANALYZER_WARNING (CWE-789): [#def102] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c:857:23: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘buflen’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chd_ph.c:857:23: note: heap-based allocation # 855| nbytes = fread(&buflen, sizeof(cmph_uint32), (size_t)1, fd); # 856| DEBUGP("Compressed sequence structure has %u bytes\n", buflen); # 857|-> buf = (char *)malloc((size_t)buflen); # 858| nbytes = fread(buf, (size_t)buflen, (size_t)1, fd); # 859| chd_ph->cs = (compressed_seq_t *) calloc(1, sizeof(compressed_seq_t)); Error: GCC_ANALYZER_WARNING (CWE-476): [#def103] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chm.c: scope_hint: In function ‘chm_new’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chm.c:71:47: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*chm.hashes + (long unsigned int)i * 8’ # 69| # 70| chm->hashes = (hash_state_t **)malloc(sizeof(hash_state_t *)*3); # 71|-> for(i = 0; i < 3; ++i) chm->hashes[i] = NULL; # 72| //Mapping step # 73| if (mph->verbosity) Error: GCC_ANALYZER_WARNING (CWE-688): [#def104] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chm.c:112:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘visited’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 110| DEBUGP("Assignment step\n"); # 111| visited = (cmph_uint8 *)malloc((size_t)(chm->n/8 + 1)); # 112|-> memset(visited, 0, (size_t)(chm->n/8 + 1)); # 113| free(chm->g); # 114| chm->g = (cmph_uint32 *)malloc(chm->n * sizeof(cmph_uint32)); Error: GCC_ANALYZER_WARNING (CWE-476): [#def105] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chm.c:129:20: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘mphf’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chm.c:11: included_from: Included from here. # 127| # 128| mphf = (cmph_t *)malloc(sizeof(cmph_t)); # 129|-> mphf->algo = mph->algo; # 130| chmf = (chm_data_t *)malloc(sizeof(chm_data_t)); # 131| chmf->g = chm->g; Error: GCC_ANALYZER_WARNING (CWE-476): [#def106] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chm.c:131:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘chmf’ # 129| mphf->algo = mph->algo; # 130| chmf = (chm_data_t *)malloc(sizeof(chm_data_t)); # 131|-> chmf->g = chm->g; # 132| chm->g = NULL; //transfer memory ownership # 133| chmf->hashes = chm->hashes; Error: GCC_ANALYZER_WARNING (CWE-476): [#def107] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chm.c: scope_hint: In function ‘chm_load’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chm.c:252:21: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘chm’ # 250| mphf->data = chm; # 251| nbytes = fread(&nhashes, sizeof(cmph_uint32), (size_t)1, f); # 252|-> chm->hashes = (hash_state_t **)malloc(sizeof(hash_state_t *)*(nhashes + 1)); # 253| chm->hashes[nhashes] = NULL; # 254| DEBUGP("Reading %u hashes\n", nhashes); Error: GCC_ANALYZER_WARNING (CWE-789): [#def108] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chm.c:252:40: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘(long unsigned int)(nhashes + 1) * 8’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chm.c:252:40: note: heap-based allocation # 250| mphf->data = chm; # 251| nbytes = fread(&nhashes, sizeof(cmph_uint32), (size_t)1, f); # 252|-> chm->hashes = (hash_state_t **)malloc(sizeof(hash_state_t *)*(nhashes + 1)); # 253| chm->hashes[nhashes] = NULL; # 254| DEBUGP("Reading %u hashes\n", nhashes); Error: GCC_ANALYZER_WARNING (CWE-823): [#def109] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chm.c:253:30: warning[-Wanalyzer-tainted-offset]: use of attacker-controlled value ‘(long unsigned int)nhashes * 8’ as offset without upper-bounds checking # 251| nbytes = fread(&nhashes, sizeof(cmph_uint32), (size_t)1, f); # 252| chm->hashes = (hash_state_t **)malloc(sizeof(hash_state_t *)*(nhashes + 1)); # 253|-> chm->hashes[nhashes] = NULL; # 254| DEBUGP("Reading %u hashes\n", nhashes); # 255| for (i = 0; i < nhashes; ++i) Error: GCC_ANALYZER_WARNING (CWE-789): [#def110] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chm.c:260:31: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘buflen’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chm.c:260:31: note: heap-based allocation # 258| nbytes = fread(&buflen, sizeof(cmph_uint32), (size_t)1, f); # 259| DEBUGP("Hash state has %u bytes\n", buflen); # 260|-> buf = (char *)malloc((size_t)buflen); # 261| nbytes = fread(buf, (size_t)buflen, (size_t)1, f); # 262| state = hash_state_load(buf, buflen); Error: GCC_ANALYZER_WARNING (CWE-401): [#def111] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/chm.c:268:18: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ # 266| # 267| DEBUGP("Reading m and n\n"); # 268|-> nbytes = fread(&(chm->n), sizeof(cmph_uint32), (size_t)1, f); # 269| nbytes = fread(&(chm->m), sizeof(cmph_uint32), (size_t)1, f); # 270| Error: GCC_ANALYZER_WARNING (CWE-688): [#def112] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/cmph.c: scope_hint: In function ‘key_byte_vector_read’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/cmph.c:89:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*key’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 87| size = *keylen; # 88| *key = (char *)malloc(size); # 89|-> memcpy(*key, keys_vd[cmph_vector->position] + sizeof(*keylen), size); # 90| cmph_vector->position = cmph_vector->position + 1; # 91| return (int)(*keylen); Error: GCC_ANALYZER_WARNING (CWE-688): [#def113] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/cmph.c: scope_hint: In function ‘key_struct_vector_read’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/cmph.c:103:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*key’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 101| size = *keylen; # 102| *key = (char *)malloc(size); # 103|-> memcpy(*key, (keys_vd + (cmph_struct_vector->position * cmph_struct_vector->struct_size) + cmph_struct_vector->key_offset), size); # 104| cmph_struct_vector->position = cmph_struct_vector->position + 1; # 105| return (int)(*keylen); Error: GCC_ANALYZER_WARNING (CWE-688): [#def114] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/cmph.c: scope_hint: In function ‘key_vector_read’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/cmph.c:116:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*key’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null # 114| size = *keylen; # 115| *key = (char *)malloc(size + 1); # 116|-> strcpy(*key, keys_vd[cmph_vector->position]); # 117| cmph_vector->position = cmph_vector->position + 1; # 118| return (int)(*keylen); Error: GCC_ANALYZER_WARNING (CWE-688): [#def115] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/cmph_structs.c: scope_hint: In function ‘__config_new’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/cmph_structs.c:12:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘mph’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 10| { # 11| cmph_config_t *mph = (cmph_config_t *)malloc(sizeof(cmph_config_t)); # 12|-> memset(mph, 0, sizeof(cmph_config_t)); # 13| if (mph == NULL) return NULL; # 14| mph->key_source = key_source; Error: GCC_ANALYZER_WARNING (CWE-476): [#def116] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/cmph_structs.c: scope_hint: In function ‘__cmph_load’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/cmph_structs.c:65:20: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘mphf’ # 63| } # 64| mphf = (cmph_t *)malloc(sizeof(cmph_t)); # 65|-> mphf->algo = algo; # 66| nbytes = fread(&(mphf->size), sizeof(mphf->size), (size_t)1, f); # 67| mphf->data = NULL; Error: GCC_ANALYZER_WARNING (CWE-476): [#def117] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_rank.c: scope_hint: In function ‘compressed_rank_generate’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_rank.c:64:35: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘select_vec’ # 62| j++; # 63| } # 64|-> select_vec[i - 1] = j; # 65| }; # 66| Error: GCC_ANALYZER_WARNING (CWE-688): [#def118] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_rank.c: scope_hint: In function ‘compressed_rank_load’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_rank.c:238:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*cr.vals_rems’ where non-null expected gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h:111:43: note: in definition of macro ‘BITS_TABLE_SIZE’ <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 236| cr->vals_rems = (cmph_uint32 *) calloc(vals_rems_size, sizeof(cmph_uint32)); # 237| vals_rems_size *= 4; # 238|-> memcpy(cr->vals_rems, buf + pos, vals_rems_size); # 239| # 240| #ifdef DEBUG Error: GCC_ANALYZER_WARNING (CWE-688): [#def119] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_rank.c: scope_hint: In function ‘compressed_rank_pack’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_rank.c:260:17: warning[-Wanalyzer-null-argument]: use of NULL ‘buf’ where non-null expected <built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null # 258| cmph_uint32 buflen = 0; # 259| compressed_rank_dump(cr, &buf, &buflen); # 260|-> memcpy(cr_packed, buf, buflen); # 261| free(buf); # 262| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def120] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_seq.c: scope_hint: In function ‘compressed_seq_generate’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_seq.c:60:36: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘lengths’ # 58| if(vals_table[i] == 0) # 59| { # 60|-> lengths[i] = 0; # 61| } # 62| else Error: GCC_ANALYZER_WARNING (CWE-476): [#def121] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_seq.c:64:36: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘lengths’ # 62| else # 63| { # 64|-> lengths[i] = compressed_seq_i_log2(vals_table[i] + 1); # 65| cs->total_length += lengths[i]; # 66| }; Error: GCC_ANALYZER_WARNING (CWE-688): [#def122] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_seq.c: scope_hint: In function ‘compressed_seq_load’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_seq.c:287:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*cs.length_rems’ where non-null expected gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/bitbool.h:111:43: note: in definition of macro ‘BITS_TABLE_SIZE’ <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 285| cs->length_rems = (cmph_uint32 *) calloc(length_rems_size, sizeof(cmph_uint32)); # 286| length_rems_size *= 4; # 287|-> memcpy(cs->length_rems, buf + pos, length_rems_size); # 288| # 289| #ifdef DEBUG Error: GCC_ANALYZER_WARNING (CWE-688): [#def123] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_seq.c:305:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*cs.store_table’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 303| cs->store_table = (cmph_uint32 *) calloc(store_table_size, sizeof(cmph_uint32)); # 304| store_table_size *= 4; # 305|-> memcpy(cs->store_table, buf + pos, store_table_size); # 306| # 307| #ifdef DEBUG Error: GCC_ANALYZER_WARNING (CWE-688): [#def124] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_seq.c: scope_hint: In function ‘compressed_seq_pack’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/compressed_seq.c:324:17: warning[-Wanalyzer-null-argument]: use of NULL ‘buf’ where non-null expected <built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null # 322| cmph_uint32 buflen = 0; # 323| compressed_seq_dump(cs, &buf, &buflen); # 324|-> memcpy(cs_packed, buf, buflen); # 325| free(buf); # 326| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def125] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c: scope_hint: In function ‘check_for_collisions_h2’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c:132:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘hashtable’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 130| { # 131| cmph_uint32 nkeys = fch_buckets_get_size(buckets, sorted_indexes[i]); # 132|-> memset(hashtable, 0, (size_t)fch->m); # 133| //DEBUGP("bucket %u -- nkeys: %u\n", i, nkeys); # 134| for (j = 0; j < nkeys; j++) Error: GCC_ANALYZER_WARNING (CWE-476): [#def126] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c: scope_hint: In function ‘searching’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c:177:33: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘random_table’ # 175| for(i = 0; i < fch->m; i++) # 176| { # 177|-> random_table[i] = i; # 178| } # 179| permut(random_table, fch->m); Error: GCC_ANALYZER_WARNING (CWE-476): [#def127] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c:182:39: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘random_table’ # 180| for(i = 0; i < fch->m; i++) # 181| { # 182|-> map_table[random_table[i]] = i; # 183| } # 184| do { Error: GCC_ANALYZER_WARNING (CWE-476): [#def128] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c:212:83: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘random_table’ # 210| counter = 0; # 211| restart = 0; // false # 212|-> fch->g[sorted_indexes[i]] = (fch->m + random_table[filled_count + z] - h2) % fch->m; # 213| //DEBUGP("g[%u]: %u\n", sorted_indexes[i], fch->g[sorted_indexes[i]]); # 214| j = INDEX; Error: GCC_ANALYZER_WARNING (CWE-476): [#def129] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c: scope_hint: In function ‘fch_new’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c:294:20: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘mphf’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c: scope_hint: In function ‘fch_new’ # 292| if (iterations == 0) return NULL; # 293| mphf = (cmph_t *)malloc(sizeof(cmph_t)); # 294|-> mphf->algo = mph->algo; # 295| fchf = (fch_data_t *)malloc(sizeof(fch_data_t)); # 296| fchf->g = fch->g; Error: GCC_ANALYZER_WARNING (CWE-476): [#def130] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c:296:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘fchf’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c: scope_hint: In function ‘fch_new’ # 294| mphf->algo = mph->algo; # 295| fchf = (fch_data_t *)malloc(sizeof(fch_data_t)); # 296|-> fchf->g = fch->g; # 297| fch->g = NULL; //transfer memory ownership # 298| fchf->h1 = fch->h1; Error: GCC_ANALYZER_WARNING (CWE-476): [#def131] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c: scope_hint: In function ‘fch_load’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c:373:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘fch’ # 371| mphf->data = fch; # 372| //DEBUGP("Reading h1\n"); # 373|-> fch->h1 = NULL; # 374| nbytes = fread(&buflen, sizeof(cmph_uint32), (size_t)1, f); # 375| //DEBUGP("Hash state of h1 has %u bytes\n", buflen); Error: GCC_ANALYZER_WARNING (CWE-789): [#def132] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c:376:23: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘buflen’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c:376:23: note: heap-based allocation # 374| nbytes = fread(&buflen, sizeof(cmph_uint32), (size_t)1, f); # 375| //DEBUGP("Hash state of h1 has %u bytes\n", buflen); # 376|-> buf = (char *)malloc((size_t)buflen); # 377| nbytes = fread(buf, (size_t)buflen, (size_t)1, f); # 378| fch->h1 = hash_state_load(buf, buflen); Error: GCC_ANALYZER_WARNING (CWE-789): [#def133] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c:387:23: warning[-Wanalyzer-tainted-allocation-size]: use of attacker-controlled value ‘buflen’ as allocation size without upper-bounds checking gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/fch.c:387:23: note: heap-based allocation # 385| nbytes = fread(&buflen, sizeof(cmph_uint32), (size_t)1, f); # 386| //DEBUGP("Hash state of h2 has %u bytes\n", buflen); # 387|-> buf = (char *)malloc((size_t)buflen); # 388| nbytes = fread(buf, (size_t)buflen, (size_t)1, f); # 389| fch->h2 = hash_state_load(buf, buflen); Error: GCC_ANALYZER_WARNING (CWE-476): [#def134] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/graph.c: scope_hint: In function ‘graph_clear_edges’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/graph.c:165:53: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*g.first + (long unsigned int)i * 4’ # 163| { # 164| cmph_uint32 i; # 165|-> for (i = 0; i < g->nnodes; ++i) g->first[i] = EMPTY; # 166| for (i = 0; i < g->nedges*2; ++i) # 167| { Error: GCC_ANALYZER_WARNING (CWE-476): [#def135] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/graph.c:168:29: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*g.edges + (long unsigned int)i * 4’ # 166| for (i = 0; i < g->nedges*2; ++i) # 167| { # 168|-> g->edges[i] = EMPTY; # 169| g->next[i] = EMPTY; # 170| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def136] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/graph.c:169:28: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*g.next + (long unsigned int)i * 4’ # 167| { # 168| g->edges[i] = EMPTY; # 169|-> g->next[i] = EMPTY; # 170| } # 171| g->cedges = 0; Error: GCC_ANALYZER_WARNING (CWE-688): [#def137] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/graph.c: scope_hint: In function ‘graph_is_cyclic’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/graph.c:234:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘deleted’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 232| cmph_uint8 *deleted = (cmph_uint8 *)malloc((g->nedges*sizeof(cmph_uint8))/8 + 1); # 233| size_t deleted_len = g->nedges/8 + 1; # 234|-> memset(deleted, 0, deleted_len); # 235| # 236| DEBUGP("Looking for cycles in graph with %u vertices and %u edges\n", g->nnodes, g->nedges); Error: GCC_ANALYZER_WARNING (CWE-688): [#def138] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/graph.c: scope_hint: In function ‘graph_obtain_critical_nodes’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/graph.c:265:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘deleted’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 263| cmph_uint8 *deleted = (cmph_uint8 *)malloc((g->nedges*sizeof(cmph_uint8))/8+1); # 264| size_t deleted_len = g->nedges/8 + 1; # 265|-> memset(deleted, 0, deleted_len); # 266| free(g->critical_nodes); # 267| g->critical_nodes = (cmph_uint8 *)malloc((g->nnodes*sizeof(cmph_uint8))/8 + 1); Error: GCC_ANALYZER_WARNING (CWE-688): [#def139] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/graph.c:269:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*g.critical_nodes’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 267| g->critical_nodes = (cmph_uint8 *)malloc((g->nnodes*sizeof(cmph_uint8))/8 + 1); # 268| g->ncritical_nodes = 0; # 269|-> memset(g->critical_nodes, 0, (g->nnodes*sizeof(cmph_uint8))/8 + 1); # 270| DEBUGP("Looking for the 2-core in graph with %u vertices and %u edges\n", g->nnodes, g->nedges); # 271| for (v = 0; v < g->nnodes; ++v) Error: GCC_ANALYZER_WARNING (CWE-688): [#def140] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/hash.c: scope_hint: In function ‘hash_state_dump’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/hash.c:68:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*buf’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 66| } # 67| *buf = (char *)malloc(strlen(cmph_hash_names[state->hashfunc]) + 1 + *buflen); # 68|-> memcpy(*buf, cmph_hash_names[state->hashfunc], strlen(cmph_hash_names[state->hashfunc]) + 1); # 69| DEBUGP("Algobuf is %u\n", *(cmph_uint32 *)algobuf); # 70| len = *buflen; Error: GCC_ANALYZER_WARNING (CWE-476): [#def141] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/jenkins_hash.c: scope_hint: In function ‘jenkins_state_new’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/jenkins_hash.c:91:21: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘state’ # 89| jenkins_state_t *state = (jenkins_state_t *)malloc(sizeof(jenkins_state_t)); # 90| DEBUGP("Initializing jenkins hash\n"); # 91|-> state->seed = ((cmph_uint32)rand() % size); # 92| return state; # 93| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def142] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/jenkins_hash.c: scope_hint: In function ‘jenkins_state_copy’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/jenkins_hash.c:237:30: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dest_state’ # 235| { # 236| jenkins_state_t *dest_state = (jenkins_state_t *)malloc(sizeof(jenkins_state_t)); # 237|-> dest_state->hashfunc = src_state->hashfunc; # 238| dest_state->seed = src_state->seed; # 239| return dest_state; Error: GCC_ANALYZER_WARNING (CWE-476): [#def143] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/jenkins_hash.c: scope_hint: In function ‘jenkins_state_load’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/jenkins_hash.c:245:21: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘state’ # 243| { # 244| jenkins_state_t *state = (jenkins_state_t *)malloc(sizeof(jenkins_state_t)); # 245|-> state->seed = *(cmph_uint32 *)buf; # 246| state->hashfunc = CMPH_HASH_JENKINS; # 247| DEBUGP("Loaded jenkins state with seed %u\n", state->seed); Error: GCC_ANALYZER_WARNING (CWE-476): [#def144] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/select.c: scope_hint: In function ‘select_generate_sel_table’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/select.c:84:65: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘bits_table’ # 82| { # 83| old_part_sum = part_sum; # 84|-> part_sum += rank_lookup_table[bits_table[vec_idx]]; # 85| vec_idx++; # 86| } while (part_sum <= one_idx); Error: GCC_ANALYZER_WARNING (CWE-476): [#def145] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/select.c:88:50: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*sel.select_table’ # 86| } while (part_sum <= one_idx); # 87| # 88|-> sel->select_table[sel_table_idx] = select_lookup_table[bits_table[vec_idx - 1]][one_idx - old_part_sum] + ((vec_idx - 1) << 3); // ((vec_idx - 1) << 3) = ((vec_idx - 1) * 8) # 89| one_idx += STEP_SELECT_TABLE ; # 90| sel_table_idx++; Error: GCC_ANALYZER_WARNING (CWE-688): [#def146] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/select.c: scope_hint: In function ‘select_load’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/select.c:278:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*sel.bits_vec’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 276| sel->select_table = (cmph_uint32 *)calloc(sel_table_size/sizeof(cmph_uint32), sizeof(cmph_uint32)); # 277| # 278|-> memcpy(sel->bits_vec, buf + pos, vec_size); # 279| pos += vec_size; # 280| memcpy(sel->select_table, buf + pos, sel_table_size); Error: GCC_ANALYZER_WARNING (CWE-688): [#def147] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/select.c:280:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*sel.select_table’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 278| memcpy(sel->bits_vec, buf + pos, vec_size); # 279| pos += vec_size; # 280|-> memcpy(sel->select_table, buf + pos, sel_table_size); # 281| # 282| DEBUGP("Loaded select structure with size %u bytes\n", buflen); Error: GCC_ANALYZER_WARNING (CWE-688): [#def148] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/select.c: scope_hint: In function ‘select_pack’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/cmph/select.c:298:17: warning[-Wanalyzer-null-argument]: use of NULL ‘buf’ where non-null expected <built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null # 296| cmph_uint32 buflen = 0; # 297| select_dump(sel, &buf, &buflen); # 298|-> memcpy(sel_packed, buf, buflen); # 299| free(buf); # 300| } Error: CPPCHECK_WARNING (CWE-457): [#def149] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/gibaseinfo.c:545: error[uninitvar]: Uninitialized variables: &blob.name, &blob.value # 543| first = (AttributeBlob *) &rinfo->typelib->data[header->attributes]; # 544| # 545|-> res = bsearch (&blob, first, header->n_attributes, # 546| header->attribute_blob_size, cmp_attribute); # 547| Error: COMPILER_WARNING (CWE-476): [#def150] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/girparser.c:661:11: warning[-Wnull-dereference]: potential null pointer dereference # 661 | if (*str == '<') # | ^~~~ # 659| str += strlen ("Error"); # 660| # 661|-> if (*str == '<') # 662| { # 663| char *tmp, *end; Error: CPPCHECK_WARNING (CWE-457): [#def151] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/girepository/girparser.c:1633: error[legacyUninitvar]: Uninitialized variable: target_state # 1631| g_assert_not_reached (); # 1632| # 1633|-> if (!introspectable_prelude (context, attribute_names, attribute_values, ctx, target_state)) # 1634| return TRUE; # 1635| Error: CPPCHECK_WARNING (CWE-476): [#def152] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/redhat-linux-build/giscanner/scannerlexer.c:2974: warning[nullPointer]: Possible null pointer dereference: b # 2972| # 2973| yy_flush_buffer( b ); # 2974|-> # 2975| b->yy_input_file = file; # 2976| b->yy_fill_buffer = 1; Error: CPPCHECK_WARNING (CWE-476): [#def153] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/redhat-linux-build/giscanner/scannerlexer.c:2975: warning[nullPointer]: Possible null pointer dereference: b # 2973| yy_flush_buffer( b ); # 2974| # 2975|-> b->yy_input_file = file; # 2976| b->yy_fill_buffer = 1; # 2977| Error: GCC_ANALYZER_WARNING (CWE-457): [#def154] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/redhat-linux-build/giscanner/scannerparser.c: scope_hint: In function ‘yyparse’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/redhat-linux-build/giscanner/scannerparser.c:816:7: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyss’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/redhat-linux-build/giscanner/scannerparser.c:801:9: note: in expansion of macro ‘YYCOPY’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/redhat-linux-build/giscanner/scannerparser.c:2355:9: note: in expansion of macro ‘YYSTACK_RELOCATE’ /usr/lib64/glib-2.0/include/glibconfig.h:9: included_from: Included from here. /usr/include/glib-2.0/glib/gtypes.h:34: included_from: Included from here. /usr/include/glib-2.0/glib/galloca.h:34: included_from: Included from here. /usr/include/glib-2.0/glib.h:32: included_from: Included from here. gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/giscanner/scannerparser.y:34: included_from: Included from here. /usr/include/glib-2.0/glib/gmacros.h:1249:31: note: in expansion of macro ‘_G_BOOLEAN_EXPR_IMPL’ /usr/include/glib-2.0/glib/gmacros.h:1250:43: note: in expansion of macro ‘_G_BOOLEAN_EXPR’ /usr/include/glib-2.0/glib/gmessages.h:664:9: note: in expansion of macro ‘G_LIKELY’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/giscanner/scannerparser.y:1715:3: note: in expansion of macro ‘g_return_val_if_fail’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/redhat-linux-build/giscanner/scannerparser.c:816:25: note: in definition of macro ‘YYCOPY’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/redhat-linux-build/giscanner/scannerparser.c:2355:9: note: in expansion of macro ‘YYSTACK_RELOCATE’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/redhat-linux-build/giscanner/scannerparser.c:801:9: note: in expansion of macro ‘YYCOPY’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/redhat-linux-build/giscanner/scannerparser.c:2355:9: note: in expansion of macro ‘YYSTACK_RELOCATE’ # 814| # if defined __GNUC__ && 1 < __GNUC__ # 815| # define YYCOPY(Dst, Src, Count) \ # 816|-> __builtin_memcpy (Dst, Src, YY_CAST (YYSIZE_T, (Count)) * sizeof (*(Src))) # 817| # else # 818| # define YYCOPY(Dst, Src, Count) \ Error: CPPCHECK_WARNING (CWE-457): [#def155] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/tests/repository/gitypelibtest.c:271: warning[uninitvar]: Uninitialized variables: sig_info.dummy1, sig_info.dummy2, sig_info.dummy3, sig_info.dummy4, sig_info.dummy5, sig_info.dummy6, sig_info.dummy7 # 269| g_assert (i >= 0); # 270| # 271|-> g_assert_cmpint (g_callable_info_get_n_args (sig_info), ==, 2); # 272| # 273| /* verify array argument */ Error: GCC_ANALYZER_WARNING (CWE-775): [#def156] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/tools/compiler.c: scope_hint: In function ‘write_out_typelib’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/tools/compiler.c:118:10: warning[-Wanalyzer-file-leak]: leak of FILE ‘file’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/tools/compiler.c:27: included_from: Included from here. gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/tools/compiler.c:83:14: note: in expansion of macro ‘g_fopen’ # 116| g_free (tmp_filename); # 117| # 118|-> return success; # 119| } # 120| Error: GCC_ANALYZER_WARNING (CWE-401): [#def157] gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/tools/compiler.c:118:10: warning[-Wanalyzer-malloc-leak]: leak of ‘file’ gobject-introspection-1.82.0-build/gobject-introspection-1.82.0/tools/compiler.c:83:14: note: in expansion of macro ‘g_fopen’ # 116| g_free (tmp_filename); # 117| # 118|-> return success; # 119| } # 120|
| analyzer-version-clippy | 1.82.0 |
| analyzer-version-cppcheck | 2.16.0 |
| analyzer-version-gcc | 14.2.1 |
| analyzer-version-gcc-analyzer | 15.0.0 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-211.us-west-2.compute.internal |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | gobject-introspection-1.82.0-1.fc42 |
| store-results-to | /tmp/tmpcsls_obu/gobject-introspection-1.82.0-1.fc42.tar.xz |
| time-created | 2024-11-13 00:11:05 |
| time-finished | 2024-11-13 00:13:25 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmpcsls_obu/gobject-introspection-1.82.0-1.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpcsls_obu/gobject-introspection-1.82.0-1.fc42.src.rpm' |
| tool-version | csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9 |