librist-0.2.7-9.fc43

List of Findings

Error: CPPCHECK_WARNING (CWE-457): [#def1]
librist-v0.2.7/contrib/aes.c:285: warning[uninitvar]: Uninitialized variable: buf_out
#  283|   	}
#  284|   
#  285|-> 	memcpy(out, buf_out, AES_BLOCK_SIZE);   // Only output the last block.
#  286|   
#  287|   	return(TRUE);

Error: CPPCHECK_WARNING (CWE-476): [#def2]
librist-v0.2.7/contrib/srp.c:181: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ng
#  179|   {
#  180|       NGConstant * ng   = (NGConstant *) malloc( sizeof(NGConstant) );
#  181|->     ng->N = (mbedtls_mpi *) malloc(sizeof(mbedtls_mpi));
#  182|       ng->g = (mbedtls_mpi *) malloc(sizeof(mbedtls_mpi));
#  183|       mbedtls_mpi_init(ng->N);

Error: CPPCHECK_WARNING (CWE-476): [#def3]
librist-v0.2.7/contrib/srp.c:182: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ng
#  180|       NGConstant * ng   = (NGConstant *) malloc( sizeof(NGConstant) );
#  181|       ng->N = (mbedtls_mpi *) malloc(sizeof(mbedtls_mpi));
#  182|->     ng->g = (mbedtls_mpi *) malloc(sizeof(mbedtls_mpi));
#  183|       mbedtls_mpi_init(ng->N);
#  184|       mbedtls_mpi_init(ng->g);

Error: CPPCHECK_WARNING (CWE-476): [#def4]
librist-v0.2.7/contrib/srp.c:183: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ng
#  181|       ng->N = (mbedtls_mpi *) malloc(sizeof(mbedtls_mpi));
#  182|       ng->g = (mbedtls_mpi *) malloc(sizeof(mbedtls_mpi));
#  183|->     mbedtls_mpi_init(ng->N);
#  184|       mbedtls_mpi_init(ng->g);
#  185|   

Error: CPPCHECK_WARNING (CWE-476): [#def5]
librist-v0.2.7/contrib/srp.c:184: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ng
#  182|       ng->g = (mbedtls_mpi *) malloc(sizeof(mbedtls_mpi));
#  183|       mbedtls_mpi_init(ng->N);
#  184|->     mbedtls_mpi_init(ng->g);
#  185|   
#  186|       if( !ng || !ng->N || !ng->g )

Error: CPPCHECK_WARNING (CWE-476): [#def6]
librist-v0.2.7/contrib/srp.c:188: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ng
#  186|       if( !ng || !ng->N || !ng->g )
#  187|       {
#  188|->         if (ng->N)
#  189|               mbedtls_mpi_free(ng->N);
#  190|           if (ng->g)

Error: CPPCHECK_WARNING (CWE-476): [#def7]
librist-v0.2.7/contrib/srp.c:595: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: session
#  593|   
#  594|       session = (struct SRPSession *)malloc(sizeof(struct SRPSession));
#  595|->     memset(session, 0, sizeof(struct SRPSession));
#  596|   
#  597|       session->hash_alg = alg;

Error: CPPCHECK_WARNING (CWE-476): [#def8]
librist-v0.2.7/contrib/srp.c:597: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: session
#  595|       memset(session, 0, sizeof(struct SRPSession));
#  596|   
#  597|->     session->hash_alg = alg;
#  598|       session->ng  = new_ng( ng_type, n_hex, g_hex );
#  599|   

Error: CPPCHECK_WARNING (CWE-476): [#def9]
librist-v0.2.7/contrib/srp.c:598: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: session
#  596|   
#  597|       session->hash_alg = alg;
#  598|->     session->ng  = new_ng( ng_type, n_hex, g_hex );
#  599|   
#  600|       return session;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def10]
librist-v0.2.7/redhat-linux-build/../contrib/aes.c:285:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*(__int128 unsigned *)(&buf_out[0])’
librist-v0.2.7/redhat-linux-build/../contrib/aes.c:277:23: branch_false: following ‘false’ branch (when ‘blocks <= idx’)...
librist-v0.2.7/redhat-linux-build/../contrib/aes.c:285:9: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../contrib/aes.c:285:9: danger: use of uninitialized value ‘*(__int128 unsigned *)(&buf_out[0])’ here
#  283|   	}
#  284|   
#  285|-> 	memcpy(out, buf_out, AES_BLOCK_SIZE);   // Only output the last block.
#  286|   
#  287|   	return(TRUE);

Error: GCC_ANALYZER_WARNING (CWE-457): [#def11]
librist-v0.2.7/redhat-linux-build/../contrib/fastpbkdf2.c:303:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘&block’
librist-v0.2.7/redhat-linux-build/../contrib/fastpbkdf2.c:303:1: enter_function: entry to ‘pbkdf2_sha256’
librist-v0.2.7/redhat-linux-build/../contrib/fastpbkdf2.c:303:1: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../contrib/fastpbkdf2.c:303:1: call_function: calling ‘HMAC_sha256_init’ from ‘pbkdf2_sha256’
librist-v0.2.7/redhat-linux-build/../contrib/fastpbkdf2.c:303:1: return_function: returning to ‘pbkdf2_sha256’ from ‘HMAC_sha256_init’
librist-v0.2.7/redhat-linux-build/../contrib/fastpbkdf2.c:303:1: branch_true: following ‘true’ branch (when ‘counter <= blocks_needed’)...
librist-v0.2.7/redhat-linux-build/../contrib/fastpbkdf2.c:303:1: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../contrib/fastpbkdf2.c:303:1: danger: use of uninitialized value ‘&block’ here
#  301|   }
#  302|   
#  303|-> DECL_PBKDF2(sha256,
#  304|   						64,
#  305|   						32,

Error: GCC_ANALYZER_WARNING (CWE-476): [#def12]
librist-v0.2.7/redhat-linux-build/../contrib/linux-crypto.c:166:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ctx’
librist-v0.2.7/redhat-linux-build/../contrib/linux-crypto.c:159:36: acquire_memory: this call could return NULL
librist-v0.2.7/redhat-linux-build/../contrib/linux-crypto.c:166:9: danger: ‘ctx’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  164|   		.salg_name = "ctr(aes)" /* this is the cipher name */
#  165|   	};
#  166|-> 	ctx->sockfd = socket(AF_ALG, SOCK_SEQPACKET, 0);
#  167|   	if (ctx->sockfd == -1) {
#  168|   		fprintf(stderr, "Failed to set up socket!\n");

Error: COMPILER_WARNING: [#def13]
librist-v0.2.7/redhat-linux-build/../contrib/srp.c:446:5: warning[-Wstringop-overflow=]: ‘memcpy’ specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807
#  444|          return 0;
#  445|       mbedtls_mpi_write_binary( n, bin, len_n );
#  446|->     memcpy( bin + len_n, bytes, len_bytes );
#  447|       hash( alg, bin, nbytes, buff );
#  448|       free(bin);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def14]
librist-v0.2.7/redhat-linux-build/../src/eap.c:189:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘response’
librist-v0.2.7/redhat-linux-build/../src/eap.c:464:12: enter_function: entry to ‘process_eap_pkt’
librist-v0.2.7/redhat-linux-build/../src/eap.c:466:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
librist-v0.2.7/redhat-linux-build/../src/eap.c:468:13: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/eap.c:474:12: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../src/eap.c:476:12: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/eap.c:484:32: call_function: calling ‘process_eap_request’ from ‘process_eap_pkt’
#  187|   	uint8_t *response = malloc(EAPOL_EAP_HDRS_OFFSET + sizeof(struct eap_srp_hdr) + len_A);
#  188|   	struct eap_srp_hdr *hdr = (struct eap_srp_hdr *)&response[EAPOL_EAP_HDRS_OFFSET];
#  189|-> 	hdr->type = EAP_TYPE_SRP_SHA1;
#  190|   	hdr->subtype = EAP_SRP_SUBTYPE_CHALLENGE;
#  191|   	memcpy(&response[EAPOL_EAP_HDRS_OFFSET + sizeof(*hdr)], bytes_A, len_A);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def15]
librist-v0.2.7/redhat-linux-build/../src/eap.c:375:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘outpkt’
librist-v0.2.7/redhat-linux-build/../src/eap.c:464:12: enter_function: entry to ‘process_eap_pkt’
librist-v0.2.7/redhat-linux-build/../src/eap.c:466:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)...
librist-v0.2.7/redhat-linux-build/../src/eap.c:468:13: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/eap.c:474:12: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../src/eap.c:476:12: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/eap.c:476:13: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../src/eap.c:478:14: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/eap.c:487:32: call_function: calling ‘process_eap_response’ from ‘process_eap_pkt’
#  373|   	uint8_t *outpkt = malloc((EAPOL_EAP_HDRS_OFFSET + sizeof(struct eap_srp_hdr) + len_B));
#  374|   	struct eap_srp_hdr *hdr = (struct eap_srp_hdr *)&outpkt[EAPOL_EAP_HDRS_OFFSET];
#  375|-> 	hdr->type = EAP_TYPE_SRP_SHA1;
#  376|   	hdr->subtype = EAP_SRP_SUBTYPE_SERVER_KEY;
#  377|   	memcpy(&outpkt[(EAPOL_EAP_HDRS_OFFSET + sizeof(*hdr))], bytes_B, len_B);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def16]
librist-v0.2.7/redhat-linux-build/../src/eap.c:706:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ctx’
librist-v0.2.7/redhat-linux-build/../src/eap.c:698:12: branch_false: following ‘false’ branch (when ‘peer’ is non-NULL)...
librist-v0.2.7/redhat-linux-build/../src/eap.c:700:40: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/eap.c:701:12: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../src/eap.c:703:13: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/eap.c:703:12: branch_true: following ‘true’ branch...
librist-v0.2.7/redhat-linux-build/../src/eap.c:705:42: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../src/eap.c:705:42: acquire_memory: this call could return NULL
librist-v0.2.7/redhat-linux-build/../src/eap.c:706:17: danger: ‘ctx’ could be NULL: unchecked value from [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  704|   	{
#  705|   		struct eapsrp_ctx *ctx = calloc(sizeof(*ctx), 1);
#  706|-> 		ctx->logging_settings = get_cctx(peer)->logging_settings;
#  707|   		if (ctx == NULL)
#  708|   			return RIST_ERR_MALLOC;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def17]
librist-v0.2.7/redhat-linux-build/../src/flow.c:22:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘m’
librist-v0.2.7/redhat-linux-build/../src/flow.c:16:41: acquire_memory: this call could return NULL
librist-v0.2.7/redhat-linux-build/../src/flow.c:22:9: danger: ‘m’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   20|   	if (nack_time < (now - f->recovery_buffer_ticks))
#   21|   		nack_time = now;
#   22|-> 	m->seq = seq;
#   23|   	m->insertion_time = nack_time;
#   24|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def18]
librist-v0.2.7/redhat-linux-build/../src/logging.c:232:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘settings’
librist-v0.2.7/redhat-linux-build/../src/logging.c:226:12: branch_false: following ‘false’ branch (when ‘logging_settings’ is non-NULL)...
librist-v0.2.7/redhat-linux-build/../src/logging.c:228:39: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/logging.c:230:12: branch_true: following ‘true’ branch (when ‘settings’ is NULL)...
librist-v0.2.7/redhat-linux-build/../src/logging.c:231:28: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../src/logging.c:231:28: acquire_memory: this call could return NULL
librist-v0.2.7/redhat-linux-build/../src/logging.c:232:17: danger: ‘settings’ could be NULL: unchecked value from [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  230|   	if (!settings) {
#  231|   		settings = malloc(sizeof(*settings));
#  232|-> 		*settings = (struct rist_logging_settings)
#  233|   			LOGGING_SETTINGS_INITIALIZER;
#  234|   		*logging_settings = settings;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def19]
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3484:37: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3459:19: enter_function: entry to ‘rist_sender_peer_insert_local’
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3478:37: call_function: calling ‘peer_initialize’ from ‘rist_sender_peer_insert_local’
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3478:37: return_function: returning to ‘rist_sender_peer_insert_local’ from ‘peer_initialize’
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3479:12: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3483:38: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3484:37: danger: ‘<unknown>’ leaks here; was allocated at [(10)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/9)
# 3482|   
# 3483|   	strncpy(&newpeer->miface[0], config->miface, RIST_MAX_STRING_SHORT);
# 3484|-> 	strncpy(&newpeer->cname[0], config->cname, RIST_MAX_STRING_SHORT);
# 3485|   	if (config->address_family && rist_set_manual_sockdata(newpeer, config)) {
# 3486|   		free(newpeer);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def20]
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3485:13: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3459:19: enter_function: entry to ‘rist_sender_peer_insert_local’
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3478:37: call_function: calling ‘peer_initialize’ from ‘rist_sender_peer_insert_local’
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3478:37: return_function: returning to ‘rist_sender_peer_insert_local’ from ‘peer_initialize’
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3479:12: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3483:38: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3485:13: danger: ‘<unknown>’ leaks here; was allocated at [(10)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/9)
# 3483|   	strncpy(&newpeer->miface[0], config->miface, RIST_MAX_STRING_SHORT);
# 3484|   	strncpy(&newpeer->cname[0], config->cname, RIST_MAX_STRING_SHORT);
# 3485|-> 	if (config->address_family && rist_set_manual_sockdata(newpeer, config)) {
# 3486|   		free(newpeer);
# 3487|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-835): [#def21]
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3776:16: warning[-Wanalyzer-infinite-loop]: infinite loop
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3769:6: enter_function: entry to ‘rist_sender_destroy_local’
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3776:16: danger: infinite loop here
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3776:16: branch_true: if it ever follows ‘true’ branch, it will always do so...
librist-v0.2.7/redhat-linux-build/../src/rist-common.c:3777:48: branch_true: ...to here
# 3774|   
# 3775|   	pthread_mutex_lock(&ctx->common.peerlist_lock);	// Destroy all peers
# 3776|-> 	while (ctx->peer_lst_len > 0) {
# 3777|   		rist_peer_remove(&ctx->common, ctx->peer_lst[0], NULL);
# 3778|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def22]
librist-v0.2.7/redhat-linux-build/../src/rist.c:206:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘data_block’
librist-v0.2.7/redhat-linux-build/../src/rist.c:146:12: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../src/rist.c:151:13: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/rist.c:151:12: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../src/rist.c:176:12: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../src/rist.c:197:9: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../src/rist.c:199:9: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/rist.c:199:9: release_memory: ‘data_block’ is NULL
librist-v0.2.7/redhat-linux-build/../src/rist.c:205:12: branch_true: following ‘true’ branch...
librist-v0.2.7/redhat-linux-build/../src/rist.c:206:17: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../src/rist.c:206:17: danger: dereference of NULL ‘data_block’
#  204|   	}
#  205|   	if (overflow)
#  206|-> 		data_block->flags |= RIST_DATA_FLAGS_OVERFLOW;
#  207|   
#  208|   	return (int)num;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def23]
librist-v0.2.7/redhat-linux-build/../src/rist.c:752:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘output_udp_config’
librist-v0.2.7/redhat-linux-build/../src/rist.c:751:61: acquire_memory: this call could return NULL
librist-v0.2.7/redhat-linux-build/../src/rist.c:752:17: danger: ‘output_udp_config’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  750|   		// Default options on new struct (specific for udp url)
#  751|   		struct rist_udp_config *output_udp_config = calloc(1, sizeof(struct rist_udp_config));
#  752|-> 		output_udp_config->version = RIST_UDP_CONFIG_VERSION;
#  753|   		output_udp_config->stream_id = 0; // Accept all on receiver, auto-generate on sender
#  754|   		ret = parse_url_udp_options(url, output_udp_config);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def24]
librist-v0.2.7/redhat-linux-build/../src/stats.c:31:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘stats_container’
librist-v0.2.7/redhat-linux-build/../src/stats.c:25:12: branch_true: following ‘true’ branch...
librist-v0.2.7/redhat-linux-build/../src/stats.c:29:30: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../src/stats.c:30:46: acquire_memory: this call could return NULL
librist-v0.2.7/redhat-linux-build/../src/stats.c:31:9: danger: ‘stats_container’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   29|   	pthread_mutex_lock(&(get_cctx(peer)->stats_lock));
#   30|   	struct rist_stats *stats_container = malloc(sizeof(struct rist_stats));
#   31|-> 	stats_container->stats_type = RIST_STATS_SENDER_PEER;
#   32|   	stats_container->version = RIST_STATS_VERSION;
#   33|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
librist-v0.2.7/redhat-linux-build/../src/stats.c:107:9: warning[-Wanalyzer-malloc-leak]: leak of ‘stats_container’
librist-v0.2.7/redhat-linux-build/../src/stats.c:25:12: branch_true: following ‘true’ branch...
librist-v0.2.7/redhat-linux-build/../src/stats.c:29:30: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../src/stats.c:30:46: acquire_memory: allocated here
librist-v0.2.7/redhat-linux-build/../src/stats.c:101:12: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../src/stats.c:104:17: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/stats.c:107:9: danger: ‘stats_container’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  105|   
#  106|   	memset(&peer->stats_sender_instant, 0, sizeof(peer->stats_sender_instant));
#  107|-> 	pthread_mutex_unlock(&(get_cctx(peer)->stats_lock));
#  108|   }
#  109|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def26]
librist-v0.2.7/redhat-linux-build/../src/stats.c:124:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘stats_container’
librist-v0.2.7/redhat-linux-build/../src/stats.c:112:12: branch_false: following ‘false’ branch (when ‘flow’ is non-NULL)...
librist-v0.2.7/redhat-linux-build/../src/stats.c:114:9: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/stats.c:123:46: acquire_memory: this call could return NULL
librist-v0.2.7/redhat-linux-build/../src/stats.c:124:9: danger: ‘stats_container’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  122|   
#  123|   	struct rist_stats *stats_container = malloc(sizeof(struct rist_stats));
#  124|-> 	stats_container->stats_type = RIST_STATS_RECEIVER_FLOW;
#  125|   	stats_container->version = RIST_STATS_VERSION;
#  126|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
librist-v0.2.7/redhat-linux-build/../src/stats.c:278:9: warning[-Wanalyzer-malloc-leak]: leak of ‘stats_container’
librist-v0.2.7/redhat-linux-build/../src/stats.c:112:12: branch_false: following ‘false’ branch (when ‘flow’ is non-NULL)...
librist-v0.2.7/redhat-linux-build/../src/stats.c:114:9: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/stats.c:123:46: acquire_memory: allocated here
librist-v0.2.7/redhat-linux-build/../src/stats.c:268:9: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../src/stats.c:268:9: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/stats.c:271:12: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../src/stats.c:274:17: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../src/stats.c:278:9: danger: ‘stats_container’ leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#  276|   	memset(&flow->stats_instant, 0, sizeof(flow->stats_instant));
#  277|   	flow->stats_instant.min_ips = 0xFFFFFFFFFFFFFFFFULL;
#  278|-> 	pthread_mutex_unlock(&ctx->common.stats_lock);
#  279|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def28]
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:132:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘p_rtp’
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:164:12: enter_function: entry to ‘cb_recv’
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:169:21: branch_true: following ‘true’ branch (when ‘i != 20’)...
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:170:22: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:170:20: branch_false: following ‘false’ branch...
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:175:21: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:206:28: branch_true: following ‘true’ branch...
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:209:37: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:209:36: branch_true: following ‘true’ branch...
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:210:64: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:210:51: acquire_memory: this call could return NULL
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:215:50: branch_true: following ‘true’ branch...
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:215:98: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:220:41: call_function: calling ‘risttools_rtp_set_hdr’ from ‘cb_recv’
#  130|   static inline void risttools_rtp_set_hdr(uint8_t *p_rtp, uint8_t i_type, uint16_t i_seqnum, uint32_t i_timestamp, uint32_t i_ssrc)
#  131|   {
#  132|-> 	p_rtp[0] = 0x80;
#  133|   	p_rtp[1] = i_type & 0x7f;
#  134|   	p_rtp[2] = i_seqnum >> 8;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def29]
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:391:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘stats’
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:380:12: branch_true: following ‘true’ branch...
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:382:60: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:389:20: branch_true: following ‘true’ branch (when ‘stats’ is NULL)...
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:390:33: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:390:33: acquire_memory: this call could return NULL
librist-v0.2.7/redhat-linux-build/../tools/ristreceiver.c:391:25: danger: ‘stats’ could be NULL: unchecked value from [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  389|   		if (!stats) {
#  390|   			stats = calloc(sizeof(*stats), 1);
#  391|-> 			stats->flow_id = stats_container->stats.receiver_flow.flow_id;
#  392|   			*prev = stats;
#  393|   		}

Error: GCC_ANALYZER_WARNING (CWE-688): [#def30]
librist-v0.2.7/redhat-linux-build/../tools/ristsender.c:582:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘tmpoutputurl’ where non-null expected
librist-v0.2.7/redhat-linux-build/../tools/ristsender.c:581:30: acquire_memory: this call could return NULL
librist-v0.2.7/redhat-linux-build/../tools/ristsender.c:582:9: danger: argument 1 (‘tmpoutputurl’) from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) could be NULL where non-null expected
#argument 1 of ‘__builtin_strcpy’ must be non-null
#  580|   	char *saveptroutput;
#  581|   	char *tmpoutputurl = malloc(strlen(outputurl) +1);
#  582|-> 	strcpy(tmpoutputurl, outputurl);
#  583|   	char *outputtoken = strtok_r(tmpoutputurl, ",", &saveptroutput);
#  584|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def31]
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:74:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘read_verifier’
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:25:12: branch_false: following ‘false’ branch (when ‘user_data’ is non-NULL)...
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:31:31: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:31:31: acquire_memory: this call could return NULL
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:39:16: branch_true: following ‘true’ branch (when ‘read != -1’)...
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:41:20: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:41:20: branch_false: following ‘false’ branch (when ‘skipnextline == 0’)...
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:45:27: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:47:28: branch_true: following ‘true’ branch (when ‘reading == 0’)...
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:47:64: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:52:28: branch_false: following ‘false’ branch (when ‘reading != 1’)...
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:54:33: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:54:33: branch_false: following ‘false’ branch (when ‘reading != 2’)...
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:59:25: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:39:16: branch_true: following ‘true’ branch (when ‘read != -1’)...
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:41:20: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:41:20: branch_false: following ‘false’ branch (when ‘skipnextline == 0’)...
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:45:27: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:45:27: branch_false: following ‘false’ branch (when ‘read != 58’)...
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:61:25: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:61:25: branch_false: following ‘false’ branch (when ‘reading != 0’)...
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:70:27: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:70:27: branch_true: following ‘true’ branch (when ‘reading == 1’)...
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:72:28: branch_true: ...to here
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:72:28: branch_false: following ‘false’ branch (when ‘read_verifier_len != 1024’)...
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:74:38: branch_false: ...to here
librist-v0.2.7/redhat-linux-build/../tools/srp_shared.c:74:25: danger: ‘read_verifier + read_verifier_len’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   72|   			if (read_verifier_len == 1024)
#   73|   				goto out;
#   74|-> 			read_verifier[read_verifier_len] = read;
#   75|   			read_verifier_len++;
#   76|   		} else if (reading == 2)

Error: COMPILER_WARNING: [#def32]
librist-v0.2.7/src/eap.c: scope_hint: In function ‘eap_clone_ctx’
librist-v0.2.7/src/eap.c:536:47: warning[-Wcalloc-transposed-args]: ‘calloc’ sizes specified with ‘sizeof’ in the earlier argument and not in the later argument
#  536 |         struct eapsrp_ctx *ctx = calloc(sizeof(*ctx), 1);
#      |                                               ^
librist-v0.2.7/src/eap.c:536:47: note: earlier argument should specify number of elements, later size of each element
#  534|   	if (peer->eap_ctx != NULL)
#  535|   		return -1;
#  536|-> 	struct eapsrp_ctx *ctx = calloc(sizeof(*ctx), 1);
#  537|   	if (!ctx)
#  538|   		return -1;

Error: COMPILER_WARNING: [#def33]
librist-v0.2.7/src/eap.c: scope_hint: In function ‘rist_enable_eap_srp’
librist-v0.2.7/src/eap.c:705:55: warning[-Wcalloc-transposed-args]: ‘calloc’ sizes specified with ‘sizeof’ in the earlier argument and not in the later argument
#  705 |                 struct eapsrp_ctx *ctx = calloc(sizeof(*ctx), 1);
#      |                                                       ^
librist-v0.2.7/src/eap.c:705:55: note: earlier argument should specify number of elements, later size of each element
#  703|   	if (peer->listening)
#  704|   	{
#  705|-> 		struct eapsrp_ctx *ctx = calloc(sizeof(*ctx), 1);
#  706|   		ctx->logging_settings = get_cctx(peer)->logging_settings;
#  707|   		if (ctx == NULL)

Error: CPPCHECK_WARNING (CWE-476): [#def34]
librist-v0.2.7/src/eap.c:706: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ctx
#  704|   	{
#  705|   		struct eapsrp_ctx *ctx = calloc(sizeof(*ctx), 1);
#  706|-> 		ctx->logging_settings = get_cctx(peer)->logging_settings;
#  707|   		if (ctx == NULL)
#  708|   			return RIST_ERR_MALLOC;

Error: COMPILER_WARNING: [#def35]
librist-v0.2.7/src/eap.c:755:47: warning[-Wcalloc-transposed-args]: ‘calloc’ sizes specified with ‘sizeof’ in the earlier argument and not in the later argument
#  755 |         struct eapsrp_ctx *ctx = calloc(sizeof(*ctx), 1);
#      |                                               ^
librist-v0.2.7/src/eap.c:755:47: note: earlier argument should specify number of elements, later size of each element
#  753|   	if (u_len == 0 || u_len > 255 || p_len == 0 || p_len > 255)
#  754|   		return RIST_ERR_INVALID_STRING_LENGTH;
#  755|-> 	struct eapsrp_ctx *ctx = calloc(sizeof(*ctx), 1);
#  756|   	if (ctx == NULL)
#  757|   		return RIST_ERR_MALLOC;

Error: CPPCHECK_WARNING (CWE-476): [#def36]
librist-v0.2.7/src/flow.c:22: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: m
#   20|   	if (nack_time < (now - f->recovery_buffer_ticks))
#   21|   		nack_time = now;
#   22|-> 	m->seq = seq;
#   23|   	m->insertion_time = nack_time;
#   24|   

Error: CPPCHECK_WARNING (CWE-476): [#def37]
librist-v0.2.7/src/flow.c:23: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: m
#   21|   		nack_time = now;
#   22|   	m->seq = seq;
#   23|-> 	m->insertion_time = nack_time;
#   24|   
#   25|   	m->next_nack = now + (uint64_t)rtt * (uint64_t)RIST_CLOCK;

Error: CPPCHECK_WARNING (CWE-476): [#def38]
librist-v0.2.7/src/flow.c:25: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: m
#   23|   	m->insertion_time = nack_time;
#   24|   
#   25|-> 	m->next_nack = now + (uint64_t)rtt * (uint64_t)RIST_CLOCK;
#   26|   	m->peer = peer;
#   27|   

Error: CPPCHECK_WARNING (CWE-476): [#def39]
librist-v0.2.7/src/flow.c:26: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: m
#   24|   
#   25|   	m->next_nack = now + (uint64_t)rtt * (uint64_t)RIST_CLOCK;
#   26|-> 	m->peer = peer;
#   27|   
#   28|   	if (get_cctx(peer)->debug)

Error: CPPCHECK_WARNING (CWE-476): [#def40]
librist-v0.2.7/src/flow.c:34: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: m
#   32|   		seq, m->next_nack > now? (m->next_nack - now)/ RIST_CLOCK: 0, f->missing_counter, f->last_seq_found);
#   33|   
#   34|-> 	m->next = NULL;
#   35|   	// Insert it at the end of the queue
#   36|   	if (!f->missing) {

Error: COMPILER_WARNING: [#def41]
librist-v0.2.7/src/libevsocket.c: scope_hint: In function ‘rebuild_poll’
librist-v0.2.7/src/libevsocket.c:210:45: warning[-Wcalloc-transposed-args]: ‘calloc’ sizes specified with ‘sizeof’ in the earlier argument and not in the later argument
#  210 |                 ctx->_array = calloc(sizeof(struct evsocket_event), ctx->n_events);
#      |                                             ^~~~~~
librist-v0.2.7/src/libevsocket.c:210:45: note: earlier argument should specify number of elements, later size of each element
#  208|   	if (ctx->n_events > 0) {
#  209|   		ctx->pfd = malloc(sizeof(struct pollfd) * ctx->n_events);
#  210|-> 		ctx->_array = calloc(sizeof(struct evsocket_event), ctx->n_events);
#  211|   	}
#  212|   

Error: CPPCHECK_WARNING (CWE-476): [#def42]
librist-v0.2.7/src/logging.c:232: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: settings
#  230|   	if (!settings) {
#  231|   		settings = malloc(sizeof(*settings));
#  232|-> 		*settings = (struct rist_logging_settings)
#  233|   			LOGGING_SETTINGS_INITIALIZER;
#  234|   		*logging_settings = settings;

Error: CPPCHECK_WARNING (CWE-476): [#def43]
librist-v0.2.7/src/logging.c:238: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: settings
#  236|   	}
#  237|   
#  238|-> 	settings->log_level = log_level;
#  239|   	settings->log_cb = log_cb;
#  240|   	settings->log_cb_arg = cb_arg;

Error: CPPCHECK_WARNING (CWE-476): [#def44]
librist-v0.2.7/src/logging.c:239: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: settings
#  237|   
#  238|   	settings->log_level = log_level;
#  239|-> 	settings->log_cb = log_cb;
#  240|   	settings->log_cb_arg = cb_arg;
#  241|   	settings->log_stream = logfp;

Error: CPPCHECK_WARNING (CWE-476): [#def45]
librist-v0.2.7/src/logging.c:240: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: settings
#  238|   	settings->log_level = log_level;
#  239|   	settings->log_cb = log_cb;
#  240|-> 	settings->log_cb_arg = cb_arg;
#  241|   	settings->log_stream = logfp;
#  242|   	if (address == NULL) {

Error: CPPCHECK_WARNING (CWE-476): [#def46]
librist-v0.2.7/src/logging.c:241: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: settings
#  239|   	settings->log_cb = log_cb;
#  240|   	settings->log_cb_arg = cb_arg;
#  241|-> 	settings->log_stream = logfp;
#  242|   	if (address == NULL) {
#  243|   		if (settings->log_socket >= 0 &&

Error: CPPCHECK_WARNING (CWE-476): [#def47]
librist-v0.2.7/src/rist.c:752: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: output_udp_config
#  750|   		// Default options on new struct (specific for udp url)
#  751|   		struct rist_udp_config *output_udp_config = calloc(1, sizeof(struct rist_udp_config));
#  752|-> 		output_udp_config->version = RIST_UDP_CONFIG_VERSION;
#  753|   		output_udp_config->stream_id = 0; // Accept all on receiver, auto-generate on sender
#  754|   		ret = parse_url_udp_options(url, output_udp_config);

Error: CPPCHECK_WARNING (CWE-476): [#def48]
librist-v0.2.7/src/rist.c:753: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: output_udp_config
#  751|   		struct rist_udp_config *output_udp_config = calloc(1, sizeof(struct rist_udp_config));
#  752|   		output_udp_config->version = RIST_UDP_CONFIG_VERSION;
#  753|-> 		output_udp_config->stream_id = 0; // Accept all on receiver, auto-generate on sender
#  754|   		ret = parse_url_udp_options(url, output_udp_config);
#  755|   		*udp_config = output_udp_config;

Error: CPPCHECK_WARNING (CWE-476): [#def49]
librist-v0.2.7/src/stats.c:31: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#   29|   	pthread_mutex_lock(&(get_cctx(peer)->stats_lock));
#   30|   	struct rist_stats *stats_container = malloc(sizeof(struct rist_stats));
#   31|-> 	stats_container->stats_type = RIST_STATS_SENDER_PEER;
#   32|   	stats_container->version = RIST_STATS_VERSION;
#   33|   

Error: CPPCHECK_WARNING (CWE-476): [#def50]
librist-v0.2.7/src/stats.c:32: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#   30|   	struct rist_stats *stats_container = malloc(sizeof(struct rist_stats));
#   31|   	stats_container->stats_type = RIST_STATS_SENDER_PEER;
#   32|-> 	stats_container->version = RIST_STATS_VERSION;
#   33|   
#   34|   	peer->stats_sender_total.received += peer->stats_sender_instant.received;

Error: CPPCHECK_WARNING (CWE-476): [#def51]
librist-v0.2.7/src/stats.c:88: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#   86|   	cJSON_Delete(stats);
#   87|   
#   88|-> 	stats_container->stats_json = stats_string;
#   89|   	stats_container->json_size = (uint32_t)strlen(stats_string);
#   90|   	stats_container->stats.sender_peer.cname[0] = '\0';

Error: CPPCHECK_WARNING (CWE-476): [#def52]
librist-v0.2.7/src/stats.c:89: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#   87|   
#   88|   	stats_container->stats_json = stats_string;
#   89|-> 	stats_container->json_size = (uint32_t)strlen(stats_string);
#   90|   	stats_container->stats.sender_peer.cname[0] = '\0';
#   91|   	strncpy(stats_container->stats.sender_peer.cname, peer->receiver_name, RIST_MAX_STRING_SHORT);

Error: CPPCHECK_WARNING (CWE-476): [#def53]
librist-v0.2.7/src/stats.c:90: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#   88|   	stats_container->stats_json = stats_string;
#   89|   	stats_container->json_size = (uint32_t)strlen(stats_string);
#   90|-> 	stats_container->stats.sender_peer.cname[0] = '\0';
#   91|   	strncpy(stats_container->stats.sender_peer.cname, peer->receiver_name, RIST_MAX_STRING_SHORT);
#   92|   	stats_container->stats.sender_peer.peer_id = peer->adv_peer_id;

Error: CPPCHECK_WARNING (CWE-476): [#def54]
librist-v0.2.7/src/stats.c:91: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#   89|   	stats_container->json_size = (uint32_t)strlen(stats_string);
#   90|   	stats_container->stats.sender_peer.cname[0] = '\0';
#   91|-> 	strncpy(stats_container->stats.sender_peer.cname, peer->receiver_name, RIST_MAX_STRING_SHORT);
#   92|   	stats_container->stats.sender_peer.peer_id = peer->adv_peer_id;
#   93|   	stats_container->stats.sender_peer.bandwidth = bitrate;

Error: CPPCHECK_WARNING (CWE-476): [#def55]
librist-v0.2.7/src/stats.c:92: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#   90|   	stats_container->stats.sender_peer.cname[0] = '\0';
#   91|   	strncpy(stats_container->stats.sender_peer.cname, peer->receiver_name, RIST_MAX_STRING_SHORT);
#   92|-> 	stats_container->stats.sender_peer.peer_id = peer->adv_peer_id;
#   93|   	stats_container->stats.sender_peer.bandwidth = bitrate;
#   94|   	stats_container->stats.sender_peer.retry_bandwidth = retry_bitrate;

Error: CPPCHECK_WARNING (CWE-476): [#def56]
librist-v0.2.7/src/stats.c:93: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#   91|   	strncpy(stats_container->stats.sender_peer.cname, peer->receiver_name, RIST_MAX_STRING_SHORT);
#   92|   	stats_container->stats.sender_peer.peer_id = peer->adv_peer_id;
#   93|-> 	stats_container->stats.sender_peer.bandwidth = bitrate;
#   94|   	stats_container->stats.sender_peer.retry_bandwidth = retry_bitrate;
#   95|   	stats_container->stats.sender_peer.sent = peer->stats_sender_instant.sent;

Error: CPPCHECK_WARNING (CWE-476): [#def57]
librist-v0.2.7/src/stats.c:94: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#   92|   	stats_container->stats.sender_peer.peer_id = peer->adv_peer_id;
#   93|   	stats_container->stats.sender_peer.bandwidth = bitrate;
#   94|-> 	stats_container->stats.sender_peer.retry_bandwidth = retry_bitrate;
#   95|   	stats_container->stats.sender_peer.sent = peer->stats_sender_instant.sent;
#   96|   	stats_container->stats.sender_peer.received = peer->stats_sender_instant.received;

Error: CPPCHECK_WARNING (CWE-476): [#def58]
librist-v0.2.7/src/stats.c:95: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#   93|   	stats_container->stats.sender_peer.bandwidth = bitrate;
#   94|   	stats_container->stats.sender_peer.retry_bandwidth = retry_bitrate;
#   95|-> 	stats_container->stats.sender_peer.sent = peer->stats_sender_instant.sent;
#   96|   	stats_container->stats.sender_peer.received = peer->stats_sender_instant.received;
#   97|   	stats_container->stats.sender_peer.retransmitted = peer->stats_sender_instant.retrans;

Error: CPPCHECK_WARNING (CWE-476): [#def59]
librist-v0.2.7/src/stats.c:96: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#   94|   	stats_container->stats.sender_peer.retry_bandwidth = retry_bitrate;
#   95|   	stats_container->stats.sender_peer.sent = peer->stats_sender_instant.sent;
#   96|-> 	stats_container->stats.sender_peer.received = peer->stats_sender_instant.received;
#   97|   	stats_container->stats.sender_peer.retransmitted = peer->stats_sender_instant.retrans;
#   98|   	stats_container->stats.sender_peer.quality = Q;

Error: CPPCHECK_WARNING (CWE-476): [#def60]
librist-v0.2.7/src/stats.c:97: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#   95|   	stats_container->stats.sender_peer.sent = peer->stats_sender_instant.sent;
#   96|   	stats_container->stats.sender_peer.received = peer->stats_sender_instant.received;
#   97|-> 	stats_container->stats.sender_peer.retransmitted = peer->stats_sender_instant.retrans;
#   98|   	stats_container->stats.sender_peer.quality = Q;
#   99|   	stats_container->stats.sender_peer.rtt = avg_rtt;

Error: CPPCHECK_WARNING (CWE-476): [#def61]
librist-v0.2.7/src/stats.c:98: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#   96|   	stats_container->stats.sender_peer.received = peer->stats_sender_instant.received;
#   97|   	stats_container->stats.sender_peer.retransmitted = peer->stats_sender_instant.retrans;
#   98|-> 	stats_container->stats.sender_peer.quality = Q;
#   99|   	stats_container->stats.sender_peer.rtt = avg_rtt;
#  100|   

Error: CPPCHECK_WARNING (CWE-476): [#def62]
librist-v0.2.7/src/stats.c:99: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#   97|   	stats_container->stats.sender_peer.retransmitted = peer->stats_sender_instant.retrans;
#   98|   	stats_container->stats.sender_peer.quality = Q;
#   99|-> 	stats_container->stats.sender_peer.rtt = avg_rtt;
#  100|   
#  101|   	if (cctx->stats_callback != NULL)

Error: CPPCHECK_WARNING (CWE-476): [#def63]
librist-v0.2.7/src/stats.c:124: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#  122|   
#  123|   	struct rist_stats *stats_container = malloc(sizeof(struct rist_stats));
#  124|-> 	stats_container->stats_type = RIST_STATS_RECEIVER_FLOW;
#  125|   	stats_container->version = RIST_STATS_VERSION;
#  126|   

Error: CPPCHECK_WARNING (CWE-476): [#def64]
librist-v0.2.7/src/stats.c:125: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats_container
#  123|   	struct rist_stats *stats_container = malloc(sizeof(struct rist_stats));
#  124|   	stats_container->stats_type = RIST_STATS_RECEIVER_FLOW;
#  125|-> 	stats_container->version = RIST_STATS_VERSION;
#  126|   
#  127|   	if (flow->stats_instant.avg_count)

Error: CPPCHECK_WARNING (CWE-682): [#def65]
librist-v0.2.7/src/udp.c:188: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  186|   	if (modifyingbuffer) {
#  187|   		_payload = malloc(payload_len + RIST_MAX_PAYLOAD_OFFSET);
#  188|-> 		_payload  = _payload + RIST_MAX_PAYLOAD_OFFSET;
#  189|   		memcpy(_payload, payload, payload_len);
#  190|   	} else {

Error: CPPCHECK_WARNING (CWE-476): [#def66]
librist-v0.2.7/test/rist/test_send_receive.c:155: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: url1
#  153|   
#  154|   
#  155|->     fprintf(stdout, "Testing profile %i with receiver url %s and sender url %s and losspercentage: %i\n", profile, url1, url2, losspercent);
#  156|   
#  157|       if (rist_logging_set(&logging_settings_sender, RIST_LOG_DEBUG, log_callback, senderstring, NULL, stderr) != 0) {

Error: CPPCHECK_WARNING (CWE-476): [#def67]
librist-v0.2.7/test/rist/test_send_receive.c:155: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: url2
#  153|   
#  154|   
#  155|->     fprintf(stdout, "Testing profile %i with receiver url %s and sender url %s and losspercentage: %i\n", profile, url1, url2, losspercent);
#  156|   
#  157|       if (rist_logging_set(&logging_settings_sender, RIST_LOG_DEBUG, log_callback, senderstring, NULL, stderr) != 0) {

Error: CPPCHECK_WARNING (CWE-476): [#def68]
librist-v0.2.7/tools/ristreceiver.c:132: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: p_rtp
#  130|   static inline void risttools_rtp_set_hdr(uint8_t *p_rtp, uint8_t i_type, uint16_t i_seqnum, uint32_t i_timestamp, uint32_t i_ssrc)
#  131|   {
#  132|-> 	p_rtp[0] = 0x80;
#  133|   	p_rtp[1] = i_type & 0x7f;
#  134|   	p_rtp[2] = i_seqnum >> 8;

Error: CPPCHECK_WARNING (CWE-476): [#def69]
librist-v0.2.7/tools/ristreceiver.c:133: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: p_rtp
#  131|   {
#  132|   	p_rtp[0] = 0x80;
#  133|-> 	p_rtp[1] = i_type & 0x7f;
#  134|   	p_rtp[2] = i_seqnum >> 8;
#  135|   	p_rtp[3] = i_seqnum & 0xff;

Error: CPPCHECK_WARNING (CWE-476): [#def70]
librist-v0.2.7/tools/ristreceiver.c:134: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: p_rtp
#  132|   	p_rtp[0] = 0x80;
#  133|   	p_rtp[1] = i_type & 0x7f;
#  134|-> 	p_rtp[2] = i_seqnum >> 8;
#  135|   	p_rtp[3] = i_seqnum & 0xff;
#  136|       p_rtp[4] = (i_timestamp >> 24) & 0xff;

Error: CPPCHECK_WARNING (CWE-476): [#def71]
librist-v0.2.7/tools/ristreceiver.c:135: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: p_rtp
#  133|   	p_rtp[1] = i_type & 0x7f;
#  134|   	p_rtp[2] = i_seqnum >> 8;
#  135|-> 	p_rtp[3] = i_seqnum & 0xff;
#  136|       p_rtp[4] = (i_timestamp >> 24) & 0xff;
#  137|       p_rtp[5] = (i_timestamp >> 16) & 0xff;

Error: CPPCHECK_WARNING (CWE-476): [#def72]
librist-v0.2.7/tools/ristreceiver.c:136: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: p_rtp
#  134|   	p_rtp[2] = i_seqnum >> 8;
#  135|   	p_rtp[3] = i_seqnum & 0xff;
#  136|->     p_rtp[4] = (i_timestamp >> 24) & 0xff;
#  137|       p_rtp[5] = (i_timestamp >> 16) & 0xff;
#  138|       p_rtp[6] = (i_timestamp >> 8) & 0xff;

Error: CPPCHECK_WARNING (CWE-476): [#def73]
librist-v0.2.7/tools/ristreceiver.c:137: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: p_rtp
#  135|   	p_rtp[3] = i_seqnum & 0xff;
#  136|       p_rtp[4] = (i_timestamp >> 24) & 0xff;
#  137|->     p_rtp[5] = (i_timestamp >> 16) & 0xff;
#  138|       p_rtp[6] = (i_timestamp >> 8) & 0xff;
#  139|       p_rtp[7] = i_timestamp & 0xff;

Error: CPPCHECK_WARNING (CWE-476): [#def74]
librist-v0.2.7/tools/ristreceiver.c:138: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: p_rtp
#  136|       p_rtp[4] = (i_timestamp >> 24) & 0xff;
#  137|       p_rtp[5] = (i_timestamp >> 16) & 0xff;
#  138|->     p_rtp[6] = (i_timestamp >> 8) & 0xff;
#  139|       p_rtp[7] = i_timestamp & 0xff;
#  140|   	p_rtp[8] = (i_ssrc >> 24) & 0xff;

Error: CPPCHECK_WARNING (CWE-476): [#def75]
librist-v0.2.7/tools/ristreceiver.c:139: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: p_rtp
#  137|       p_rtp[5] = (i_timestamp >> 16) & 0xff;
#  138|       p_rtp[6] = (i_timestamp >> 8) & 0xff;
#  139|->     p_rtp[7] = i_timestamp & 0xff;
#  140|   	p_rtp[8] = (i_ssrc >> 24) & 0xff;
#  141|   	p_rtp[9] = (i_ssrc >> 16) & 0xff;

Error: CPPCHECK_WARNING (CWE-476): [#def76]
librist-v0.2.7/tools/ristreceiver.c:140: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: p_rtp
#  138|       p_rtp[6] = (i_timestamp >> 8) & 0xff;
#  139|       p_rtp[7] = i_timestamp & 0xff;
#  140|-> 	p_rtp[8] = (i_ssrc >> 24) & 0xff;
#  141|   	p_rtp[9] = (i_ssrc >> 16) & 0xff;
#  142|   	p_rtp[10] = (i_ssrc >> 8) & 0xff;

Error: CPPCHECK_WARNING (CWE-476): [#def77]
librist-v0.2.7/tools/ristreceiver.c:141: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: p_rtp
#  139|       p_rtp[7] = i_timestamp & 0xff;
#  140|   	p_rtp[8] = (i_ssrc >> 24) & 0xff;
#  141|-> 	p_rtp[9] = (i_ssrc >> 16) & 0xff;
#  142|   	p_rtp[10] = (i_ssrc >> 8) & 0xff;
#  143|   	p_rtp[11] = i_ssrc & 0xff;

Error: CPPCHECK_WARNING (CWE-476): [#def78]
librist-v0.2.7/tools/ristreceiver.c:142: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: p_rtp
#  140|   	p_rtp[8] = (i_ssrc >> 24) & 0xff;
#  141|   	p_rtp[9] = (i_ssrc >> 16) & 0xff;
#  142|-> 	p_rtp[10] = (i_ssrc >> 8) & 0xff;
#  143|   	p_rtp[11] = i_ssrc & 0xff;
#  144|   }

Error: CPPCHECK_WARNING (CWE-476): [#def79]
librist-v0.2.7/tools/ristreceiver.c:143: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: p_rtp
#  141|   	p_rtp[9] = (i_ssrc >> 16) & 0xff;
#  142|   	p_rtp[10] = (i_ssrc >> 8) & 0xff;
#  143|-> 	p_rtp[11] = i_ssrc & 0xff;
#  144|   }
#  145|   

Error: CPPCHECK_WARNING (CWE-682): [#def80]
librist-v0.2.7/tools/ristreceiver.c:213: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  211|   					payload_len = 12 + b->payload_len;
#  212|   					// Transfer payload
#  213|-> 					memcpy(payload + 12, b->payload, b->payload_len);
#  214|   					// Set RTP header (mpegts)
#  215|   					uint16_t i_seqnum = udp_config->rtp_sequence ? (uint16_t)b->seq : callback_object->i_seqnum[i]++;

Error: COMPILER_WARNING: [#def81]
librist-v0.2.7/tools/ristreceiver.c: scope_hint: In function ‘cb_stats’
librist-v0.2.7/tools/ristreceiver.c:390:46: warning[-Wcalloc-transposed-args]: ‘calloc’ sizes specified with ‘sizeof’ in the earlier argument and not in the later argument
#  390 |                         stats = calloc(sizeof(*stats), 1);
#      |                                              ^
librist-v0.2.7/tools/ristreceiver.c:390:46: note: earlier argument should specify number of elements, later size of each element
#  388|   		}
#  389|   		if (!stats) {
#  390|-> 			stats = calloc(sizeof(*stats), 1);
#  391|   			stats->flow_id = stats_container->stats.receiver_flow.flow_id;
#  392|   			*prev = stats;

Error: CPPCHECK_WARNING (CWE-476): [#def82]
librist-v0.2.7/tools/ristreceiver.c:391: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats
#  389|   		if (!stats) {
#  390|   			stats = calloc(sizeof(*stats), 1);
#  391|-> 			stats->flow_id = stats_container->stats.receiver_flow.flow_id;
#  392|   			*prev = stats;
#  393|   		}

Error: CPPCHECK_WARNING (CWE-476): [#def83]
librist-v0.2.7/tools/ristreceiver.c:394: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats
#  392|   			*prev = stats;
#  393|   		}
#  394|-> 		stats->received += stats_container->stats.receiver_flow.received;
#  395|   		stats->lost += stats_container->stats.receiver_flow.lost;
#  396|   		stats->recovered += stats_container->stats.receiver_flow.recovered;

Error: CPPCHECK_WARNING (CWE-476): [#def84]
librist-v0.2.7/tools/ristreceiver.c:395: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats
#  393|   		}
#  394|   		stats->received += stats_container->stats.receiver_flow.received;
#  395|-> 		stats->lost += stats_container->stats.receiver_flow.lost;
#  396|   		stats->recovered += stats_container->stats.receiver_flow.recovered;
#  397|   		//Bit ugly, but linking in cJSON seems a bit excessive for this 4 variable JSON string

Error: CPPCHECK_WARNING (CWE-476): [#def85]
librist-v0.2.7/tools/ristreceiver.c:396: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats
#  394|   		stats->received += stats_container->stats.receiver_flow.received;
#  395|   		stats->lost += stats_container->stats.receiver_flow.lost;
#  396|-> 		stats->recovered += stats_container->stats.receiver_flow.recovered;
#  397|   		//Bit ugly, but linking in cJSON seems a bit excessive for this 4 variable JSON string
#  398|   		rist_log(&logging_settings, RIST_LOG_INFO,

Error: CPPCHECK_WARNING (CWE-476): [#def86]
librist-v0.2.7/tools/ristreceiver.c:400: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: stats
#  398|   		rist_log(&logging_settings, RIST_LOG_INFO,
#  399|   				 "{\"flow_cumulative_stats\":{\"flow_id\":%"PRIu32",\"received\":%"PRIu64",\"recovered\":%"PRIu64",\"lost\":%"PRIu64"}}\n",
#  400|-> 				 stats->flow_id, stats->received, stats->recovered, stats->lost);
#  401|   	}
#  402|   	rist_stats_free(stats_container);

Error: CPPCHECK_WARNING (CWE-476): [#def87]
librist-v0.2.7/tools/ristsender.c:582: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: tmpoutputurl
#  580|   	char *saveptroutput;
#  581|   	char *tmpoutputurl = malloc(strlen(outputurl) +1);
#  582|-> 	strcpy(tmpoutputurl, outputurl);
#  583|   	char *outputtoken = strtok_r(tmpoutputurl, ",", &saveptroutput);
#  584|   

Scan Properties