Error: GCC_ANALYZER_WARNING (CWE-688): [#def1] wavpack-5.7.0-build/wavpack-5.7.0/cli/caff.c: scope_hint: In function ‘ParseCaffHeaderConfig’ wavpack-5.7.0-build/wavpack-5.7.0/cli/caff.c:338:25: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘channel_reorder’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 336| # 337| channel_reorder = malloc (num_descriptions); # 338|-> memset (channel_reorder, -1, num_descriptions); # 339| channel_identities = malloc (num_descriptions+1); # 340| Error: GCC_ANALYZER_WARNING (CWE-476): [#def2] wavpack-5.7.0-build/wavpack-5.7.0/cli/caff.c:367:67: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘channel_identities’ # 365| # 366| if (clabel == 0 || clabel == 0xffffffff || clabel == 100) # 367|-> channel_identities [idents++] = 0xff; # 368| else if ((clabel >= 33 && clabel <= 44) || (clabel >= 200 && clabel <= 207) || (clabel >= 301 && clabel <= 305)) # 369| channel_identities [idents++] = clabel >= 301 ? clabel - 80 : clabel; Error: GCC_ANALYZER_WARNING (CWE-476): [#def3] wavpack-5.7.0-build/wavpack-5.7.0/cli/caff.c:369:67: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘channel_identities’ # 367| channel_identities [idents++] = 0xff; # 368| else if ((clabel >= 33 && clabel <= 44) || (clabel >= 200 && clabel <= 207) || (clabel >= 301 && clabel <= 305)) # 369|-> channel_identities [idents++] = clabel >= 301 ? clabel - 80 : clabel; # 370| else { # 371| error_line ("warning: unknown channel descriptions label: %d", clabel); Error: GCC_ANALYZER_WARNING (CWE-476): [#def4] wavpack-5.7.0-build/wavpack-5.7.0/cli/caff.c:372:67: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘channel_identities’ # 370| else { # 371| error_line ("warning: unknown channel descriptions label: %d", clabel); # 372|-> channel_identities [idents++] = 0xff; # 373| } # 374| Error: GCC_ANALYZER_WARNING (CWE-131): [#def5] wavpack-5.7.0-build/wavpack-5.7.0/cli/import_id3.c: scope_hint: In function ‘ID3v2StringsToUTF8’ wavpack-5.7.0-build/wavpack-5.7.0/cli/import_id3.c:556:23: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size # 554| return -1; # 555| # 556|-> wide_string = malloc (src_length + 2); # 557| # 558| while (fp <= fe - 2 && (!num_segments || fp [0] || fp [1])) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def6] wavpack-5.7.0-build/wavpack-5.7.0/cli/import_id3.c:566:62: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wide_string’ # 564| fp += 2; # 565| # 566|-> if ((wchar != 0xFEFF) && !(wide_string [i++] = wchar)) # 567| break; # 568| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def7] wavpack-5.7.0-build/wavpack-5.7.0/cli/import_id3.c:571:33: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wide_string’ # 569| # 570| if (fp > fe - 2) # 571|-> wide_string [i] = 0; # 572| # 573| WideCharToUTF8 (wide_string, dst, (int)(dst_end - dst)); Error: GCC_ANALYZER_WARNING (CWE-688): [#def8] wavpack-5.7.0-build/wavpack-5.7.0/cli/import_id3.c: scope_hint: In function ‘Latin1ToUTF8’ wavpack-5.7.0-build/wavpack-5.7.0/cli/import_id3.c:652:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘temp’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 650| iconv_t converter; # 651| # 652|-> memset(temp, 0, len); # 653| # 654| insize = strlen (string); Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] wavpack-5.7.0-build/wavpack-5.7.0/cli/import_id3.c:657:8: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open("UTF-8", "ISO-8859-1")’ # 655| converter = iconv_open ("UTF-8", "ISO-8859-1"); # 656| # 657|-> if (converter != (iconv_t) -1) { # 658| err = iconv (converter, &inp, &insize, &outp, &outsize); # 659| iconv_close (converter); Error: GCC_ANALYZER_WARNING (CWE-401): [#def10] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:38: included_from: Included from here. wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘repack_file’ wavpack-5.7.0-build/wavpack-5.7.0/cli/utils.h:39:29: warning[-Wanalyzer-malloc-leak]: leak of ‘out2filename_temp’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:2913:16: note: in expansion of macro ‘WAVPACK_SOFT_ERROR’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:2934:5: note: in expansion of macro ‘CLEAR’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:2913:16: note: in expansion of macro ‘WAVPACK_SOFT_ERROR’ # 37| #define WAVPACK_NO_ERROR 0 # 38| #define WAVPACK_WARNINGS 1 # 39|-> #define WAVPACK_SOFT_ERROR 2 # 40| #define WAVPACK_HARD_ERROR 3 # 41| Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] wavpack-5.7.0-build/wavpack-5.7.0/cli/utils.h:40:29: warning[-Wanalyzer-malloc-leak]: leak of ‘format_buffer’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3631:20: note: in expansion of macro ‘WAVPACK_HARD_ERROR’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3631:20: note: in expansion of macro ‘WAVPACK_HARD_ERROR’ # 38| #define WAVPACK_WARNINGS 1 # 39| #define WAVPACK_SOFT_ERROR 2 # 40|-> #define WAVPACK_HARD_ERROR 3 # 41| # 42| #define CLEAR(destin) memset (&destin, 0, sizeof (destin)); Error: CPPCHECK_WARNING (CWE-401): [#def12] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:390: error[memleakOnRealloc]: Common realloc mistake: 'argv_fn' nulled but not freed upon failure # 388| char *option = malloc (option_len + 1); # 389| # 390|-> argv_fn = realloc (argv_fn, sizeof (char *) * ++argc_fn); # 391| memcpy (option, open_brace + 1, option_len); # 392| argv_fn [argc_fn - 1] = option; Error: CPPCHECK_WARNING (CWE-401): [#def13] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:881: error[memleakOnRealloc]: Common realloc mistake: 'tag_items' nulled but not freed upon failure # 879| int i = num_tag_items; # 880| # 881|-> tag_items = realloc (tag_items, ++num_tag_items * sizeof (*tag_items)); # 882| tag_items [i].item = malloc (cp - argcp + 1); # 883| memcpy (tag_items [i].item, argcp, cp - argcp); Error: CPPCHECK_WARNING (CWE-401): [#def14] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:936: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure # 934| } # 935| else { # 936|-> matches = realloc (matches, (num_files + 1) * sizeof (*matches)); # 937| matches [num_files] = malloc (strlen (argcp) + 10); # 938| strcpy (matches [num_files], argcp); Error: CPPCHECK_WARNING (CWE-401): [#def15] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:1193: error[memleakOnRealloc]: Common realloc mistake: 'listbuff' nulled but not freed upon failure # 1191| int bytes_read; # 1192| # 1193|-> listbuff = realloc (listbuff, listbytes + 1024); # 1194| memset (listbuff + listbytes, 0, 1024); # 1195| listbytes += bytes_read = (int) fread (listbuff + listbytes, 1, 1024, list); Error: CPPCHECK_WARNING (CWE-401): [#def16] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:1221: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure # 1219| # 1220| fname [ci++] = '\0'; # 1221|-> matches = realloc (matches, ++num_files * sizeof (*matches)); # 1222| # 1223| for (di = num_files - 1; di > file_index + 1; di--) Error: GCC_ANALYZER_WARNING (CWE-688): [#def17] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘pack_file’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:1826:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘outfilename_temp’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null # 1824| # 1825| while (1) { # 1826|-> strcpy (outfilename_temp, outfilename); # 1827| # 1828| if (filespec_ext (outfilename_temp)) { Error: GCC_ANALYZER_WARNING (CWE-688): [#def18] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:1855:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘out2filename_temp’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null # 1853| # 1854| if (out2filename) { # 1855|-> strcpy (out2filename_temp, outfilename_temp); # 1856| strcat (out2filename_temp, "c"); # 1857| Error: GCC_ANALYZER_WARNING (CWE-476): [#def19] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:2011:39: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_channel_order’ # 2009| # 2010| for (i = 0; i < loc_config.num_channels; ++i) # 2011|-> new_channel_order [i] = i; # 2012| # 2013| WavpackGetChannelLayout (wpc, new_channel_order); Error: GCC_ANALYZER_WARNING (CWE-476): [#def20] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:2038:39: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_channel_order’ # 2036| # 2037| for (i = 0; i < loc_config.num_channels; ++i) # 2038|-> new_channel_order [i] = i; # 2039| # 2040| memcpy (new_channel_order, channel_order, num_channels_order); Error: GCC_ANALYZER_WARNING (CWE-688): [#def21] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:2040:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘new_channel_order’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 2038| new_channel_order [i] = i; # 2039| # 2040|-> memcpy (new_channel_order, channel_order, num_channels_order); # 2041| # 2042| for (i = 0; i < num_channels_order;) { Error: CPPCHECK_WARNING (CWE-401): [#def22] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:2123: error[memleakOnRealloc]: Common realloc mistake: 'buffer' nulled but not freed upon failure # 2121| while (DoReadFile (infile, buffer + wrapper_size, buffer_size - wrapper_size, &bcount) && bcount) # 2122| if ((wrapper_size += bcount) == buffer_size) # 2123|-> buffer = realloc (buffer, buffer_size += 65536); # 2124| # 2125| // if we got something and are storing wrapper, write it to the outfile file Error: GCC_ANALYZER_WARNING (CWE-476): [#def23] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘pack_audio’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:2611:46: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘sample_buffer’ # 2609| # 2610| for (x = 0; x < l; x ++) # 2611|-> if (sample_buffer[x] < 0 || ((sample_buffer[x] + offset) << shift) > 0) # 2612| sample_buffer[x] += offset; # 2613| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def24] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:2615:59: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘sample_buffer’ # 2613| } # 2614| # 2615|-> for (x = 0; x < l; x ++) sample_buffer[x] &= quantize_bit_mask; # 2616| } # 2617| else { Error: GCC_ANALYZER_WARNING (CWE-476): [#def25] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:2619:37: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘sample_buffer’ # 2617| else { # 2618| for (x = 0; x < l; x ++) { # 2619|-> const float f = *(float *)&sample_buffer[x]; # 2620| *(float *)&sample_buffer[x] = (float) (floor(f * fquantize_scale + 0.5) * fquantize_iscale); # 2621| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def26] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘pack_dsd_audio’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:2795:41: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘sptr’ # 2793| for (cc = num_channels; cc--; srcp += DSD_BLOCKSIZE) # 2794| if (sindex < sample_count) # 2795|-> *sptr++ = (qmode & QMODE_DSD_LSB_FIRST) ? bit_reverse_table [*srcp] : *srcp; # 2796| else if (*srcp) # 2797| non_null++; Error: GCC_ANALYZER_WARNING (CWE-476): [#def27] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:2810:33: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘sptr’ # 2808| # 2809| while (scount--) # 2810|-> *sptr++ = *iptr++; # 2811| } # 2812| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def28] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3015:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘outfilename_temp’ where non-null expected wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:2934:5: note: in expansion of macro ‘CLEAR’ <built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null # 3013| # 3014| while (1) { # 3015|-> strcpy (outfilename_temp, outfilename); # 3016| # 3017| if (filespec_ext (outfilename_temp)) { Error: GCC_ANALYZER_WARNING (CWE-688): [#def29] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3040:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘out2filename_temp’ where non-null expected wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:2934:5: note: in expansion of macro ‘CLEAR’ <built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null # 3038| # 3039| if (out2filename) { # 3040|-> strcpy (out2filename_temp, outfilename_temp); # 3041| strcat (out2filename_temp, "c"); # 3042| Error: GCC_ANALYZER_WARNING (CWE-476): [#def30] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘repack_audio’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3581:43: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_channel_order’ # 3579| # 3580| for (i = 0; i < num_channels; ++i) # 3581|-> new_channel_order [i] = i; # 3582| # 3583| WavpackGetChannelLayout (infile, new_channel_order); Error: GCC_ANALYZER_WARNING (CWE-476): [#def31] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3652:45: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 3650| for (si = 0; si < DSD_BLOCKSIZE; si++, sptr += num_channels) # 3651| if (si < samples_this_block) # 3652|-> *dptr++ = (qmode & QMODE_DSD_LSB_FIRST) ? bit_reverse_table [*sptr & 0xff] : *sptr; # 3653| else # 3654| *dptr++ = 0; Error: GCC_ANALYZER_WARNING (CWE-476): [#def32] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3654:45: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 3652| *dptr++ = (qmode & QMODE_DSD_LSB_FIRST) ? bit_reverse_table [*sptr & 0xff] : *sptr; # 3653| else # 3654|-> *dptr++ = 0; # 3655| # 3656| if (cc) Error: GCC_ANALYZER_WARNING (CWE-476): [#def33] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3674:33: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 3672| # 3673| while (scount--) # 3674|-> *dptr++ = *sptr++; # 3675| } # 3676| } Error: CPPCHECK_WARNING (CWE-457): [#def34] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3748: warning[uninitvar]: Uninitialized variable: temp # 3746| } # 3747| # 3748|-> memcpy (start, temp, num_chans * bytes_per_sample); # 3749| } # 3750| Error: GCC_ANALYZER_WARNING (CWE-688): [#def35] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘reorder_channels’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3748:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘temp’ where non-null expected <built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null # 3746| } # 3747| # 3748|-> memcpy (start, temp, num_chans * bytes_per_sample); # 3749| } # 3750| Error: GCC_ANALYZER_WARNING (CWE-457): [#def36] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3748:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘temp’ # 3746| } # 3747| # 3748|-> memcpy (start, temp, num_chans * bytes_per_sample); # 3749| } # 3750| Error: GCC_ANALYZER_WARNING (CWE-476): [#def37] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘unreorder_channels’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3766:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘temp’ # 3764| # 3765| for (chan = 0; chan < num_chans; ++chan) # 3766|-> temp [chan] = data [order[chan]]; # 3767| # 3768| memcpy (data, temp, num_chans * sizeof (*data)); Error: GCC_ANALYZER_WARNING (CWE-457): [#def38] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3768:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘temp’ # 3766| temp [chan] = data [order[chan]]; # 3767| # 3768|-> memcpy (data, temp, num_chans * sizeof (*data)); # 3769| data += num_chans; # 3770| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def39] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘verify_audio’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3834:39: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_channel_order’ # 3832| # 3833| for (i = 0; i < num_channels; ++i) # 3834|-> new_channel_order [i] = i; # 3835| # 3836| WavpackGetChannelLayout (wpc, new_channel_order); Error: GCC_ANALYZER_WARNING (CWE-476): [#def40] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3869:45: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 3867| for (si = 0; si < DSD_BLOCKSIZE; si++, sptr += num_channels) # 3868| if (si < samples_this_block) # 3869|-> *dptr++ = (qmode & QMODE_DSD_LSB_FIRST) ? bit_reverse_table [*sptr & 0xff] : *sptr; # 3870| else # 3871| *dptr++ = 0; Error: GCC_ANALYZER_WARNING (CWE-476): [#def41] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3871:45: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 3869| *dptr++ = (qmode & QMODE_DSD_LSB_FIRST) ? bit_reverse_table [*sptr & 0xff] : *sptr; # 3870| else # 3871|-> *dptr++ = 0; # 3872| # 3873| if (cc) Error: GCC_ANALYZER_WARNING (CWE-476): [#def42] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:3885:37: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 3883| # 3884| while (scount--) # 3885|-> *dptr++ = *sptr++; # 3886| } # 3887| Error: GCC_ANALYZER_WARNING (CWE-476): [#def43] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘load_little_endian_unsigned_samples’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4087:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4085| case 1: # 4086| while (count--) # 4087|-> *dst++ = *sptr++ - 0x80; # 4088| # 4089| break; Error: GCC_ANALYZER_WARNING (CWE-476): [#def44] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4093:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4091| case 2: # 4092| while (count--) { # 4093|-> *dst++ = (sptr [0] | ((int32_t) sptr [1] << 8)) - 0x8000; # 4094| sptr += 2; # 4095| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def45] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4101:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4099| case 3: # 4100| while (count--) { # 4101|-> *dst++ = (sptr [0] | ((int32_t) sptr [1] << 8) | ((int32_t) sptr [2] << 16)) - 0x800000; # 4102| sptr += 3; # 4103| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def46] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4109:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4107| case 4: # 4108| while (count--) { # 4109|-> *dst++ = (sptr [0] | sptr [1] << 8 | sptr [2] << 16 | (uint32_t) sptr [3] << 24) ^ 0x80000000; # 4110| sptr += 4; # 4111| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def47] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘load_little_endian_signed_samples’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4125:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4123| case 1: # 4124| while (count--) # 4125|-> *dst++ = (signed char) *sptr++; # 4126| # 4127| break; Error: GCC_ANALYZER_WARNING (CWE-476): [#def48] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4131:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4129| case 2: # 4130| while (count--) { # 4131|-> *dst++ = (int16_t)(sptr [0] | sptr [1] << 8); # 4132| sptr += 2; # 4133| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def49] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4139:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4137| case 3: # 4138| while (count--) { # 4139|-> *dst++ = (int32_t)((uint32_t)(sptr [0] | sptr [1] << 8 | sptr [2] << 16) << 8) >> 8; # 4140| sptr += 3; # 4141| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def50] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4147:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4145| case 4: # 4146| while (count--) { # 4147|-> *dst++ = sptr [0] | sptr [1] << 8 | sptr [2] << 16 | (uint32_t) sptr [3] << 24; # 4148| sptr += 4; # 4149| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def51] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘load_big_endian_unsigned_samples’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4163:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4161| case 1: # 4162| while (count--) # 4163|-> *dst++ = *sptr++ - 0x80; # 4164| # 4165| break; Error: GCC_ANALYZER_WARNING (CWE-476): [#def52] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4169:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4167| case 2: # 4168| while (count--) { # 4169|-> *dst++ = (sptr [1] | ((int32_t) sptr [0] << 8)) - 0x8000; # 4170| sptr += 2; # 4171| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def53] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4177:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4175| case 3: # 4176| while (count--) { # 4177|-> *dst++ = (sptr [2] | ((int32_t) sptr [1] << 8) | ((int32_t) sptr [0] << 16)) - 0x800000; # 4178| sptr += 3; # 4179| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def54] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4185:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4183| case 4: # 4184| while (count--) { # 4185|-> *dst++ = (sptr [3] | sptr [2] << 8 | sptr [1] << 16 | (uint32_t) sptr [0] << 24) ^ 0x80000000; # 4186| sptr += 4; # 4187| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def55] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘load_big_endian_signed_samples’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4201:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4199| case 1: # 4200| while (count--) # 4201|-> *dst++ = (signed char) *sptr++; # 4202| # 4203| break; Error: GCC_ANALYZER_WARNING (CWE-476): [#def56] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4207:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4205| case 2: # 4206| while (count--) { # 4207|-> *dst++ = (int16_t)(sptr [1] | sptr [0] << 8); # 4208| sptr += 2; # 4209| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def57] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4215:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4213| case 3: # 4214| while (count--) { # 4215|-> *dst++ = (int32_t)((uint32_t)(sptr [2] | sptr [1] << 8 | sptr [0] << 16) << 8) >> 8; # 4216| sptr += 3; # 4217| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def58] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4223:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’ # 4221| case 4: # 4222| while (count--) { # 4223|-> *dst++ = sptr [3] | sptr [2] << 8 | sptr [1] << 16 | (uint32_t) sptr [0] << 24; # 4224| sptr += 4; # 4225| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def59] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘store_little_endian_unsigned_samples’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4265:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4263| case 1: # 4264| while (count--) # 4265|-> *dptr++ = *src++ + 0x80; # 4266| # 4267| break; Error: GCC_ANALYZER_WARNING (CWE-476): [#def60] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4271:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4269| case 2: # 4270| while (count--) { # 4271|-> *dptr++ = (unsigned char) (temp = *src++ + 0x8000); # 4272| *dptr++ = (unsigned char) (temp >> 8); # 4273| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def61] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4279:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4277| case 3: # 4278| while (count--) { # 4279|-> *dptr++ = (unsigned char) (temp = *src++ + 0x800000); # 4280| *dptr++ = (unsigned char) (temp >> 8); # 4281| *dptr++ = (unsigned char) (temp >> 16); Error: GCC_ANALYZER_WARNING (CWE-476): [#def62] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4288:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4286| case 4: # 4287| while (count--) { # 4288|-> *dptr++ = (unsigned char) (temp = *src++ + 0x80000000); # 4289| *dptr++ = (unsigned char) (temp >> 8); # 4290| *dptr++ = (unsigned char) (temp >> 16); Error: GCC_ANALYZER_WARNING (CWE-476): [#def63] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘store_little_endian_signed_samples’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4309:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4307| case 1: # 4308| while (count--) # 4309|-> *dptr++ = *src++; # 4310| # 4311| break; Error: GCC_ANALYZER_WARNING (CWE-476): [#def64] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4315:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4313| case 2: # 4314| while (count--) { # 4315|-> *dptr++ = (unsigned char) (temp = *src++); # 4316| *dptr++ = (unsigned char) (temp >> 8); # 4317| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def65] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4323:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4321| case 3: # 4322| while (count--) { # 4323|-> *dptr++ = (unsigned char) (temp = *src++); # 4324| *dptr++ = (unsigned char) (temp >> 8); # 4325| *dptr++ = (unsigned char) (temp >> 16); Error: GCC_ANALYZER_WARNING (CWE-476): [#def66] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4332:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4330| case 4: # 4331| while (count--) { # 4332|-> *dptr++ = (unsigned char) (temp = *src++); # 4333| *dptr++ = (unsigned char) (temp >> 8); # 4334| *dptr++ = (unsigned char) (temp >> 16); Error: GCC_ANALYZER_WARNING (CWE-476): [#def67] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘store_big_endian_unsigned_samples’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4353:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4351| case 1: # 4352| while (count--) # 4353|-> *dptr++ = *src++ + 0x80; # 4354| # 4355| break; Error: GCC_ANALYZER_WARNING (CWE-476): [#def68] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4359:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4357| case 2: # 4358| while (count--) { # 4359|-> *dptr++ = (unsigned char) ((temp = *src++ + 0x8000) >> 8); # 4360| *dptr++ = (unsigned char) temp; # 4361| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def69] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4367:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4365| case 3: # 4366| while (count--) { # 4367|-> *dptr++ = (unsigned char) ((temp = *src++ + 0x800000) >> 16); # 4368| *dptr++ = (unsigned char) (temp >> 8); # 4369| *dptr++ = (unsigned char) temp; Error: GCC_ANALYZER_WARNING (CWE-476): [#def70] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4376:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4374| case 4: # 4375| while (count--) { # 4376|-> *dptr++ = (unsigned char) ((temp = *src++ + 0x80000000) >> 24); # 4377| *dptr++ = (unsigned char) (temp >> 16); # 4378| *dptr++ = (unsigned char) (temp >> 8); Error: GCC_ANALYZER_WARNING (CWE-476): [#def71] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘store_big_endian_signed_samples’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4397:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4395| case 1: # 4396| while (count--) # 4397|-> *dptr++ = *src++; # 4398| # 4399| break; Error: GCC_ANALYZER_WARNING (CWE-476): [#def72] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4403:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4401| case 2: # 4402| while (count--) { # 4403|-> *dptr++ = (unsigned char) ((temp = *src++) >> 8); # 4404| *dptr++ = (unsigned char) temp; # 4405| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def73] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4411:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4409| case 3: # 4410| while (count--) { # 4411|-> *dptr++ = (unsigned char) ((temp = *src++) >> 16); # 4412| *dptr++ = (unsigned char) (temp >> 8); # 4413| *dptr++ = (unsigned char) temp; Error: GCC_ANALYZER_WARNING (CWE-476): [#def74] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4420:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’ # 4418| case 4: # 4419| while (count--) { # 4420|-> *dptr++ = (unsigned char) ((temp = *src++) >> 24); # 4421| *dptr++ = (unsigned char) (temp >> 16); # 4422| *dptr++ = (unsigned char) (temp >> 8); Error: GCC_ANALYZER_WARNING (CWE-401): [#def75] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4517:13: warning[-Wanalyzer-malloc-leak]: leak of ‘converter’ # 4515| memmove (inp, inp + 3, len - 3); # 4516| inp [len - 3] = 0; # 4517|-> return; # 4518| } # 4519| Error: GCC_ANALYZER_WARNING (CWE-401): [#def76] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c: scope_hint: In function ‘TextToUTF8’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4517:13: warning[-Wanalyzer-malloc-leak]: leak of ‘temp’ # 4515| memmove (inp, inp + 3, len - 3); # 4516| inp [len - 3] = 0; # 4517|-> return; # 4518| } # 4519| Error: GCC_ANALYZER_WARNING (CWE-688): [#def77] wavpack-5.7.0-build/wavpack-5.7.0/cli/wavpack.c:4520:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘temp’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 4518| } # 4519| # 4520|-> memset(temp, 0, len); # 4521| old_locale = setlocale (LC_CTYPE, ""); # 4522| Error: CPPCHECK_WARNING (CWE-401): [#def78] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvgain.c:239: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure # 237| } # 238| else { # 239|-> matches = realloc (matches, (num_files + 1) * sizeof (*matches)); # 240| matches [num_files] = malloc (strlen (*argv) + 10); # 241| strcpy (matches [num_files], *argv); Error: GCC_ANALYZER_WARNING (CWE-476): [#def79] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvgain.c: scope_hint: In function ‘main’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvgain.c:240:33: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘matches’ # 238| else { # 239| matches = realloc (matches, (num_files + 1) * sizeof (*matches)); # 240|-> matches [num_files] = malloc (strlen (*argv) + 10); # 241| strcpy (matches [num_files], *argv); # 242| Error: GCC_ANALYZER_WARNING (CWE-688): [#def80] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvgain.c:241:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc(strlen(*argv) + 10)’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null # 239| matches = realloc (matches, (num_files + 1) * sizeof (*matches)); # 240| matches [num_files] = malloc (strlen (*argv) + 10); # 241|-> strcpy (matches [num_files], *argv); # 242| # 243| if (*(matches [num_files]) != '-' && *(matches [num_files]) != '@' && Error: GCC_ANALYZER_WARNING (CWE-126): [#def81] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvgain.c:295:40: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read wavpack-5.7.0-build/wavpack-5.7.0/cli/wvgain.c:295:40: note: read of 8 bytes from after the end of the region # 293| # 294| for (di = file_index; di < num_files - 1; di++) # 295|-> matches [di] = matches [di + 1]; # 296| # 297| file_index--; Error: CPPCHECK_WARNING (CWE-401): [#def82] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvgain.c:309: error[memleakOnRealloc]: Common realloc mistake: 'listbuff' nulled but not freed upon failure # 307| int bytes_read; # 308| # 309|-> listbuff = realloc (listbuff, listbytes + 1024); # 310| memset (listbuff + listbytes, 0, 1024); # 311| listbytes += bytes_read = (int) fread (listbuff + listbytes, 1, 1024, list); Error: GCC_ANALYZER_WARNING (CWE-415): [#def83] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvgain.c:309:28: warning[-Wanalyzer-double-free]: double-‘free’ of ‘listbuff’ # 307| int bytes_read; # 308| # 309|-> listbuff = realloc (listbuff, listbytes + 1024); # 310| memset (listbuff + listbytes, 0, 1024); # 311| listbytes += bytes_read = (int) fread (listbuff + listbytes, 1, 1024, list); Error: GCC_ANALYZER_WARNING (CWE-688): [#def84] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvgain.c:310:17: warning[-Wanalyzer-null-argument]: use of NULL ‘listbuff’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 308| # 309| listbuff = realloc (listbuff, listbytes + 1024); # 310|-> memset (listbuff + listbytes, 0, 1024); # 311| listbytes += bytes_read = (int) fread (listbuff + listbytes, 1, 1024, list); # 312| Error: GCC_ANALYZER_WARNING (CWE-401): [#def85] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvgain.c:313:20: warning[-Wanalyzer-malloc-leak]: leak of ‘listbuff’ # 311| listbytes += bytes_read = (int) fread (listbuff + listbytes, 1, 1024, list); # 312| # 313|-> if (bytes_read < 1024) # 314| break; # 315| } Error: GCC_ANALYZER_WARNING (CWE-416): [#def86] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvgain.c:323:25: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘cp’ # 321| cp = listbuff; # 322| # 323|-> while ((c = *cp++)) { # 324| # 325| while (c == '\n' || c == '\r') Error: GCC_ANALYZER_WARNING (CWE-476): [#def87] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvgain.c:333:38: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘fname’ # 331| # 332| do # 333|-> fname [ci++] = c; # 334| while ((c = *cp++) != '\n' && c != '\r' && c && ci < PATH_MAX); # 335| Error: CPPCHECK_WARNING (CWE-401): [#def88] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvgain.c:337: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure # 335| # 336| fname [ci++] = '\0'; # 337|-> matches = realloc (matches, ++num_files * sizeof (*matches)); # 338| # 339| for (di = num_files - 1; di > file_index + 1; di--) Error: GCC_ANALYZER_WARNING (CWE-476): [#def89] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvgain.c:342:44: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘matches’ # 340| matches [di] = matches [di - 1]; # 341| # 342|-> matches [++file_index] = fname; # 343| } # 344| Error: CPPCHECK_WARNING (CWE-401): [#def90] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:333: error[memleakOnRealloc]: Common realloc mistake: 'tag_items' nulled but not freed upon failure # 331| int i = num_tag_items; # 332| # 333|-> tag_items = realloc (tag_items, ++num_tag_items * sizeof (*tag_items)); # 334| tag_items [i].item = malloc (cp - *argv + 1); # 335| memcpy (tag_items [i].item, *argv, cp - *argv); Error: CPPCHECK_WARNING (CWE-401): [#def91] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:358: error[memleakOnRealloc]: Common realloc mistake: 'tag_items' nulled but not freed upon failure # 356| } # 357| # 358|-> tag_items = realloc (tag_items, ++num_tag_items * sizeof (*tag_items)); # 359| tag_items [i].item = strdup (*argv); # 360| tag_items [i].binary = 0; Error: CPPCHECK_WARNING (CWE-401): [#def92] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:366: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure # 364| } # 365| else { # 366|-> matches = realloc (matches, (num_files + 1) * sizeof (*matches)); # 367| matches [num_files] = malloc (strlen (*argv) + 10); # 368| strcpy (matches [num_files], *argv); Error: CPPCHECK_WARNING (CWE-401): [#def93] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:552: error[memleakOnRealloc]: Common realloc mistake: 'listbuff' nulled but not freed upon failure # 550| int bytes_read; # 551| # 552|-> listbuff = realloc (listbuff, listbytes + 1024); # 553| memset (listbuff + listbytes, 0, 1024); # 554| listbytes += bytes_read = (int) fread (listbuff + listbytes, 1, 1024, list); Error: CPPCHECK_WARNING (CWE-401): [#def94] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:580: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure # 578| # 579| fname [ci++] = '\0'; # 580|-> matches = realloc (matches, ++num_files * sizeof (*matches)); # 581| # 582| for (di = num_files - 1; di > file_index + 1; di--) Error: CPPCHECK_WARNING (CWE-401): [#def95] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:903: error[memleakOnRealloc]: Common realloc mistake: 'tag_extractions' nulled but not freed upon failure # 901| static void add_tag_extraction_to_list (char *spec) # 902| { # 903|-> tag_extractions = realloc (tag_extractions, (num_tag_extractions + 1) * sizeof (*tag_extractions)); # 904| tag_extractions [num_tag_extractions] = malloc (strlen (spec) + 10); # 905| strcpy (tag_extractions [num_tag_extractions], spec); Error: GCC_ANALYZER_WARNING (CWE-688): [#def96] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c: scope_hint: In function ‘add_tag_extraction_to_list’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:905:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc(strlen(spec) + 10)’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null # 903| tag_extractions = realloc (tag_extractions, (num_tag_extractions + 1) * sizeof (*tag_extractions)); # 904| tag_extractions [num_tag_extractions] = malloc (strlen (spec) + 10); # 905|-> strcpy (tag_extractions [num_tag_extractions], spec); # 906| num_tag_extractions++; # 907| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def97] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c: scope_hint: In function ‘do_tag_extractions’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:916:29: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘extraction_spec’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strchr’ must be non-null # 914| for (i = 0; result == WAVPACK_NO_ERROR && i < num_tag_extractions; ++i) { # 915| char *extraction_spec = strdup (tag_extractions [i]); # 916|-> char *output_spec = strchr (extraction_spec, '='); # 917| char tag_filename [256]; # 918| Error: GCC_ANALYZER_WARNING (CWE-688): [#def98] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:919:61: warning[-Wanalyzer-null-argument]: use of NULL ‘output_spec’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strlen’ must be non-null # 917| char tag_filename [256]; # 918| # 919|-> if (output_spec && output_spec > extraction_spec && strlen (output_spec) > 1) # 920| *output_spec++ = 0; # 921| Error: GCC_ANALYZER_WARNING (CWE-457): [#def99] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:923:65: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘tag_filename[0]’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:30: included_from: Included from here. /usr/include/string.h:407:15: note: argument 1 of ‘strlen’ must be a pointer to a null-terminated string # 921| # 922| if (dump_tag_item_to_file (wpc, extraction_spec, NULL, tag_filename)) { # 923|-> int max_length = (int) strlen (outfilename) + (int) strlen (tag_filename) + 10; # 924| char *full_filename; # 925| Error: GCC_ANALYZER_WARNING (CWE-688): [#def100] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:930:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘full_filename’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null # 928| # 929| full_filename = malloc (max_length * 2 + 1); # 930|-> strcpy (full_filename, outfilename); # 931| # 932| if (output_spec) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def101] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c: scope_hint: In function ‘dump_UTF8_string’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:1312:22: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘p’ # 1310| while (*string) { # 1311| if (*string != '\r') # 1312|-> *p++ = *string; # 1313| # 1314| if (*string++ == '\n') Error: GCC_ANALYZER_WARNING (CWE-476): [#def102] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:1318:12: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘p’ # 1316| } # 1317| # 1318|-> *p = 0; # 1319| # 1320| #ifdef _WIN32 Error: GCC_ANALYZER_WARNING (CWE-688): [#def103] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c: scope_hint: In function ‘UTF8ToAnsi’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:1370:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘temp’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 1368| iconv_t converter; # 1369| # 1370|-> memset(temp, 0, len); # 1371| old_locale = setlocale (LC_CTYPE, ""); # 1372| converter = iconv_open ("", "UTF-8"); Error: GCC_ANALYZER_WARNING (CWE-401): [#def104] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:1374:8: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open("", "UTF-8")’ # 1372| converter = iconv_open ("", "UTF-8"); # 1373| # 1374|-> if (converter != (iconv_t) -1) { # 1375| err = iconv (converter, &inp, &insize, &outp, &outsize); # 1376| iconv_close (converter); Error: GCC_ANALYZER_WARNING (CWE-401): [#def105] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:1523:13: warning[-Wanalyzer-malloc-leak]: leak of ‘converter’ # 1521| memmove (inp, inp + 3, len - 3); # 1522| inp [len - 3] = 0; # 1523|-> return; # 1524| } # 1525| Error: GCC_ANALYZER_WARNING (CWE-401): [#def106] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c: scope_hint: In function ‘TextToUTF8’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:1523:13: warning[-Wanalyzer-malloc-leak]: leak of ‘temp’ # 1521| memmove (inp, inp + 3, len - 3); # 1522| inp [len - 3] = 0; # 1523|-> return; # 1524| } # 1525| Error: GCC_ANALYZER_WARNING (CWE-688): [#def107] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:1526:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘temp’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 1524| } # 1525| # 1526|-> memset(temp, 0, len); # 1527| old_locale = setlocale (LC_CTYPE, ""); # 1528| Error: GCC_ANALYZER_WARNING (CWE-688): [#def108] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c: scope_hint: In function ‘wild_fopen’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvtag.c:1638:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘matchname’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null # 1636| else { # 1637| matchname = malloc (strlen (globbuf.gl_pathv [i]) + 10); # 1638|-> strcpy (matchname, globbuf.gl_pathv [i]); # 1639| } # 1640| } Error: CPPCHECK_WARNING (CWE-401): [#def109] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:312: error[memleakOnRealloc]: Common realloc mistake: 'argv_fn' nulled but not freed upon failure # 310| char *option = malloc (option_len + 1); # 311| # 312|-> argv_fn = realloc (argv_fn, sizeof (char *) * ++argc_fn); # 313| memcpy (option, open_brace + 1, option_len); # 314| argv_fn [argc_fn - 1] = option; Error: CPPCHECK_WARNING (CWE-401): [#def110] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:613: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure # 611| } # 612| else { # 613|-> matches = realloc (matches, (num_files + 1) * sizeof (*matches)); # 614| matches [num_files] = malloc (strlen (argcp) + 10); # 615| strcpy (matches [num_files], argcp); Error: CPPCHECK_WARNING (CWE-401): [#def111] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:744: error[memleakOnRealloc]: Common realloc mistake: 'listbuff' nulled but not freed upon failure # 742| int bytes_read; # 743| # 744|-> listbuff = realloc (listbuff, listbytes + 1024); # 745| memset (listbuff + listbytes, 0, 1024); # 746| listbytes += bytes_read = (int) fread (listbuff + listbytes, 1, 1024, list); Error: CPPCHECK_WARNING (CWE-401): [#def112] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:772: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure # 770| # 771| fname [ci++] = '\0'; # 772|-> matches = realloc (matches, ++num_files * sizeof (*matches)); # 773| # 774| for (di = num_files - 1; di > file_index + 1; di--) Error: GCC_ANALYZER_WARNING (CWE-476): [#def113] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c: scope_hint: In function ‘unpack_audio’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:2133:39: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_channel_order’ # 2131| # 2132| for (i = 0; i < num_channels; ++i) # 2133|-> new_channel_order [i] = i; # 2134| # 2135| WavpackGetChannelLayout (wpc, new_channel_order); Error: GCC_ANALYZER_WARNING (CWE-476): [#def114] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c: scope_hint: In function ‘unpack_dsd_audio’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:2283:39: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_channel_order’ # 2281| # 2282| for (i = 0; i < num_channels; ++i) # 2283|-> new_channel_order [i] = i; # 2284| # 2285| WavpackGetChannelLayout (wpc, new_channel_order); Error: CPPCHECK_WARNING (CWE-401): [#def115] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:2400: error[memleakOnRealloc]: Common realloc mistake: 'tag_extractions' nulled but not freed upon failure # 2398| static void add_tag_extraction_to_list (char *spec) # 2399| { # 2400|-> tag_extractions = realloc (tag_extractions, (num_tag_extractions + 1) * sizeof (*tag_extractions)); # 2401| tag_extractions [num_tag_extractions] = malloc (strlen (spec) + 10); # 2402| strcpy (tag_extractions [num_tag_extractions], spec); Error: GCC_ANALYZER_WARNING (CWE-688): [#def116] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c: scope_hint: In function ‘add_tag_extraction_to_list’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:2402:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc(strlen(spec) + 10)’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null # 2400| tag_extractions = realloc (tag_extractions, (num_tag_extractions + 1) * sizeof (*tag_extractions)); # 2401| tag_extractions [num_tag_extractions] = malloc (strlen (spec) + 10); # 2402|-> strcpy (tag_extractions [num_tag_extractions], spec); # 2403| num_tag_extractions++; # 2404| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def117] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c: scope_hint: In function ‘do_tag_extractions’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:2413:29: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘extraction_spec’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strchr’ must be non-null # 2411| for (i = 0; result == WAVPACK_NO_ERROR && i < num_tag_extractions; ++i) { # 2412| char *extraction_spec = strdup (tag_extractions [i]); # 2413|-> char *output_spec = strchr (extraction_spec, '='); # 2414| char tag_filename [256]; # 2415| Error: GCC_ANALYZER_WARNING (CWE-688): [#def118] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:2416:61: warning[-Wanalyzer-null-argument]: use of NULL ‘output_spec’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strlen’ must be non-null # 2414| char tag_filename [256]; # 2415| # 2416|-> if (output_spec && output_spec > extraction_spec && strlen (output_spec) > 1) # 2417| *output_spec++ = 0; # 2418| Error: GCC_ANALYZER_WARNING (CWE-457): [#def119] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:2420:65: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘tag_filename[0]’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:41: included_from: Included from here. /usr/include/string.h:407:15: note: argument 1 of ‘strlen’ must be a pointer to a null-terminated string # 2418| # 2419| if (dump_tag_item_to_file (wpc, extraction_spec, NULL, tag_filename)) { # 2420|-> int max_length = (int) strlen (outfilename) + (int) strlen (tag_filename) + 10; # 2421| char *full_filename; # 2422| Error: GCC_ANALYZER_WARNING (CWE-688): [#def120] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:2427:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘full_filename’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null # 2425| # 2426| full_filename = malloc (max_length * 2 + 1); # 2427|-> strcpy (full_filename, outfilename); # 2428| # 2429| if (output_spec) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def121] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c: scope_hint: In function ‘unreorder_channels’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:2738:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘temp’ # 2736| # 2737| for (chan = 0; chan < num_chans; ++chan) # 2738|-> temp [chan] = data [order[chan]]; # 2739| # 2740| memcpy (data, temp, num_chans * sizeof (*data)); Error: GCC_ANALYZER_WARNING (CWE-457): [#def122] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:2740:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘temp’ # 2738| temp [chan] = data [order[chan]]; # 2739| # 2740|-> memcpy (data, temp, num_chans * sizeof (*data)); # 2741| data += num_chans; # 2742| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def123] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c: scope_hint: In function ‘dump_UTF8_string’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:3237:22: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘p’ # 3235| while (*string) { # 3236| if (*string != '\r') # 3237|-> *p++ = *string; # 3238| # 3239| if (*string++ == '\n') Error: GCC_ANALYZER_WARNING (CWE-476): [#def124] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:3243:12: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘p’ # 3241| } # 3242| # 3243|-> *p = 0; # 3244| # 3245| #ifdef _WIN32 Error: GCC_ANALYZER_WARNING (CWE-688): [#def125] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c: scope_hint: In function ‘UTF8ToAnsi’ wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:3404:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘temp’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 3402| iconv_t converter; # 3403| # 3404|-> memset(temp, 0, len); # 3405| old_locale = setlocale (LC_CTYPE, ""); # 3406| converter = iconv_open ("", "UTF-8"); Error: GCC_ANALYZER_WARNING (CWE-401): [#def126] wavpack-5.7.0-build/wavpack-5.7.0/cli/wvunpack.c:3408:8: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open("", "UTF-8")’ # 3406| converter = iconv_open ("", "UTF-8"); # 3407| # 3408|-> if (converter != (iconv_t) -1) { # 3409| err = iconv (converter, &inp, &insize, &outp, &outsize); # 3410| iconv_close (converter); Error: GCC_ANALYZER_WARNING (CWE-476): [#def127] wavpack-5.7.0-build/wavpack-5.7.0/src/wavpack_local.h:14: included_from: Included from here. wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c: scope_hint: In function ‘write_metadata_block’ wavpack-5.7.0-build/wavpack-5.7.0/include/wavpack.h:100:29: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘block_buff’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1512:9: note: in expansion of macro ‘SET_TOTAL_SAMPLES’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1512:9: note: in expansion of macro ‘SET_TOTAL_SAMPLES’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1512:9: note: in expansion of macro ‘SET_TOTAL_SAMPLES’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1512:9: note: in expansion of macro ‘SET_TOTAL_SAMPLES’ # 98| int64_t tmp = (value); \ # 99| if (tmp < 0) \ # 100|-> (hdr).total_samples = (uint32_t) -1; \ # 101| else { \ # 102| tmp += (tmp / 0xffffffffLL); \ Error: GCC_ANALYZER_WARNING (CWE-476): [#def128] wavpack-5.7.0-build/wavpack-5.7.0/include/wavpack.h:103:29: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘block_buff’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1512:9: note: in expansion of macro ‘SET_TOTAL_SAMPLES’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1512:9: note: in expansion of macro ‘SET_TOTAL_SAMPLES’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1512:9: note: in expansion of macro ‘SET_TOTAL_SAMPLES’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1512:9: note: in expansion of macro ‘SET_TOTAL_SAMPLES’ # 101| else { \ # 102| tmp += (tmp / 0xffffffffLL); \ # 103|-> (hdr).total_samples = (uint32_t) tmp; \ # 104| (hdr).total_samples_u8 = \ # 105| (unsigned char) (tmp >> 32); \ Error: CPPCHECK_WARNING (CWE-758): [#def129] wavpack-5.7.0-build/wavpack-5.7.0/src/extra1.c:97: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 95| # 96| left -= apply_weight (dpp->weight_A, sam_A); # 97|-> update_weight (dpp->weight_A, dpp->delta, sam_A, left); # 98| dpp->sum_A += dpp->weight_A; # 99| out_samples [0] = left; Error: GCC_ANALYZER_WARNING (CWE-476): [#def130] wavpack-5.7.0-build/wavpack-5.7.0/src/extra1.c: scope_hint: In function ‘decorr_mono_pass’ wavpack-5.7.0-build/wavpack-5.7.0/src/extra1.c:99:29: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out_samples’ # 97| update_weight (dpp->weight_A, dpp->delta, sam_A, left); # 98| dpp->sum_A += dpp->weight_A; # 99|-> out_samples [0] = left; # 100| in_samples += dir; # 101| out_samples += dir; Error: CPPCHECK_WARNING (CWE-758): [#def131] wavpack-5.7.0-build/wavpack-5.7.0/src/extra1.c:114: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 112| # 113| left -= apply_weight (dpp->weight_A, sam_A); # 114|-> update_weight (dpp->weight_A, dpp->delta, sam_A, left); # 115| dpp->sum_A += dpp->weight_A; # 116| out_samples [0] = left; Error: GCC_ANALYZER_WARNING (CWE-688): [#def132] wavpack-5.7.0-build/wavpack-5.7.0/src/extra1.c: scope_hint: In function ‘analyze_mono’ wavpack-5.7.0-build/wavpack-5.7.0/src/extra1.c:433:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘info.sampleptrs[*wps.mask_decorr]’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 431| # 432| memcpy (info.dps, wps->decorr_passes, sizeof (info.dps)); # 433|-> memcpy (info.sampleptrs [0], samples, wps->wphdr.block_samples * 4); # 434| # 435| for (i = 0; i < info.nterms && info.dps [i].term; ++i) Error: GCC_ANALYZER_WARNING (CWE-457): [#def133] wavpack-5.7.0-build/wavpack-5.7.0/src/extra1.c:433:29: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘info.sampleptrs[0]’ # 431| # 432| memcpy (info.dps, wps->decorr_passes, sizeof (info.dps)); # 433|-> memcpy (info.sampleptrs [0], samples, wps->wphdr.block_samples * 4); # 434| # 435| for (i = 0; i < info.nterms && info.dps [i].term; ++i) Error: GCC_ANALYZER_WARNING (CWE-688): [#def134] wavpack-5.7.0-build/wavpack-5.7.0/src/extra1.c: scope_hint: In function ‘execute_mono’ wavpack-5.7.0-build/wavpack-5.7.0/src/extra1.c:605:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc((long unsigned int)buf_size)’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 603| # 604| while (1) { # 605|-> memcpy (temp_buffer [0], noisy_buffer ? noisy_buffer : samples, buf_size); # 606| CLEARA (save_decorr_passes); # 607| Error: GCC_ANALYZER_WARNING (CWE-688): [#def135] wavpack-5.7.0-build/wavpack-5.7.0/src/extra1.c:640:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘best_buffer’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 638| # 639| if (size < best_size) { # 640|-> memcpy (best_buffer, temp_buffer [j&1], buf_size); # 641| memcpy (wps->decorr_passes, save_decorr_passes, sizeof (struct decorr_pass) * MAX_NTERMS); # 642| wps->num_terms = nterms; Error: CPPCHECK_WARNING (CWE-758): [#def136] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:104: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 102| dpp->samples_A [0] = dpp->samples_A [1]; # 103| out_samples [0] = tmp = (dpp->samples_A [1] = in_samples [0]) - apply_weight (dpp->weight_A, sam); # 104|-> update_weight (dpp->weight_A, dpp->delta, sam, tmp); # 105| dpp->sum_A += dpp->weight_A; # 106| Error: CPPCHECK_WARNING (CWE-758): [#def137] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:110: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 108| dpp->samples_B [0] = dpp->samples_B [1]; # 109| out_samples [1] = tmp = (dpp->samples_B [1] = in_samples [1]) - apply_weight (dpp->weight_B, sam); # 110|-> update_weight (dpp->weight_B, dpp->delta, sam, tmp); # 111| dpp->sum_B += dpp->weight_B; # 112| Error: CPPCHECK_WARNING (CWE-758): [#def138] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:126: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 124| dpp->samples_A [1] = dpp->samples_A [0]; # 125| out_samples [0] = tmp = (dpp->samples_A [0] = in_samples [0]) - apply_weight (dpp->weight_A, sam); # 126|-> update_weight (dpp->weight_A, dpp->delta, sam, tmp); # 127| dpp->sum_A += dpp->weight_A; # 128| Error: CPPCHECK_WARNING (CWE-758): [#def139] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:132: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 130| dpp->samples_B [1] = dpp->samples_B [0]; # 131| out_samples [1] = tmp = (dpp->samples_B [0] = in_samples [1]) - apply_weight (dpp->weight_B, sam); # 132|-> update_weight (dpp->weight_B, dpp->delta, sam, tmp); # 133| dpp->sum_B += dpp->weight_B; # 134| Error: CPPCHECK_WARNING (CWE-758): [#def140] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:148: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 146| dpp->samples_A [1] = dpp->samples_A [0]; # 147| out_samples [0] = tmp = (dpp->samples_A [0] = in_samples [0]) - apply_weight (dpp->weight_A, sam); # 148|-> update_weight (dpp->weight_A, dpp->delta, sam, tmp); # 149| dpp->sum_A += dpp->weight_A; # 150| Error: CPPCHECK_WARNING (CWE-758): [#def141] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:154: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 152| dpp->samples_B [1] = dpp->samples_B [0]; # 153| out_samples [1] = tmp = (dpp->samples_B [0] = in_samples [1]) - apply_weight (dpp->weight_B, sam); # 154|-> update_weight (dpp->weight_B, dpp->delta, sam, tmp); # 155| dpp->sum_B += dpp->weight_B; # 156| Error: CPPCHECK_WARNING (CWE-758): [#def142] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:171: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 169| sam = dpp->samples_A [m]; # 170| out_samples [0] = tmp = (dpp->samples_A [k] = in_samples [0]) - apply_weight (dpp->weight_A, sam); # 171|-> update_weight (dpp->weight_A, dpp->delta, sam, tmp); # 172| dpp->sum_A += dpp->weight_A; # 173| Error: CPPCHECK_WARNING (CWE-758): [#def143] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:176: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 174| sam = dpp->samples_B [m]; # 175| out_samples [1] = tmp = (dpp->samples_B [k] = in_samples [1]) - apply_weight (dpp->weight_B, sam); # 176|-> update_weight (dpp->weight_B, dpp->delta, sam, tmp); # 177| dpp->sum_B += dpp->weight_B; # 178| Error: CPPCHECK_WARNING (CWE-758): [#def144] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:208: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 206| sam_A = dpp->samples_A [0]; # 207| out_samples [0] = tmp = (sam_B = in_samples [0]) - apply_weight (dpp->weight_A, sam_A); # 208|-> update_weight_clip (dpp->weight_A, dpp->delta, sam_A, tmp); # 209| dpp->sum_A += dpp->weight_A; # 210| Error: CPPCHECK_WARNING (CWE-758): [#def145] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:212: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 210| # 211| out_samples [1] = tmp = (dpp->samples_A [0] = in_samples [1]) - apply_weight (dpp->weight_B, sam_B); # 212|-> update_weight_clip (dpp->weight_B, dpp->delta, sam_B, tmp); # 213| dpp->sum_B += dpp->weight_B; # 214| Error: CPPCHECK_WARNING (CWE-758): [#def146] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:227: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 225| sam_B = dpp->samples_B [0]; # 226| out_samples [1] = tmp = (sam_A = in_samples [1]) - apply_weight (dpp->weight_B, sam_B); # 227|-> update_weight_clip (dpp->weight_B, dpp->delta, sam_B, tmp); # 228| dpp->sum_B += dpp->weight_B; # 229| Error: CPPCHECK_WARNING (CWE-758): [#def147] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:231: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 229| # 230| out_samples [0] = tmp = (dpp->samples_B [0] = in_samples [0]) - apply_weight (dpp->weight_A, sam_A); # 231|-> update_weight_clip (dpp->weight_A, dpp->delta, sam_A, tmp); # 232| dpp->sum_A += dpp->weight_A; # 233| Error: CPPCHECK_WARNING (CWE-758): [#def148] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:249: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 247| dpp->samples_A [0] = tmp = in_samples [1]; # 248| out_samples [1] = tmp -= apply_weight (dpp->weight_B, sam_B); # 249|-> update_weight_clip (dpp->weight_B, dpp->delta, sam_B, tmp); # 250| dpp->sum_B += dpp->weight_B; # 251| Error: CPPCHECK_WARNING (CWE-758): [#def149] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:254: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 252| dpp->samples_B [0] = tmp = in_samples [0]; # 253| out_samples [0] = tmp -= apply_weight (dpp->weight_A, sam_A); # 254|-> update_weight_clip (dpp->weight_A, dpp->delta, sam_A, tmp); # 255| dpp->sum_A += dpp->weight_A; # 256| Error: GCC_ANALYZER_WARNING (CWE-688): [#def150] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c: scope_hint: In function ‘analyze_stereo’ wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:597:5: warning[-Wanalyzer-null-argument]: use of NULL ‘samples’ where non-null expected <built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null # 595| # 596| memcpy (info.dps, wps->decorr_passes, sizeof (info.dps)); # 597|-> memcpy (info.sampleptrs [0], samples, wps->wphdr.block_samples * 8); # 598| # 599| for (i = 0; i < info.nterms && info.dps [i].term; ++i) Error: GCC_ANALYZER_WARNING (CWE-688): [#def151] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:597:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘info.sampleptrs[*wps.best_decorr]’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 595| # 596| memcpy (info.dps, wps->decorr_passes, sizeof (info.dps)); # 597|-> memcpy (info.sampleptrs [0], samples, wps->wphdr.block_samples * 8); # 598| # 599| for (i = 0; i < info.nterms && info.dps [i].term; ++i) Error: GCC_ANALYZER_WARNING (CWE-457): [#def152] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:597:29: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘info.sampleptrs[0]’ # 595| # 596| memcpy (info.dps, wps->decorr_passes, sizeof (info.dps)); # 597|-> memcpy (info.sampleptrs [0], samples, wps->wphdr.block_samples * 8); # 598| # 599| for (i = 0; i < info.nterms && info.dps [i].term; ++i) Error: GCC_ANALYZER_WARNING (CWE-688): [#def153] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c: scope_hint: In function ‘execute_stereo’ wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:801:21: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘js_buffer’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 799| # 800| lptr = js_buffer = malloc (buf_size); # 801|-> memcpy (js_buffer, noisy_buffer ? noisy_buffer : samples, buf_size); # 802| # 803| while (cnt--) { Error: GCC_ANALYZER_WARNING (CWE-688): [#def154] wavpack-5.7.0-build/wavpack-5.7.0/src/extra2.c:812:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc((long unsigned int)buf_size)’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 810| } # 811| else # 812|-> memcpy (temp_buffer [0], noisy_buffer ? noisy_buffer : samples, buf_size); # 813| # 814| CLEARA (save_decorr_passes); Error: GCC_ANALYZER_WARNING (CWE-688): [#def155] wavpack-5.7.0-build/wavpack-5.7.0/src/open_filename.c: scope_hint: In function ‘WavpackOpenFileInput’ wavpack-5.7.0-build/wavpack-5.7.0/src/open_filename.c:302:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘in2filename’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null # 300| char *in2filename = malloc (strlen (infilename) + 10); # 301| # 302|-> strcpy (in2filename, infilename); # 303| strcat (in2filename, "c"); # 304| wvc_id = fopen_func (in2filename, "rb"); Error: GCC_ANALYZER_WARNING (CWE-476): [#def156] wavpack-5.7.0-build/wavpack-5.7.0/src/open_legacy.c: scope_hint: In function ‘WavpackOpenFileInputEx’ wavpack-5.7.0-build/wavpack-5.7.0/src/open_legacy.c:103:26: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘trans_wv’ # 101| if (wv_id) { # 102| trans_wv = (WavpackReaderTranslator *)malloc (sizeof (WavpackReaderTranslator)); # 103|-> trans_wv->reader = reader; # 104| trans_wv->id = wv_id; # 105| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def157] wavpack-5.7.0-build/wavpack-5.7.0/src/open_legacy.c:109:27: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘trans_wvc’ # 107| if (wvc_id) { # 108| trans_wvc = (WavpackReaderTranslator *)malloc (sizeof (WavpackReaderTranslator)); # 109|-> trans_wvc->reader = reader; # 110| trans_wvc->id = wvc_id; # 111| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def158] wavpack-5.7.0-build/wavpack-5.7.0/src/open_raw.c: scope_hint: In function ‘WavpackOpenRawDecoder’ wavpack-5.7.0-build/wavpack-5.7.0/src/open_raw.c:151:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘raw_wv’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 149| # 150| raw_wv = malloc (sizeof (WavpackRawContext)); # 151|-> memset (raw_wv, 0, sizeof (WavpackRawContext)); # 152| # 153| if (corr_data && corr_size) { Error: GCC_ANALYZER_WARNING (CWE-688): [#def159] wavpack-5.7.0-build/wavpack-5.7.0/src/open_raw.c:155:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘raw_wvc’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 153| if (corr_data && corr_size) { # 154| raw_wvc = malloc (sizeof (WavpackRawContext)); # 155|-> memset (raw_wvc, 0, sizeof (WavpackRawContext)); # 156| } # 157| Error: GCC_ANALYZER_WARNING (CWE-476): [#def160] wavpack-5.7.0-build/wavpack-5.7.0/src/open_raw.c:205:31: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wphdr’ # 203| memset (wphdr, 0, sizeof (WavpackHeader)); # 204| memcpy (wphdr->ckID, "wvpk", 4); # 205|-> wphdr->ckSize = sizeof (WavpackHeader) - 8 + block_size; # 206| SET_TOTAL_SAMPLES (*wphdr, block_samples); # 207| wphdr->block_samples = block_samples; Error: GCC_ANALYZER_WARNING (CWE-401): [#def161] wavpack-5.7.0-build/wavpack-5.7.0/src/open_raw.c:214:34: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ # 212| # 213| raw_wv->num_segments += 2; # 214|-> raw_wv->segments = realloc (raw_wv->segments, sizeof (RawSegment) * raw_wv->num_segments); # 215| raw_wv->segments [msi].dptr = raw_wv->segments [msi].sptr = (unsigned char *) wphdr; # 216| raw_wv->segments [msi].eptr = raw_wv->segments [msi].dptr + sizeof (WavpackHeader); Error: GCC_ANALYZER_WARNING (CWE-476): [#def162] wavpack-5.7.0-build/wavpack-5.7.0/src/open_raw.c:215:75: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ # 213| raw_wv->num_segments += 2; # 214| raw_wv->segments = realloc (raw_wv->segments, sizeof (RawSegment) * raw_wv->num_segments); # 215|-> raw_wv->segments [msi].dptr = raw_wv->segments [msi].sptr = (unsigned char *) wphdr; # 216| raw_wv->segments [msi].eptr = raw_wv->segments [msi].dptr + sizeof (WavpackHeader); # 217| raw_wv->segments [msi++].free_required = 1; Error: GCC_ANALYZER_WARNING (CWE-476): [#def163] wavpack-5.7.0-build/wavpack-5.7.0/src/open_raw.c:252:35: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wphdr’ # 250| memset (wphdr, 0, sizeof (WavpackHeader)); # 251| memcpy (wphdr->ckID, "wvpk", 4); # 252|-> wphdr->ckSize = sizeof (WavpackHeader) - 8 + block_size; # 253| SET_TOTAL_SAMPLES (*wphdr, block_samples); # 254| wphdr->block_samples = block_samples; Error: GCC_ANALYZER_WARNING (CWE-416): [#def164] wavpack-5.7.0-build/wavpack-5.7.0/src/open_raw.c:260:28: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘raw_wvc’ # 258| WavpackLittleEndianToNative (wphdr, WavpackHeaderFormat); # 259| # 260|-> raw_wvc->num_segments += 2; # 261| raw_wvc->segments = realloc (raw_wvc->segments, sizeof (RawSegment) * raw_wvc->num_segments); # 262| raw_wvc->segments [csi].dptr = raw_wvc->segments [csi].sptr = (unsigned char *) wphdr; Error: GCC_ANALYZER_WARNING (CWE-476): [#def165] wavpack-5.7.0-build/wavpack-5.7.0/src/open_raw.c:262:81: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ # 260| raw_wvc->num_segments += 2; # 261| raw_wvc->segments = realloc (raw_wvc->segments, sizeof (RawSegment) * raw_wvc->num_segments); # 262|-> raw_wvc->segments [csi].dptr = raw_wvc->segments [csi].sptr = (unsigned char *) wphdr; # 263| raw_wvc->segments [csi].eptr = raw_wvc->segments [csi].dptr + sizeof (WavpackHeader); # 264| raw_wvc->segments [csi++].free_required = 1; Error: GCC_ANALYZER_WARNING (CWE-476): [#def166] wavpack-5.7.0-build/wavpack-5.7.0/src/open_raw.c:285:34: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘raw_wv’ # 283| raw_wv = malloc (sizeof (WavpackRawContext)); # 284| memset (raw_wv, 0, sizeof (WavpackRawContext)); # 285|-> raw_wv->num_segments = 1; # 286| raw_wv->segments = malloc (sizeof (RawSegment) * raw_wv->num_segments); # 287| raw_wv->segments [0].dptr = raw_wv->segments [0].sptr = main_data; Error: GCC_ANALYZER_WARNING (CWE-476): [#def167] wavpack-5.7.0-build/wavpack-5.7.0/src/open_raw.c:287:67: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘malloc(32)’ # 285| raw_wv->num_segments = 1; # 286| raw_wv->segments = malloc (sizeof (RawSegment) * raw_wv->num_segments); # 287|-> raw_wv->segments [0].dptr = raw_wv->segments [0].sptr = main_data; # 288| raw_wv->segments [0].eptr = raw_wv->segments [0].dptr + main_size; # 289| raw_wv->segments [0].free_required = 0; Error: GCC_ANALYZER_WARNING (CWE-476): [#def168] wavpack-5.7.0-build/wavpack-5.7.0/src/open_raw.c:295:35: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘raw_wvc’ # 293| raw_wvc = malloc (sizeof (WavpackRawContext)); # 294| memset (raw_wvc, 0, sizeof (WavpackRawContext)); # 295|-> raw_wvc->num_segments = 1; # 296| raw_wvc->segments = malloc (sizeof (RawSegment) * raw_wvc->num_segments); # 297| raw_wvc->segments [0].dptr = raw_wvc->segments [0].sptr = corr_data; Error: GCC_ANALYZER_WARNING (CWE-476): [#def169] wavpack-5.7.0-build/wavpack-5.7.0/src/open_raw.c:297:69: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘malloc(32)’ # 295| raw_wvc->num_segments = 1; # 296| raw_wvc->segments = malloc (sizeof (RawSegment) * raw_wvc->num_segments); # 297|-> raw_wvc->segments [0].dptr = raw_wvc->segments [0].sptr = corr_data; # 298| raw_wvc->segments [0].eptr = raw_wvc->segments [0].dptr + corr_size; # 299| raw_wvc->segments [0].free_required = 0; Error: GCC_ANALYZER_WARNING (CWE-688): [#def170] wavpack-5.7.0-build/wavpack-5.7.0/src/open_utils.c: scope_hint: In function ‘read_channel_identities’ wavpack-5.7.0-build/wavpack-5.7.0/src/open_utils.c:565:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*wpc.channel_identities’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 563| if (!wpc->channel_identities) { # 564| wpc->channel_identities = (unsigned char *)malloc (wpmd->byte_length + 1); # 565|-> memcpy (wpc->channel_identities, wpmd->data, wpmd->byte_length); # 566| wpc->channel_identities [wpmd->byte_length] = 0; # 567| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def171] wavpack-5.7.0-build/wavpack-5.7.0/src/open_utils.c: scope_hint: In function ‘read_sample_rate’ wavpack-5.7.0-build/wavpack-5.7.0/src/open_utils.c:681:45: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘byteptr’ # 679| # 680| if (bytecnt == 3 || bytecnt == 4) { # 681|-> wpc->config.sample_rate = (int32_t) *byteptr++; # 682| wpc->config.sample_rate |= (int32_t) *byteptr++ << 8; # 683| wpc->config.sample_rate |= (int32_t) *byteptr++ << 16; Error: GCC_ANALYZER_WARNING (CWE-476): [#def172] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c: scope_hint: In function ‘write_decorr_terms’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:110:20: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘byteptr’ # 108| # 109| for (dpp = wps->decorr_passes; tcount--; ++dpp) # 110|-> *byteptr++ = ((dpp->term + 5) & 0x1f) | ((dpp->delta << 5) & 0xe0); # 111| # 112| wpmd->byte_length = (int32_t)(byteptr - (char *) wpmd->data); Error: GCC_ANALYZER_WARNING (CWE-476): [#def173] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c: scope_hint: In function ‘write_int32_info’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:281:16: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wpmd.data’ # 279| byteptr = wpmd->data = malloc (4); # 280| wpmd->id = ID_INT32_INFO; # 281|-> *byteptr++ = wps->int32_sent_bits; # 282| *byteptr++ = wps->int32_zeros; # 283| *byteptr++ = wps->int32_ones; Error: GCC_ANALYZER_WARNING (CWE-476): [#def174] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c: scope_hint: In function ‘write_float_info’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:294:16: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wpmd.data’ # 292| byteptr = wpmd->data = malloc (4); # 293| wpmd->id = ID_FLOAT_INFO; # 294|-> *byteptr++ = wps->float_flags; # 295| *byteptr++ = wps->float_shift; # 296| *byteptr++ = wps->float_max_exp; Error: GCC_ANALYZER_WARNING (CWE-476): [#def175] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c: scope_hint: In function ‘write_channel_info’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:314:20: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wpmd.data’ # 312| # 313| if (wps->wpc->num_streams > OLD_MAX_STREAMS) { // if > 8 streams, use 6 or 7 bytes (breaks old decoders # 314|-> *byteptr++ = wps->wpc->config.num_channels - 1; // that could only handle 8 streams) and allow (in theory) # 315| *byteptr++ = wps->wpc->num_streams - 1; // up to 4096 channels # 316| *byteptr++ = (((wps->wpc->num_streams - 1) >> 4) & 0xf0) | (((wps->wpc->config.num_channels - 1) >> 8) & 0xf); Error: GCC_ANALYZER_WARNING (CWE-476): [#def176] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:325:20: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wpmd.data’ # 323| } # 324| else { // otherwise use only 1 to 5 bytes # 325|-> *byteptr++ = wps->wpc->config.num_channels; # 326| # 327| while (mask) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def177] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c: scope_hint: In function ‘write_config_info’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:361:16: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wpmd.data’ # 359| byteptr = wpmd->data = malloc (8); # 360| wpmd->id = ID_CONFIG_BLOCK; # 361|-> *byteptr++ = (char) (wps->wpc->config.flags >> 8); # 362| *byteptr++ = (char) (wps->wpc->config.flags >> 16); # 363| *byteptr++ = (char) (wps->wpc->config.flags >> 24); Error: GCC_ANALYZER_WARNING (CWE-476): [#def178] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c: scope_hint: In function ‘write_new_config_info’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:388:20: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wpmd.data’ # 386| # 387| if (wps->wpc->file_format || (wps->wpc->config.qmode & 0xff) || wps->wpc->channel_layout) { # 388|-> *byteptr++ = (char) wps->wpc->file_format; # 389| *byteptr++ = (char) wps->wpc->config.qmode; # 390| Error: GCC_ANALYZER_WARNING (CWE-476): [#def179] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c: scope_hint: In function ‘write_sample_rate’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:431:16: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wpmd.data’ # 429| byteptr = wpmd->data = malloc (4); # 430| wpmd->id = ID_SAMPLE_RATE; # 431|-> *byteptr++ = (char) (wps->wpc->config.sample_rate); # 432| *byteptr++ = (char) (wps->wpc->config.sample_rate >> 8); # 433| *byteptr++ = (char) (wps->wpc->config.sample_rate >> 16); Error: GCC_ANALYZER_WARNING (CWE-688): [#def180] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c: scope_hint: In function ‘pack_samples’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1109:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘saved_buffer’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 1107| if (repack_possible && !(flags & HYBRID_FLAG)) { # 1108| saved_buffer = malloc (sample_count * sizeof (int32_t) * (flags & MONO_DATA ? 1 : 2)); # 1109|-> memcpy (saved_buffer, buffer, sample_count * sizeof (int32_t) * (flags & MONO_DATA ? 1 : 2)); # 1110| } # 1111| Error: CPPCHECK_WARNING (CWE-758): [#def181] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1254: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1252| while (--dpp >= wps->decorr_passes) { # 1253| if (dpp->term > MAX_TERM) { # 1254|-> update_weight (dpp->weight_A, dpp->delta, dpp->samples_A [2], code); # 1255| dpp->samples_A [1] = dpp->samples_A [0]; # 1256| dpp->samples_A [0] = (code += dpp->aweight_A); Error: CPPCHECK_WARNING (CWE-758): [#def182] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1261: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1259| int32_t sam = dpp->samples_A [m]; # 1260| # 1261|-> update_weight (dpp->weight_A, dpp->delta, sam, code); # 1262| dpp->samples_A [(m + dpp->term) & (MAX_TERM - 1)] = (code += dpp->aweight_A); # 1263| } Error: CPPCHECK_WARNING (CWE-758): [#def183] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1364: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1362| while (--dpp >= wps->decorr_passes) # 1363| if (dpp->term > MAX_TERM) { # 1364|-> update_weight (dpp->weight_A, dpp->delta, dpp->samples_A [2], left); # 1365| update_weight (dpp->weight_B, dpp->delta, dpp->samples_B [2], right); # 1366| Error: CPPCHECK_WARNING (CWE-758): [#def184] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1365: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1363| if (dpp->term > MAX_TERM) { # 1364| update_weight (dpp->weight_A, dpp->delta, dpp->samples_A [2], left); # 1365|-> update_weight (dpp->weight_B, dpp->delta, dpp->samples_B [2], right); # 1366| # 1367| dpp->samples_A [1] = dpp->samples_A [0]; Error: CPPCHECK_WARNING (CWE-758): [#def185] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1376: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1374| int k = (m + dpp->term) & (MAX_TERM - 1); # 1375| # 1376|-> update_weight (dpp->weight_A, dpp->delta, dpp->samples_A [m], left); # 1377| dpp->samples_A [k] = (left += dpp->aweight_A); # 1378| Error: CPPCHECK_WARNING (CWE-758): [#def186] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1379: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1377| dpp->samples_A [k] = (left += dpp->aweight_A); # 1378| # 1379|-> update_weight (dpp->weight_B, dpp->delta, dpp->samples_B [m], right); # 1380| dpp->samples_B [k] = (right += dpp->aweight_B); # 1381| } Error: CPPCHECK_WARNING (CWE-758): [#def187] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1392: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1390| } # 1391| # 1392|-> update_weight_clip (dpp->weight_A, dpp->delta, dpp->samples_A [0], left); # 1393| update_weight_clip (dpp->weight_B, dpp->delta, dpp->samples_B [0], right); # 1394| dpp->samples_B [0] = (left += dpp->aweight_A); Error: CPPCHECK_WARNING (CWE-758): [#def188] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1393: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1391| # 1392| update_weight_clip (dpp->weight_A, dpp->delta, dpp->samples_A [0], left); # 1393|-> update_weight_clip (dpp->weight_B, dpp->delta, dpp->samples_B [0], right); # 1394| dpp->samples_B [0] = (left += dpp->aweight_A); # 1395| dpp->samples_A [0] = (right += dpp->aweight_B); Error: CPPCHECK_WARNING (CWE-758): [#def189] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1543: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1541| dpp->samples_A [1] = dpp->samples_A [0]; # 1542| bptr [0] = tmp = (dpp->samples_A [0] = bptr [0]) - apply_weight (dpp->weight_A, sam); # 1543|-> update_weight (dpp->weight_A, dpp->delta, sam, tmp); # 1544| # 1545| sam = 2 * dpp->samples_B [0] - dpp->samples_B [1]; Error: CPPCHECK_WARNING (CWE-758): [#def190] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1548: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1546| dpp->samples_B [1] = dpp->samples_B [0]; # 1547| bptr [1] = tmp = (dpp->samples_B [0] = bptr [1]) - apply_weight (dpp->weight_B, sam); # 1548|-> update_weight (dpp->weight_B, dpp->delta, sam, tmp); # 1549| } # 1550| Error: CPPCHECK_WARNING (CWE-758): [#def191] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1560: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1558| dpp->samples_A [1] = dpp->samples_A [0]; # 1559| bptr [0] = tmp = (dpp->samples_A [0] = bptr [0]) - apply_weight (dpp->weight_A, sam); # 1560|-> update_weight (dpp->weight_A, dpp->delta, sam, tmp); # 1561| # 1562| sam = dpp->samples_B [0] + ((dpp->samples_B [0] - dpp->samples_B [1]) >> 1); Error: CPPCHECK_WARNING (CWE-758): [#def192] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1565: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1563| dpp->samples_B [1] = dpp->samples_B [0]; # 1564| bptr [1] = tmp = (dpp->samples_B [0] = bptr [1]) - apply_weight (dpp->weight_B, sam); # 1565|-> update_weight (dpp->weight_B, dpp->delta, sam, tmp); # 1566| } # 1567| Error: CPPCHECK_WARNING (CWE-758): [#def193] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1576: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1574| sam = dpp->samples_A [m]; # 1575| bptr [0] = tmp = (dpp->samples_A [k] = bptr [0]) - apply_weight (dpp->weight_A, sam); # 1576|-> update_weight (dpp->weight_A, dpp->delta, sam, tmp); # 1577| # 1578| sam = dpp->samples_B [m]; Error: CPPCHECK_WARNING (CWE-758): [#def194] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1580: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1578| sam = dpp->samples_B [m]; # 1579| bptr [1] = tmp = (dpp->samples_B [k] = bptr [1]) - apply_weight (dpp->weight_B, sam); # 1580|-> update_weight (dpp->weight_B, dpp->delta, sam, tmp); # 1581| # 1582| m = (m + 1) & (MAX_TERM - 1); Error: CPPCHECK_WARNING (CWE-758): [#def195] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1594: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1592| sam_A = dpp->samples_A [0]; # 1593| bptr [0] = tmp = (sam_B = bptr [0]) - apply_weight (dpp->weight_A, sam_A); # 1594|-> update_weight_clip (dpp->weight_A, dpp->delta, sam_A, tmp); # 1595| # 1596| bptr [1] = tmp = (dpp->samples_A [0] = bptr [1]) - apply_weight (dpp->weight_B, sam_B); Error: CPPCHECK_WARNING (CWE-758): [#def196] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1597: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1595| # 1596| bptr [1] = tmp = (dpp->samples_A [0] = bptr [1]) - apply_weight (dpp->weight_B, sam_B); # 1597|-> update_weight_clip (dpp->weight_B, dpp->delta, sam_B, tmp); # 1598| } # 1599| Error: CPPCHECK_WARNING (CWE-758): [#def197] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1608: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1606| sam_B = dpp->samples_B [0]; # 1607| bptr [1] = tmp = (sam_A = bptr [1]) - apply_weight (dpp->weight_B, sam_B); # 1608|-> update_weight_clip (dpp->weight_B, dpp->delta, sam_B, tmp); # 1609| # 1610| bptr [0] = tmp = (dpp->samples_B [0] = bptr [0]) - apply_weight (dpp->weight_A, sam_A); Error: CPPCHECK_WARNING (CWE-758): [#def198] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1611: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1609| # 1610| bptr [0] = tmp = (dpp->samples_B [0] = bptr [0]) - apply_weight (dpp->weight_A, sam_A); # 1611|-> update_weight_clip (dpp->weight_A, dpp->delta, sam_A, tmp); # 1612| } # 1613| Error: CPPCHECK_WARNING (CWE-758): [#def199] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1625: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1623| dpp->samples_A [0] = tmp = bptr [1]; # 1624| bptr [1] = tmp -= apply_weight (dpp->weight_B, sam_B); # 1625|-> update_weight_clip (dpp->weight_B, dpp->delta, sam_B, tmp); # 1626| # 1627| dpp->samples_B [0] = tmp = bptr [0]; Error: CPPCHECK_WARNING (CWE-758): [#def200] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1629: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1627| dpp->samples_B [0] = tmp = bptr [0]; # 1628| bptr [0] = tmp -= apply_weight (dpp->weight_A, sam_A); # 1629|-> update_weight_clip (dpp->weight_A, dpp->delta, sam_A, tmp); # 1630| } # 1631| Error: CPPCHECK_WARNING (CWE-758): [#def201] wavpack-5.7.0-build/wavpack-5.7.0/src/pack.c:1695: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 1693| # 1694| code -= apply_weight (dpp->weight_A, sam); # 1695|-> update_weight (dpp->weight_A, dpp->delta, sam, code); # 1696| } # 1697| Error: CPPCHECK_WARNING (CWE-758): [#def202] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dns.c:38: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 36| sam = (3 * bptr [1] - bptr [2]) >> 1; # 37| temp = *bptr-- - apply_weight (ap->weight_A, sam); # 38|-> update_weight (ap->weight_A, 2, sam, temp); # 39| } # 40| else Error: CPPCHECK_WARNING (CWE-758): [#def203] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dns.c:44: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 42| sam = (3 * bptr [2] - bptr [4]) >> 1; # 43| temp = *bptr-- - apply_weight (ap->weight_B, sam); # 44|-> update_weight (ap->weight_B, 2, sam, temp); # 45| sam = (3 * bptr [2] - bptr [4]) >> 1; # 46| temp = *bptr-- - apply_weight (ap->weight_A, sam); Error: CPPCHECK_WARNING (CWE-758): [#def204] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dns.c:47: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 45| sam = (3 * bptr [2] - bptr [4]) >> 1; # 46| temp = *bptr-- - apply_weight (ap->weight_A, sam); # 47|-> update_weight (ap->weight_A, 2, sam, temp); # 48| } # 49| } Error: CPPCHECK_WARNING (CWE-758): [#def205] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dns.c:60: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 58| sam = (3 * ap->samples_A [0] - ap->samples_A [1]) >> 1; # 59| temp = *bptr - apply_weight (ap->weight_A, sam); # 60|-> update_weight (ap->weight_A, 2, sam, temp); # 61| ap->samples_A [1] = ap->samples_A [0]; # 62| ap->samples_A [0] = *bptr++; Error: CPPCHECK_WARNING (CWE-758): [#def206] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dns.c:69: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 67| sam = (3 * ap->samples_A [0] - ap->samples_A [1]) >> 1; # 68| temp = *bptr - apply_weight (ap->weight_A, sam); # 69|-> update_weight (ap->weight_A, 2, sam, temp); # 70| ap->samples_A [1] = ap->samples_A [0]; # 71| ap->samples_A [0] = *bptr++; Error: CPPCHECK_WARNING (CWE-758): [#def207] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dns.c:75: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 73| sam = (3 * ap->samples_B [0] - ap->samples_B [1]) >> 1; # 74| temp = *bptr - apply_weight (ap->weight_B, sam); # 75|-> update_weight (ap->weight_B, 2, sam, temp); # 76| ap->samples_B [1] = ap->samples_B [0]; # 77| ap->samples_B [0] = *bptr++; Error: GCC_ANALYZER_WARNING (CWE-688): [#def208] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dsd.c: scope_hint: In function ‘calculate_probabilities’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dsd.c:205:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘probs’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 203| # 204| if (max_hits == 0) { # 205|-> memset (probs, 0, sizeof (*probs) * 256); # 206| memset (prob_sums, 0, sizeof (*prob_sums) * 256); # 207| return; Error: GCC_ANALYZER_WARNING (CWE-688): [#def209] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dsd.c:206:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘prob_sums’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 204| if (max_hits == 0) { # 205| memset (probs, 0, sizeof (*probs) * 256); # 206|-> memset (prob_sums, 0, sizeof (*prob_sums) * 256); # 207| return; # 208| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def210] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dsd.c:237:27: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘prob_sums’ # 235| value = 0; # 236| # 237|-> prob_sums [i] = sum_values += value; # 238| probs [i] = value; # 239| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def211] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dsd.c:238:23: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘probs’ # 236| # 237| prob_sums [i] = sum_values += value; # 238|-> probs [i] = value; # 239| } # 240| Error: GCC_ANALYZER_WARNING (CWE-688): [#def212] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dsd.c: scope_hint: In function ‘encode_buffer_fast’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dsd.c:311:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘histogram’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 309| history_bins = 1 << history_bits; # 310| histogram = malloc (sizeof (*histogram) * history_bins); # 311|-> memset (histogram, 0, sizeof (*histogram) * history_bins); # 312| probabilities = malloc (sizeof (*probabilities) * history_bins); # 313| summed_probabilities = malloc (sizeof (*summed_probabilities) * history_bins); Error: GCC_ANALYZER_WARNING (CWE-457): [#def213] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dsd.c:333:65: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>[255]’ # 331| for (p0 = 0; p0 < history_bins; p0++) { # 332| calculate_probabilities (histogram [p0], probabilities [p0], summed_probabilities [p0]); # 333|-> total_summed_probabilities += summed_probabilities [p0] [255]; # 334| } # 335| Error: GCC_ANALYZER_WARNING (CWE-476): [#def214] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dsd.c: scope_hint: In function ‘init_ptable’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dsd.c:457:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘table’ # 455| # 456| for (i = 0; i < PTABLE_BINS/2; ++i) { # 457|-> table [i] = value; # 458| table [PTABLE_BINS-1-i] = 0x100ffff - value; # 459| Error: CPPCHECK_WARNING (CWE-758): [#def215] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dsd.c:586: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 584| # 585| sp [0].value += sp [0].filter6 * 8; # 586|-> sp [0].factor += (((sp [0].value ^ sp [0].filter0) >> 31) | 1) & ((sp [0].value ^ (sp [0].value - (sp [0].filter6 * 16))) >> 31); # 587| sp [0].filter1 += ((sp [0].filter0 & VALUE_ONE) - sp [0].filter1) >> 6; # 588| sp [0].filter2 += ((sp [0].filter0 & VALUE_ONE) - sp [0].filter2) >> 4; Error: CPPCHECK_WARNING (CWE-758): [#def216] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_dsd.c:620: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 618| # 619| sp [1].value += sp [1].filter6 * 8; # 620|-> sp [1].factor += (((sp [1].value ^ sp [1].filter0) >> 31) | 1) & ((sp [1].value ^ (sp [1].value - (sp [1].filter6 * 16))) >> 31); # 621| sp [1].filter1 += ((sp [1].filter0 & VALUE_ONE) - sp [1].filter1) >> 6; # 622| sp [1].filter2 += ((sp [1].filter0 & VALUE_ONE) - sp [1].filter2) >> 4; Error: CPPCHECK_WARNING (CWE-758): [#def217] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_floats.c:48: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 46| // max magnitude that does not have an exponent of 255 (reserved for +/-inf and NaN). # 47| for (dp = values, count = num_values; count--; dp++) { # 48|-> crc = crc * 27 + get_mantissa (*dp) * 9 + get_exponent (*dp) * 3 + get_sign (*dp); # 49| # 50| if (get_exponent (*dp) < 255 && get_magnitude (*dp) > max_mag) Error: CPPCHECK_WARNING (CWE-758): [#def218] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_floats.c:105: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 103| if (get_exponent (*dp) || get_mantissa (*dp)) # 104| ++false_zeros; # 105|-> else if (get_sign (*dp)) # 106| ++neg_zeros; # 107| #ifdef DISPLAY_DIAGNOSTICS Error: CPPCHECK_WARNING (CWE-758): [#def219] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_floats.c:130: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 128| # 129| ordata |= value; # 130|-> * (int32_t *) dp = (get_sign (*dp)) ? -value : value; # 131| } # 132| Error: CPPCHECK_WARNING (CWE-758): [#def220] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_floats.c:250: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 248| } # 249| # 250|-> putbit (get_sign (*dp), &wps->wvxbits); # 251| } # 252| else { Error: CPPCHECK_WARNING (CWE-758): [#def221] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_floats.c:256: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 254| # 255| if (wps->float_flags & FLOAT_NEG_ZEROS) # 256|-> putbit (get_sign (*dp), &wps->wvxbits); # 257| } # 258| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def222] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c: scope_hint: In function ‘pack_streams’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1167:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘wps_copy’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 1165| WavpackStream *wps_copy = malloc (sizeof (WavpackStream)); # 1166| # 1167|-> memcpy (wps_copy, wps, sizeof (WavpackStream)); # 1168| # 1169| // If there is a discontinuity (i.e., the previous block is not done, so we can't get any Error: GCC_ANALYZER_WARNING (CWE-688): [#def223] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1178:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc((long unsigned int)(block_samples * <unknown>))’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 1176| # 1177| wps_copy->sample_buffer = malloc (block_samples * (wps->wphdr.flags & MONO_FLAG ? 4 : 8)); # 1178|-> memcpy (wps_copy->sample_buffer, wps->sample_buffer, block_samples * (wps->wphdr.flags & MONO_FLAG ? 4 : 8)); # 1179| # 1180| if (wps->discontinuous && wps->pre_sample_buffer && wps->num_pre_samples) { Error: GCC_ANALYZER_WARNING (CWE-688): [#def224] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1182:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc((long unsigned int)(*wps.num_pre_samples * <unknown>))’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 1180| if (wps->discontinuous && wps->pre_sample_buffer && wps->num_pre_samples) { # 1181| wps_copy->pre_sample_buffer = malloc (wps->num_pre_samples * (wps->wphdr.flags & MONO_FLAG ? 4 : 8)); # 1182|-> memcpy (wps_copy->pre_sample_buffer, wps->pre_sample_buffer, wps->num_pre_samples * (wps->wphdr.flags & MONO_FLAG ? 4 : 8)); # 1183| } # 1184| else { Error: GCC_ANALYZER_WARNING (CWE-688): [#def225] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1191:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc(1024)’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 1189| if (wps->dsd.ptable) { # 1190| wps_copy->dsd.ptable = malloc (256 * sizeof (*wps->dsd.ptable)); # 1191|-> memcpy (wps_copy->dsd.ptable, wps->dsd.ptable, 256 * sizeof (*wps->dsd.ptable)); # 1192| } # 1193| Error: GCC_ANALYZER_WARNING (CWE-688): [#def226] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1244:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*wps.pre_sample_buffer’ where non-null expected wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:22: included_from: Included from here. wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1822:5: note: in expansion of macro ‘wp_mutex_release’ <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 1242| # 1243| if (wps->wpc->block_samples > wps->wpc->max_pre_samples) { # 1244|-> memcpy (wps->pre_sample_buffer, # 1245| wps->sample_buffer + (wps->wpc->block_samples - wps->wpc->max_pre_samples) * (wps->wphdr.flags & MONO_FLAG ? 1 : 2), # 1246| wps->wpc->max_pre_samples * (wps->wphdr.flags & MONO_FLAG ? 4 : 8)); Error: GCC_ANALYZER_WARNING (CWE-688): [#def227] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1251:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*wps.pre_sample_buffer’ where non-null expected wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1822:5: note: in expansion of macro ‘wp_mutex_release’ <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 1249| } # 1250| else { # 1251|-> memcpy (wps->pre_sample_buffer, wps->sample_buffer, wps->wpc->block_samples * (wps->wphdr.flags & MONO_FLAG ? 4 : 8)); # 1252| wps->num_pre_samples = wps->wpc->block_samples; # 1253| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def228] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c: scope_hint: In function ‘WavpackUpdateNumSamples’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1299:13: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 1297| # 1298| if (wrapper_size == create_riff_header (wpc, WavpackGetSampleIndex64 (wpc), riff_header)) # 1299|-> memcpy (WavpackGetWrapperLocation (first_block, NULL), riff_header, wrapper_size); # 1300| } # 1301| Error: GCC_ANALYZER_WARNING (CWE-476): [#def229] wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c: scope_hint: In function ‘worker_threads_create’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1841:36: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*wpc.workers’ wavpack-5.7.0-build/wavpack-5.7.0/src/pack_utils.c:1835:9: note: in expansion of macro ‘wp_mutex_init’ # 1839| # 1840| for (i = 0; i < wpc->num_workers; ++i) { # 1841|-> wpc->workers [i].mutex = &wpc->mutex; # 1842| wpc->workers [i].global_cond = &wpc->global_cond; # 1843| wpc->workers [i].workers_ready = &wpc->workers_ready; Error: CPPCHECK_WARNING (CWE-758): [#def230] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:250: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 248| # 249| temp = apply_weight (dpp->weight_A, sam) + read_word; # 250|-> update_weight (dpp->weight_A, dpp->delta, sam, read_word); # 251| dpp->samples_A [k] = read_word = temp; # 252| } Error: CPPCHECK_WARNING (CWE-758): [#def231] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:366: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 364| right2 = apply_weight (dpp->weight_B, sam_B) + right; # 365| # 366|-> update_weight (dpp->weight_A, dpp->delta, sam_A, left); # 367| update_weight (dpp->weight_B, dpp->delta, sam_B, right); # 368| Error: CPPCHECK_WARNING (CWE-758): [#def232] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:367: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 365| # 366| update_weight (dpp->weight_A, dpp->delta, sam_A, left); # 367|-> update_weight (dpp->weight_B, dpp->delta, sam_B, right); # 368| # 369| dpp->samples_A [k] = left = left2; Error: CPPCHECK_WARNING (CWE-758): [#def233] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:374: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 372| else if (dpp->term == -1) { # 373| left2 = left + apply_weight (dpp->weight_A, dpp->samples_A [0]); # 374|-> update_weight_clip (dpp->weight_A, dpp->delta, dpp->samples_A [0], left); # 375| left = left2; # 376| right2 = right + apply_weight (dpp->weight_B, left2); Error: CPPCHECK_WARNING (CWE-758): [#def234] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:377: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 375| left = left2; # 376| right2 = right + apply_weight (dpp->weight_B, left2); # 377|-> update_weight_clip (dpp->weight_B, dpp->delta, left2, right); # 378| dpp->samples_A [0] = right = right2; # 379| } Error: CPPCHECK_WARNING (CWE-758): [#def235] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:382: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 380| else { # 381| right2 = right + apply_weight (dpp->weight_B, dpp->samples_B [0]); # 382|-> update_weight_clip (dpp->weight_B, dpp->delta, dpp->samples_B [0], right); # 383| right = right2; # 384| Error: CPPCHECK_WARNING (CWE-758): [#def236] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:391: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 389| # 390| left2 = left + apply_weight (dpp->weight_A, right2); # 391|-> update_weight_clip (dpp->weight_A, dpp->delta, right2, left); # 392| dpp->samples_B [0] = left = left2; # 393| } Error: CPPCHECK_WARNING (CWE-758): [#def237] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:536: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 534| dpp->samples_A [1] = dpp->samples_A [0]; # 535| dpp->samples_A [0] = apply_weight (weight_A, sam_A) + bptr [0]; # 536|-> update_weight (weight_A, delta, sam_A, bptr [0]); # 537| bptr [0] = dpp->samples_A [0]; # 538| } Error: CPPCHECK_WARNING (CWE-758): [#def238] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:547: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 545| dpp->samples_A [1] = dpp->samples_A [0]; # 546| dpp->samples_A [0] = apply_weight (weight_A, sam_A) + bptr [0]; # 547|-> update_weight (weight_A, delta, sam_A, bptr [0]); # 548| bptr [0] = dpp->samples_A [0]; # 549| } Error: CPPCHECK_WARNING (CWE-758): [#def239] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:557: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 555| sam_A = dpp->samples_A [m]; # 556| dpp->samples_A [k] = apply_weight (weight_A, sam_A) + bptr [0]; # 557|-> update_weight (weight_A, delta, sam_A, bptr [0]); # 558| bptr [0] = dpp->samples_A [k]; # 559| m = (m + 1) & (MAX_TERM - 1); Error: CPPCHECK_WARNING (CWE-758): [#def240] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:598: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 596| dpp->samples_A [1] = dpp->samples_A [0]; # 597| bptr [0] = dpp->samples_A [0] = apply_weight (dpp->weight_A, sam) + (tmp = bptr [0]); # 598|-> update_weight (dpp->weight_A, dpp->delta, sam, tmp); # 599| # 600| sam = 2 * dpp->samples_B [0] - dpp->samples_B [1]; Error: CPPCHECK_WARNING (CWE-758): [#def241] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:603: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 601| dpp->samples_B [1] = dpp->samples_B [0]; # 602| bptr [1] = dpp->samples_B [0] = apply_weight (dpp->weight_B, sam) + (tmp = bptr [1]); # 603|-> update_weight (dpp->weight_B, dpp->delta, sam, tmp); # 604| } # 605| Error: CPPCHECK_WARNING (CWE-758): [#def242] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:615: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 613| dpp->samples_A [1] = dpp->samples_A [0]; # 614| bptr [0] = dpp->samples_A [0] = apply_weight (dpp->weight_A, sam) + (tmp = bptr [0]); # 615|-> update_weight (dpp->weight_A, dpp->delta, sam, tmp); # 616| # 617| sam = dpp->samples_B [0] + ((dpp->samples_B [0] - dpp->samples_B [1]) >> 1); Error: CPPCHECK_WARNING (CWE-758): [#def243] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:620: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 618| dpp->samples_B [1] = dpp->samples_B [0]; # 619| bptr [1] = dpp->samples_B [0] = apply_weight (dpp->weight_B, sam) + (tmp = bptr [1]); # 620|-> update_weight (dpp->weight_B, dpp->delta, sam, tmp); # 621| } # 622| Error: CPPCHECK_WARNING (CWE-758): [#def244] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:631: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 629| sam = dpp->samples_A [m]; # 630| dpp->samples_A [k] = apply_weight (dpp->weight_A, sam) + bptr [0]; # 631|-> update_weight (dpp->weight_A, dpp->delta, sam, bptr [0]); # 632| bptr [0] = dpp->samples_A [k]; # 633| Error: CPPCHECK_WARNING (CWE-758): [#def245] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:636: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 634| sam = dpp->samples_B [m]; # 635| dpp->samples_B [k] = apply_weight (dpp->weight_B, sam) + bptr [1]; # 636|-> update_weight (dpp->weight_B, dpp->delta, sam, bptr [1]); # 637| bptr [1] = dpp->samples_B [k]; # 638| Error: CPPCHECK_WARNING (CWE-758): [#def246] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:650: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 648| # 649| sam = bptr [0] + apply_weight (dpp->weight_A, dpp->samples_A [0]); # 650|-> update_weight_clip (dpp->weight_A, dpp->delta, dpp->samples_A [0], bptr [0]); # 651| bptr [0] = sam; # 652| dpp->samples_A [0] = bptr [1] + apply_weight (dpp->weight_B, sam); Error: CPPCHECK_WARNING (CWE-758): [#def247] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:653: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 651| bptr [0] = sam; # 652| dpp->samples_A [0] = bptr [1] + apply_weight (dpp->weight_B, sam); # 653|-> update_weight_clip (dpp->weight_B, dpp->delta, sam, bptr [1]); # 654| bptr [1] = dpp->samples_A [0]; # 655| } Error: CPPCHECK_WARNING (CWE-758): [#def248] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:664: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 662| # 663| sam = bptr [1] + apply_weight (dpp->weight_B, dpp->samples_B [0]); # 664|-> update_weight_clip (dpp->weight_B, dpp->delta, dpp->samples_B [0], bptr [1]); # 665| bptr [1] = sam; # 666| dpp->samples_B [0] = bptr [0] + apply_weight (dpp->weight_A, sam); Error: CPPCHECK_WARNING (CWE-758): [#def249] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:667: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 665| bptr [1] = sam; # 666| dpp->samples_B [0] = bptr [0] + apply_weight (dpp->weight_A, sam); # 667|-> update_weight_clip (dpp->weight_A, dpp->delta, sam, bptr [0]); # 668| bptr [0] = dpp->samples_B [0]; # 669| } Error: CPPCHECK_WARNING (CWE-758): [#def250] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:678: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 676| # 677| sam_A = bptr [0] + apply_weight (dpp->weight_A, dpp->samples_A [0]); # 678|-> update_weight_clip (dpp->weight_A, dpp->delta, dpp->samples_A [0], bptr [0]); # 679| sam_B = bptr [1] + apply_weight (dpp->weight_B, dpp->samples_B [0]); # 680| update_weight_clip (dpp->weight_B, dpp->delta, dpp->samples_B [0], bptr [1]); Error: CPPCHECK_WARNING (CWE-758): [#def251] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack.c:680: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 678| update_weight_clip (dpp->weight_A, dpp->delta, dpp->samples_A [0], bptr [0]); # 679| sam_B = bptr [1] + apply_weight (dpp->weight_B, dpp->samples_B [0]); # 680|-> update_weight_clip (dpp->weight_B, dpp->delta, dpp->samples_B [0], bptr [1]); # 681| bptr [0] = dpp->samples_B [0] = sam_A; # 682| bptr [1] = dpp->samples_A [0] = sam_B; Error: GCC_ANALYZER_WARNING (CWE-688): [#def252] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_dsd.c: scope_hint: In function ‘init_dsd_block_fast’ wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_dsd.c:159:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*wps.dsd.value_lookup’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null # 157| lb_ptr = wps->dsd.lookup_buffer = (unsigned char *)malloc (wps->dsd.history_bins * MAX_BYTES_PER_BIN); # 158| wps->dsd.value_lookup = (unsigned char **)malloc (sizeof (*wps->dsd.value_lookup) * wps->dsd.history_bins); # 159|-> memset (wps->dsd.value_lookup, 0, sizeof (*wps->dsd.value_lookup) * wps->dsd.history_bins); # 160| wps->dsd.summed_probabilities = (uint16_t (*)[256])malloc (sizeof (*wps->dsd.summed_probabilities) * wps->dsd.history_bins); # 161| wps->dsd.probabilities = (unsigned char (*)[256])malloc (sizeof (*wps->dsd.probabilities) * wps->dsd.history_bins); Error: GCC_ANALYZER_WARNING (CWE-476): [#def253] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_dsd.c:176:31: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘outptr’ # 174| # 175| while (outptr < outend && zcount--) # 176|-> *outptr++ = 0; # 177| } # 178| else if (code) Error: GCC_ANALYZER_WARNING (CWE-476): [#def254] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_dsd.c:179:27: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘outptr’ # 177| } # 178| else if (code) # 179|-> *outptr++ = code; # 180| else # 181| break; Error: GCC_ANALYZER_WARNING (CWE-688): [#def255] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_dsd.c:188:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*wps.dsd.probabilities’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 186| } # 187| else if (wps->dsd.endptr - wps->dsd.byteptr > (int) sizeof (*wps->dsd.probabilities) * wps->dsd.history_bins) { # 188|-> memcpy (wps->dsd.probabilities, wps->dsd.byteptr, sizeof (*wps->dsd.probabilities) * wps->dsd.history_bins); # 189| wps->dsd.byteptr += sizeof (*wps->dsd.probabilities) * wps->dsd.history_bins; # 190| } Error: GCC_ANALYZER_WARNING (CWE-457): [#def256] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_dsd.c:198:96: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>[i]’ # 196| # 197| for (sum_values = i = 0; i < 256; ++i) # 198|-> wps->dsd.summed_probabilities [bi] [i] = sum_values += wps->dsd.probabilities [bi] [i]; # 199| # 200| if (sum_values) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def257] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_dsd.c: scope_hint: In function ‘init_ptable’ wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_dsd.c:308:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘table’ # 306| # 307| for (i = 0; i < PTABLE_BINS/2; ++i) { # 308|-> table [i] = value; # 309| table [PTABLE_BINS-1-i] = 0x100ffff - value; # 310| Error: CPPCHECK_WARNING (CWE-758): [#def258] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_dsd.c:400: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 398| sp [0].value += sp [0].filter6 * 8; # 399| sp [0].byte = (sp [0].byte << 1) | (sp [0].filter0 & 1); # 400|-> sp [0].factor += (((sp [0].value ^ sp [0].filter0) >> 31) | 1) & ((sp [0].value ^ (sp [0].value - (sp [0].filter6 * 16))) >> 31); # 401| sp [0].filter1 += ((sp [0].filter0 & VALUE_ONE) - sp [0].filter1) >> 6; # 402| sp [0].filter2 += ((sp [0].filter0 & VALUE_ONE) - sp [0].filter2) >> 4; Error: CPPCHECK_WARNING (CWE-758): [#def259] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_dsd.c:435: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 433| sp [1].value += sp [1].filter6 * 8; # 434| sp [1].byte = (sp [1].byte << 1) | (sp [1].filter0 & 1); # 435|-> sp [1].factor += (((sp [1].value ^ sp [1].filter0) >> 31) | 1) & ((sp [1].value ^ (sp [1].value - (sp [1].filter6 * 16))) >> 31); # 436| sp [1].filter1 += ((sp [1].filter0 & VALUE_ONE) - sp [1].filter1) >> 6; # 437| sp [1].filter2 += ((sp [1].filter0 & VALUE_ONE) - sp [1].filter2) >> 4; Error: CPPCHECK_WARNING (CWE-758): [#def260] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_floats.c:104: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 102| } # 103| # 104|-> crc = crc * 27 + get_mantissa (outval) * 9 + get_exponent (outval) * 3 + get_sign (outval); # 105| * (f32 *) values++ = outval; # 106| } Error: COMPILER_WARNING: [#def261] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_seek.c: scope_hint: In function ‘find_header’ wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_seek.c:306:59: warning[-Wuse-after-free]: pointer ‘ep_95’ used after ‘free’ # 306 | return reader->get_pos (id) - (ep - sp + 4); # | ~~~^~~~ wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_seek.c:305:25: note: call to ‘free’ here # 305 | free (buffer); # | ^~~~~~~~~~~~~ # 304| if (wphdr->block_samples && (wphdr->flags & INITIAL_BLOCK)) { # 305| free (buffer); # 306|-> return reader->get_pos (id) - (ep - sp + 4); # 307| } # 308| Error: GCC_ANALYZER_WARNING (CWE-476): [#def262] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_utils.c: scope_hint: In function ‘unpack_samples_interleave’ wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_utils.c:68:23: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘src’ wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_utils.c:19: included_from: Included from here. wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_utils.c:504:9: note: in expansion of macro ‘wp_mutex_release’ # 66| if (wps->wphdr.flags & MONO_FLAG) { # 67| while (samcnt--) { # 68|-> dst [0] = *src++; # 69| dst += num_channels; # 70| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def263] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_utils.c:77:27: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘src’ wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_utils.c:504:9: note: in expansion of macro ‘wp_mutex_release’ # 75| else if (offset == num_channels - 1) { # 76| while (samcnt--) { # 77|-> dst [0] = src [0]; # 78| dst += num_channels; # 79| src += 2; Error: GCC_ANALYZER_WARNING (CWE-476): [#def264] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_utils.c:87:23: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘src’ wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_utils.c:504:9: note: in expansion of macro ‘wp_mutex_release’ # 85| else { # 86| while (samcnt--) { # 87|-> dst [0] = *src++; # 88| dst [1] = *src++; # 89| dst += num_channels; Error: CPPCHECK_WARNING (CWE-401): [#def265] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_utils.c:510: error[memleakOnRealloc]: Common realloc mistake: 'temp_buffer' nulled but not freed upon failure # 508| # 509| if (cxt->samcnt > temp_samples) // reallocate temp buffer if not big enough # 510|-> temp_buffer = (int32_t *) realloc (temp_buffer, (temp_samples = cxt->samcnt) * 8); # 511| # 512| // this is where the work is done Error: GCC_ANALYZER_WARNING (CWE-476): [#def266] wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_utils.c: scope_hint: In function ‘worker_threads_create’ wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_utils.c:594:36: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*wpc.workers’ wavpack-5.7.0-build/wavpack-5.7.0/src/unpack_utils.c:588:9: note: in expansion of macro ‘wp_mutex_init’ # 592| # 593| for (i = 0; i < wpc->num_workers; ++i) { # 594|-> wpc->workers [i].mutex = &wpc->mutex; # 595| wpc->workers [i].global_cond = &wpc->global_cond; # 596| wpc->workers [i].workers_ready = &wpc->workers_ready;
| analyzer-version-clippy | 1.82.0 |
| analyzer-version-cppcheck | 2.16.0 |
| analyzer-version-gcc | 14.2.1 |
| analyzer-version-gcc-analyzer | 15.0.0 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-144.us-west-2.compute.internal |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | wavpack-5.7.0-10.fc42 |
| store-results-to | /tmp/tmpwuow1e23/wavpack-5.7.0-10.fc42.tar.xz |
| time-created | 2024-11-13 03:29:15 |
| time-finished | 2024-11-13 03:31:37 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmpwuow1e23/wavpack-5.7.0-10.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpwuow1e23/wavpack-5.7.0-10.fc42.src.rpm' |
| tool-version | csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9 |