wavpack-5.8.1-1.fc43

List of Findings

Error: CPPCHECK_WARNING (CWE-476): [#def1]
wavpack-5.8.1/cli/caff.c:338: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: channel_reorder
#  336|   
#  337|                           channel_reorder = malloc (num_descriptions);
#  338|->                         memset (channel_reorder, -1, num_descriptions);
#  339|                           channel_identities = malloc (num_descriptions+1);
#  340|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def2]
wavpack-5.8.1/cli/caff.c:356:37: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘channel_reorder’
wavpack-5.8.1/cli/caff.c:159:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:160:9: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:159:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:164:16: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:172:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/caff.c:181:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:182:13: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:181:13: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:186:20: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:278:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/caff.c:281:17: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:281:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:287:17: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:292:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:293:17: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:292:17: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:298:24: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:308:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:321:28: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:322:49: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:321:29: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:328:28: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:328:28: branch_false: following ‘false’ branch (when ‘num_descriptions <= 255’)...
wavpack-5.8.1/cli/caff.c:337:43: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:337:43: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/caff.c:343:37: branch_true: following ‘true’ branch (when ‘i < num_descriptions’)...
wavpack-5.8.1/cli/caff.c:344:68: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:352:41: branch_true: following ‘true’ branch (when ‘label != 19’)...
 branch_true: ...to here
wavpack-5.8.1/cli/caff.c:353:41: branch_true: following ‘true’ branch (when ‘i < num_descriptions’)...
wavpack-5.8.1/cli/caff.c:354:50: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:354:36: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/caff.c:355:37: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:356:37: danger: ‘channel_reorder + (long unsigned int)i’ could be NULL: unchecked value from [(29)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/28)
#  354|                                   if (descriptions [i].mChannelLabel == label) {
#  355|                                       config->channel_mask |= 1 << (label - 1);
#  356|->                                     channel_reorder [i] = cindex++;
#  357|                                       break;
#  358|                                   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def3]
wavpack-5.8.1/cli/caff.c:363:33: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘channel_reorder’
wavpack-5.8.1/cli/caff.c:159:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:160:9: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:159:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:164:16: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:172:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/caff.c:181:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:182:13: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:181:13: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:186:20: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:278:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/caff.c:281:17: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:281:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:287:17: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:292:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:293:17: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:292:17: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:298:24: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:308:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:321:28: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:322:49: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:321:29: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:328:28: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:328:28: branch_false: following ‘false’ branch (when ‘num_descriptions <= 255’)...
wavpack-5.8.1/cli/caff.c:337:43: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:337:43: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/caff.c:343:37: branch_true: following ‘true’ branch (when ‘i < num_descriptions’)...
wavpack-5.8.1/cli/caff.c:344:68: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:352:41: branch_true: following ‘true’ branch (when ‘label != 19’)...
 branch_true: ...to here
wavpack-5.8.1/cli/caff.c:353:41: branch_true: following ‘true’ branch (when ‘i < num_descriptions’)...
wavpack-5.8.1/cli/caff.c:354:50: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:354:36: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:353:63: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:352:41: branch_false: following ‘false’ branch (when ‘label == 19’)...
 branch_false: ...to here
wavpack-5.8.1/cli/caff.c:362:37: branch_true: following ‘true’ branch (when ‘i < num_descriptions’)...
wavpack-5.8.1/cli/caff.c:363:49: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:363:33: danger: ‘channel_reorder + (sizetype)i’ could be NULL: unchecked value from [(29)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/28)
#  361|   
#  362|                           for (i = 0; i < num_descriptions; ++i)
#  363|->                             if (channel_reorder [i] == (unsigned char) -1) {
#  364|                                   uint32_t clabel = descriptions [i].mChannelLabel;
#  365|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def4]
wavpack-5.8.1/cli/caff.c:367:37: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘channel_identities’
wavpack-5.8.1/cli/caff.c:159:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:160:9: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:159:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:164:16: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:172:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/caff.c:181:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:182:13: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:181:13: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:186:20: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:278:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/caff.c:281:17: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:281:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:287:17: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:292:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:293:17: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:292:17: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:298:24: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:308:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:321:28: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:322:49: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:321:29: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:328:28: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:328:28: branch_false: following ‘false’ branch (when ‘num_descriptions <= 255’)...
wavpack-5.8.1/cli/caff.c:337:43: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:339:46: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/caff.c:343:37: branch_true: following ‘true’ branch (when ‘i < num_descriptions’)...
wavpack-5.8.1/cli/caff.c:344:68: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:352:41: branch_true: following ‘true’ branch (when ‘label != 19’)...
 branch_true: ...to here
wavpack-5.8.1/cli/caff.c:353:41: branch_true: following ‘true’ branch (when ‘i < num_descriptions’)...
wavpack-5.8.1/cli/caff.c:354:50: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:354:36: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:353:63: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:352:41: branch_false: following ‘false’ branch (when ‘label == 19’)...
 branch_false: ...to here
wavpack-5.8.1/cli/caff.c:362:37: branch_true: following ‘true’ branch (when ‘i < num_descriptions’)...
wavpack-5.8.1/cli/caff.c:363:49: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:363:32: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/caff.c:364:64: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:366:36: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/caff.c:367:57: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:367:37: danger: ‘channel_identities + (sizetype)idents’ could be NULL: unchecked value from [(29)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/28)
#  365|   
#  366|                                   if (clabel == 0 || clabel == 0xffffffff || clabel == 100)
#  367|->                                     channel_identities [idents++] = 0xff;
#  368|                                   else if ((clabel >= 33 && clabel <= 44) || (clabel >= 200 && clabel <= 207) || (clabel >= 301 && clabel <= 305))
#  369|                                       channel_identities [idents++] = clabel >= 301 ? clabel - 80 : clabel;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def5]
wavpack-5.8.1/cli/caff.c:369:37: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘channel_identities’
wavpack-5.8.1/cli/caff.c:159:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:160:9: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:159:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:164:16: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:172:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/caff.c:181:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:182:13: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:181:13: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:186:20: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:278:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/caff.c:281:17: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:281:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:287:17: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:292:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:293:17: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:292:17: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:298:24: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:308:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:321:28: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:322:49: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:321:29: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:328:28: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:328:28: branch_false: following ‘false’ branch (when ‘num_descriptions <= 255’)...
wavpack-5.8.1/cli/caff.c:337:43: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:339:46: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/caff.c:343:37: branch_true: following ‘true’ branch (when ‘i < num_descriptions’)...
wavpack-5.8.1/cli/caff.c:344:68: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:352:41: branch_true: following ‘true’ branch (when ‘label != 19’)...
 branch_true: ...to here
wavpack-5.8.1/cli/caff.c:353:41: branch_true: following ‘true’ branch (when ‘i < num_descriptions’)...
wavpack-5.8.1/cli/caff.c:354:50: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:354:36: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:353:63: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:352:41: branch_false: following ‘false’ branch (when ‘label == 19’)...
 branch_false: ...to here
wavpack-5.8.1/cli/caff.c:362:37: branch_true: following ‘true’ branch (when ‘i < num_descriptions’)...
wavpack-5.8.1/cli/caff.c:363:49: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:363:32: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/caff.c:364:64: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:366:36: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:368:42: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:368:41: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/caff.c:369:37: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:369:37: danger: ‘channel_identities + (sizetype)idents’ could be NULL: unchecked value from [(29)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/28)
#  367|                                       channel_identities [idents++] = 0xff;
#  368|                                   else if ((clabel >= 33 && clabel <= 44) || (clabel >= 200 && clabel <= 207) || (clabel >= 301 && clabel <= 305))
#  369|->                                     channel_identities [idents++] = clabel >= 301 ? clabel - 80 : clabel;
#  370|                                   else {
#  371|                                       error_line ("warning: unknown channel descriptions label: %d", clabel);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def6]
wavpack-5.8.1/cli/caff.c:372:37: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘channel_identities’
wavpack-5.8.1/cli/caff.c:159:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:160:9: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:159:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:164:16: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:172:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/caff.c:181:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:182:13: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:181:13: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:186:20: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:278:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/caff.c:281:17: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:281:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:287:17: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:292:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:293:17: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:292:17: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:298:24: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:308:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:321:28: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:322:49: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:321:29: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:328:28: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:328:28: branch_false: following ‘false’ branch (when ‘num_descriptions <= 255’)...
wavpack-5.8.1/cli/caff.c:337:43: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:339:46: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/caff.c:343:37: branch_true: following ‘true’ branch (when ‘i < num_descriptions’)...
wavpack-5.8.1/cli/caff.c:344:68: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:352:41: branch_true: following ‘true’ branch (when ‘label != 19’)...
 branch_true: ...to here
wavpack-5.8.1/cli/caff.c:353:41: branch_true: following ‘true’ branch (when ‘i < num_descriptions’)...
wavpack-5.8.1/cli/caff.c:354:50: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:354:36: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:353:63: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:352:41: branch_false: following ‘false’ branch (when ‘label == 19’)...
 branch_false: ...to here
wavpack-5.8.1/cli/caff.c:362:37: branch_true: following ‘true’ branch (when ‘i < num_descriptions’)...
wavpack-5.8.1/cli/caff.c:363:49: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:363:32: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/caff.c:364:64: branch_true: ...to here
wavpack-5.8.1/cli/caff.c:366:36: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:368:42: branch_false: ...to here
wavpack-5.8.1/cli/caff.c:368:41: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/caff.c:372:37: danger: ‘channel_identities + (sizetype)idents’ could be NULL: unchecked value from [(29)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/28)
#  370|                                   else {
#  371|                                       error_line ("warning: unknown channel descriptions label: %d", clabel);
#  372|->                                     channel_identities [idents++] = 0xff;
#  373|                                   }
#  374|   

Error: CPPCHECK_WARNING (CWE-476): [#def7]
wavpack-5.8.1/cli/caff_write.c:210: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: new_channel_order
#  208|   
#  209|                       for (i = 0; i < num_channels; ++i)
#  210|->                         new_channel_order [i] = i;
#  211|   
#  212|                       WavpackGetChannelLayout (wpc, new_channel_order);

Error: CPPCHECK_WARNING (CWE-476): [#def8]
wavpack-5.8.1/cli/import_id3.c:191: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: frame_body
#  189|           frame_body = malloc (frame_size + 4);
#  190|   
#  191|->         memcpy (frame_body, tag_data, frame_size);
#  192|           tag_size -= frame_size;
#  193|           tag_data += frame_size;

Error: CPPCHECK_WARNING (CWE-476): [#def9]
wavpack-5.8.1/cli/import_id3.c:263: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: utf8_string
#  261|                   int num_segments = ID3v2StringsToUTF8 (frame_body [0], frame_body + 4, frame_size - 4, utf8_string);
#  262|   
#  263|->                 if (num_segments >= 2 && !utf8_string [0] && utf8_string [1]) {
#  264|                       int value_length = strlen_segments ((char *) utf8_string + 1, num_segments - 1);
#  265|   

Error: CPPCHECK_WARNING (CWE-476): [#def10]
wavpack-5.8.1/cli/import_id3.c:348: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: binary_tag_image
#  346|                   char *binary_tag_image = malloc (binary_tag_size);
#  347|   
#  348|->                 strcpy (binary_tag_image, item);
#  349|                   strcat (binary_tag_image, extension);
#  350|                   memcpy (binary_tag_image + binary_tag_size - frame_bytes, frame_ptr, frame_bytes);

Error: CPPCHECK_WARNING (CWE-476): [#def11]
wavpack-5.8.1/cli/import_id3.c:349: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: binary_tag_image
#  347|   
#  348|                   strcpy (binary_tag_image, item);
#  349|->                 strcat (binary_tag_image, extension);
#  350|                   memcpy (binary_tag_image + binary_tag_size - frame_bytes, frame_ptr, frame_bytes);
#  351|   

Error: CPPCHECK_WARNING (CWE-682): [#def12]
wavpack-5.8.1/cli/import_id3.c:350: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  348|                   strcpy (binary_tag_image, item);
#  349|                   strcat (binary_tag_image, extension);
#  350|->                 memcpy (binary_tag_image + binary_tag_size - frame_bytes, frame_ptr, frame_bytes);
#  351|   
#  352|                   if (wpc && !WavpackAppendBinaryTagItem (wpc, item, binary_tag_image, binary_tag_size)) {

Error: CPPCHECK_WARNING (CWE-682): [#def13]
wavpack-5.8.1/cli/import_id3.c:466: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  464|       if (existing_vsize) {
#  465|           int new_vsize = existing_vsize, max_vsize = new_vsize + 1 + vsize, retval = TRUE;
#  466|->         char *new_value = malloc (max_vsize), *new_value_end = new_value + new_vsize;
#  467|   
#  468|           WavpackGetTagItem (wpc, item, new_value, existing_vsize + 1);

Error: CPPCHECK_WARNING (CWE-682): [#def14]
wavpack-5.8.1/cli/import_id3.c:521: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  519|   static int ID3v2StringsToUTF8 (ID3v2TextEncoding encoding, unsigned char *src, int src_length, unsigned char *dst)
#  520|   {
#  521|->     unsigned char *dst_end = dst + src_length * 2;
#  522|       int num_segments = 0;
#  523|   

Error: GCC_ANALYZER_WARNING (CWE-131): [#def15]
wavpack-5.8.1/cli/import_id3.c:557:23: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size
wavpack-5.8.1/cli/import_id3.c:544:14: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/import_id3.c:545:40: branch_true: ...to here
wavpack-5.8.1/cli/import_id3.c:557:23: danger: allocated ‘src_length + 2’ bytes and assigned to ‘uint16_t *’ {{aka ‘short unsigned int *’}} here; ‘sizeof (uint16_t {{aka short unsigned int}})’ is ‘2’
#  555|               return -1;
#  556|   
#  557|->         wide_string = malloc (src_length + 2);
#  558|   
#  559|           while (fp <= fe - 2 && (!num_segments || fp [0] || fp [1])) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def16]
wavpack-5.8.1/cli/import_id3.c:567:43: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wide_string’
wavpack-5.8.1/cli/import_id3.c:544:14: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/import_id3.c:545:40: branch_true: ...to here
wavpack-5.8.1/cli/import_id3.c:557:23: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/import_id3.c:559:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/import_id3.c:562:20: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/import_id3.c:563:26: branch_true: ...to here
wavpack-5.8.1/cli/import_id3.c:567:20: branch_true: following ‘true’ branch (when ‘wchar != 65279’)...
wavpack-5.8.1/cli/import_id3.c:567:57: branch_true: ...to here
wavpack-5.8.1/cli/import_id3.c:567:43: danger: ‘wide_string + (long unsigned int)i * 2’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  565|                   fp += 2;
#  566|   
#  567|->                 if ((wchar != 0xFEFF) && !(wide_string [i++] = wchar))
#  568|                       break;
#  569|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def17]
wavpack-5.8.1/cli/import_id3.c:572:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wide_string’
wavpack-5.8.1/cli/import_id3.c:544:14: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/import_id3.c:545:40: branch_true: ...to here
wavpack-5.8.1/cli/import_id3.c:557:23: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/import_id3.c:559:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/import_id3.c:562:20: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/import_id3.c:563:26: branch_true: ...to here
wavpack-5.8.1/cli/import_id3.c:567:20: branch_false: following ‘false’ branch (when ‘wchar == 65279’)...
 branch_false: ...to here
wavpack-5.8.1/cli/import_id3.c:562:20: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/import_id3.c:571:16: branch_false: ...to here
wavpack-5.8.1/cli/import_id3.c:571:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/import_id3.c:572:29: branch_true: ...to here
wavpack-5.8.1/cli/import_id3.c:572:17: danger: ‘wide_string + (long unsigned int)i * 2’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  570|   
#  571|               if (fp > fe - 2)
#  572|->                 wide_string [i] = 0;
#  573|   
#  574|               WideCharToUTF8 (wide_string, dst, (int)(dst_end - dst));

Error: CPPCHECK_WARNING (CWE-476): [#def18]
wavpack-5.8.1/cli/import_id3.c:653: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: temp
#  651|       iconv_t converter;
#  652|   
#  653|->     memset(temp, 0, len);
#  654|   
#  655|       insize = strlen (string);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def19]
wavpack-5.8.1/cli/import_id3.c:658:8: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open("UTF-8", "ISO-8859-1")’
wavpack-5.8.1/cli/import_id3.c:656:17: acquire_memory: allocated here
wavpack-5.8.1/cli/import_id3.c:658:8: danger: ‘iconv_open("UTF-8", "ISO-8859-1")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  656|       converter = iconv_open ("UTF-8", "ISO-8859-1");
#  657|   
#  658|->     if (converter != (iconv_t) -1) {
#  659|           err = iconv (converter, &inp, &insize, &outp, &outsize);
#  660|           iconv_close (converter);

Error: CPPCHECK_WARNING (CWE-476): [#def20]
wavpack-5.8.1/cli/import_id3.c:670: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: temp
#  668|       }
#  669|   
#  670|->     memmove (string, temp, len);
#  671|       free (temp);
#  672|   }

Error: CPPCHECK_WARNING (CWE-401): [#def21]
wavpack-5.8.1/cli/wavpack.c:394: error[memleakOnRealloc]: Common realloc mistake: 'argv_fn' nulled but not freed upon failure
#  392|                   char *option = malloc (option_len + 1);
#  393|   
#  394|->                 argv_fn = realloc (argv_fn, sizeof (char *) * ++argc_fn);
#  395|                   memcpy (option, open_brace + 1, option_len);
#  396|                   argv_fn [argc_fn - 1] = option;

Error: CPPCHECK_WARNING (CWE-401): [#def22]
wavpack-5.8.1/cli/wavpack.c:891: error[memleakOnRealloc]: Common realloc mistake: 'tag_items' nulled but not freed upon failure
#  889|                   int i = num_tag_items;
#  890|   
#  891|->                 tag_items = realloc (tag_items, ++num_tag_items * sizeof (*tag_items));
#  892|                   tag_items [i].item = malloc (cp - argcp + 1);
#  893|                   memcpy (tag_items [i].item, argcp, cp - argcp);

Error: CPPCHECK_WARNING (CWE-401): [#def23]
wavpack-5.8.1/cli/wavpack.c:946: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure
#  944|           }
#  945|           else {
#  946|->             matches = realloc (matches, (num_files + 1) * sizeof (*matches));
#  947|               matches [num_files] = malloc (strlen (argcp) + 10);
#  948|               strcpy (matches [num_files], argcp);

Error: CPPCHECK_WARNING (CWE-401): [#def24]
wavpack-5.8.1/cli/wavpack.c:1203: error[memleakOnRealloc]: Common realloc mistake: 'listbuff' nulled but not freed upon failure
# 1201|                   int bytes_read;
# 1202|   
# 1203|->                 listbuff = realloc (listbuff, listbytes + 1024);
# 1204|                   memset (listbuff + listbytes, 0, 1024);
# 1205|                   listbytes += bytes_read = (int) fread (listbuff + listbytes, 1, 1024, list);

Error: CPPCHECK_WARNING (CWE-401): [#def25]
wavpack-5.8.1/cli/wavpack.c:1231: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure
# 1229|   
# 1230|                       fname [ci++] = '\0';
# 1231|->                     matches = realloc (matches, ++num_files * sizeof (*matches));
# 1232|   
# 1233|                       for (di = num_files - 1; di > file_index + 1; di--)

Error: CPPCHECK_WARNING (CWE-476): [#def26]
wavpack-5.8.1/cli/wavpack.c:1630: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: matchname
# 1628|           else {
# 1629|               matchname = malloc (strlen (globbuf.gl_pathv [i]) + 10);
# 1630|->             strcpy (matchname, globbuf.gl_pathv [i]);
# 1631|           }
# 1632|       }

Error: GCC_ANALYZER_WARNING (CWE-688): [#def27]
wavpack-5.8.1/cli/wavpack.c:1836:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘outfilename_temp’ where non-null expected
wavpack-5.8.1/cli/wavpack.c:1681:11: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1681:11: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1756:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1791:8: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1791:25: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1791:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:1826:8: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1826:8: branch_true: following ‘true’ branch (when ‘use_tempfiles != 0’)...
wavpack-5.8.1/cli/wavpack.c:1830:36: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1830:28: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:1832:12: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1833:41: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1836:13: danger: argument 1 (‘outfilename_temp’) from [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10) could be NULL where non-null expected
#argument 1 of ‘__builtin_strcpy’ must be non-null
# 1834|   
# 1835|           while (1) {
# 1836|->             strcpy (outfilename_temp, outfilename);
# 1837|   
# 1838|               if (filespec_ext (outfilename_temp)) {

Error: GCC_ANALYZER_WARNING (CWE-688): [#def28]
wavpack-5.8.1/cli/wavpack.c:1865:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘out2filename_temp’ where non-null expected
wavpack-5.8.1/cli/wavpack.c:1681:11: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1681:11: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1791:8: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1791:25: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1791:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:1826:8: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1826:8: branch_true: following ‘true’ branch (when ‘use_tempfiles != 0’)...
wavpack-5.8.1/cli/wavpack.c:1830:36: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1832:12: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1833:41: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1833:33: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:1847:20: branch_false: following ‘false’ branch (when ‘count == 0’)...
wavpack-5.8.1/cli/wavpack.c:1850:21: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1855:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:1864:16: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1864:16: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1865:17: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1865:17: danger: argument 1 (‘out2filename_temp’) from [(11)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/10) could be NULL where non-null expected
#argument 1 of ‘__builtin_strcpy’ must be non-null
# 1863|   
# 1864|               if (out2filename) {
# 1865|->                 strcpy (out2filename_temp, outfilename_temp);
# 1866|                   strcat (out2filename_temp, "c");
# 1867|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def29]
wavpack-5.8.1/cli/wavpack.c:2021:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_channel_order’
wavpack-5.8.1/cli/wavpack.c:1681:11: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1681:11: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1791:8: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1791:25: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1791:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:1826:8: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1826:8: branch_true: following ‘true’ branch (when ‘use_tempfiles != 0’)...
wavpack-5.8.1/cli/wavpack.c:1830:36: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1832:12: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1833:41: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1839:20: branch_false: following ‘false’ branch (when ‘count == 0’)...
wavpack-5.8.1/cli/wavpack.c:1842:29: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1864:16: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1865:17: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1894:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:1895:9: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1926:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:1931:11: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1987:13: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2014:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2015:22: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2017:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2018:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2018:33: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2020:25: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2021:35: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2021:17: danger: ‘new_channel_order + (sizetype)i’ could be NULL: unchecked value from [(25)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/24)
# 2019|   
# 2020|               for (i = 0; i < loc_config.num_channels; ++i)
# 2021|->                 new_channel_order [i] = i;
# 2022|   
# 2023|               WavpackGetChannelLayout (wpc, new_channel_order);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def30]
wavpack-5.8.1/cli/wavpack.c:2048:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_channel_order’
wavpack-5.8.1/cli/wavpack.c:1681:11: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1681:11: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1791:8: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1791:25: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1791:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:1826:8: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1826:8: branch_true: following ‘true’ branch (when ‘use_tempfiles != 0’)...
wavpack-5.8.1/cli/wavpack.c:1830:36: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1832:12: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1833:41: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1839:20: branch_false: following ‘false’ branch (when ‘count == 0’)...
wavpack-5.8.1/cli/wavpack.c:1842:29: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1864:16: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1865:17: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1870:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1894:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:1895:9: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1926:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:1931:11: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1931:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:1987:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1987:13: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2014:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2032:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2032:13: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2044:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2045:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2045:33: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2047:25: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2048:35: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2048:17: danger: ‘new_channel_order + (sizetype)i’ could be NULL: unchecked value from [(31)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/30)
# 2046|   
# 2047|               for (i = 0; i < loc_config.num_channels; ++i)
# 2048|->                 new_channel_order [i] = i;
# 2049|   
# 2050|               memcpy (new_channel_order, channel_order, num_channels_order);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def31]
wavpack-5.8.1/cli/wavpack.c:2054:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_channel_order’
wavpack-5.8.1/cli/wavpack.c:1681:11: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1681:11: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1791:8: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1791:25: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1791:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:1826:8: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1826:8: branch_true: following ‘true’ branch (when ‘use_tempfiles != 0’)...
wavpack-5.8.1/cli/wavpack.c:1830:36: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1832:12: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1833:41: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1839:20: branch_false: following ‘false’ branch (when ‘count == 0’)...
wavpack-5.8.1/cli/wavpack.c:1842:29: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1864:16: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:1865:17: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1870:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1894:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:1895:9: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:1926:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:1931:11: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1931:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:1987:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:1987:13: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2014:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2032:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2032:13: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2044:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2045:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2045:33: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2047:25: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2050:13: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2052:25: branch_true: following ‘true’ branch...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2053:29: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2054:43: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2054:25: danger: ‘new_channel_order + (sizetype)j’ could be NULL: unchecked value from [(31)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/30)
# 2052|               for (i = 0; i < num_channels_order;) {
# 2053|                   for (j = 0; j < num_channels_order; ++j)
# 2054|->                     if (new_channel_order [j] == i) {
# 2055|                           i++;
# 2056|                           break;

Error: CPPCHECK_WARNING (CWE-401): [#def32]
wavpack-5.8.1/cli/wavpack.c:2133: error[memleakOnRealloc]: Common realloc mistake: 'buffer' nulled but not freed upon failure
# 2131|           while (DoReadFile (infile, buffer + wrapper_size, buffer_size - wrapper_size, &bcount) && bcount)
# 2132|               if ((wrapper_size += bcount) == buffer_size)
# 2133|->                 buffer = realloc (buffer, buffer_size += 65536);
# 2134|   
# 2135|           // if we got something and are storing wrapper, write it to the outfile file

Error: GCC_ANALYZER_WARNING (CWE-476): [#def33]
wavpack-5.8.1/cli/wavpack.c:2626:33: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘sample_buffer’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2618:16: branch_true: following ‘true’ branch (when ‘quantize_bit_mask != 0’)...
wavpack-5.8.1/cli/wavpack.c:2619:51: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2620:20: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2621:25: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2621:24: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2622:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2625:37: branch_true: following ‘true’ branch (when ‘x < l’)...
wavpack-5.8.1/cli/wavpack.c:2626:46: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2626:33: danger: ‘sample_buffer + (long unsigned int)x * 4’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
# 2624|   
# 2625|                           for (x = 0; x < l; x ++)
# 2626|->                             if (sample_buffer[x] < 0 || ((sample_buffer[x] + offset) << shift) > 0)
# 2627|                                   sample_buffer[x] += offset;
# 2628|                       }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def34]
wavpack-5.8.1/cli/wavpack.c:2630:46: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘sample_buffer’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2618:16: branch_true: following ‘true’ branch (when ‘quantize_bit_mask != 0’)...
wavpack-5.8.1/cli/wavpack.c:2619:51: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2620:20: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2621:25: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2621:24: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2630:33: branch_true: following ‘true’ branch (when ‘x < l’)...
wavpack-5.8.1/cli/wavpack.c:2630:46: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2630:46: danger: ‘sample_buffer + (long unsigned int)x * 4’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
# 2628|                       }
# 2629|   
# 2630|->                     for (x = 0; x < l; x ++) sample_buffer[x] &= quantize_bit_mask;
# 2631|                   }
# 2632|                   else {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def35]
wavpack-5.8.1/cli/wavpack.c:2634:37: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘sample_buffer’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2618:16: branch_true: following ‘true’ branch (when ‘quantize_bit_mask != 0’)...
wavpack-5.8.1/cli/wavpack.c:2619:51: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2620:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2633:33: branch_true: following ‘true’ branch (when ‘x < l’)...
wavpack-5.8.1/cli/wavpack.c:2634:65: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2634:37: danger: ‘sample_buffer + (long unsigned int)x * 4’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
# 2632|                   else {
# 2633|                       for (x = 0; x < l; x ++) {
# 2634|->                         const float f = *(float *)&sample_buffer[x];
# 2635|                           *(float *)&sample_buffer[x] = (float) (floor(f * fquantize_scale + 0.5) * fquantize_iscale);
# 2636|                       }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def36]
wavpack-5.8.1/cli/wavpack.c:2826:33: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘sptr’
wavpack-5.8.1/cli/wavpack.c:2765:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2768:12: branch_true: following ‘true’ branch (when ‘samples_remaining != 0’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2772:29: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2773:37: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2783:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2784:21: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2784:20: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2788:25: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2788:25: branch_false: following ‘false’ branch (when ‘samples_remaining > 4095’)...
wavpack-5.8.1/cli/wavpack.c:2796:31: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2810:16: branch_false: following ‘false’ branch (when ‘md5_digest_source’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:2813:16: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2813:16: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2817:20: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2817:20: branch_true: following ‘true’ branch...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2820:38: branch_true: following ‘true’ branch (when ‘sindex != 4096’)...
wavpack-5.8.1/cli/wavpack.c:2821:47: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2824:49: branch_true: following ‘true’ branch (when ‘cc != 0’)...
wavpack-5.8.1/cli/wavpack.c:2825:32: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2825:32: branch_true: following ‘true’ branch (when ‘sample_count > sindex’)...
wavpack-5.8.1/cli/wavpack.c:2826:43: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2826:33: danger: ‘sptr’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
# 2824|                           for (cc = num_channels; cc--; srcp += DSD_BLOCKSIZE)
# 2825|                               if (sindex < sample_count)
# 2826|->                                 *sptr++ = (qmode & QMODE_DSD_LSB_FIRST) ? bit_reverse_table [*srcp] : *srcp;
# 2827|                               else if (*srcp)
# 2828|                                   non_null++;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def37]
wavpack-5.8.1/cli/wavpack.c:2841:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘sptr’
wavpack-5.8.1/cli/wavpack.c:2765:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2768:12: branch_true: following ‘true’ branch (when ‘samples_remaining != 0’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2772:29: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2773:37: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2783:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2794:32: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2810:16: branch_false: following ‘false’ branch (when ‘md5_digest_source’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:2813:16: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2813:16: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2817:20: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2817:20: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2837:29: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2840:28: branch_true: following ‘true’ branch (when ‘scount != 0’)...
wavpack-5.8.1/cli/wavpack.c:2841:36: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2841:25: danger: ‘sptr’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
# 2839|   
# 2840|                       while (scount--)
# 2841|->                         *sptr++ = *iptr++;
# 2842|                   }
# 2843|               }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def38]
wavpack-5.8.1/cli/wavpack.c:2944:16: warning[-Wanalyzer-malloc-leak]: leak of ‘out2filename_temp’
wavpack-5.8.1/cli/wavpack.c:2942:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2947:18: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2957:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2965:5: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2967:15: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:2967:15: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3005:8: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3005:25: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3036:8: branch_true: following ‘true’ branch (when ‘use_tempfiles != 0’)...
wavpack-5.8.1/cli/wavpack.c:3040:36: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3042:12: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3043:41: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3043:33: acquire_memory: allocated here
wavpack-5.8.1/cli/wavpack.c:3057:20: branch_false: following ‘false’ branch (when ‘count == 0’)...
wavpack-5.8.1/cli/wavpack.c:3060:21: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3065:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3070:16: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3070:16: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3071:17: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3076:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3096:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3105:30: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3105:30: branch_true: following ‘true’ branch (when ‘use_tempfiles != 0’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3105:13: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3106:9: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2944:16: danger: ‘out2filename_temp’ leaks here; was allocated at [(13)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/12)
# 2942|       if (!infile) {
# 2943|           error_line (error);
# 2944|->         return WAVPACK_SOFT_ERROR;
# 2945|       }
# 2946|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def39]
wavpack-5.8.1/cli/wavpack.c:3046:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘outfilename_temp’ where non-null expected
wavpack-5.8.1/cli/wavpack.c:2942:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2947:18: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2957:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2965:5: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2967:15: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:2967:15: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3005:8: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3005:25: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3036:8: branch_true: following ‘true’ branch (when ‘use_tempfiles != 0’)...
wavpack-5.8.1/cli/wavpack.c:3040:36: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3040:28: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3042:12: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3043:41: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3046:13: danger: argument 1 (‘outfilename_temp’) from [(11)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/10) could be NULL where non-null expected
#argument 1 of ‘__builtin_strcpy’ must be non-null
# 3044|   
# 3045|           while (1) {
# 3046|->             strcpy (outfilename_temp, outfilename);
# 3047|   
# 3048|               if (filespec_ext (outfilename_temp)) {

Error: GCC_ANALYZER_WARNING (CWE-688): [#def40]
wavpack-5.8.1/cli/wavpack.c:3071:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘out2filename_temp’ where non-null expected
wavpack-5.8.1/cli/wavpack.c:2942:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2947:18: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2957:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2965:5: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2967:15: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:2967:15: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3005:8: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3005:25: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3036:8: branch_true: following ‘true’ branch (when ‘use_tempfiles != 0’)...
wavpack-5.8.1/cli/wavpack.c:3040:36: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3042:12: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3043:41: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3043:33: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3057:20: branch_false: following ‘false’ branch (when ‘count == 0’)...
wavpack-5.8.1/cli/wavpack.c:3060:21: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3065:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3070:16: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3070:16: branch_true: following ‘true’ branch (when ‘out2filename’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3071:17: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3071:17: danger: argument 1 (‘out2filename_temp’) from [(13)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/12) could be NULL where non-null expected
#argument 1 of ‘__builtin_strcpy’ must be non-null
# 3069|   
# 3070|               if (out2filename) {
# 3071|->                 strcpy (out2filename_temp, outfilename_temp);
# 3072|                   strcat (out2filename_temp, "c");
# 3073|   

Error: CPPCHECK_WARNING (CWE-476): [#def41]
wavpack-5.8.1/cli/wavpack.c:3612: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: new_channel_order
# 3610|   
# 3611|                   for (i = 0; i < num_channels; ++i)
# 3612|->                     new_channel_order [i] = i;
# 3613|   
# 3614|                   WavpackGetChannelLayout (infile, new_channel_order);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def42]
wavpack-5.8.1/cli/wavpack.c:3612:21: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_channel_order’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3605:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3606:26: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3608:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3609:37: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3609:37: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3611:29: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3612:39: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3612:21: danger: ‘new_channel_order + (sizetype)i’ could be NULL: unchecked value from [(7)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/6)
# 3610|   
# 3611|                   for (i = 0; i < num_channels; ++i)
# 3612|->                     new_channel_order [i] = i;
# 3613|   
# 3614|                   WavpackGetChannelLayout (infile, new_channel_order);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def43]
wavpack-5.8.1/cli/wavpack.c:3662:20: warning[-Wanalyzer-malloc-leak]: leak of ‘format_buffer’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: allocated here
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3660:13: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3662:20: danger: ‘format_buffer’ leaks here; was allocated at [(3)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/2)
# 3660|               error_line ("%s", WavpackGetErrorMessage (outfile));
# 3661|               free (sample_buffer);
# 3662|->             return WAVPACK_HARD_ERROR;
# 3663|           }
# 3664|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def44]
wavpack-5.8.1/cli/wavpack.c:3683:37: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3673:21: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3673:20: branch_true: following ‘true’ branch...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3678:32: branch_true: following ‘true’ branch (when ‘cc != 0’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3681:42: branch_true: following ‘true’ branch (when ‘si != 4096’)...
wavpack-5.8.1/cli/wavpack.c:3682:36: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3682:36: branch_true: following ‘true’ branch (when ‘si < samples_this_block’)...
wavpack-5.8.1/cli/wavpack.c:3683:47: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3683:37: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3683:98: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3683:37: danger: ‘dptr’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/2)
# 3681|                               for (si = 0; si < DSD_BLOCKSIZE; si++, sptr += num_channels)
# 3682|                                   if (si < samples_this_block)
# 3683|->                                     *dptr++ = (qmode & QMODE_DSD_LSB_FIRST) ? bit_reverse_table [*sptr & 0xff] : *sptr;
# 3684|                                   else
# 3685|                                       *dptr++ = 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def45]
wavpack-5.8.1/cli/wavpack.c:3685:37: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3673:21: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3673:20: branch_true: following ‘true’ branch...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3678:32: branch_true: following ‘true’ branch (when ‘cc != 0’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3681:42: branch_true: following ‘true’ branch (when ‘si != 4096’)...
wavpack-5.8.1/cli/wavpack.c:3682:36: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3682:36: branch_false: following ‘false’ branch (when ‘si >= samples_this_block’)...
wavpack-5.8.1/cli/wavpack.c:3685:38: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3685:37: danger: ‘dptr’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/2)
# 3683|                                       *dptr++ = (qmode & QMODE_DSD_LSB_FIRST) ? bit_reverse_table [*sptr & 0xff] : *sptr;
# 3684|                                   else
# 3685|->                                     *dptr++ = 0;
# 3686|   
# 3687|                               if (cc)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def46]
wavpack-5.8.1/cli/wavpack.c:3705:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3673:21: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3673:20: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3702:34: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3704:28: branch_true: following ‘true’ branch (when ‘scount != 0’)...
wavpack-5.8.1/cli/wavpack.c:3705:36: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3705:25: danger: ‘dptr’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/2)
# 3703|   
# 3704|                       while (scount--)
# 3705|->                         *dptr++ = *sptr++;
# 3706|                   }
# 3707|               }

Error: CPPCHECK_WARNING (CWE-457): [#def47]
wavpack-5.8.1/cli/wavpack.c:3779: warning[uninitvar]: Uninitialized variable: temp
# 3777|           }
# 3778|   
# 3779|->         memcpy (start, temp, num_chans * bytes_per_sample);
# 3780|       }
# 3781|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def48]
wavpack-5.8.1/cli/wavpack.c:3779:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘temp’
wavpack-5.8.1/cli/wavpack.c:2747:12: enter_function: entry to ‘pack_dsd_audio’
wavpack-5.8.1/cli/wavpack.c:2768:12: branch_true: following ‘true’ branch (when ‘samples_remaining != 0’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2772:29: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2773:37: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2783:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2784:21: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2784:20: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2788:25: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2788:25: branch_false: following ‘false’ branch (when ‘samples_remaining > 4095’)...
wavpack-5.8.1/cli/wavpack.c:2796:31: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2803:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2804:20: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2805:21: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2805:21: call_function: calling ‘reorder_channels’ from ‘pack_dsd_audio’
# 3777|           }
# 3778|   
# 3779|->         memcpy (start, temp, num_chans * bytes_per_sample);
# 3780|       }
# 3781|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def49]
wavpack-5.8.1/cli/wavpack.c:3797:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘temp’
wavpack-5.8.1/cli/wavpack.c:3790:8: branch_true: following ‘true’ branch (when ‘num_chans > 16’)...
wavpack-5.8.1/cli/wavpack.c:3791:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3791:16: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3793:12: branch_true: following ‘true’ branch (when ‘num_samples != 0’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3796:24: branch_true: following ‘true’ branch (when ‘chan < num_chans’)...
wavpack-5.8.1/cli/wavpack.c:3797:38: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3797:13: danger: ‘temp + (sizetype)chan * 4’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/2)
# 3795|   
# 3796|           for (chan = 0; chan < num_chans; ++chan)
# 3797|->             temp [chan] = data [order[chan]];
# 3798|   
# 3799|           memcpy (data, temp, num_chans * sizeof (*data));

Error: GCC_ANALYZER_WARNING (CWE-457): [#def50]
wavpack-5.8.1/cli/wavpack.c:3799:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘temp’
wavpack-5.8.1/cli/wavpack.c:3817:12: enter_function: entry to ‘verify_audio’
wavpack-5.8.1/cli/wavpack.c:3841:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3846:8: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3858:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3859:22: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3861:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3862:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3878:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3881:13: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3881:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3882:13: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3882:13: call_function: calling ‘unreorder_channels’ from ‘verify_audio’
# 3797|               temp [chan] = data [order[chan]];
# 3798|   
# 3799|->         memcpy (data, temp, num_chans * sizeof (*data));
# 3800|           data += num_chans;
# 3801|       }

Error: CPPCHECK_WARNING (CWE-476): [#def51]
wavpack-5.8.1/cli/wavpack.c:3865: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: new_channel_order
# 3863|   
# 3864|               for (i = 0; i < num_channels; ++i)
# 3865|->                 new_channel_order [i] = i;
# 3866|   
# 3867|               WavpackGetChannelLayout (wpc, new_channel_order);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def52]
wavpack-5.8.1/cli/wavpack.c:3865:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_channel_order’
wavpack-5.8.1/cli/wavpack.c:3841:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3846:8: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3858:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3859:22: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3861:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3862:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3862:33: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3864:25: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3865:35: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3865:17: danger: ‘new_channel_order + (sizetype)i’ could be NULL: unchecked value from [(7)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/6)
# 3863|   
# 3864|               for (i = 0; i < num_channels; ++i)
# 3865|->                 new_channel_order [i] = i;
# 3866|   
# 3867|               WavpackGetChannelLayout (wpc, new_channel_order);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def53]
wavpack-5.8.1/cli/wavpack.c:3900:37: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3841:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3846:8: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3858:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3859:22: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3861:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3862:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3878:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3881:13: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3881:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3884:16: branch_true: following ‘true’ branch (when ‘samples_unpacked != 0’)...
wavpack-5.8.1/cli/wavpack.c:3885:22: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3887:16: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3888:21: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3888:20: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3889:57: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3889:49: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3892:24: branch_true: following ‘true’ branch...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3895:32: branch_true: following ‘true’ branch (when ‘cc != 0’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3898:42: branch_true: following ‘true’ branch (when ‘si != 4096’)...
wavpack-5.8.1/cli/wavpack.c:3899:36: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3899:36: branch_true: following ‘true’ branch (when ‘si < samples_this_block’)...
wavpack-5.8.1/cli/wavpack.c:3900:47: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3900:37: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3900:98: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3900:37: danger: ‘dptr’ could be NULL: unchecked value from [(17)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/16)
# 3898|                               for (si = 0; si < DSD_BLOCKSIZE; si++, sptr += num_channels)
# 3899|                                   if (si < samples_this_block)
# 3900|->                                     *dptr++ = (qmode & QMODE_DSD_LSB_FIRST) ? bit_reverse_table [*sptr & 0xff] : *sptr;
# 3901|                                   else
# 3902|                                       *dptr++ = 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def54]
wavpack-5.8.1/cli/wavpack.c:3902:37: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3841:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3846:8: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3858:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3859:22: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3861:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3862:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3878:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3881:13: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3881:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3884:16: branch_true: following ‘true’ branch (when ‘samples_unpacked != 0’)...
wavpack-5.8.1/cli/wavpack.c:3885:22: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3887:16: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3888:21: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3888:20: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3889:57: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3889:49: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3892:24: branch_true: following ‘true’ branch...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3895:32: branch_true: following ‘true’ branch (when ‘cc != 0’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3898:42: branch_true: following ‘true’ branch (when ‘si != 4096’)...
wavpack-5.8.1/cli/wavpack.c:3899:36: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3899:36: branch_false: following ‘false’ branch (when ‘si >= samples_this_block’)...
wavpack-5.8.1/cli/wavpack.c:3902:38: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3902:37: danger: ‘dptr’ could be NULL: unchecked value from [(17)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/16)
# 3900|                                       *dptr++ = (qmode & QMODE_DSD_LSB_FIRST) ? bit_reverse_table [*sptr & 0xff] : *sptr;
# 3901|                                   else
# 3902|->                                     *dptr++ = 0;
# 3903|   
# 3904|                               if (cc)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def55]
wavpack-5.8.1/cli/wavpack.c:3916:29: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3841:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3846:8: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3858:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3859:22: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3861:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3862:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3878:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3881:13: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3881:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3884:16: branch_true: following ‘true’ branch (when ‘samples_unpacked != 0’)...
wavpack-5.8.1/cli/wavpack.c:3885:22: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3887:16: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3888:21: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3888:20: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:3889:57: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3889:49: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3892:24: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3913:38: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3915:32: branch_true: following ‘true’ branch (when ‘scount != 0’)...
wavpack-5.8.1/cli/wavpack.c:3916:40: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3916:29: danger: ‘dptr’ could be NULL: unchecked value from [(17)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/16)
# 3914|   
# 3915|                           while (scount--)
# 3916|->                             *dptr++ = *sptr++;
# 3917|                       }
# 3918|   

Error: CPPCHECK_WARNING (CWE-476): [#def56]
wavpack-5.8.1/cli/wavpack.c:4025: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: settings
# 4023|   static void make_settings_string (char *settings, WavpackConfig *config)
# 4024|   {
# 4025|->     strcpy (settings, "-");
# 4026|   
# 4027|       // basic settings

Error: GCC_ANALYZER_WARNING (CWE-476): [#def57]
wavpack-5.8.1/cli/wavpack.c:4118:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4116|           case 1:
# 4117|               while (count--)
# 4118|->                 *dst++ = *sptr++ - 0x80;
# 4119|   
# 4120|               break;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def58]
wavpack-5.8.1/cli/wavpack.c:4124:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4122|           case 2:
# 4123|               while (count--) {
# 4124|->                 *dst++ = (sptr [0] | ((int32_t) sptr [1] << 8)) - 0x8000;
# 4125|                   sptr += 2;
# 4126|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def59]
wavpack-5.8.1/cli/wavpack.c:4132:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4130|           case 3:
# 4131|               while (count--) {
# 4132|->                 *dst++ = (sptr [0] | ((int32_t) sptr [1] << 8) | ((int32_t) sptr [2] << 16)) - 0x800000;
# 4133|                   sptr += 3;
# 4134|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def60]
wavpack-5.8.1/cli/wavpack.c:4140:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4138|           case 4:
# 4139|               while (count--) {
# 4140|->                 *dst++ = (sptr [0] | sptr [1] << 8 | sptr [2] << 16 | (uint32_t) sptr [3] << 24) ^ 0x80000000;
# 4141|                   sptr += 4;
# 4142|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def61]
wavpack-5.8.1/cli/wavpack.c:4156:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4154|           case 1:
# 4155|               while (count--)
# 4156|->                 *dst++ = (signed char) *sptr++;
# 4157|   
# 4158|               break;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def62]
wavpack-5.8.1/cli/wavpack.c:4162:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4160|           case 2:
# 4161|               while (count--) {
# 4162|->                 *dst++ = (int16_t)(sptr [0] | sptr [1] << 8);
# 4163|                   sptr += 2;
# 4164|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def63]
wavpack-5.8.1/cli/wavpack.c:4170:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4168|           case 3:
# 4169|               while (count--) {
# 4170|->                 *dst++ = (int32_t)((uint32_t)(sptr [0] | sptr [1] << 8 | sptr [2] << 16) << 8) >> 8;
# 4171|                   sptr += 3;
# 4172|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def64]
wavpack-5.8.1/cli/wavpack.c:4178:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4176|           case 4:
# 4177|               while (count--) {
# 4178|->                 *dst++ = sptr [0] | sptr [1] << 8 | sptr [2] << 16 | (uint32_t) sptr [3] << 24;
# 4179|                   sptr += 4;
# 4180|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def65]
wavpack-5.8.1/cli/wavpack.c:4194:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4192|           case 1:
# 4193|               while (count--)
# 4194|->                 *dst++ = *sptr++ - 0x80;
# 4195|   
# 4196|               break;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def66]
wavpack-5.8.1/cli/wavpack.c:4200:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4198|           case 2:
# 4199|               while (count--) {
# 4200|->                 *dst++ = (sptr [1] | ((int32_t) sptr [0] << 8)) - 0x8000;
# 4201|                   sptr += 2;
# 4202|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def67]
wavpack-5.8.1/cli/wavpack.c:4208:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4206|           case 3:
# 4207|               while (count--) {
# 4208|->                 *dst++ = (sptr [2] | ((int32_t) sptr [1] << 8) | ((int32_t) sptr [0] << 16)) - 0x800000;
# 4209|                   sptr += 3;
# 4210|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def68]
wavpack-5.8.1/cli/wavpack.c:4216:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4214|           case 4:
# 4215|               while (count--) {
# 4216|->                 *dst++ = (sptr [3] | sptr [2] << 8 | sptr [1] << 16 | (uint32_t) sptr [0] << 24) ^ 0x80000000;
# 4217|                   sptr += 4;
# 4218|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def69]
wavpack-5.8.1/cli/wavpack.c:4232:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4230|           case 1:
# 4231|               while (count--)
# 4232|->                 *dst++ = (signed char) *sptr++;
# 4233|   
# 4234|               break;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def70]
wavpack-5.8.1/cli/wavpack.c:4238:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4236|           case 2:
# 4237|               while (count--) {
# 4238|->                 *dst++ = (int16_t)(sptr [1] | sptr [0] << 8);
# 4239|                   sptr += 2;
# 4240|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def71]
wavpack-5.8.1/cli/wavpack.c:4246:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4244|           case 3:
# 4245|               while (count--) {
# 4246|->                 *dst++ = (int32_t)((uint32_t)(sptr [2] | sptr [1] << 8 | sptr [0] << 16) << 8) >> 8;
# 4247|                   sptr += 3;
# 4248|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def72]
wavpack-5.8.1/cli/wavpack.c:4254:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dst’
wavpack-5.8.1/cli/wavpack.c:2534:12: enter_function: entry to ‘pack_audio’
wavpack-5.8.1/cli/wavpack.c:2557:21: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:2560:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2560:42: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2581:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:2586:30: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:2599:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:2606:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2610:12: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/cli/wavpack.c:2614:23: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:2616:13: call_function: calling ‘load_samples’ from ‘pack_audio’
# 4252|           case 4:
# 4253|               while (count--) {
# 4254|->                 *dst++ = sptr [3] | sptr [2] << 8 | sptr [1] << 16 | (uint32_t) sptr [0] << 24;
# 4255|                   sptr += 4;
# 4256|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def73]
wavpack-5.8.1/cli/wavpack.c:4296:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4294|           case 1:
# 4295|               while (count--)
# 4296|->                 *dptr++ = *src++ + 0x80;
# 4297|   
# 4298|               break;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def74]
wavpack-5.8.1/cli/wavpack.c:4302:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4300|           case 2:
# 4301|               while (count--) {
# 4302|->                 *dptr++ = (unsigned char) (temp = *src++ + 0x8000);
# 4303|                   *dptr++ = (unsigned char) (temp >> 8);
# 4304|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def75]
wavpack-5.8.1/cli/wavpack.c:4310:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4308|           case 3:
# 4309|               while (count--) {
# 4310|->                 *dptr++ = (unsigned char) (temp = *src++ + 0x800000);
# 4311|                   *dptr++ = (unsigned char) (temp >> 8);
# 4312|                   *dptr++ = (unsigned char) (temp >> 16);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def76]
wavpack-5.8.1/cli/wavpack.c:4319:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4317|           case 4:
# 4318|               while (count--) {
# 4319|->                 *dptr++ = (unsigned char) (temp = *src++ + 0x80000000);
# 4320|                   *dptr++ = (unsigned char) (temp >> 8);
# 4321|                   *dptr++ = (unsigned char) (temp >> 16);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def77]
wavpack-5.8.1/cli/wavpack.c:4340:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4338|           case 1:
# 4339|               while (count--)
# 4340|->                 *dptr++ = *src++;
# 4341|   
# 4342|               break;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def78]
wavpack-5.8.1/cli/wavpack.c:4346:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4344|           case 2:
# 4345|               while (count--) {
# 4346|->                 *dptr++ = (unsigned char) (temp = *src++);
# 4347|                   *dptr++ = (unsigned char) (temp >> 8);
# 4348|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def79]
wavpack-5.8.1/cli/wavpack.c:4354:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4352|           case 3:
# 4353|               while (count--) {
# 4354|->                 *dptr++ = (unsigned char) (temp = *src++);
# 4355|                   *dptr++ = (unsigned char) (temp >> 8);
# 4356|                   *dptr++ = (unsigned char) (temp >> 16);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def80]
wavpack-5.8.1/cli/wavpack.c:4363:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4361|           case 4:
# 4362|               while (count--) {
# 4363|->                 *dptr++ = (unsigned char) (temp = *src++);
# 4364|                   *dptr++ = (unsigned char) (temp >> 8);
# 4365|                   *dptr++ = (unsigned char) (temp >> 16);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def81]
wavpack-5.8.1/cli/wavpack.c:4384:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4382|           case 1:
# 4383|               while (count--)
# 4384|->                 *dptr++ = *src++ + 0x80;
# 4385|   
# 4386|               break;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def82]
wavpack-5.8.1/cli/wavpack.c:4390:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4388|           case 2:
# 4389|               while (count--) {
# 4390|->                 *dptr++ = (unsigned char) ((temp = *src++ + 0x8000) >> 8);
# 4391|                   *dptr++ = (unsigned char) temp;
# 4392|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def83]
wavpack-5.8.1/cli/wavpack.c:4398:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4396|           case 3:
# 4397|               while (count--) {
# 4398|->                 *dptr++ = (unsigned char) ((temp = *src++ + 0x800000) >> 16);
# 4399|                   *dptr++ = (unsigned char) (temp >> 8);
# 4400|                   *dptr++ = (unsigned char) temp;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def84]
wavpack-5.8.1/cli/wavpack.c:4407:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4405|           case 4:
# 4406|               while (count--) {
# 4407|->                 *dptr++ = (unsigned char) ((temp = *src++ + 0x80000000) >> 24);
# 4408|                   *dptr++ = (unsigned char) (temp >> 16);
# 4409|                   *dptr++ = (unsigned char) (temp >> 8);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def85]
wavpack-5.8.1/cli/wavpack.c:4428:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4426|           case 1:
# 4427|               while (count--)
# 4428|->                 *dptr++ = *src++;
# 4429|   
# 4430|               break;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def86]
wavpack-5.8.1/cli/wavpack.c:4434:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4432|           case 2:
# 4433|               while (count--) {
# 4434|->                 *dptr++ = (unsigned char) ((temp = *src++) >> 8);
# 4435|                   *dptr++ = (unsigned char) temp;
# 4436|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def87]
wavpack-5.8.1/cli/wavpack.c:4442:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4440|           case 3:
# 4441|               while (count--) {
# 4442|->                 *dptr++ = (unsigned char) ((temp = *src++) >> 16);
# 4443|                   *dptr++ = (unsigned char) (temp >> 8);
# 4444|                   *dptr++ = (unsigned char) temp;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def88]
wavpack-5.8.1/cli/wavpack.c:4451:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dptr’
wavpack-5.8.1/cli/wavpack.c:3582:12: enter_function: entry to ‘repack_audio’
wavpack-5.8.1/cli/wavpack.c:3601:8: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3602:33: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3602:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wavpack.c:3622:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3634:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3637:12: branch_false: following ‘false’ branch (when ‘quantize_bit_mask == 0’)...
wavpack-5.8.1/cli/wavpack.c:3659:14: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3659:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3665:12: branch_true: following ‘true’ branch (when ‘md5_digest_source’ is non-NULL)...
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:3666:16: branch_false: following ‘false’ branch (when ‘new_channel_order’ is NULL)...
wavpack-5.8.1/cli/wavpack.c:3669:17: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3669:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wavpack.c:3709:74: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:3709:17: call_function: calling ‘store_samples’ from ‘repack_audio’
# 4449|           case 4:
# 4450|               while (count--) {
# 4451|->                 *dptr++ = (unsigned char) ((temp = *src++) >> 24);
# 4452|                   *dptr++ = (unsigned char) (temp >> 16);
# 4453|                   *dptr++ = (unsigned char) (temp >> 8);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def89]
wavpack-5.8.1/cli/wavpack.c:4548:13: warning[-Wanalyzer-malloc-leak]: leak of ‘converter’
wavpack-5.8.1/cli/wavpack.c:4564:21: acquire_memory: allocated here
wavpack-5.8.1/cli/wavpack.c:4567:8: branch_false: following ‘false’ branch (when ‘converter == 18446744073709551615’)...
wavpack-5.8.1/cli/wavpack.c:4574:5: branch_false: ...to here
wavpack-5.8.1/cli/wavpack.c:4576:8: branch_true: following ‘true’ branch (when ‘err == -1’)...
wavpack-5.8.1/cli/wavpack.c:4577:9: branch_true: ...to here
wavpack-5.8.1/cli/wavpack.c:4548:13: danger: ‘converter’ leaks here; was allocated at [(1)](sarif:/runs/0/results/61/codeFlows/0/threadFlows/0/locations/0)
# 4546|               memmove (inp, inp + 3, len - 3);
# 4547|               inp [len - 3] = 0;
# 4548|->             return;
# 4549|       }
# 4550|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def90]
wavpack-5.8.1/cli/wavpack.c:4548:13: warning[-Wanalyzer-malloc-leak]: leak of ‘temp’
wavpack-5.8.1/cli/wavpack.c:4533:18: acquire_memory: allocated here
wavpack-5.8.1/cli/wavpack.c:4544:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wavpack.c:4548:13: danger: ‘temp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/60/codeFlows/0/threadFlows/0/locations/0)
# 4546|               memmove (inp, inp + 3, len - 3);
# 4547|               inp [len - 3] = 0;
# 4548|->             return;
# 4549|       }
# 4550|   

Error: CPPCHECK_WARNING (CWE-476): [#def91]
wavpack-5.8.1/cli/wavpack.c:4551: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: temp
# 4549|       }
# 4550|   
# 4551|->     memset(temp, 0, len);
# 4552|       old_locale = setlocale (LC_CTYPE, "");
# 4553|   

Error: CPPCHECK_WARNING (CWE-401): [#def92]
wavpack-5.8.1/cli/wvgain.c:248: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure
#  246|                   }
#  247|           else {
#  248|->             matches = realloc (matches, (num_files + 1) * sizeof (*matches));
#  249|               matches [num_files] = malloc (strlen (*argv) + 10);
#  250|               strcpy (matches [num_files], *argv);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def93]
wavpack-5.8.1/cli/wvgain.c:249:13: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘matches’
wavpack-5.8.1/cli/wvgain.c:175:12: branch_true: following ‘true’ branch (when ‘argc != 0’)...
wavpack-5.8.1/cli/wvgain.c:179:12: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:249:21: release_memory: ‘matches’ is NULL
wavpack-5.8.1/cli/wvgain.c:249:13: danger: dereference of NULL ‘matches + (long unsigned int)num_files * 8’
#  247|           else {
#  248|               matches = realloc (matches, (num_files + 1) * sizeof (*matches));
#  249|->             matches [num_files] = malloc (strlen (*argv) + 10);
#  250|               strcpy (matches [num_files], *argv);
#  251|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def94]
wavpack-5.8.1/cli/wvgain.c:250:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc(strlen(*argv) + 10)’ where non-null expected
wavpack-5.8.1/cli/wvgain.c:175:12: branch_true: following ‘true’ branch (when ‘argc != 0’)...
wavpack-5.8.1/cli/wvgain.c:179:12: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:249:35: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvgain.c:250:13: danger: argument 1 (‘malloc(strlen(*argv) + 10)’) from [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3) could be NULL where non-null expected
#argument 1 of ‘__builtin_strcpy’ must be non-null
#  248|               matches = realloc (matches, (num_files + 1) * sizeof (*matches));
#  249|               matches [num_files] = malloc (strlen (*argv) + 10);
#  250|->             strcpy (matches [num_files], *argv);
#  251|   
#  252|               if (*(matches [num_files]) != '-' && *(matches [num_files]) != '@' &&

Error: GCC_ANALYZER_WARNING (CWE-126): [#def95]
wavpack-5.8.1/cli/wvgain.c:304:32: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
wavpack-5.8.1/cli/wvgain.c:175:12: branch_true: following ‘true’ branch (when ‘argc != 0’)...
wavpack-5.8.1/cli/wvgain.c:179:12: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:252:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:253:18: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:175:12: branch_false: following ‘false’ branch (when ‘argc == 0’)...
wavpack-5.8.1/cli/wvgain.c:262:9: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:266:13: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:271:9: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:280:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:285:8: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:285:8: branch_false: following ‘false’ branch (when ‘error_count == 0’)...
wavpack-5.8.1/cli/wvgain.c:288:5: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:290:26: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:291:36: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:298:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:299:33: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:303:35: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:304:40: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:304:32: danger: out-of-bounds read from byte 8 till byte 15 but region ends at byte 8
#  302|   
#  303|               for (di = file_index; di < num_files - 1; di++)
#  304|->                 matches [di] = matches [di + 1];
#  305|   
#  306|               file_index--;

Error: CPPCHECK_WARNING (CWE-401): [#def96]
wavpack-5.8.1/cli/wvgain.c:318: error[memleakOnRealloc]: Common realloc mistake: 'listbuff' nulled but not freed upon failure
#  316|                   int bytes_read;
#  317|   
#  318|->                 listbuff = realloc (listbuff, listbytes + 1024);
#  319|                   memset (listbuff + listbytes, 0, 1024);
#  320|                   listbytes += bytes_read = (int) fread (listbuff + listbytes, 1, 1024, list);

Error: GCC_ANALYZER_WARNING (CWE-415): [#def97]
wavpack-5.8.1/cli/wvgain.c:318:28: warning[-Wanalyzer-double-free]: double-‘free’ of ‘listbuff’
wavpack-5.8.1/cli/wvgain.c:175:12: branch_true: following ‘true’ branch (when ‘argc != 0’)...
wavpack-5.8.1/cli/wvgain.c:179:12: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:252:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:253:18: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:175:12: branch_false: following ‘false’ branch (when ‘argc == 0’)...
wavpack-5.8.1/cli/wvgain.c:262:9: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:266:13: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:271:9: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:280:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:285:8: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:285:8: branch_false: following ‘false’ branch (when ‘error_count == 0’)...
wavpack-5.8.1/cli/wvgain.c:288:5: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:290:26: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:291:36: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:298:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:299:33: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:309:16: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:322:20: branch_false: following ‘false’ branch (when ‘bytes_read > 1023’)...
 branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:322:20: branch_false: following ‘false’ branch (when ‘bytes_read > 1023’)...
 branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:318:28: danger: second ‘free’ here
#  316|                   int bytes_read;
#  317|   
#  318|->                 listbuff = realloc (listbuff, listbytes + 1024);
#  319|                   memset (listbuff + listbytes, 0, 1024);
#  320|                   listbytes += bytes_read = (int) fread (listbuff + listbytes, 1, 1024, list);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def98]
wavpack-5.8.1/cli/wvgain.c:319:17: warning[-Wanalyzer-null-argument]: use of NULL ‘listbuff’ where non-null expected
wavpack-5.8.1/cli/wvgain.c:175:12: branch_true: following ‘true’ branch (when ‘argc != 0’)...
wavpack-5.8.1/cli/wvgain.c:179:12: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:252:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:253:18: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:175:12: branch_false: following ‘false’ branch (when ‘argc == 0’)...
wavpack-5.8.1/cli/wvgain.c:262:9: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:266:13: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:271:9: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:280:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:285:8: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:285:8: branch_false: following ‘false’ branch (when ‘error_count == 0’)...
wavpack-5.8.1/cli/wvgain.c:288:5: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:290:26: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:291:36: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:298:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:299:33: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:309:16: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:319:25: release_memory: ‘listbuff’ is NULL
wavpack-5.8.1/cli/wvgain.c:319:17: danger: argument 1 (‘listbuff + (sizetype)listbytes’) NULL where non-null expected
#argument 1 of ‘__builtin_memset’ must be non-null
#  317|   
#  318|                   listbuff = realloc (listbuff, listbytes + 1024);
#  319|->                 memset (listbuff + listbytes, 0, 1024);
#  320|                   listbytes += bytes_read = (int) fread (listbuff + listbytes, 1, 1024, list);
#  321|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def99]
wavpack-5.8.1/cli/wvgain.c:322:20: warning[-Wanalyzer-malloc-leak]: leak of ‘listbuff’
wavpack-5.8.1/cli/wvgain.c:175:12: branch_true: following ‘true’ branch (when ‘argc != 0’)...
wavpack-5.8.1/cli/wvgain.c:179:12: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:252:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:253:18: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:175:12: branch_false: following ‘false’ branch (when ‘argc == 0’)...
wavpack-5.8.1/cli/wvgain.c:262:9: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:266:13: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:271:9: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:280:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:285:8: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:285:8: branch_false: following ‘false’ branch (when ‘error_count == 0’)...
wavpack-5.8.1/cli/wvgain.c:288:5: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:290:26: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:291:36: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:298:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:299:33: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:309:16: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:322:20: branch_false: following ‘false’ branch (when ‘bytes_read > 1023’)...
 branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:322:20: branch_false: following ‘false’ branch (when ‘bytes_read > 1023’)...
 branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:322:20: danger: ‘listbuff’ leaks here; was allocated at [(20)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/19)
#  320|                   listbytes += bytes_read = (int) fread (listbuff + listbytes, 1, 1024, list);
#  321|   
#  322|->                 if (bytes_read < 1024)
#  323|                       break;
#  324|               }

Error: GCC_ANALYZER_WARNING (CWE-416): [#def100]
wavpack-5.8.1/cli/wvgain.c:332:25: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘cp’
wavpack-5.8.1/cli/wvgain.c:175:12: branch_true: following ‘true’ branch (when ‘argc != 0’)...
wavpack-5.8.1/cli/wvgain.c:179:12: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:252:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:253:18: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:175:12: branch_false: following ‘false’ branch (when ‘argc == 0’)...
wavpack-5.8.1/cli/wvgain.c:262:9: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:266:13: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:271:9: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:280:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:285:8: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:285:8: branch_false: following ‘false’ branch (when ‘error_count == 0’)...
wavpack-5.8.1/cli/wvgain.c:288:5: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:290:26: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:291:36: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:298:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:299:33: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:309:16: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:322:20: branch_false: following ‘false’ branch (when ‘bytes_read > 1023’)...
 branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:322:20: branch_true: following ‘true’ branch (when ‘bytes_read <= 1023’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:332:25: danger: use after ‘free’ of ‘cp’
#  330|               cp = listbuff;
#  331|   
#  332|->             while ((c = *cp++)) {
#  333|   
#  334|                   while (c == '\n' || c == '\r')

Error: CPPCHECK_WARNING (CWE-476): [#def101]
wavpack-5.8.1/cli/wvgain.c:342: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: fname
#  340|   
#  341|                       do
#  342|->                         fname [ci++] = c;
#  343|                       while ((c = *cp++) != '\n' && c != '\r' && c && ci < PATH_MAX);
#  344|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def102]
wavpack-5.8.1/cli/wvgain.c:342:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘fname’
wavpack-5.8.1/cli/wvgain.c:175:12: branch_true: following ‘true’ branch (when ‘argc != 0’)...
wavpack-5.8.1/cli/wvgain.c:179:12: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:252:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:253:18: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:175:12: branch_false: following ‘false’ branch (when ‘argc == 0’)...
wavpack-5.8.1/cli/wvgain.c:262:9: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:266:13: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:271:9: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:280:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:285:8: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:285:8: branch_false: following ‘false’ branch (when ‘error_count == 0’)...
wavpack-5.8.1/cli/wvgain.c:288:5: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:290:26: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:291:36: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:298:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:299:33: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:309:16: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:322:20: branch_true: following ‘true’ branch (when ‘bytes_read <= 1023’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:332:20: branch_true: following ‘true’ branch (when ‘c != 0’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:334:24: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:337:20: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:337:20: branch_true: following ‘true’ branch (when ‘c != 0’)...
wavpack-5.8.1/cli/wvgain.c:338:35: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:338:35: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvgain.c:342:25: danger: ‘fname + (sizetype)ci’ could be NULL: unchecked value from [(29)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/28)
#  340|   
#  341|                       do
#  342|->                         fname [ci++] = c;
#  343|                       while ((c = *cp++) != '\n' && c != '\r' && c && ci < PATH_MAX);
#  344|   

Error: CPPCHECK_WARNING (CWE-476): [#def103]
wavpack-5.8.1/cli/wvgain.c:345: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: fname
#  343|                       while ((c = *cp++) != '\n' && c != '\r' && c && ci < PATH_MAX);
#  344|   
#  345|->                     fname [ci++] = '\0';
#  346|                       matches = realloc (matches, ++num_files * sizeof (*matches));
#  347|   

Error: CPPCHECK_WARNING (CWE-401): [#def104]
wavpack-5.8.1/cli/wvgain.c:346: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure
#  344|   
#  345|                       fname [ci++] = '\0';
#  346|->                     matches = realloc (matches, ++num_files * sizeof (*matches));
#  347|   
#  348|                       for (di = num_files - 1; di > file_index + 1; di--)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def105]
wavpack-5.8.1/cli/wvgain.c:351:21: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘matches’
wavpack-5.8.1/cli/wvgain.c:175:12: branch_true: following ‘true’ branch (when ‘argc != 0’)...
wavpack-5.8.1/cli/wvgain.c:179:12: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:252:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:253:18: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:175:12: branch_false: following ‘false’ branch (when ‘argc == 0’)...
wavpack-5.8.1/cli/wvgain.c:262:9: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:266:13: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:271:9: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:280:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:285:8: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:285:8: branch_false: following ‘false’ branch (when ‘error_count == 0’)...
wavpack-5.8.1/cli/wvgain.c:288:5: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:290:26: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:291:36: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:298:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvgain.c:299:33: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:309:16: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:322:20: branch_true: following ‘true’ branch (when ‘bytes_read <= 1023’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:332:20: branch_true: following ‘true’ branch (when ‘c != 0’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:334:24: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:337:20: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:337:20: branch_true: following ‘true’ branch (when ‘c != 0’)...
wavpack-5.8.1/cli/wvgain.c:338:35: branch_true: ...to here
wavpack-5.8.1/cli/wvgain.c:343:28: branch_false: following ‘false’ branch (when ‘c == 10’)...
wavpack-5.8.1/cli/wvgain.c:345:28: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:348:46: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvgain.c:351:21: branch_false: ...to here
wavpack-5.8.1/cli/wvgain.c:351:29: release_memory: ‘matches’ is NULL
wavpack-5.8.1/cli/wvgain.c:351:29: release_memory: ‘matches’ is NULL
wavpack-5.8.1/cli/wvgain.c:351:21: danger: dereference of NULL ‘matches + (long unsigned int)(file_index + 1) * 8’
#  349|                           matches [di] = matches [di - 1];
#  350|   
#  351|->                     matches [++file_index] = fname;
#  352|                   }
#  353|   

Error: CPPCHECK_WARNING (CWE-401): [#def106]
wavpack-5.8.1/cli/wvtag.c:333: error[memleakOnRealloc]: Common realloc mistake: 'tag_items' nulled but not freed upon failure
#  331|                   int i = num_tag_items;
#  332|   
#  333|->                 tag_items = realloc (tag_items, ++num_tag_items * sizeof (*tag_items));
#  334|                   tag_items [i].item = malloc (cp - *argv + 1);
#  335|                   memcpy (tag_items [i].item, *argv, cp - *argv);

Error: CPPCHECK_WARNING (CWE-401): [#def107]
wavpack-5.8.1/cli/wvtag.c:358: error[memleakOnRealloc]: Common realloc mistake: 'tag_items' nulled but not freed upon failure
#  356|               }
#  357|   
#  358|->             tag_items = realloc (tag_items, ++num_tag_items * sizeof (*tag_items));
#  359|               tag_items [i].item = strdup (*argv);
#  360|               tag_items [i].binary = 0;

Error: CPPCHECK_WARNING (CWE-401): [#def108]
wavpack-5.8.1/cli/wvtag.c:366: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure
#  364|           }
#  365|           else {
#  366|->             matches = realloc (matches, (num_files + 1) * sizeof (*matches));
#  367|               matches [num_files] = malloc (strlen (*argv) + 10);
#  368|               strcpy (matches [num_files], *argv);

Error: CPPCHECK_WARNING (CWE-476): [#def109]
wavpack-5.8.1/cli/wvtag.c:430: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: temp
#  428|                   char *temp = malloc (strlen (matches [0]) + PATH_MAX);
#  429|   
#  430|->                 strcpy (temp, matches [0]);
#  431|                   strcpy (filespec_name (temp), fn);
#  432|                   file = wild_fopen (temp, "rb");

Error: CPPCHECK_WARNING (CWE-476): [#def110]
wavpack-5.8.1/cli/wvtag.c:446: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: new_value
#  444|                   if (tag_items [i].vsize < 1048576 * (allow_huge_tags ? 16 : 1)) {
#  445|                       new_value = malloc (tag_items [i].vsize + 2);
#  446|->                     memset (new_value, 0, tag_items [i].vsize + 2);
#  447|   
#  448|                       if (!DoReadFile (file, new_value, tag_items [i].vsize, &bcount) ||

Error: CPPCHECK_WARNING (CWE-401): [#def111]
wavpack-5.8.1/cli/wvtag.c:552: error[memleakOnRealloc]: Common realloc mistake: 'listbuff' nulled but not freed upon failure
#  550|                   int bytes_read;
#  551|   
#  552|->                 listbuff = realloc (listbuff, listbytes + 1024);
#  553|                   memset (listbuff + listbytes, 0, 1024);
#  554|                   listbytes += bytes_read = (int) fread (listbuff + listbytes, 1, 1024, list);

Error: CPPCHECK_WARNING (CWE-476): [#def112]
wavpack-5.8.1/cli/wvtag.c:576: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: fname
#  574|   
#  575|                       do
#  576|->                         fname [ci++] = c;
#  577|                       while ((c = *cp++) != '\n' && c != '\r' && c && ci < PATH_MAX);
#  578|   

Error: CPPCHECK_WARNING (CWE-476): [#def113]
wavpack-5.8.1/cli/wvtag.c:579: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: fname
#  577|                       while ((c = *cp++) != '\n' && c != '\r' && c && ci < PATH_MAX);
#  578|   
#  579|->                     fname [ci++] = '\0';
#  580|                       matches = realloc (matches, ++num_files * sizeof (*matches));
#  581|   

Error: CPPCHECK_WARNING (CWE-401): [#def114]
wavpack-5.8.1/cli/wvtag.c:580: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure
#  578|   
#  579|                       fname [ci++] = '\0';
#  580|->                     matches = realloc (matches, ++num_files * sizeof (*matches));
#  581|   
#  582|                       for (di = num_files - 1; di > file_index + 1; di--)

Error: CPPCHECK_WARNING (CWE-401): [#def115]
wavpack-5.8.1/cli/wvtag.c:903: error[memleakOnRealloc]: Common realloc mistake: 'tag_extractions' nulled but not freed upon failure
#  901|   static void add_tag_extraction_to_list (char *spec)
#  902|   {
#  903|->     tag_extractions = realloc (tag_extractions, (num_tag_extractions + 1) * sizeof (*tag_extractions));
#  904|       tag_extractions [num_tag_extractions] = malloc (strlen (spec) + 10);
#  905|       strcpy (tag_extractions [num_tag_extractions], spec);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def116]
wavpack-5.8.1/cli/wvtag.c:905:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc(strlen(spec) + 10)’ where non-null expected
wavpack-5.8.1/cli/wvtag.c:904:45: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvtag.c:905:5: danger: argument 1 (‘malloc(strlen(spec) + 10)’) from [(2)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/1) could be NULL where non-null expected
#argument 1 of ‘__builtin_strcpy’ must be non-null
#  903|       tag_extractions = realloc (tag_extractions, (num_tag_extractions + 1) * sizeof (*tag_extractions));
#  904|       tag_extractions [num_tag_extractions] = malloc (strlen (spec) + 10);
#  905|->     strcpy (tag_extractions [num_tag_extractions], spec);
#  906|       num_tag_extractions++;
#  907|   }

Error: CPPCHECK_WARNING (CWE-476): [#def117]
wavpack-5.8.1/cli/wvtag.c:916: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: extraction_spec
#  914|       for (i = 0; result == WAVPACK_NO_ERROR && i < num_tag_extractions; ++i) {
#  915|           char *extraction_spec = strdup (tag_extractions [i]);
#  916|->         char *output_spec = strchr (extraction_spec, '=');
#  917|           char tag_filename [256];
#  918|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def118]
wavpack-5.8.1/cli/wvtag.c:916:29: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘extraction_spec’ where non-null expected
wavpack-5.8.1/cli/wvtag.c:914:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvtag.c:915:33: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvtag.c:916:29: danger: argument 1 (‘extraction_spec’) from [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2) could be NULL where non-null expected
#argument 1 of ‘__builtin_strchr’ must be non-null
#  914|       for (i = 0; result == WAVPACK_NO_ERROR && i < num_tag_extractions; ++i) {
#  915|           char *extraction_spec = strdup (tag_extractions [i]);
#  916|->         char *output_spec = strchr (extraction_spec, '=');
#  917|           char tag_filename [256];
#  918|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def119]
wavpack-5.8.1/cli/wvtag.c:919:61: warning[-Wanalyzer-null-argument]: use of NULL ‘output_spec’ where non-null expected
wavpack-5.8.1/cli/wvtag.c:914:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvtag.c:919:12: branch_true: following ‘true’ branch (when ‘extraction_spec < output_spec’)...
wavpack-5.8.1/cli/wvtag.c:919:61: branch_true: ...to here
wavpack-5.8.1/cli/wvtag.c:919:61: danger: argument 1 (‘output_spec’) NULL where non-null expected
#argument 1 of ‘__builtin_strlen’ must be non-null
#  917|           char tag_filename [256];
#  918|   
#  919|->         if (output_spec && output_spec > extraction_spec && strlen (output_spec) > 1)
#  920|               *output_spec++ = 0;
#  921|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def120]
wavpack-5.8.1/cli/wvtag.c:923:65: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘tag_filename[0]’
wavpack-5.8.1/cli/wvtag.c:909:12: enter_function: entry to ‘do_tag_extractions’
wavpack-5.8.1/cli/wvtag.c:914:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvtag.c:919:12: branch_false: following ‘false’ branch (when ‘extraction_spec >= output_spec’)...
wavpack-5.8.1/cli/wvtag.c:922:13: branch_false: ...to here
wavpack-5.8.1/cli/wvtag.c:922:13: call_function: calling ‘dump_tag_item_to_file’ from ‘do_tag_extractions’
wavpack-5.8.1/cli/wvtag.c:922:13: return_function: returning to ‘do_tag_extractions’ from ‘dump_tag_item_to_file’
wavpack-5.8.1/cli/wvtag.c:922:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvtag.c:923:36: branch_true: ...to here
wavpack-5.8.1/cli/wvtag.c:923:65: danger: use of uninitialized value ‘tag_filename[0]’ here
#  921|   
#  922|           if (dump_tag_item_to_file (wpc, extraction_spec, NULL, tag_filename)) {
#  923|->             int max_length = (int) strlen (outfilename) + (int) strlen (tag_filename) + 10;
#  924|               char *full_filename;
#  925|   

Error: CPPCHECK_WARNING (CWE-476): [#def121]
wavpack-5.8.1/cli/wvtag.c:930: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: full_filename
#  928|   
#  929|               full_filename = malloc (max_length * 2 + 1);
#  930|->             strcpy (full_filename, outfilename);
#  931|   
#  932|               if (output_spec) {

Error: GCC_ANALYZER_WARNING (CWE-688): [#def122]
wavpack-5.8.1/cli/wvtag.c:930:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘full_filename’ where non-null expected
wavpack-5.8.1/cli/wvtag.c:909:12: enter_function: entry to ‘do_tag_extractions’
wavpack-5.8.1/cli/wvtag.c:914:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvtag.c:919:12: branch_false: following ‘false’ branch (when ‘extraction_spec >= output_spec’)...
wavpack-5.8.1/cli/wvtag.c:922:13: branch_false: ...to here
wavpack-5.8.1/cli/wvtag.c:922:13: call_function: calling ‘dump_tag_item_to_file’ from ‘do_tag_extractions’
wavpack-5.8.1/cli/wvtag.c:922:13: return_function: returning to ‘do_tag_extractions’ from ‘dump_tag_item_to_file’
wavpack-5.8.1/cli/wvtag.c:922:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvtag.c:923:36: branch_true: ...to here
wavpack-5.8.1/cli/wvtag.c:926:16: branch_false: following ‘false’ branch (when ‘output_spec’ is NULL)...
wavpack-5.8.1/cli/wvtag.c:929:37: branch_false: ...to here
wavpack-5.8.1/cli/wvtag.c:929:29: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvtag.c:930:13: danger: argument 1 (‘full_filename’) from [(22)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/21) could be NULL where non-null expected
#argument 1 of ‘__builtin_strcpy’ must be non-null
#  928|   
#  929|               full_filename = malloc (max_length * 2 + 1);
#  930|->             strcpy (full_filename, outfilename);
#  931|   
#  932|               if (output_spec) {

Error: CPPCHECK_WARNING (CWE-476): [#def123]
wavpack-5.8.1/cli/wvtag.c:1076: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: item
# 1074|               WavpackGetTagItem (wpc, item, value, value_len + 1);
# 1075|   
# 1076|->             fprintf (dst, "%s:%s", item, strlen (item) < strlen (spaces) ? spaces + strlen (item) : " ");
# 1077|   
# 1078|               if (ape_tag) {

Error: CPPCHECK_WARNING (CWE-476): [#def124]
wavpack-5.8.1/cli/wvtag.c:1105: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: item
# 1103|               WavpackGetBinaryTagItemIndexed (wpc, i, item, item_len + 1);
# 1104|               value_len = dump_tag_item_to_file (wpc, item, NULL, fname);
# 1105|->             fprintf (dst, "%s:%s", item, strlen (item) < strlen (spaces) ? spaces + strlen (item) : " ");
# 1106|   
# 1107|               if (filespec_ext (fname))

Error: CPPCHECK_WARNING (CWE-476): [#def125]
wavpack-5.8.1/cli/wvtag.c:1195: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: value
# 1193|   
# 1194|               for (i = 0; i < value_len; ++i)
# 1195|->                 if (!value [i]) {
# 1196|   
# 1197|                       if (dst) {

Error: CPPCHECK_WARNING (CWE-476): [#def126]
wavpack-5.8.1/cli/wvtag.c:1293: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: string
# 1291|   static void dump_UTF8_string (char *string, FILE *dst)
# 1292|   {
# 1293|->     while (*string) {
# 1294|           char *p = string, *temp;
# 1295|           int len = 0;

Error: CPPCHECK_WARNING (CWE-476): [#def127]
wavpack-5.8.1/cli/wvtag.c:1297: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: p
# 1295|           int len = 0;
# 1296|   
# 1297|->         while (*p) {
# 1298|               if (*p != '\r')
# 1299|                   ++len;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def128]
wavpack-5.8.1/cli/wvtag.c:1312:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘p’
wavpack-5.8.1/cli/wvtag.c:1293:12: branch_true: following ‘true’ branch...
 branch_true: ...to here
wavpack-5.8.1/cli/wvtag.c:1297:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvtag.c:1298:16: branch_true: ...to here
wavpack-5.8.1/cli/wvtag.c:1305:12: branch_false: following ‘false’ branch (when ‘len != 0’)...
wavpack-5.8.1/cli/wvtag.c:1308:28: branch_false: ...to here
wavpack-5.8.1/cli/wvtag.c:1308:20: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvtag.c:1310:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvtag.c:1311:16: branch_true: ...to here
wavpack-5.8.1/cli/wvtag.c:1311:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvtag.c:1312:18: branch_true: ...to here
wavpack-5.8.1/cli/wvtag.c:1312:17: danger: ‘p’ could be NULL: unchecked value from [(7)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/6)
# 1310|           while (*string) {
# 1311|               if (*string != '\r')
# 1312|->                 *p++ = *string;
# 1313|   
# 1314|               if (*string++ == '\n')

Error: GCC_ANALYZER_WARNING (CWE-476): [#def129]
wavpack-5.8.1/cli/wvtag.c:1318:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘p’
wavpack-5.8.1/cli/wvtag.c:1293:12: branch_true: following ‘true’ branch...
 branch_true: ...to here
wavpack-5.8.1/cli/wvtag.c:1297:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvtag.c:1298:16: branch_true: ...to here
wavpack-5.8.1/cli/wvtag.c:1305:12: branch_false: following ‘false’ branch (when ‘len != 0’)...
wavpack-5.8.1/cli/wvtag.c:1308:28: branch_false: ...to here
wavpack-5.8.1/cli/wvtag.c:1308:20: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvtag.c:1310:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvtag.c:1311:16: branch_true: ...to here
wavpack-5.8.1/cli/wvtag.c:1311:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvtag.c:1314:18: branch_false: ...to here
wavpack-5.8.1/cli/wvtag.c:1314:16: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wvtag.c:1318:9: danger: ‘p’ could be NULL: unchecked value from [(7)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/6)
# 1316|           }
# 1317|   
# 1318|->         *p = 0;
# 1319|   
# 1320|   #ifdef _WIN32

Error: CPPCHECK_WARNING (CWE-476): [#def130]
wavpack-5.8.1/cli/wvtag.c:1370: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: temp
# 1368|       iconv_t converter;
# 1369|   
# 1370|->     memset(temp, 0, len);
# 1371|       old_locale = setlocale (LC_CTYPE, "");
# 1372|       converter = iconv_open ("", "UTF-8");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def131]
wavpack-5.8.1/cli/wvtag.c:1374:8: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open("", "UTF-8")’
wavpack-5.8.1/cli/wvtag.c:1372:17: acquire_memory: allocated here
wavpack-5.8.1/cli/wvtag.c:1374:8: danger: ‘iconv_open("", "UTF-8")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
# 1372|       converter = iconv_open ("", "UTF-8");
# 1373|   
# 1374|->     if (converter != (iconv_t) -1) {
# 1375|           err = iconv (converter, &inp, &insize, &outp, &outsize);
# 1376|           iconv_close (converter);

Error: CPPCHECK_WARNING (CWE-476): [#def132]
wavpack-5.8.1/cli/wvtag.c:1388: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: temp
# 1386|       }
# 1387|   
# 1388|->     memmove (string, temp, len);
# 1389|   #endif
# 1390|       free (temp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def133]
wavpack-5.8.1/cli/wvtag.c:1523:13: warning[-Wanalyzer-malloc-leak]: leak of ‘converter’
wavpack-5.8.1/cli/wvtag.c:1539:21: acquire_memory: allocated here
wavpack-5.8.1/cli/wvtag.c:1542:8: branch_false: following ‘false’ branch (when ‘converter == 18446744073709551615’)...
wavpack-5.8.1/cli/wvtag.c:1549:5: branch_false: ...to here
wavpack-5.8.1/cli/wvtag.c:1551:8: branch_true: following ‘true’ branch (when ‘err == -1’)...
wavpack-5.8.1/cli/wvtag.c:1552:9: branch_true: ...to here
wavpack-5.8.1/cli/wvtag.c:1523:13: danger: ‘converter’ leaks here; was allocated at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
# 1521|               memmove (inp, inp + 3, len - 3);
# 1522|               inp [len - 3] = 0;
# 1523|->             return;
# 1524|       }
# 1525|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def134]
wavpack-5.8.1/cli/wvtag.c:1523:13: warning[-Wanalyzer-malloc-leak]: leak of ‘temp’
wavpack-5.8.1/cli/wvtag.c:1508:18: acquire_memory: allocated here
wavpack-5.8.1/cli/wvtag.c:1519:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvtag.c:1523:13: danger: ‘temp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
# 1521|               memmove (inp, inp + 3, len - 3);
# 1522|               inp [len - 3] = 0;
# 1523|->             return;
# 1524|       }
# 1525|   

Error: CPPCHECK_WARNING (CWE-476): [#def135]
wavpack-5.8.1/cli/wvtag.c:1526: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: temp
# 1524|       }
# 1525|   
# 1526|->     memset(temp, 0, len);
# 1527|       old_locale = setlocale (LC_CTYPE, "");
# 1528|   

Error: CPPCHECK_WARNING (CWE-476): [#def136]
wavpack-5.8.1/cli/wvtag.c:1638: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: matchname
# 1636|           else {
# 1637|               matchname = malloc (strlen (globbuf.gl_pathv [i]) + 10);
# 1638|->             strcpy (matchname, globbuf.gl_pathv [i]);
# 1639|           }
# 1640|       }

Error: GCC_ANALYZER_WARNING (CWE-688): [#def137]
wavpack-5.8.1/cli/wvtag.c:1638:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘matchname’ where non-null expected
wavpack-5.8.1/cli/wvtag.c:1627:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvtag.c:1628:19: branch_true: ...to here
wavpack-5.8.1/cli/wvtag.c:1628:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvtag.c:1631:12: branch_false: following ‘false’ branch (when ‘matchname’ is NULL)...
wavpack-5.8.1/cli/wvtag.c:1637:41: branch_false: ...to here
wavpack-5.8.1/cli/wvtag.c:1637:25: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvtag.c:1638:13: danger: argument 1 (‘matchname’) from [(7)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/6) could be NULL where non-null expected
#argument 1 of ‘__builtin_strcpy’ must be non-null
# 1636|           else {
# 1637|               matchname = malloc (strlen (globbuf.gl_pathv [i]) + 10);
# 1638|->             strcpy (matchname, globbuf.gl_pathv [i]);
# 1639|           }
# 1640|       }

Error: CPPCHECK_WARNING (CWE-401): [#def138]
wavpack-5.8.1/cli/wvunpack.c:317: error[memleakOnRealloc]: Common realloc mistake: 'argv_fn' nulled but not freed upon failure
#  315|                   char *option = malloc (option_len + 1);
#  316|   
#  317|->                 argv_fn = realloc (argv_fn, sizeof (char *) * ++argc_fn);
#  318|                   memcpy (option, open_brace + 1, option_len);
#  319|                   argv_fn [argc_fn - 1] = option;

Error: CPPCHECK_WARNING (CWE-476): [#def139]
wavpack-5.8.1/cli/wvunpack.c:318: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: option
#  316|   
#  317|                   argv_fn = realloc (argv_fn, sizeof (char *) * ++argc_fn);
#  318|->                 memcpy (option, open_brace + 1, option_len);
#  319|                   argv_fn [argc_fn - 1] = option;
#  320|                   option [option_len] = 0;

Error: CPPCHECK_WARNING (CWE-476): [#def140]
wavpack-5.8.1/cli/wvunpack.c:320: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: option
#  318|                   memcpy (option, open_brace + 1, option_len);
#  319|                   argv_fn [argc_fn - 1] = option;
#  320|->                 option [option_len] = 0;
#  321|   
#  322|                   if (debug_logging_mode)

Error: CPPCHECK_WARNING (CWE-476): [#def141]
wavpack-5.8.1/cli/wvunpack.c:621: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: outfilename
#  619|               else if (output_spec) {
#  620|                   outfilename = malloc (strlen (argcp) + PATH_MAX);
#  621|->                 strcpy (outfilename, argcp);
#  622|                   use_stdout = (*argcp == '-');
#  623|                   output_spec = 0;

Error: CPPCHECK_WARNING (CWE-401): [#def142]
wavpack-5.8.1/cli/wvunpack.c:626: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure
#  624|               }
#  625|               else {
#  626|->                 matches = realloc (matches, (num_files + 1) * sizeof (*matches));
#  627|                   matches [num_files] = malloc (strlen (argcp) + 10);
#  628|                   strcpy (matches [num_files], argcp);

Error: CPPCHECK_WARNING (CWE-401): [#def143]
wavpack-5.8.1/cli/wvunpack.c:762: error[memleakOnRealloc]: Common realloc mistake: 'listbuff' nulled but not freed upon failure
#  760|                   int bytes_read;
#  761|   
#  762|->                 listbuff = realloc (listbuff, listbytes + 1024);
#  763|                   memset (listbuff + listbytes, 0, 1024);
#  764|                   listbytes += bytes_read = (int) fread (listbuff + listbytes, 1, 1024, list);

Error: CPPCHECK_WARNING (CWE-476): [#def144]
wavpack-5.8.1/cli/wvunpack.c:786: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: fname
#  784|   
#  785|                       do
#  786|->                         fname [ci++] = c;
#  787|                       while ((c = *cp++) != '\n' && c != '\r' && c && ci < PATH_MAX);
#  788|   

Error: CPPCHECK_WARNING (CWE-476): [#def145]
wavpack-5.8.1/cli/wvunpack.c:789: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: fname
#  787|                       while ((c = *cp++) != '\n' && c != '\r' && c && ci < PATH_MAX);
#  788|   
#  789|->                     fname [ci++] = '\0';
#  790|                       matches = realloc (matches, ++num_files * sizeof (*matches));
#  791|   

Error: CPPCHECK_WARNING (CWE-401): [#def146]
wavpack-5.8.1/cli/wvunpack.c:790: error[memleakOnRealloc]: Common realloc mistake: 'matches' nulled but not freed upon failure
#  788|   
#  789|                       fname [ci++] = '\0';
#  790|->                     matches = realloc (matches, ++num_files * sizeof (*matches));
#  791|   
#  792|                       for (di = num_files - 1; di > file_index + 1; di--)

Error: CPPCHECK_WARNING (CWE-476): [#def147]
wavpack-5.8.1/cli/wvunpack.c:923: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: outfilename
#  921|               else if (!outfilename) {
#  922|                   outfilename = malloc (strlen (matches [file_index]) + 10);
#  923|->                 strcpy (outfilename, matches [file_index]);
#  924|   
#  925|                   if (filespec_ext (outfilename))

Error: CPPCHECK_WARNING (CWE-476): [#def148]
wavpack-5.8.1/cli/wvunpack.c:1273: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: infilename_c
# 1271|           char *infilename_c = malloc (strlen (infilename) + 10);
# 1272|   
# 1273|->         strcpy (infilename_c, infilename);
# 1274|           strcat (infilename_c, "c");
# 1275|           infile_c = fopen_func (infilename_c, "rb");

Error: CPPCHECK_WARNING (CWE-476): [#def149]
wavpack-5.8.1/cli/wvunpack.c:1274: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: infilename_c
# 1272|   
# 1273|           strcpy (infilename_c, infilename);
# 1274|->         strcat (infilename_c, "c");
# 1275|           infile_c = fopen_func (infilename_c, "rb");
# 1276|           free (infilename_c);

Error: CPPCHECK_WARNING (CWE-476): [#def150]
wavpack-5.8.1/cli/wvunpack.c:1354: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: block_buffer
# 1352|   
# 1353|           block_buffer = malloc (sizeof (wphdr) + wphdr.ckSize - 24);
# 1354|->         memcpy (block_buffer, &wphdr, sizeof (wphdr));
# 1355|   
# 1356|           if (!fread (block_buffer + sizeof (wphdr), wphdr.ckSize - 24, 1, infile)) {

Error: CPPCHECK_WARNING (CWE-682): [#def151]
wavpack-5.8.1/cli/wvunpack.c:1356: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
# 1354|           memcpy (block_buffer, &wphdr, sizeof (wphdr));
# 1355|   
# 1356|->         if (!fread (block_buffer + sizeof (wphdr), wphdr.ckSize - 24, 1, infile)) {
# 1357|               if (verbose) error_line ("quick verify error:%sfile is truncated!\n", wvc_mode ? " main " : " ");
# 1358|               free (block_buffer);

Error: CPPCHECK_WARNING (CWE-476): [#def152]
wavpack-5.8.1/cli/wvunpack.c:1393: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: block_buffer_c
# 1391|   
# 1392|                       block_buffer_c = malloc (sizeof (wphdr_c) + wphdr_c.ckSize - 24);
# 1393|->                     memcpy (block_buffer_c, &wphdr_c, sizeof (wphdr_c));
# 1394|   
# 1395|                       if (!fread (block_buffer_c + sizeof (wphdr_c), wphdr_c.ckSize - 24, 1, infile_c)) {

Error: CPPCHECK_WARNING (CWE-682): [#def153]
wavpack-5.8.1/cli/wvunpack.c:1395: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
# 1393|                       memcpy (block_buffer_c, &wphdr_c, sizeof (wphdr_c));
# 1394|   
# 1395|->                     if (!fread (block_buffer_c + sizeof (wphdr_c), wphdr_c.ckSize - 24, 1, infile_c)) {
# 1396|                           if (verbose) error_line ("quick verify error: correction file is truncated!");
# 1397|                           free (block_buffer_c);

Error: CPPCHECK_WARNING (CWE-476): [#def154]
wavpack-5.8.1/cli/wvunpack.c:2156: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: new_channel_order
# 2154|   
# 2155|               for (i = 0; i < num_channels; ++i)
# 2156|->                 new_channel_order [i] = i;
# 2157|   
# 2158|               WavpackGetChannelLayout (wpc, new_channel_order);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def155]
wavpack-5.8.1/cli/wvunpack.c:2156:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_channel_order’
wavpack-5.8.1/cli/wvunpack.c:2138:8: branch_false: following ‘false’ branch (when ‘outfile’ is NULL)...
wavpack-5.8.1/cli/wvunpack.c:2149:9: branch_false: ...to here
wavpack-5.8.1/cli/wvunpack.c:2149:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:2150:22: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2152:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:2153:33: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2153:33: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvunpack.c:2155:25: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:2156:35: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2156:17: danger: ‘new_channel_order + (sizetype)i’ could be NULL: unchecked value from [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
# 2154|   
# 2155|               for (i = 0; i < num_channels; ++i)
# 2156|->                 new_channel_order [i] = i;
# 2157|   
# 2158|               WavpackGetChannelLayout (wpc, new_channel_order);

Error: CPPCHECK_WARNING (CWE-476): [#def156]
wavpack-5.8.1/cli/wvunpack.c:2306: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: new_channel_order
# 2304|   
# 2305|               for (i = 0; i < num_channels; ++i)
# 2306|->                 new_channel_order [i] = i;
# 2307|   
# 2308|               WavpackGetChannelLayout (wpc, new_channel_order);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def157]
wavpack-5.8.1/cli/wvunpack.c:2306:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_channel_order’
wavpack-5.8.1/cli/wvunpack.c:2293:8: branch_false: following ‘false’ branch (when ‘output_buffer’ is non-NULL)...
wavpack-5.8.1/cli/wvunpack.c:2299:9: branch_false: ...to here
wavpack-5.8.1/cli/wvunpack.c:2299:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:2300:22: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2302:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:2303:33: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2303:33: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvunpack.c:2305:25: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:2306:35: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2306:17: danger: ‘new_channel_order + (sizetype)i’ could be NULL: unchecked value from [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
# 2304|   
# 2305|               for (i = 0; i < num_channels; ++i)
# 2306|->                 new_channel_order [i] = i;
# 2307|   
# 2308|               WavpackGetChannelLayout (wpc, new_channel_order);

Error: CPPCHECK_WARNING (CWE-401): [#def158]
wavpack-5.8.1/cli/wvunpack.c:2423: error[memleakOnRealloc]: Common realloc mistake: 'tag_extractions' nulled but not freed upon failure
# 2421|   static void add_tag_extraction_to_list (char *spec)
# 2422|   {
# 2423|->     tag_extractions = realloc (tag_extractions, (num_tag_extractions + 1) * sizeof (*tag_extractions));
# 2424|       tag_extractions [num_tag_extractions] = malloc (strlen (spec) + 10);
# 2425|       strcpy (tag_extractions [num_tag_extractions], spec);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def159]
wavpack-5.8.1/cli/wvunpack.c:2425:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc(strlen(spec) + 10)’ where non-null expected
wavpack-5.8.1/cli/wvunpack.c:2424:45: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvunpack.c:2425:5: danger: argument 1 (‘malloc(strlen(spec) + 10)’) from [(2)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/1) could be NULL where non-null expected
#argument 1 of ‘__builtin_strcpy’ must be non-null
# 2423|       tag_extractions = realloc (tag_extractions, (num_tag_extractions + 1) * sizeof (*tag_extractions));
# 2424|       tag_extractions [num_tag_extractions] = malloc (strlen (spec) + 10);
# 2425|->     strcpy (tag_extractions [num_tag_extractions], spec);
# 2426|       num_tag_extractions++;
# 2427|   }

Error: CPPCHECK_WARNING (CWE-476): [#def160]
wavpack-5.8.1/cli/wvunpack.c:2436: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: extraction_spec
# 2434|       for (i = 0; result == WAVPACK_NO_ERROR && i < num_tag_extractions; ++i) {
# 2435|           char *extraction_spec = strdup (tag_extractions [i]);
# 2436|->         char *output_spec = strchr (extraction_spec, '=');
# 2437|           char tag_filename [256];
# 2438|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def161]
wavpack-5.8.1/cli/wvunpack.c:2436:29: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘extraction_spec’ where non-null expected
wavpack-5.8.1/cli/wvunpack.c:2434:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:2435:33: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvunpack.c:2436:29: danger: argument 1 (‘extraction_spec’) from [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2) could be NULL where non-null expected
#argument 1 of ‘__builtin_strchr’ must be non-null
# 2434|       for (i = 0; result == WAVPACK_NO_ERROR && i < num_tag_extractions; ++i) {
# 2435|           char *extraction_spec = strdup (tag_extractions [i]);
# 2436|->         char *output_spec = strchr (extraction_spec, '=');
# 2437|           char tag_filename [256];
# 2438|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def162]
wavpack-5.8.1/cli/wvunpack.c:2439:61: warning[-Wanalyzer-null-argument]: use of NULL ‘output_spec’ where non-null expected
wavpack-5.8.1/cli/wvunpack.c:2434:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:2439:12: branch_true: following ‘true’ branch (when ‘extraction_spec < output_spec’)...
wavpack-5.8.1/cli/wvunpack.c:2439:61: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2439:61: danger: argument 1 (‘output_spec’) NULL where non-null expected
#argument 1 of ‘__builtin_strlen’ must be non-null
# 2437|           char tag_filename [256];
# 2438|   
# 2439|->         if (output_spec && output_spec > extraction_spec && strlen (output_spec) > 1)
# 2440|               *output_spec++ = 0;
# 2441|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def163]
wavpack-5.8.1/cli/wvunpack.c:2443:65: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘tag_filename[0]’
wavpack-5.8.1/cli/wvunpack.c:2429:12: enter_function: entry to ‘do_tag_extractions’
wavpack-5.8.1/cli/wvunpack.c:2434:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:2439:12: branch_false: following ‘false’ branch (when ‘extraction_spec >= output_spec’)...
wavpack-5.8.1/cli/wvunpack.c:2442:13: branch_false: ...to here
wavpack-5.8.1/cli/wvunpack.c:2442:13: call_function: calling ‘dump_tag_item_to_file’ from ‘do_tag_extractions’
wavpack-5.8.1/cli/wvunpack.c:2442:13: return_function: returning to ‘do_tag_extractions’ from ‘dump_tag_item_to_file’
wavpack-5.8.1/cli/wvunpack.c:2442:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:2443:36: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2443:65: danger: use of uninitialized value ‘tag_filename[0]’ here
# 2441|   
# 2442|           if (dump_tag_item_to_file (wpc, extraction_spec, NULL, tag_filename)) {
# 2443|->             int max_length = (int) strlen (outfilename) + (int) strlen (tag_filename) + 10;
# 2444|               char *full_filename;
# 2445|   

Error: CPPCHECK_WARNING (CWE-476): [#def164]
wavpack-5.8.1/cli/wvunpack.c:2450: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: full_filename
# 2448|   
# 2449|               full_filename = malloc (max_length * 2 + 1);
# 2450|->             strcpy (full_filename, outfilename);
# 2451|   
# 2452|               if (output_spec) {

Error: GCC_ANALYZER_WARNING (CWE-688): [#def165]
wavpack-5.8.1/cli/wvunpack.c:2450:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘full_filename’ where non-null expected
wavpack-5.8.1/cli/wvunpack.c:2429:12: enter_function: entry to ‘do_tag_extractions’
wavpack-5.8.1/cli/wvunpack.c:2434:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:2439:12: branch_false: following ‘false’ branch (when ‘extraction_spec >= output_spec’)...
wavpack-5.8.1/cli/wvunpack.c:2442:13: branch_false: ...to here
wavpack-5.8.1/cli/wvunpack.c:2442:13: call_function: calling ‘dump_tag_item_to_file’ from ‘do_tag_extractions’
wavpack-5.8.1/cli/wvunpack.c:2442:13: return_function: returning to ‘do_tag_extractions’ from ‘dump_tag_item_to_file’
wavpack-5.8.1/cli/wvunpack.c:2442:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:2443:36: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2446:16: branch_false: following ‘false’ branch (when ‘output_spec’ is NULL)...
wavpack-5.8.1/cli/wvunpack.c:2449:37: branch_false: ...to here
wavpack-5.8.1/cli/wvunpack.c:2449:29: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvunpack.c:2450:13: danger: argument 1 (‘full_filename’) from [(22)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/21) could be NULL where non-null expected
#argument 1 of ‘__builtin_strcpy’ must be non-null
# 2448|   
# 2449|               full_filename = malloc (max_length * 2 + 1);
# 2450|->             strcpy (full_filename, outfilename);
# 2451|   
# 2452|               if (output_spec) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def166]
wavpack-5.8.1/cli/wvunpack.c:2768:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘temp’
wavpack-5.8.1/cli/wvunpack.c:2761:8: branch_true: following ‘true’ branch (when ‘num_chans > 16’)...
wavpack-5.8.1/cli/wvunpack.c:2762:16: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2762:16: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvunpack.c:2764:12: branch_true: following ‘true’ branch (when ‘num_samples != 0’)...
 branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2767:24: branch_true: following ‘true’ branch (when ‘chan < num_chans’)...
wavpack-5.8.1/cli/wvunpack.c:2768:38: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2768:13: danger: ‘temp + (sizetype)chan * 4’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
# 2766|   
# 2767|           for (chan = 0; chan < num_chans; ++chan)
# 2768|->             temp [chan] = data [order[chan]];
# 2769|   
# 2770|           memcpy (data, temp, num_chans * sizeof (*data));

Error: GCC_ANALYZER_WARNING (CWE-457): [#def167]
wavpack-5.8.1/cli/wvunpack.c:2770:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘temp’
wavpack-5.8.1/cli/wvunpack.c:2274:12: enter_function: entry to ‘unpack_dsd_audio’
wavpack-5.8.1/cli/wvunpack.c:2293:8: branch_false: following ‘false’ branch (when ‘output_buffer’ is non-NULL)...
wavpack-5.8.1/cli/wvunpack.c:2299:9: branch_false: ...to here
wavpack-5.8.1/cli/wvunpack.c:2299:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:2300:22: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2302:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:2303:33: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2314:12: branch_true: following ‘true’ branch (when ‘result == 0’)...
wavpack-5.8.1/cli/wvunpack.c:2315:38: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2324:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvunpack.c:2327:12: branch_false: ...to here
wavpack-5.8.1/cli/wvunpack.c:2327:12: branch_true: following ‘true’ branch (when ‘new_channel_order’ is non-NULL)...
wavpack-5.8.1/cli/wvunpack.c:2328:13: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:2328:13: call_function: calling ‘unreorder_channels’ from ‘unpack_dsd_audio’
# 2768|               temp [chan] = data [order[chan]];
# 2769|   
# 2770|->         memcpy (data, temp, num_chans * sizeof (*data));
# 2771|           data += num_chans;
# 2772|       }

Error: CPPCHECK_WARNING (CWE-476): [#def168]
wavpack-5.8.1/cli/wvunpack.c:2976: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: item
# 2974|               WavpackGetTagItem (wpc, item, value, value_len + 1);
# 2975|   
# 2976|->             fprintf (dst, "%s:%s", item, strlen (item) < strlen (spaces) ? spaces + strlen (item) : " ");
# 2977|   
# 2978|               if (ape_tag) {

Error: CPPCHECK_WARNING (CWE-476): [#def169]
wavpack-5.8.1/cli/wvunpack.c:3005: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: item
# 3003|               WavpackGetBinaryTagItemIndexed (wpc, i, item, item_len + 1);
# 3004|               value_len = dump_tag_item_to_file (wpc, item, NULL, fname);
# 3005|->             fprintf (dst, "%s:%s", item, strlen (item) < strlen (spaces) ? spaces + strlen (item) : " ");
# 3006|   
# 3007|               if (filespec_ext (fname))

Error: CPPCHECK_WARNING (CWE-476): [#def170]
wavpack-5.8.1/cli/wvunpack.c:3201: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: value
# 3199|   
# 3200|               for (i = 0; i < value_len; ++i)
# 3201|->                 if (!value [i]) {
# 3202|   
# 3203|                       if (dst) {

Error: CPPCHECK_WARNING (CWE-476): [#def171]
wavpack-5.8.1/cli/wvunpack.c:3252: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: string
# 3250|   static void dump_UTF8_string (char *string, FILE *dst)
# 3251|   {
# 3252|->     while (*string) {
# 3253|           char *p = string, *temp;
# 3254|           int len = 0;

Error: CPPCHECK_WARNING (CWE-476): [#def172]
wavpack-5.8.1/cli/wvunpack.c:3256: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: p
# 3254|           int len = 0;
# 3255|   
# 3256|->         while (*p) {
# 3257|               if (*p != '\r')
# 3258|                   ++len;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def173]
wavpack-5.8.1/cli/wvunpack.c:3271:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘p’
wavpack-5.8.1/cli/wvunpack.c:3252:12: branch_true: following ‘true’ branch...
 branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:3256:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:3257:16: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:3264:12: branch_false: following ‘false’ branch (when ‘len != 0’)...
wavpack-5.8.1/cli/wvunpack.c:3267:28: branch_false: ...to here
wavpack-5.8.1/cli/wvunpack.c:3267:20: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvunpack.c:3269:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:3270:16: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:3270:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:3271:18: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:3271:17: danger: ‘p’ could be NULL: unchecked value from [(7)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/6)
# 3269|           while (*string) {
# 3270|               if (*string != '\r')
# 3271|->                 *p++ = *string;
# 3272|   
# 3273|               if (*string++ == '\n')

Error: GCC_ANALYZER_WARNING (CWE-476): [#def174]
wavpack-5.8.1/cli/wvunpack.c:3277:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘p’
wavpack-5.8.1/cli/wvunpack.c:3252:12: branch_true: following ‘true’ branch...
 branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:3256:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:3257:16: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:3264:12: branch_false: following ‘false’ branch (when ‘len != 0’)...
wavpack-5.8.1/cli/wvunpack.c:3267:28: branch_false: ...to here
wavpack-5.8.1/cli/wvunpack.c:3267:20: acquire_memory: this call could return NULL
wavpack-5.8.1/cli/wvunpack.c:3269:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/cli/wvunpack.c:3270:16: branch_true: ...to here
wavpack-5.8.1/cli/wvunpack.c:3270:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/cli/wvunpack.c:3273:18: branch_false: ...to here
wavpack-5.8.1/cli/wvunpack.c:3273:16: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/cli/wvunpack.c:3277:9: danger: ‘p’ could be NULL: unchecked value from [(7)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/6)
# 3275|           }
# 3276|   
# 3277|->         *p = 0;
# 3278|   
# 3279|   #ifdef _WIN32

Error: CPPCHECK_WARNING (CWE-476): [#def175]
wavpack-5.8.1/cli/wvunpack.c:3438: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: temp
# 3436|       iconv_t converter;
# 3437|   
# 3438|->     memset(temp, 0, len);
# 3439|       old_locale = setlocale (LC_CTYPE, "");
# 3440|       converter = iconv_open ("", "UTF-8");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def176]
wavpack-5.8.1/cli/wvunpack.c:3442:8: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open("", "UTF-8")’
wavpack-5.8.1/cli/wvunpack.c:3440:17: acquire_memory: allocated here
wavpack-5.8.1/cli/wvunpack.c:3442:8: danger: ‘iconv_open("", "UTF-8")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
# 3440|       converter = iconv_open ("", "UTF-8");
# 3441|   
# 3442|->     if (converter != (iconv_t) -1) {
# 3443|           err = iconv (converter, &inp, &insize, &outp, &outsize);
# 3444|           iconv_close (converter);

Error: CPPCHECK_WARNING (CWE-476): [#def177]
wavpack-5.8.1/cli/wvunpack.c:3456: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: temp
# 3454|       }
# 3455|   
# 3456|->     memmove (string, temp, len);
# 3457|   #endif
# 3458|       free (temp);

Error: COMPILER_WARNING (CWE-686): [#def178]
wavpack-5.8.1/redhat-linux-build/CMakeFiles/CMakeScratch/TryCompile-V0ydFm/CheckFunctionExists.c:7:3: warning[-Wbuiltin-declaration-mismatch]: conflicting types for built-in function ‘cos’; expected ‘double(double)’

Error: GCC_ANALYZER_WARNING (CWE-476): [#def179]
wavpack-5.8.1/src/extra1.c:94:34: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘in_samples’
wavpack-5.8.1/src/extra1.c:528:6: enter_function: entry to ‘execute_mono’
wavpack-5.8.1/src/extra1.c:547:8: branch_false: following ‘false’ branch (when ‘i != num_samples’)...
wavpack-5.8.1/src/extra1.c:555:20: branch_false: ...to here
wavpack-5.8.1/src/extra1.c:557:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra1.c:564:23: branch_false: ...to here
wavpack-5.8.1/src/extra1.c:564:23: acquire_memory: this call could return NULL
wavpack-5.8.1/src/extra1.c:568:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra1.c:579:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:579:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:580:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:580:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:581:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:581:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass’
wavpack-5.8.1/src/extra1.c:586:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:586:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:587:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:587:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:588:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
#   92|   
#   93|               dpp->samples_A [1] = dpp->samples_A [0];
#   94|->             dpp->samples_A [0] = left = in_samples [0];
#   95|   
#   96|               left -= apply_weight (dpp->weight_A, sam_A);

Error: CPPCHECK_WARNING (CWE-758): [#def180]
wavpack-5.8.1/src/extra1.c:97: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#   95|   
#   96|               left -= apply_weight (dpp->weight_A, sam_A);
#   97|->             update_weight (dpp->weight_A, dpp->delta, sam_A, left);
#   98|               dpp->sum_A += dpp->weight_A;
#   99|               out_samples [0] = left;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def181]
wavpack-5.8.1/src/extra1.c:99:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out_samples’
wavpack-5.8.1/src/extra1.c:528:6: enter_function: entry to ‘execute_mono’
wavpack-5.8.1/src/extra1.c:547:8: branch_false: following ‘false’ branch (when ‘i != num_samples’)...
wavpack-5.8.1/src/extra1.c:555:20: branch_false: ...to here
wavpack-5.8.1/src/extra1.c:557:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra1.c:564:23: branch_false: ...to here
wavpack-5.8.1/src/extra1.c:564:23: acquire_memory: this call could return NULL
wavpack-5.8.1/src/extra1.c:568:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra1.c:579:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:579:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:580:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:580:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:581:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
#   97|               update_weight (dpp->weight_A, dpp->delta, sam_A, left);
#   98|               dpp->sum_A += dpp->weight_A;
#   99|->             out_samples [0] = left;
#  100|               in_samples += dir;
#  101|               out_samples += dir;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def182]
wavpack-5.8.1/src/extra1.c:110:34: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘in_samples’
wavpack-5.8.1/src/extra1.c:528:6: enter_function: entry to ‘execute_mono’
wavpack-5.8.1/src/extra1.c:547:8: branch_false: following ‘false’ branch (when ‘i != num_samples’)...
wavpack-5.8.1/src/extra1.c:555:20: branch_false: ...to here
wavpack-5.8.1/src/extra1.c:557:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra1.c:564:23: branch_false: ...to here
wavpack-5.8.1/src/extra1.c:564:23: acquire_memory: this call could return NULL
wavpack-5.8.1/src/extra1.c:568:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra1.c:579:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:579:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:580:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:580:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:581:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:581:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass’
wavpack-5.8.1/src/extra1.c:586:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:586:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:587:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:587:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:588:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
#  108|   
#  109|               sam_A = dpp->samples_A [m];
#  110|->             dpp->samples_A [k] = left = in_samples [0];
#  111|               m = (m + 1) & (MAX_TERM - 1);
#  112|   

Error: CPPCHECK_WARNING (CWE-758): [#def183]
wavpack-5.8.1/src/extra1.c:114: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  112|   
#  113|               left -= apply_weight (dpp->weight_A, sam_A);
#  114|->             update_weight (dpp->weight_A, dpp->delta, sam_A, left);
#  115|               dpp->sum_A += dpp->weight_A;
#  116|               out_samples [0] = left;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def184]
wavpack-5.8.1/src/extra1.c:116:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out_samples’
wavpack-5.8.1/src/extra1.c:528:6: enter_function: entry to ‘execute_mono’
wavpack-5.8.1/src/extra1.c:547:8: branch_false: following ‘false’ branch (when ‘i != num_samples’)...
wavpack-5.8.1/src/extra1.c:555:20: branch_false: ...to here
wavpack-5.8.1/src/extra1.c:557:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra1.c:564:23: branch_false: ...to here
wavpack-5.8.1/src/extra1.c:564:23: acquire_memory: this call could return NULL
wavpack-5.8.1/src/extra1.c:568:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra1.c:579:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:579:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:580:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:580:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:581:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
#  114|               update_weight (dpp->weight_A, dpp->delta, sam_A, left);
#  115|               dpp->sum_A += dpp->weight_A;
#  116|->             out_samples [0] = left;
#  117|               in_samples += dir;
#  118|               out_samples += dir;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def185]
wavpack-5.8.1/src/extra1.c:513:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘lptr’
wavpack-5.8.1/src/extra1.c:528:6: enter_function: entry to ‘execute_mono’
wavpack-5.8.1/src/extra1.c:547:8: branch_false: following ‘false’ branch (when ‘i != num_samples’)...
wavpack-5.8.1/src/extra1.c:555:20: branch_false: ...to here
wavpack-5.8.1/src/extra1.c:557:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra1.c:564:23: branch_false: ...to here
wavpack-5.8.1/src/extra1.c:568:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra1.c:569:24: acquire_memory: this call could return NULL
wavpack-5.8.1/src/extra1.c:579:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:579:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:580:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:580:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:581:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:581:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass’
wavpack-5.8.1/src/extra1.c:586:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:586:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:587:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:587:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:588:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:588:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass’
wavpack-5.8.1/src/extra1.c:593:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:593:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:594:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:594:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:595:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:595:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass’
wavpack-5.8.1/src/extra1.c:600:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:600:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:601:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:601:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:602:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:602:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass’
wavpack-5.8.1/src/extra1.c:607:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:607:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:608:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:608:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:609:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:609:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass’
wavpack-5.8.1/src/extra1.c:611:9: call_function: calling ‘mono_add_noise’ from ‘execute_mono’
#  511|               }
#  512|               else
#  513|->                 *lptr++ += (error = nosend_word (wps, *rptr, 0) - *rptr) + temp;
#  514|   
#  515|               rptr++;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def186]
wavpack-5.8.1/src/extra1.c:523:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘lptr’
wavpack-5.8.1/src/extra1.c:528:6: enter_function: entry to ‘execute_mono’
wavpack-5.8.1/src/extra1.c:547:8: branch_false: following ‘false’ branch (when ‘i != num_samples’)...
wavpack-5.8.1/src/extra1.c:555:20: branch_false: ...to here
wavpack-5.8.1/src/extra1.c:557:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra1.c:564:23: branch_false: ...to here
wavpack-5.8.1/src/extra1.c:568:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra1.c:569:24: acquire_memory: this call could return NULL
wavpack-5.8.1/src/extra1.c:579:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:579:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:580:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:580:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:581:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:581:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass’
wavpack-5.8.1/src/extra1.c:586:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:586:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:587:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:587:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:588:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:588:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass’
wavpack-5.8.1/src/extra1.c:593:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:593:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:594:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:594:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:595:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:595:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass’
wavpack-5.8.1/src/extra1.c:600:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:600:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:601:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:601:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:602:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:602:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass’
wavpack-5.8.1/src/extra1.c:607:9: call_function: calling ‘decorr_mono_pass_reverse’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:607:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass_reverse’
wavpack-5.8.1/src/extra1.c:608:9: call_function: calling ‘reverse_mono_decorr’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:608:9: return_function: returning to ‘execute_mono’ from ‘reverse_mono_decorr’
wavpack-5.8.1/src/extra1.c:609:9: call_function: calling ‘decorr_mono_pass’ from ‘execute_mono’
wavpack-5.8.1/src/extra1.c:609:9: return_function: returning to ‘execute_mono’ from ‘decorr_mono_pass’
wavpack-5.8.1/src/extra1.c:611:9: call_function: calling ‘mono_add_noise’ from ‘execute_mono’
#  521|       else
#  522|           while (cnt--) {
#  523|->             *lptr++ += nosend_word (wps, *rptr, 0) - *rptr;
#  524|               rptr++;
#  525|           }

Error: CPPCHECK_WARNING (CWE-476): [#def187]
wavpack-5.8.1/src/extra1.c:570: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: noisy_buffer
#  568|       if (wps->num_passes > 1 && (wps->wphdr.flags & HYBRID_FLAG)) {
#  569|           noisy_buffer = malloc (buf_size);
#  570|->         memcpy (noisy_buffer, samples, buf_size);
#  571|           no_history = 1;
#  572|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def188]
wavpack-5.8.1/src/extra2.c:103:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out_samples’
wavpack-5.8.1/src/extra2.c:713:6: enter_function: entry to ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:732:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra2.c:741:20: branch_false: ...to here
wavpack-5.8.1/src/extra2.c:743:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra2.c:749:9: branch_false: ...to here
wavpack-5.8.1/src/extra2.c:749:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra2.c:750:13: branch_true: ...to here
wavpack-5.8.1/src/extra2.c:757:23: acquire_memory: this call could return NULL
wavpack-5.8.1/src/extra2.c:761:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra2.c:772:9: call_function: calling ‘decorr_stereo_pass_reverse’ from ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:772:9: return_function: returning to ‘execute_stereo’ from ‘decorr_stereo_pass_reverse’
wavpack-5.8.1/src/extra2.c:773:9: call_function: calling ‘reverse_decorr’ from ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:773:9: return_function: returning to ‘execute_stereo’ from ‘reverse_decorr’
wavpack-5.8.1/src/extra2.c:774:9: call_function: calling ‘decorr_stereo_pass’ from ‘execute_stereo’
#  101|                   sam = dpp->samples_A [0];
#  102|                   dpp->samples_A [0] = dpp->samples_A [1];
#  103|->                 out_samples [0] = tmp = (dpp->samples_A [1] = in_samples [0]) - apply_weight (dpp->weight_A, sam);
#  104|                   update_weight (dpp->weight_A, dpp->delta, sam, tmp);
#  105|                   dpp->sum_A += dpp->weight_A;

Error: CPPCHECK_WARNING (CWE-758): [#def189]
wavpack-5.8.1/src/extra2.c:104: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  102|                   dpp->samples_A [0] = dpp->samples_A [1];
#  103|                   out_samples [0] = tmp = (dpp->samples_A [1] = in_samples [0]) - apply_weight (dpp->weight_A, sam);
#  104|->                 update_weight (dpp->weight_A, dpp->delta, sam, tmp);
#  105|                   dpp->sum_A += dpp->weight_A;
#  106|   

Error: CPPCHECK_WARNING (CWE-758): [#def190]
wavpack-5.8.1/src/extra2.c:110: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  108|                   dpp->samples_B [0] = dpp->samples_B [1];
#  109|                   out_samples [1] = tmp = (dpp->samples_B [1] = in_samples [1]) - apply_weight (dpp->weight_B, sam);
#  110|->                 update_weight (dpp->weight_B, dpp->delta, sam, tmp);
#  111|                   dpp->sum_B += dpp->weight_B;
#  112|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def191]
wavpack-5.8.1/src/extra2.c:125:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out_samples’
wavpack-5.8.1/src/extra2.c:713:6: enter_function: entry to ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:732:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra2.c:741:20: branch_false: ...to here
wavpack-5.8.1/src/extra2.c:743:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra2.c:749:9: branch_false: ...to here
wavpack-5.8.1/src/extra2.c:749:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra2.c:750:13: branch_true: ...to here
wavpack-5.8.1/src/extra2.c:757:23: acquire_memory: this call could return NULL
wavpack-5.8.1/src/extra2.c:761:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra2.c:772:9: call_function: calling ‘decorr_stereo_pass_reverse’ from ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:772:9: return_function: returning to ‘execute_stereo’ from ‘decorr_stereo_pass_reverse’
wavpack-5.8.1/src/extra2.c:773:9: call_function: calling ‘reverse_decorr’ from ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:773:9: return_function: returning to ‘execute_stereo’ from ‘reverse_decorr’
wavpack-5.8.1/src/extra2.c:774:9: call_function: calling ‘decorr_stereo_pass’ from ‘execute_stereo’
#  123|                   sam = 2 * dpp->samples_A [0] - dpp->samples_A [1];
#  124|                   dpp->samples_A [1] = dpp->samples_A [0];
#  125|->                 out_samples [0] = tmp = (dpp->samples_A [0] = in_samples [0]) - apply_weight (dpp->weight_A, sam);
#  126|                   update_weight (dpp->weight_A, dpp->delta, sam, tmp);
#  127|                   dpp->sum_A += dpp->weight_A;

Error: CPPCHECK_WARNING (CWE-758): [#def192]
wavpack-5.8.1/src/extra2.c:126: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  124|                   dpp->samples_A [1] = dpp->samples_A [0];
#  125|                   out_samples [0] = tmp = (dpp->samples_A [0] = in_samples [0]) - apply_weight (dpp->weight_A, sam);
#  126|->                 update_weight (dpp->weight_A, dpp->delta, sam, tmp);
#  127|                   dpp->sum_A += dpp->weight_A;
#  128|   

Error: CPPCHECK_WARNING (CWE-758): [#def193]
wavpack-5.8.1/src/extra2.c:132: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  130|                   dpp->samples_B [1] = dpp->samples_B [0];
#  131|                   out_samples [1] = tmp = (dpp->samples_B [0] = in_samples [1]) - apply_weight (dpp->weight_B, sam);
#  132|->                 update_weight (dpp->weight_B, dpp->delta, sam, tmp);
#  133|                   dpp->sum_B += dpp->weight_B;
#  134|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def194]
wavpack-5.8.1/src/extra2.c:147:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out_samples’
wavpack-5.8.1/src/extra2.c:713:6: enter_function: entry to ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:732:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra2.c:741:20: branch_false: ...to here
wavpack-5.8.1/src/extra2.c:743:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra2.c:749:9: branch_false: ...to here
wavpack-5.8.1/src/extra2.c:749:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra2.c:750:13: branch_true: ...to here
wavpack-5.8.1/src/extra2.c:757:23: acquire_memory: this call could return NULL
wavpack-5.8.1/src/extra2.c:761:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra2.c:772:9: call_function: calling ‘decorr_stereo_pass_reverse’ from ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:772:9: return_function: returning to ‘execute_stereo’ from ‘decorr_stereo_pass_reverse’
wavpack-5.8.1/src/extra2.c:773:9: call_function: calling ‘reverse_decorr’ from ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:773:9: return_function: returning to ‘execute_stereo’ from ‘reverse_decorr’
wavpack-5.8.1/src/extra2.c:774:9: call_function: calling ‘decorr_stereo_pass’ from ‘execute_stereo’
#  145|                   sam = dpp->samples_A [0] + ((dpp->samples_A [0] - dpp->samples_A [1]) >> 1);
#  146|                   dpp->samples_A [1] = dpp->samples_A [0];
#  147|->                 out_samples [0] = tmp = (dpp->samples_A [0] = in_samples [0]) - apply_weight (dpp->weight_A, sam);
#  148|                   update_weight (dpp->weight_A, dpp->delta, sam, tmp);
#  149|                   dpp->sum_A += dpp->weight_A;

Error: CPPCHECK_WARNING (CWE-758): [#def195]
wavpack-5.8.1/src/extra2.c:148: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  146|                   dpp->samples_A [1] = dpp->samples_A [0];
#  147|                   out_samples [0] = tmp = (dpp->samples_A [0] = in_samples [0]) - apply_weight (dpp->weight_A, sam);
#  148|->                 update_weight (dpp->weight_A, dpp->delta, sam, tmp);
#  149|                   dpp->sum_A += dpp->weight_A;
#  150|   

Error: CPPCHECK_WARNING (CWE-758): [#def196]
wavpack-5.8.1/src/extra2.c:154: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  152|                   dpp->samples_B [1] = dpp->samples_B [0];
#  153|                   out_samples [1] = tmp = (dpp->samples_B [0] = in_samples [1]) - apply_weight (dpp->weight_B, sam);
#  154|->                 update_weight (dpp->weight_B, dpp->delta, sam, tmp);
#  155|                   dpp->sum_B += dpp->weight_B;
#  156|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def197]
wavpack-5.8.1/src/extra2.c:170:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out_samples’
wavpack-5.8.1/src/extra2.c:713:6: enter_function: entry to ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:732:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra2.c:741:20: branch_false: ...to here
wavpack-5.8.1/src/extra2.c:743:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra2.c:749:9: branch_false: ...to here
wavpack-5.8.1/src/extra2.c:749:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra2.c:750:13: branch_true: ...to here
wavpack-5.8.1/src/extra2.c:757:23: acquire_memory: this call could return NULL
wavpack-5.8.1/src/extra2.c:761:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra2.c:772:9: call_function: calling ‘decorr_stereo_pass_reverse’ from ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:772:9: return_function: returning to ‘execute_stereo’ from ‘decorr_stereo_pass_reverse’
wavpack-5.8.1/src/extra2.c:773:9: call_function: calling ‘reverse_decorr’ from ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:773:9: return_function: returning to ‘execute_stereo’ from ‘reverse_decorr’
wavpack-5.8.1/src/extra2.c:774:9: call_function: calling ‘decorr_stereo_pass’ from ‘execute_stereo’
#  168|   
#  169|                   sam = dpp->samples_A [m];
#  170|->                 out_samples [0] = tmp = (dpp->samples_A [k] = in_samples [0]) - apply_weight (dpp->weight_A, sam);
#  171|                   update_weight (dpp->weight_A, dpp->delta, sam, tmp);
#  172|                   dpp->sum_A += dpp->weight_A;

Error: CPPCHECK_WARNING (CWE-758): [#def198]
wavpack-5.8.1/src/extra2.c:171: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  169|                   sam = dpp->samples_A [m];
#  170|                   out_samples [0] = tmp = (dpp->samples_A [k] = in_samples [0]) - apply_weight (dpp->weight_A, sam);
#  171|->                 update_weight (dpp->weight_A, dpp->delta, sam, tmp);
#  172|                   dpp->sum_A += dpp->weight_A;
#  173|   

Error: CPPCHECK_WARNING (CWE-758): [#def199]
wavpack-5.8.1/src/extra2.c:176: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  174|                   sam = dpp->samples_B [m];
#  175|                   out_samples [1] = tmp = (dpp->samples_B [k] = in_samples [1]) - apply_weight (dpp->weight_B, sam);
#  176|->                 update_weight (dpp->weight_B, dpp->delta, sam, tmp);
#  177|                   dpp->sum_B += dpp->weight_B;
#  178|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def200]
wavpack-5.8.1/src/extra2.c:207:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out_samples’
wavpack-5.8.1/src/extra2.c:713:6: enter_function: entry to ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:732:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra2.c:741:20: branch_false: ...to here
wavpack-5.8.1/src/extra2.c:743:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra2.c:749:9: branch_false: ...to here
wavpack-5.8.1/src/extra2.c:749:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra2.c:750:13: branch_true: ...to here
wavpack-5.8.1/src/extra2.c:757:23: acquire_memory: this call could return NULL
wavpack-5.8.1/src/extra2.c:761:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra2.c:772:9: call_function: calling ‘decorr_stereo_pass_reverse’ from ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:772:9: return_function: returning to ‘execute_stereo’ from ‘decorr_stereo_pass_reverse’
wavpack-5.8.1/src/extra2.c:773:9: call_function: calling ‘reverse_decorr’ from ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:773:9: return_function: returning to ‘execute_stereo’ from ‘reverse_decorr’
wavpack-5.8.1/src/extra2.c:774:9: call_function: calling ‘decorr_stereo_pass’ from ‘execute_stereo’
#  205|   
#  206|                   sam_A = dpp->samples_A [0];
#  207|->                 out_samples [0] = tmp = (sam_B = in_samples [0]) - apply_weight (dpp->weight_A, sam_A);
#  208|                   update_weight_clip (dpp->weight_A, dpp->delta, sam_A, tmp);
#  209|                   dpp->sum_A += dpp->weight_A;

Error: CPPCHECK_WARNING (CWE-758): [#def201]
wavpack-5.8.1/src/extra2.c:208: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  206|                   sam_A = dpp->samples_A [0];
#  207|                   out_samples [0] = tmp = (sam_B = in_samples [0]) - apply_weight (dpp->weight_A, sam_A);
#  208|->                 update_weight_clip (dpp->weight_A, dpp->delta, sam_A, tmp);
#  209|                   dpp->sum_A += dpp->weight_A;
#  210|   

Error: CPPCHECK_WARNING (CWE-758): [#def202]
wavpack-5.8.1/src/extra2.c:212: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  210|   
#  211|                   out_samples [1] = tmp = (dpp->samples_A [0] = in_samples [1]) - apply_weight (dpp->weight_B, sam_B);
#  212|->                 update_weight_clip (dpp->weight_B, dpp->delta, sam_B, tmp);
#  213|                   dpp->sum_B += dpp->weight_B;
#  214|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def203]
wavpack-5.8.1/src/extra2.c:226:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out_samples’
wavpack-5.8.1/src/extra2.c:713:6: enter_function: entry to ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:732:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra2.c:741:20: branch_false: ...to here
wavpack-5.8.1/src/extra2.c:743:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra2.c:749:9: branch_false: ...to here
wavpack-5.8.1/src/extra2.c:749:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra2.c:750:13: branch_true: ...to here
wavpack-5.8.1/src/extra2.c:757:23: acquire_memory: this call could return NULL
wavpack-5.8.1/src/extra2.c:761:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra2.c:772:9: call_function: calling ‘decorr_stereo_pass_reverse’ from ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:772:9: return_function: returning to ‘execute_stereo’ from ‘decorr_stereo_pass_reverse’
wavpack-5.8.1/src/extra2.c:773:9: call_function: calling ‘reverse_decorr’ from ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:773:9: return_function: returning to ‘execute_stereo’ from ‘reverse_decorr’
wavpack-5.8.1/src/extra2.c:774:9: call_function: calling ‘decorr_stereo_pass’ from ‘execute_stereo’
#  224|   
#  225|                   sam_B = dpp->samples_B [0];
#  226|->                 out_samples [1] = tmp = (sam_A = in_samples [1]) - apply_weight (dpp->weight_B, sam_B);
#  227|                   update_weight_clip (dpp->weight_B, dpp->delta, sam_B, tmp);
#  228|                   dpp->sum_B += dpp->weight_B;

Error: CPPCHECK_WARNING (CWE-758): [#def204]
wavpack-5.8.1/src/extra2.c:227: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  225|                   sam_B = dpp->samples_B [0];
#  226|                   out_samples [1] = tmp = (sam_A = in_samples [1]) - apply_weight (dpp->weight_B, sam_B);
#  227|->                 update_weight_clip (dpp->weight_B, dpp->delta, sam_B, tmp);
#  228|                   dpp->sum_B += dpp->weight_B;
#  229|   

Error: CPPCHECK_WARNING (CWE-758): [#def205]
wavpack-5.8.1/src/extra2.c:231: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  229|   
#  230|                   out_samples [0] = tmp = (dpp->samples_B [0] = in_samples [0]) - apply_weight (dpp->weight_A, sam_A);
#  231|->                 update_weight_clip (dpp->weight_A, dpp->delta, sam_A, tmp);
#  232|                   dpp->sum_A += dpp->weight_A;
#  233|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def206]
wavpack-5.8.1/src/extra2.c:248:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out_samples’
wavpack-5.8.1/src/extra2.c:713:6: enter_function: entry to ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:732:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra2.c:741:20: branch_false: ...to here
wavpack-5.8.1/src/extra2.c:743:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/extra2.c:749:9: branch_false: ...to here
wavpack-5.8.1/src/extra2.c:749:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra2.c:750:13: branch_true: ...to here
wavpack-5.8.1/src/extra2.c:757:23: acquire_memory: this call could return NULL
wavpack-5.8.1/src/extra2.c:761:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/extra2.c:772:9: call_function: calling ‘decorr_stereo_pass_reverse’ from ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:772:9: return_function: returning to ‘execute_stereo’ from ‘decorr_stereo_pass_reverse’
wavpack-5.8.1/src/extra2.c:773:9: call_function: calling ‘reverse_decorr’ from ‘execute_stereo’
wavpack-5.8.1/src/extra2.c:773:9: return_function: returning to ‘execute_stereo’ from ‘reverse_decorr’
wavpack-5.8.1/src/extra2.c:774:9: call_function: calling ‘decorr_stereo_pass’ from ‘execute_stereo’
#  246|   
#  247|                   dpp->samples_A [0] = tmp = in_samples [1];
#  248|->                 out_samples [1] = tmp -= apply_weight (dpp->weight_B, sam_B);
#  249|                   update_weight_clip (dpp->weight_B, dpp->delta, sam_B, tmp);
#  250|                   dpp->sum_B += dpp->weight_B;

Error: CPPCHECK_WARNING (CWE-758): [#def207]
wavpack-5.8.1/src/extra2.c:249: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  247|                   dpp->samples_A [0] = tmp = in_samples [1];
#  248|                   out_samples [1] = tmp -= apply_weight (dpp->weight_B, sam_B);
#  249|->                 update_weight_clip (dpp->weight_B, dpp->delta, sam_B, tmp);
#  250|                   dpp->sum_B += dpp->weight_B;
#  251|   

Error: CPPCHECK_WARNING (CWE-758): [#def208]
wavpack-5.8.1/src/extra2.c:254: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  252|                   dpp->samples_B [0] = tmp = in_samples [0];
#  253|                   out_samples [0] = tmp -= apply_weight (dpp->weight_A, sam_A);
#  254|->                 update_weight_clip (dpp->weight_A, dpp->delta, sam_A, tmp);
#  255|                   dpp->sum_A += dpp->weight_A;
#  256|   

Error: CPPCHECK_WARNING (CWE-476): [#def209]
wavpack-5.8.1/src/extra2.c:763: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: noisy_buffer
#  761|       if (wps->num_passes > 1 && (wps->wphdr.flags & HYBRID_FLAG)) {
#  762|           noisy_buffer = malloc (buf_size);
#  763|->         memcpy (noisy_buffer, samples, buf_size);
#  764|           no_history = 1;
#  765|   

Error: CPPCHECK_WARNING (CWE-476): [#def210]
wavpack-5.8.1/src/open_filename.c:302: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: in2filename
#  300|           char *in2filename = malloc (strlen (infilename) + 10);
#  301|   
#  302|->         strcpy (in2filename, infilename);
#  303|           strcat (in2filename, "c");
#  304|           wvc_id = fopen_func (in2filename, "rb");

Error: GCC_ANALYZER_WARNING (CWE-688): [#def211]
wavpack-5.8.1/src/open_filename.c:302:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘in2filename’ where non-null expected
wavpack-5.8.1/src/open_filename.c:285:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/open_filename.c:294:23: branch_false: ...to here
wavpack-5.8.1/src/open_filename.c:294:13: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/open_filename.c:299:9: branch_false: ...to here
wavpack-5.8.1/src/open_filename.c:299:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_filename.c:300:29: acquire_memory: this call could return NULL
wavpack-5.8.1/src/open_filename.c:302:9: danger: argument 1 (‘in2filename’) from [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6) could be NULL where non-null expected
#argument 1 of ‘__builtin_strcpy’ must be non-null
#  300|           char *in2filename = malloc (strlen (infilename) + 10);
#  301|   
#  302|->         strcpy (in2filename, infilename);
#  303|           strcat (in2filename, "c");
#  304|           wvc_id = fopen_func (in2filename, "rb");

Error: CPPCHECK_WARNING (CWE-476): [#def212]
wavpack-5.8.1/src/open_filename.c:303: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: in2filename
#  301|   
#  302|           strcpy (in2filename, infilename);
#  303|->         strcat (in2filename, "c");
#  304|           wvc_id = fopen_func (in2filename, "rb");
#  305|           free (in2filename);

Error: CPPCHECK_WARNING (CWE-476): [#def213]
wavpack-5.8.1/src/open_legacy.c:103: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: trans_wv
#  101|       if (wv_id) {
#  102|           trans_wv = (WavpackReaderTranslator *)malloc (sizeof (WavpackReaderTranslator));
#  103|->         trans_wv->reader = reader;
#  104|           trans_wv->id = wv_id;
#  105|       }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def214]
wavpack-5.8.1/src/open_legacy.c:103:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘trans_wv’
wavpack-5.8.1/src/open_legacy.c:101:8: branch_true: following ‘true’ branch (when ‘wv_id’ is non-NULL)...
wavpack-5.8.1/src/open_legacy.c:102:47: branch_true: ...to here
wavpack-5.8.1/src/open_legacy.c:102:47: acquire_memory: this call could return NULL
wavpack-5.8.1/src/open_legacy.c:103:9: danger: ‘trans_wv’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  101|       if (wv_id) {
#  102|           trans_wv = (WavpackReaderTranslator *)malloc (sizeof (WavpackReaderTranslator));
#  103|->         trans_wv->reader = reader;
#  104|           trans_wv->id = wv_id;
#  105|       }

Error: CPPCHECK_WARNING (CWE-476): [#def215]
wavpack-5.8.1/src/open_legacy.c:104: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: trans_wv
#  102|           trans_wv = (WavpackReaderTranslator *)malloc (sizeof (WavpackReaderTranslator));
#  103|           trans_wv->reader = reader;
#  104|->         trans_wv->id = wv_id;
#  105|       }
#  106|   

Error: CPPCHECK_WARNING (CWE-476): [#def216]
wavpack-5.8.1/src/open_legacy.c:109: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: trans_wvc
#  107|       if (wvc_id) {
#  108|           trans_wvc = (WavpackReaderTranslator *)malloc (sizeof (WavpackReaderTranslator));
#  109|->         trans_wvc->reader = reader;
#  110|           trans_wvc->id = wvc_id;
#  111|       }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def217]
wavpack-5.8.1/src/open_legacy.c:109:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘trans_wvc’
wavpack-5.8.1/src/open_legacy.c:101:8: branch_false: following ‘false’ branch (when ‘wv_id’ is NULL)...
wavpack-5.8.1/src/open_legacy.c:107:8: branch_false: ...to here
wavpack-5.8.1/src/open_legacy.c:107:8: branch_true: following ‘true’ branch (when ‘wvc_id’ is non-NULL)...
wavpack-5.8.1/src/open_legacy.c:108:48: branch_true: ...to here
wavpack-5.8.1/src/open_legacy.c:108:48: acquire_memory: this call could return NULL
wavpack-5.8.1/src/open_legacy.c:109:9: danger: ‘trans_wvc’ could be NULL: unchecked value from [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  107|       if (wvc_id) {
#  108|           trans_wvc = (WavpackReaderTranslator *)malloc (sizeof (WavpackReaderTranslator));
#  109|->         trans_wvc->reader = reader;
#  110|           trans_wvc->id = wvc_id;
#  111|       }

Error: CPPCHECK_WARNING (CWE-476): [#def218]
wavpack-5.8.1/src/open_legacy.c:110: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: trans_wvc
#  108|           trans_wvc = (WavpackReaderTranslator *)malloc (sizeof (WavpackReaderTranslator));
#  109|           trans_wvc->reader = reader;
#  110|->         trans_wvc->id = wvc_id;
#  111|       }
#  112|   

Error: CPPCHECK_WARNING (CWE-476): [#def219]
wavpack-5.8.1/src/open_raw.c:151: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: raw_wv
#  149|   
#  150|           raw_wv = malloc (sizeof (WavpackRawContext));
#  151|->         memset (raw_wv, 0, sizeof (WavpackRawContext));
#  152|   
#  153|           if (corr_data && corr_size) {

Error: GCC_ANALYZER_WARNING (CWE-688): [#def220]
wavpack-5.8.1/src/open_raw.c:151:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘raw_wv’ where non-null expected
wavpack-5.8.1/src/open_raw.c:143:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_raw.c:145:18: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:150:18: acquire_memory: this call could return NULL
wavpack-5.8.1/src/open_raw.c:151:9: danger: argument 1 (‘raw_wv’) from [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2) could be NULL where non-null expected
#argument 1 of ‘__builtin_memset’ must be non-null
#  149|   
#  150|           raw_wv = malloc (sizeof (WavpackRawContext));
#  151|->         memset (raw_wv, 0, sizeof (WavpackRawContext));
#  152|   
#  153|           if (corr_data && corr_size) {

Error: CPPCHECK_WARNING (CWE-476): [#def221]
wavpack-5.8.1/src/open_raw.c:155: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: raw_wvc
#  153|           if (corr_data && corr_size) {
#  154|               raw_wvc = malloc (sizeof (WavpackRawContext));
#  155|->             memset (raw_wvc, 0, sizeof (WavpackRawContext));
#  156|           }
#  157|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def222]
wavpack-5.8.1/src/open_raw.c:155:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘raw_wvc’ where non-null expected
wavpack-5.8.1/src/open_raw.c:143:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_raw.c:145:18: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:153:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_raw.c:154:23: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:154:23: acquire_memory: this call could return NULL
wavpack-5.8.1/src/open_raw.c:155:13: danger: argument 1 (‘raw_wvc’) from [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4) could be NULL where non-null expected
#argument 1 of ‘__builtin_memset’ must be non-null
#  153|           if (corr_data && corr_size) {
#  154|               raw_wvc = malloc (sizeof (WavpackRawContext));
#  155|->             memset (raw_wvc, 0, sizeof (WavpackRawContext));
#  156|           }
#  157|   

Error: CPPCHECK_WARNING (CWE-476): [#def223]
wavpack-5.8.1/src/open_raw.c:203: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  201|               else {
#  202|                   WavpackHeader *wphdr = malloc (sizeof (WavpackHeader));
#  203|->                 memset (wphdr, 0, sizeof (WavpackHeader));
#  204|                   memcpy (wphdr->ckID, "wvpk", 4);
#  205|                   wphdr->ckSize = sizeof (WavpackHeader) - 8 + block_size;

Error: CPPCHECK_WARNING (CWE-476): [#def224]
wavpack-5.8.1/src/open_raw.c:204: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  202|                   WavpackHeader *wphdr = malloc (sizeof (WavpackHeader));
#  203|                   memset (wphdr, 0, sizeof (WavpackHeader));
#  204|->                 memcpy (wphdr->ckID, "wvpk", 4);
#  205|                   wphdr->ckSize = sizeof (WavpackHeader) - 8 + block_size;
#  206|                   SET_TOTAL_SAMPLES (*wphdr, block_samples);

Error: CPPCHECK_WARNING (CWE-476): [#def225]
wavpack-5.8.1/src/open_raw.c:205: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  203|                   memset (wphdr, 0, sizeof (WavpackHeader));
#  204|                   memcpy (wphdr->ckID, "wvpk", 4);
#  205|->                 wphdr->ckSize = sizeof (WavpackHeader) - 8 + block_size;
#  206|                   SET_TOTAL_SAMPLES (*wphdr, block_samples);
#  207|                   wphdr->block_samples = block_samples;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def226]
wavpack-5.8.1/src/open_raw.c:205:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wphdr’
wavpack-5.8.1/src/open_raw.c:143:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_raw.c:145:18: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:153:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:158:16: branch_true: following ‘true’ branch (when ‘main_bytes > 11’)...
wavpack-5.8.1/src/open_raw.c:159:16: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:159:16: branch_true: following ‘true’ branch (when ‘msi == 0’)...
wavpack-5.8.1/src/open_raw.c:160:33: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:176:16: branch_true: following ‘true’ branch (when ‘msi == 0’)...
wavpack-5.8.1/src/open_raw.c:176:26: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:195:16: branch_false: following ‘false’ branch (when ‘block_size <= main_bytes’)...
wavpack-5.8.1/src/open_raw.c:202:40: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:202:40: acquire_memory: this call could return NULL
wavpack-5.8.1/src/open_raw.c:205:17: danger: ‘wphdr’ could be NULL: unchecked value from [(13)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/12)
#  203|                   memset (wphdr, 0, sizeof (WavpackHeader));
#  204|                   memcpy (wphdr->ckID, "wvpk", 4);
#  205|->                 wphdr->ckSize = sizeof (WavpackHeader) - 8 + block_size;
#  206|                   SET_TOTAL_SAMPLES (*wphdr, block_samples);
#  207|                   wphdr->block_samples = block_samples;

Error: CPPCHECK_WARNING (CWE-476): [#def227]
wavpack-5.8.1/src/open_raw.c:206: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  204|                   memcpy (wphdr->ckID, "wvpk", 4);
#  205|                   wphdr->ckSize = sizeof (WavpackHeader) - 8 + block_size;
#  206|->                 SET_TOTAL_SAMPLES (*wphdr, block_samples);
#  207|                   wphdr->block_samples = block_samples;
#  208|                   wphdr->version = version;

Error: CPPCHECK_WARNING (CWE-476): [#def228]
wavpack-5.8.1/src/open_raw.c:207: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  205|                   wphdr->ckSize = sizeof (WavpackHeader) - 8 + block_size;
#  206|                   SET_TOTAL_SAMPLES (*wphdr, block_samples);
#  207|->                 wphdr->block_samples = block_samples;
#  208|                   wphdr->version = version;
#  209|                   wphdr->flags = wphdr_flags;

Error: CPPCHECK_WARNING (CWE-476): [#def229]
wavpack-5.8.1/src/open_raw.c:208: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  206|                   SET_TOTAL_SAMPLES (*wphdr, block_samples);
#  207|                   wphdr->block_samples = block_samples;
#  208|->                 wphdr->version = version;
#  209|                   wphdr->flags = wphdr_flags;
#  210|                   wphdr->crc = crc;

Error: CPPCHECK_WARNING (CWE-476): [#def230]
wavpack-5.8.1/src/open_raw.c:209: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  207|                   wphdr->block_samples = block_samples;
#  208|                   wphdr->version = version;
#  209|->                 wphdr->flags = wphdr_flags;
#  210|                   wphdr->crc = crc;
#  211|                   WavpackLittleEndianToNative (wphdr, WavpackHeaderFormat);

Error: CPPCHECK_WARNING (CWE-476): [#def231]
wavpack-5.8.1/src/open_raw.c:210: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  208|                   wphdr->version = version;
#  209|                   wphdr->flags = wphdr_flags;
#  210|->                 wphdr->crc = crc;
#  211|                   WavpackLittleEndianToNative (wphdr, WavpackHeaderFormat);
#  212|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def232]
wavpack-5.8.1/src/open_raw.c:214:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
wavpack-5.8.1/src/open_raw.c:143:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_raw.c:145:18: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:153:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:158:16: branch_true: following ‘true’ branch (when ‘main_bytes > 11’)...
wavpack-5.8.1/src/open_raw.c:159:16: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:159:16: branch_true: following ‘true’ branch (when ‘msi == 0’)...
wavpack-5.8.1/src/open_raw.c:160:33: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:176:16: branch_true: following ‘true’ branch (when ‘msi == 0’)...
wavpack-5.8.1/src/open_raw.c:176:26: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:195:16: branch_false: following ‘false’ branch (when ‘block_size <= main_bytes’)...
wavpack-5.8.1/src/open_raw.c:202:40: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:225:16: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:158:16: branch_true: following ‘true’ branch (when ‘main_bytes > 11’)...
wavpack-5.8.1/src/open_raw.c:159:16: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:159:16: branch_false: following ‘false’ branch (when ‘msi != 0’)...
wavpack-5.8.1/src/open_raw.c:167:27: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:176:16: branch_false: following ‘false’ branch (when ‘msi != 0’)...
 branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:195:16: branch_false: following ‘false’ branch (when ‘block_size <= main_bytes’)...
wavpack-5.8.1/src/open_raw.c:202:40: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:214:17: danger: ‘<unknown>’ leaks here; was allocated at [(13)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/12)
#  212|   
#  213|                   raw_wv->num_segments += 2;
#  214|->                 raw_wv->segments = realloc (raw_wv->segments, sizeof (RawSegment) * raw_wv->num_segments);
#  215|                   raw_wv->segments [msi].dptr = raw_wv->segments [msi].sptr = (unsigned char *) wphdr;
#  216|                   raw_wv->segments [msi].eptr = raw_wv->segments [msi].dptr + sizeof (WavpackHeader);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def233]
wavpack-5.8.1/src/open_raw.c:215:47: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
wavpack-5.8.1/src/open_raw.c:143:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_raw.c:145:18: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:153:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:158:16: branch_true: following ‘true’ branch (when ‘main_bytes > 11’)...
wavpack-5.8.1/src/open_raw.c:159:16: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:159:16: branch_true: following ‘true’ branch (when ‘msi == 0’)...
wavpack-5.8.1/src/open_raw.c:160:33: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:176:16: branch_true: following ‘true’ branch (when ‘msi == 0’)...
wavpack-5.8.1/src/open_raw.c:176:26: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:195:16: branch_false: following ‘false’ branch (when ‘block_size <= main_bytes’)...
wavpack-5.8.1/src/open_raw.c:202:40: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:214:45: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:214:45: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:214:45: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:214:45: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:214:45: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:214:45: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:214:45: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:215:64: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:215:47: danger: dereference of NULL ‘realloc(*raw_wv.segments, (long unsigned int)(*raw_wv.num_segments + 2) * 32) + (long unsigned int)msi * 32’
#  213|                   raw_wv->num_segments += 2;
#  214|                   raw_wv->segments = realloc (raw_wv->segments, sizeof (RawSegment) * raw_wv->num_segments);
#  215|->                 raw_wv->segments [msi].dptr = raw_wv->segments [msi].sptr = (unsigned char *) wphdr;
#  216|                   raw_wv->segments [msi].eptr = raw_wv->segments [msi].dptr + sizeof (WavpackHeader);
#  217|                   raw_wv->segments [msi++].free_required = 1;

Error: CPPCHECK_WARNING (CWE-682): [#def234]
wavpack-5.8.1/src/open_raw.c:216: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  214|                   raw_wv->segments = realloc (raw_wv->segments, sizeof (RawSegment) * raw_wv->num_segments);
#  215|                   raw_wv->segments [msi].dptr = raw_wv->segments [msi].sptr = (unsigned char *) wphdr;
#  216|->                 raw_wv->segments [msi].eptr = raw_wv->segments [msi].dptr + sizeof (WavpackHeader);
#  217|                   raw_wv->segments [msi++].free_required = 1;
#  218|                   raw_wv->segments [msi].dptr = raw_wv->segments [msi].sptr = mcp;

Error: CPPCHECK_WARNING (CWE-476): [#def235]
wavpack-5.8.1/src/open_raw.c:250: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  248|                   else {
#  249|                       WavpackHeader *wphdr = malloc (sizeof (WavpackHeader));
#  250|->                     memset (wphdr, 0, sizeof (WavpackHeader));
#  251|                       memcpy (wphdr->ckID, "wvpk", 4);
#  252|                       wphdr->ckSize = sizeof (WavpackHeader) - 8 + block_size;

Error: CPPCHECK_WARNING (CWE-476): [#def236]
wavpack-5.8.1/src/open_raw.c:251: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  249|                       WavpackHeader *wphdr = malloc (sizeof (WavpackHeader));
#  250|                       memset (wphdr, 0, sizeof (WavpackHeader));
#  251|->                     memcpy (wphdr->ckID, "wvpk", 4);
#  252|                       wphdr->ckSize = sizeof (WavpackHeader) - 8 + block_size;
#  253|                       SET_TOTAL_SAMPLES (*wphdr, block_samples);

Error: CPPCHECK_WARNING (CWE-476): [#def237]
wavpack-5.8.1/src/open_raw.c:252: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  250|                       memset (wphdr, 0, sizeof (WavpackHeader));
#  251|                       memcpy (wphdr->ckID, "wvpk", 4);
#  252|->                     wphdr->ckSize = sizeof (WavpackHeader) - 8 + block_size;
#  253|                       SET_TOTAL_SAMPLES (*wphdr, block_samples);
#  254|                       wphdr->block_samples = block_samples;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def238]
wavpack-5.8.1/src/open_raw.c:252:21: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wphdr’
wavpack-5.8.1/src/open_raw.c:143:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_raw.c:145:18: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:153:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:158:16: branch_true: following ‘true’ branch (when ‘main_bytes > 11’)...
wavpack-5.8.1/src/open_raw.c:159:16: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:159:16: branch_true: following ‘true’ branch (when ‘msi == 0’)...
wavpack-5.8.1/src/open_raw.c:160:33: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:176:16: branch_true: following ‘true’ branch (when ‘msi == 0’)...
wavpack-5.8.1/src/open_raw.c:176:26: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:195:16: branch_false: following ‘false’ branch (when ‘block_size <= main_bytes’)...
wavpack-5.8.1/src/open_raw.c:202:40: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:225:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_raw.c:226:23: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:242:20: branch_false: following ‘false’ branch (when ‘block_size <= corr_bytes’)...
wavpack-5.8.1/src/open_raw.c:249:44: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:249:44: acquire_memory: this call could return NULL
wavpack-5.8.1/src/open_raw.c:252:21: danger: ‘wphdr’ could be NULL: unchecked value from [(18)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/17)
#  250|                       memset (wphdr, 0, sizeof (WavpackHeader));
#  251|                       memcpy (wphdr->ckID, "wvpk", 4);
#  252|->                     wphdr->ckSize = sizeof (WavpackHeader) - 8 + block_size;
#  253|                       SET_TOTAL_SAMPLES (*wphdr, block_samples);
#  254|                       wphdr->block_samples = block_samples;

Error: CPPCHECK_WARNING (CWE-476): [#def239]
wavpack-5.8.1/src/open_raw.c:253: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  251|                       memcpy (wphdr->ckID, "wvpk", 4);
#  252|                       wphdr->ckSize = sizeof (WavpackHeader) - 8 + block_size;
#  253|->                     SET_TOTAL_SAMPLES (*wphdr, block_samples);
#  254|                       wphdr->block_samples = block_samples;
#  255|                       wphdr->version = version;

Error: CPPCHECK_WARNING (CWE-476): [#def240]
wavpack-5.8.1/src/open_raw.c:254: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  252|                       wphdr->ckSize = sizeof (WavpackHeader) - 8 + block_size;
#  253|                       SET_TOTAL_SAMPLES (*wphdr, block_samples);
#  254|->                     wphdr->block_samples = block_samples;
#  255|                       wphdr->version = version;
#  256|                       wphdr->flags = wphdr_flags;

Error: CPPCHECK_WARNING (CWE-476): [#def241]
wavpack-5.8.1/src/open_raw.c:255: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  253|                       SET_TOTAL_SAMPLES (*wphdr, block_samples);
#  254|                       wphdr->block_samples = block_samples;
#  255|->                     wphdr->version = version;
#  256|                       wphdr->flags = wphdr_flags;
#  257|                       wphdr->crc = crc;

Error: CPPCHECK_WARNING (CWE-476): [#def242]
wavpack-5.8.1/src/open_raw.c:256: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  254|                       wphdr->block_samples = block_samples;
#  255|                       wphdr->version = version;
#  256|->                     wphdr->flags = wphdr_flags;
#  257|                       wphdr->crc = crc;
#  258|                       WavpackLittleEndianToNative (wphdr, WavpackHeaderFormat);

Error: CPPCHECK_WARNING (CWE-476): [#def243]
wavpack-5.8.1/src/open_raw.c:257: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
#  255|                       wphdr->version = version;
#  256|                       wphdr->flags = wphdr_flags;
#  257|->                     wphdr->crc = crc;
#  258|                       WavpackLittleEndianToNative (wphdr, WavpackHeaderFormat);
#  259|   

Error: GCC_ANALYZER_WARNING (CWE-416): [#def244]
wavpack-5.8.1/src/open_raw.c:260:21: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘raw_wvc’
wavpack-5.8.1/src/open_raw.c:143:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_raw.c:145:18: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:153:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:158:16: branch_true: following ‘true’ branch (when ‘main_bytes > 11’)...
wavpack-5.8.1/src/open_raw.c:159:16: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:159:16: branch_true: following ‘true’ branch (when ‘msi == 0’)...
wavpack-5.8.1/src/open_raw.c:160:33: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:176:16: branch_true: following ‘true’ branch (when ‘msi == 0’)...
wavpack-5.8.1/src/open_raw.c:176:26: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:195:16: branch_false: following ‘false’ branch (when ‘block_size <= main_bytes’)...
wavpack-5.8.1/src/open_raw.c:202:40: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:225:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_raw.c:226:23: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:242:20: branch_false: following ‘false’ branch (when ‘block_size <= corr_bytes’)...
wavpack-5.8.1/src/open_raw.c:249:44: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:260:21: danger: use after ‘free’ of ‘raw_wvc’
#  258|                       WavpackLittleEndianToNative (wphdr, WavpackHeaderFormat);
#  259|   
#  260|->                     raw_wvc->num_segments += 2;
#  261|                       raw_wvc->segments = realloc (raw_wvc->segments, sizeof (RawSegment) * raw_wvc->num_segments);
#  262|                       raw_wvc->segments [csi].dptr = raw_wvc->segments [csi].sptr = (unsigned char *) wphdr;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def245]
wavpack-5.8.1/src/open_raw.c:262:52: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
wavpack-5.8.1/src/open_raw.c:143:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_raw.c:145:18: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:153:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:158:16: branch_true: following ‘true’ branch (when ‘main_bytes > 11’)...
wavpack-5.8.1/src/open_raw.c:159:16: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:159:16: branch_true: following ‘true’ branch (when ‘msi == 0’)...
wavpack-5.8.1/src/open_raw.c:160:33: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:176:16: branch_true: following ‘true’ branch (when ‘msi == 0’)...
wavpack-5.8.1/src/open_raw.c:176:26: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:195:16: branch_false: following ‘false’ branch (when ‘block_size <= main_bytes’)...
wavpack-5.8.1/src/open_raw.c:202:40: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:214:45: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:214:45: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:214:45: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:214:45: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:214:45: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:214:45: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:214:45: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:225:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_raw.c:226:23: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:242:20: branch_false: following ‘false’ branch (when ‘block_size <= corr_bytes’)...
wavpack-5.8.1/src/open_raw.c:249:44: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:262:70: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:262:70: release_memory: ‘0’ is NULL
wavpack-5.8.1/src/open_raw.c:262:52: danger: dereference of NULL ‘realloc(*raw_wvc.segments, (long unsigned int)(*raw_wvc.num_segments + 2) * 32) + (long unsigned int)csi * 32’
#  260|                       raw_wvc->num_segments += 2;
#  261|                       raw_wvc->segments = realloc (raw_wvc->segments, sizeof (RawSegment) * raw_wvc->num_segments);
#  262|->                     raw_wvc->segments [csi].dptr = raw_wvc->segments [csi].sptr = (unsigned char *) wphdr;
#  263|                       raw_wvc->segments [csi].eptr = raw_wvc->segments [csi].dptr + sizeof (WavpackHeader);
#  264|                       raw_wvc->segments [csi++].free_required = 1;

Error: CPPCHECK_WARNING (CWE-682): [#def246]
wavpack-5.8.1/src/open_raw.c:263: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  261|                       raw_wvc->segments = realloc (raw_wvc->segments, sizeof (RawSegment) * raw_wvc->num_segments);
#  262|                       raw_wvc->segments [csi].dptr = raw_wvc->segments [csi].sptr = (unsigned char *) wphdr;
#  263|->                     raw_wvc->segments [csi].eptr = raw_wvc->segments [csi].dptr + sizeof (WavpackHeader);
#  264|                       raw_wvc->segments [csi++].free_required = 1;
#  265|                       raw_wvc->segments [csi].dptr = raw_wvc->segments [csi].sptr = ccp;

Error: CPPCHECK_WARNING (CWE-476): [#def247]
wavpack-5.8.1/src/open_raw.c:284: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: raw_wv
#  282|           if (main_data) {
#  283|               raw_wv = malloc (sizeof (WavpackRawContext));
#  284|->             memset (raw_wv, 0, sizeof (WavpackRawContext));
#  285|               raw_wv->num_segments = 1;
#  286|               raw_wv->segments = malloc (sizeof (RawSegment) * raw_wv->num_segments);

Error: CPPCHECK_WARNING (CWE-476): [#def248]
wavpack-5.8.1/src/open_raw.c:285: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: raw_wv
#  283|               raw_wv = malloc (sizeof (WavpackRawContext));
#  284|               memset (raw_wv, 0, sizeof (WavpackRawContext));
#  285|->             raw_wv->num_segments = 1;
#  286|               raw_wv->segments = malloc (sizeof (RawSegment) * raw_wv->num_segments);
#  287|               raw_wv->segments [0].dptr = raw_wv->segments [0].sptr = main_data;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def249]
wavpack-5.8.1/src/open_raw.c:285:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘raw_wv’
wavpack-5.8.1/src/open_raw.c:143:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/open_raw.c:283:22: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:283:22: acquire_memory: this call could return NULL
wavpack-5.8.1/src/open_raw.c:285:13: danger: ‘raw_wv’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#  283|               raw_wv = malloc (sizeof (WavpackRawContext));
#  284|               memset (raw_wv, 0, sizeof (WavpackRawContext));
#  285|->             raw_wv->num_segments = 1;
#  286|               raw_wv->segments = malloc (sizeof (RawSegment) * raw_wv->num_segments);
#  287|               raw_wv->segments [0].dptr = raw_wv->segments [0].sptr = main_data;

Error: CPPCHECK_WARNING (CWE-476): [#def250]
wavpack-5.8.1/src/open_raw.c:286: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: raw_wv
#  284|               memset (raw_wv, 0, sizeof (WavpackRawContext));
#  285|               raw_wv->num_segments = 1;
#  286|->             raw_wv->segments = malloc (sizeof (RawSegment) * raw_wv->num_segments);
#  287|               raw_wv->segments [0].dptr = raw_wv->segments [0].sptr = main_data;
#  288|               raw_wv->segments [0].eptr = raw_wv->segments [0].dptr + main_size;

Error: CPPCHECK_WARNING (CWE-476): [#def251]
wavpack-5.8.1/src/open_raw.c:287: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: raw_wv
#  285|               raw_wv->num_segments = 1;
#  286|               raw_wv->segments = malloc (sizeof (RawSegment) * raw_wv->num_segments);
#  287|->             raw_wv->segments [0].dptr = raw_wv->segments [0].sptr = main_data;
#  288|               raw_wv->segments [0].eptr = raw_wv->segments [0].dptr + main_size;
#  289|               raw_wv->segments [0].free_required = 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def252]
wavpack-5.8.1/src/open_raw.c:287:41: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘malloc(32)’
wavpack-5.8.1/src/open_raw.c:143:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/open_raw.c:283:22: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:286:32: acquire_memory: this call could return NULL
wavpack-5.8.1/src/open_raw.c:287:41: danger: ‘malloc(32)’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  285|               raw_wv->num_segments = 1;
#  286|               raw_wv->segments = malloc (sizeof (RawSegment) * raw_wv->num_segments);
#  287|->             raw_wv->segments [0].dptr = raw_wv->segments [0].sptr = main_data;
#  288|               raw_wv->segments [0].eptr = raw_wv->segments [0].dptr + main_size;
#  289|               raw_wv->segments [0].free_required = 0;

Error: CPPCHECK_WARNING (CWE-476): [#def253]
wavpack-5.8.1/src/open_raw.c:288: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: raw_wv
#  286|               raw_wv->segments = malloc (sizeof (RawSegment) * raw_wv->num_segments);
#  287|               raw_wv->segments [0].dptr = raw_wv->segments [0].sptr = main_data;
#  288|->             raw_wv->segments [0].eptr = raw_wv->segments [0].dptr + main_size;
#  289|               raw_wv->segments [0].free_required = 0;
#  290|           }

Error: CPPCHECK_WARNING (CWE-476): [#def254]
wavpack-5.8.1/src/open_raw.c:289: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: raw_wv
#  287|               raw_wv->segments [0].dptr = raw_wv->segments [0].sptr = main_data;
#  288|               raw_wv->segments [0].eptr = raw_wv->segments [0].dptr + main_size;
#  289|->             raw_wv->segments [0].free_required = 0;
#  290|           }
#  291|   

Error: CPPCHECK_WARNING (CWE-476): [#def255]
wavpack-5.8.1/src/open_raw.c:294: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: raw_wvc
#  292|           if (corr_data && corr_size) {
#  293|               raw_wvc = malloc (sizeof (WavpackRawContext));
#  294|->             memset (raw_wvc, 0, sizeof (WavpackRawContext));
#  295|               raw_wvc->num_segments = 1;
#  296|               raw_wvc->segments = malloc (sizeof (RawSegment) * raw_wvc->num_segments);

Error: CPPCHECK_WARNING (CWE-476): [#def256]
wavpack-5.8.1/src/open_raw.c:295: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: raw_wvc
#  293|               raw_wvc = malloc (sizeof (WavpackRawContext));
#  294|               memset (raw_wvc, 0, sizeof (WavpackRawContext));
#  295|->             raw_wvc->num_segments = 1;
#  296|               raw_wvc->segments = malloc (sizeof (RawSegment) * raw_wvc->num_segments);
#  297|               raw_wvc->segments [0].dptr = raw_wvc->segments [0].sptr = corr_data;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def257]
wavpack-5.8.1/src/open_raw.c:295:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘raw_wvc’
wavpack-5.8.1/src/open_raw.c:143:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/open_raw.c:283:22: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:292:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_raw.c:293:23: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:293:23: acquire_memory: this call could return NULL
wavpack-5.8.1/src/open_raw.c:295:13: danger: ‘raw_wvc’ could be NULL: unchecked value from [(5)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/4)
#  293|               raw_wvc = malloc (sizeof (WavpackRawContext));
#  294|               memset (raw_wvc, 0, sizeof (WavpackRawContext));
#  295|->             raw_wvc->num_segments = 1;
#  296|               raw_wvc->segments = malloc (sizeof (RawSegment) * raw_wvc->num_segments);
#  297|               raw_wvc->segments [0].dptr = raw_wvc->segments [0].sptr = corr_data;

Error: CPPCHECK_WARNING (CWE-476): [#def258]
wavpack-5.8.1/src/open_raw.c:296: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: raw_wvc
#  294|               memset (raw_wvc, 0, sizeof (WavpackRawContext));
#  295|               raw_wvc->num_segments = 1;
#  296|->             raw_wvc->segments = malloc (sizeof (RawSegment) * raw_wvc->num_segments);
#  297|               raw_wvc->segments [0].dptr = raw_wvc->segments [0].sptr = corr_data;
#  298|               raw_wvc->segments [0].eptr = raw_wvc->segments [0].dptr + corr_size;

Error: CPPCHECK_WARNING (CWE-476): [#def259]
wavpack-5.8.1/src/open_raw.c:297: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: raw_wvc
#  295|               raw_wvc->num_segments = 1;
#  296|               raw_wvc->segments = malloc (sizeof (RawSegment) * raw_wvc->num_segments);
#  297|->             raw_wvc->segments [0].dptr = raw_wvc->segments [0].sptr = corr_data;
#  298|               raw_wvc->segments [0].eptr = raw_wvc->segments [0].dptr + corr_size;
#  299|               raw_wvc->segments [0].free_required = 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def260]
wavpack-5.8.1/src/open_raw.c:297:42: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘malloc(32)’
wavpack-5.8.1/src/open_raw.c:143:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/open_raw.c:283:22: branch_false: ...to here
wavpack-5.8.1/src/open_raw.c:292:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_raw.c:293:23: branch_true: ...to here
wavpack-5.8.1/src/open_raw.c:296:33: acquire_memory: this call could return NULL
wavpack-5.8.1/src/open_raw.c:297:42: danger: ‘malloc(32)’ could be NULL: unchecked value from [(5)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/4)
#  295|               raw_wvc->num_segments = 1;
#  296|               raw_wvc->segments = malloc (sizeof (RawSegment) * raw_wvc->num_segments);
#  297|->             raw_wvc->segments [0].dptr = raw_wvc->segments [0].sptr = corr_data;
#  298|               raw_wvc->segments [0].eptr = raw_wvc->segments [0].dptr + corr_size;
#  299|               raw_wvc->segments [0].free_required = 0;

Error: CPPCHECK_WARNING (CWE-476): [#def261]
wavpack-5.8.1/src/open_raw.c:298: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: raw_wvc
#  296|               raw_wvc->segments = malloc (sizeof (RawSegment) * raw_wvc->num_segments);
#  297|               raw_wvc->segments [0].dptr = raw_wvc->segments [0].sptr = corr_data;
#  298|->             raw_wvc->segments [0].eptr = raw_wvc->segments [0].dptr + corr_size;
#  299|               raw_wvc->segments [0].free_required = 0;
#  300|           }

Error: CPPCHECK_WARNING (CWE-476): [#def262]
wavpack-5.8.1/src/open_raw.c:299: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: raw_wvc
#  297|               raw_wvc->segments [0].dptr = raw_wvc->segments [0].sptr = corr_data;
#  298|               raw_wvc->segments [0].eptr = raw_wvc->segments [0].dptr + corr_size;
#  299|->             raw_wvc->segments [0].free_required = 0;
#  300|           }
#  301|       }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def263]
wavpack-5.8.1/src/open_utils.c:681:45: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘byteptr’
wavpack-5.8.1/src/open_utils.c:311:5: enter_function: entry to ‘unpack_init’
wavpack-5.8.1/src/open_utils.c:334:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/open_utils.c:339:16: branch_false: ...to here
wavpack-5.8.1/src/open_utils.c:341:12: call_function: calling ‘read_metadata_buff’ from ‘unpack_init’
wavpack-5.8.1/src/open_utils.c:341:12: return_function: returning to ‘unpack_init’ from ‘read_metadata_buff’
wavpack-5.8.1/src/open_utils.c:341:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/open_utils.c:342:14: branch_true: ...to here
wavpack-5.8.1/src/open_utils.c:342:14: call_function: calling ‘process_metadata’ from ‘unpack_init’
#  679|   
#  680|       if (bytecnt == 3 || bytecnt == 4) {
#  681|->         wpc->config.sample_rate = (int32_t) *byteptr++;
#  682|           wpc->config.sample_rate |= (int32_t) *byteptr++ << 8;
#  683|           wpc->config.sample_rate |= (int32_t) *byteptr++ << 16;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def264]
wavpack-5.8.1/src/pack.c:110:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘byteptr’
wavpack-5.8.1/src/pack.c:1051:12: enter_function: entry to ‘pack_samples’
wavpack-5.8.1/src/pack.c:1099:8: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/src/pack.c:1102:26: branch_false: ...to here
wavpack-5.8.1/src/pack.c:1125:9: call_function: calling ‘write_decorr_terms’ from ‘pack_samples’
#  108|   
#  109|       for (dpp = wps->decorr_passes; tcount--; ++dpp)
#  110|->         *byteptr++ = ((dpp->term + 5) & 0x1f) | ((dpp->delta << 5) & 0xe0);
#  111|   
#  112|       wpmd->byte_length = (int32_t)(byteptr - (char *) wpmd->data);

Error: CPPCHECK_WARNING (CWE-682): [#def265]
wavpack-5.8.1/src/pack.c:240: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  238|   
#  239|       wps->dc.error [0] = wp_exp2s (temp = wp_log2s (wps->dc.error [0]));
#  240|->     *byteptr++ = temp;
#  241|       *byteptr++ = temp >> 8;
#  242|       wps->dc.shaping_acc [0] = wp_exp2s (temp = wp_log2s (wps->dc.shaping_acc [0]));

Error: CPPCHECK_WARNING (CWE-476): [#def266]
wavpack-5.8.1/src/pack.c:240: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: byteptr++
#  238|   
#  239|       wps->dc.error [0] = wp_exp2s (temp = wp_log2s (wps->dc.error [0]));
#  240|->     *byteptr++ = temp;
#  241|       *byteptr++ = temp >> 8;
#  242|       wps->dc.shaping_acc [0] = wp_exp2s (temp = wp_log2s (wps->dc.shaping_acc [0]));

Error: CPPCHECK_WARNING (CWE-682): [#def267]
wavpack-5.8.1/src/pack.c:281: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  279|       byteptr = wpmd->data = malloc (4);
#  280|       wpmd->id = ID_INT32_INFO;
#  281|->     *byteptr++ = wps->int32_sent_bits;
#  282|       *byteptr++ = wps->int32_zeros;
#  283|       *byteptr++ = wps->int32_ones;

Error: CPPCHECK_WARNING (CWE-476): [#def268]
wavpack-5.8.1/src/pack.c:281: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: byteptr++
#  279|       byteptr = wpmd->data = malloc (4);
#  280|       wpmd->id = ID_INT32_INFO;
#  281|->     *byteptr++ = wps->int32_sent_bits;
#  282|       *byteptr++ = wps->int32_zeros;
#  283|       *byteptr++ = wps->int32_ones;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def269]
wavpack-5.8.1/src/pack.c:281:5: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wpmd.data’
wavpack-5.8.1/src/pack.c:1051:12: enter_function: entry to ‘pack_samples’
wavpack-5.8.1/src/pack.c:1099:8: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/src/pack.c:1102:26: branch_false: ...to here
wavpack-5.8.1/src/pack.c:1129:9: call_function: calling ‘write_decorr_weights’ from ‘pack_samples’
wavpack-5.8.1/src/pack.c:1129:9: return_function: returning to ‘pack_samples’ from ‘write_decorr_weights’
wavpack-5.8.1/src/pack.c:1141:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack.c:1147:13: branch_false: ...to here
wavpack-5.8.1/src/pack.c:1147:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack.c:1153:13: branch_false: ...to here
wavpack-5.8.1/src/pack.c:1153:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack.c:1154:13: branch_true: ...to here
wavpack-5.8.1/src/pack.c:1154:13: call_function: calling ‘write_int32_info’ from ‘pack_samples’
#  279|       byteptr = wpmd->data = malloc (4);
#  280|       wpmd->id = ID_INT32_INFO;
#  281|->     *byteptr++ = wps->int32_sent_bits;
#  282|       *byteptr++ = wps->int32_zeros;
#  283|       *byteptr++ = wps->int32_ones;

Error: CPPCHECK_WARNING (CWE-682): [#def270]
wavpack-5.8.1/src/pack.c:294: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  292|       byteptr = wpmd->data = malloc (4);
#  293|       wpmd->id = ID_FLOAT_INFO;
#  294|->     *byteptr++ = wps->float_flags;
#  295|       *byteptr++ = wps->float_shift;
#  296|       *byteptr++ = wps->float_max_exp;

Error: CPPCHECK_WARNING (CWE-476): [#def271]
wavpack-5.8.1/src/pack.c:294: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: byteptr++
#  292|       byteptr = wpmd->data = malloc (4);
#  293|       wpmd->id = ID_FLOAT_INFO;
#  294|->     *byteptr++ = wps->float_flags;
#  295|       *byteptr++ = wps->float_shift;
#  296|       *byteptr++ = wps->float_max_exp;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def272]
wavpack-5.8.1/src/pack.c:294:5: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wpmd.data’
wavpack-5.8.1/src/pack.c:1051:12: enter_function: entry to ‘pack_samples’
wavpack-5.8.1/src/pack.c:1099:8: branch_false: following ‘false’ branch (when ‘sample_count != 0’)...
wavpack-5.8.1/src/pack.c:1102:26: branch_false: ...to here
wavpack-5.8.1/src/pack.c:1129:9: call_function: calling ‘write_decorr_weights’ from ‘pack_samples’
wavpack-5.8.1/src/pack.c:1129:9: return_function: returning to ‘pack_samples’ from ‘write_decorr_weights’
wavpack-5.8.1/src/pack.c:1141:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack.c:1147:13: branch_false: ...to here
wavpack-5.8.1/src/pack.c:1147:12: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack.c:1148:13: branch_true: ...to here
wavpack-5.8.1/src/pack.c:1148:13: call_function: calling ‘write_float_info’ from ‘pack_samples’
#  292|       byteptr = wpmd->data = malloc (4);
#  293|       wpmd->id = ID_FLOAT_INFO;
#  294|->     *byteptr++ = wps->float_flags;
#  295|       *byteptr++ = wps->float_shift;
#  296|       *byteptr++ = wps->float_max_exp;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def273]
wavpack-5.8.1/src/pack.c:314:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wpmd.data’
wavpack-5.8.1/src/pack.c:961:6: enter_function: entry to ‘send_general_metadata’
wavpack-5.8.1/src/pack.c:972:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack.c:973:10: branch_true: ...to here
wavpack-5.8.1/src/pack.c:975:13: call_function: calling ‘write_channel_info’ from ‘send_general_metadata’
#  312|   
#  313|       if (wps->wpc->num_streams > OLD_MAX_STREAMS) {       // if > 8 streams, use 6 or 7 bytes (breaks old decoders
#  314|->         *byteptr++ = wps->wpc->config.num_channels - 1;  // that could only handle 8 streams) and allow (in theory)
#  315|           *byteptr++ = wps->wpc->num_streams - 1;          // up to 4096 channels
#  316|           *byteptr++ = (((wps->wpc->num_streams - 1) >> 4) & 0xf0) | (((wps->wpc->config.num_channels - 1) >> 8) & 0xf);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def274]
wavpack-5.8.1/src/pack.c:325:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wpmd.data’
wavpack-5.8.1/src/pack.c:961:6: enter_function: entry to ‘send_general_metadata’
wavpack-5.8.1/src/pack.c:972:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack.c:973:10: branch_true: ...to here
wavpack-5.8.1/src/pack.c:975:13: call_function: calling ‘write_channel_info’ from ‘send_general_metadata’
#  323|       }
#  324|       else {                                          // otherwise use only 1 to 5 bytes
#  325|->         *byteptr++ = wps->wpc->config.num_channels;
#  326|   
#  327|           while (mask) {

Error: CPPCHECK_WARNING (CWE-682): [#def275]
wavpack-5.8.1/src/pack.c:361: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  359|       byteptr = wpmd->data = malloc (8);
#  360|       wpmd->id = ID_CONFIG_BLOCK;
#  361|->     *byteptr++ = (char) (wps->wpc->config.flags >> 8);
#  362|       *byteptr++ = (char) (wps->wpc->config.flags >> 16);
#  363|       *byteptr++ = (char) (wps->wpc->config.flags >> 24);

Error: CPPCHECK_WARNING (CWE-476): [#def276]
wavpack-5.8.1/src/pack.c:361: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: byteptr++
#  359|       byteptr = wpmd->data = malloc (8);
#  360|       wpmd->id = ID_CONFIG_BLOCK;
#  361|->     *byteptr++ = (char) (wps->wpc->config.flags >> 8);
#  362|       *byteptr++ = (char) (wps->wpc->config.flags >> 16);
#  363|       *byteptr++ = (char) (wps->wpc->config.flags >> 24);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def277]
wavpack-5.8.1/src/pack.c:361:5: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wpmd.data’
wavpack-5.8.1/src/pack.c:961:6: enter_function: entry to ‘send_general_metadata’
wavpack-5.8.1/src/pack.c:972:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack.c:973:10: branch_true: ...to here
wavpack-5.8.1/src/pack.c:972:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack.c:974:9: branch_false: ...to here
wavpack-5.8.1/src/pack.c:973:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack.c:986:37: branch_false: ...to here
wavpack-5.8.1/src/pack.c:986:9: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack.c:987:9: branch_true: ...to here
wavpack-5.8.1/src/pack.c:987:9: call_function: calling ‘write_config_info’ from ‘send_general_metadata’
#  359|       byteptr = wpmd->data = malloc (8);
#  360|       wpmd->id = ID_CONFIG_BLOCK;
#  361|->     *byteptr++ = (char) (wps->wpc->config.flags >> 8);
#  362|       *byteptr++ = (char) (wps->wpc->config.flags >> 16);
#  363|       *byteptr++ = (char) (wps->wpc->config.flags >> 24);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def278]
wavpack-5.8.1/src/pack.c:388:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wpmd.data’
wavpack-5.8.1/src/pack.c:961:6: enter_function: entry to ‘send_general_metadata’
wavpack-5.8.1/src/pack.c:972:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack.c:974:9: branch_false: ...to here
wavpack-5.8.1/src/pack.c:973:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack.c:986:37: branch_false: ...to here
wavpack-5.8.1/src/pack.c:986:9: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack.c:992:8: branch_false: ...to here
wavpack-5.8.1/src/pack.c:992:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack.c:993:9: branch_true: ...to here
wavpack-5.8.1/src/pack.c:993:9: call_function: calling ‘write_new_config_info’ from ‘send_general_metadata’
#  386|   
#  387|       if (wps->wpc->file_format || (wps->wpc->config.qmode & 0xff) || wps->wpc->channel_layout) {
#  388|->         *byteptr++ = (char) wps->wpc->file_format;
#  389|           *byteptr++ = (char) wps->wpc->config.qmode;
#  390|   

Error: CPPCHECK_WARNING (CWE-682): [#def279]
wavpack-5.8.1/src/pack.c:416: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: overflow in pointer arithmetic, NULL pointer is subtracted.
#  414|       }
#  415|   
#  416|->     wpmd->byte_length = (int32_t)(byteptr - (char *) wpmd->data);
#  417|   }
#  418|   

Error: CPPCHECK_WARNING (CWE-682): [#def280]
wavpack-5.8.1/src/pack.c:431: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  429|       byteptr = wpmd->data = malloc (4);
#  430|       wpmd->id = ID_SAMPLE_RATE;
#  431|->     *byteptr++ = (char) (wps->wpc->config.sample_rate);
#  432|       *byteptr++ = (char) (wps->wpc->config.sample_rate >> 8);
#  433|       *byteptr++ = (char) (wps->wpc->config.sample_rate >> 16);

Error: CPPCHECK_WARNING (CWE-476): [#def281]
wavpack-5.8.1/src/pack.c:431: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: byteptr++
#  429|       byteptr = wpmd->data = malloc (4);
#  430|       wpmd->id = ID_SAMPLE_RATE;
#  431|->     *byteptr++ = (char) (wps->wpc->config.sample_rate);
#  432|       *byteptr++ = (char) (wps->wpc->config.sample_rate >> 8);
#  433|       *byteptr++ = (char) (wps->wpc->config.sample_rate >> 16);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def282]
wavpack-5.8.1/src/pack.c:431:5: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wpmd.data’
wavpack-5.8.1/src/pack.c:961:6: enter_function: entry to ‘send_general_metadata’
wavpack-5.8.1/src/pack.c:966:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack.c:967:9: call_function: calling ‘write_sample_rate’ from ‘send_general_metadata’
#  429|       byteptr = wpmd->data = malloc (4);
#  430|       wpmd->id = ID_SAMPLE_RATE;
#  431|->     *byteptr++ = (char) (wps->wpc->config.sample_rate);
#  432|       *byteptr++ = (char) (wps->wpc->config.sample_rate >> 8);
#  433|       *byteptr++ = (char) (wps->wpc->config.sample_rate >> 16);

Error: CPPCHECK_WARNING (CWE-476): [#def283]
wavpack-5.8.1/src/pack.c:569: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: orig_data
#  567|           if ((!(flags & HYBRID_FLAG) || wps->wpc->wvc_flag) && !(wps->wpc->config.flags & CONFIG_SKIP_WVX)) {
#  568|               orig_data = malloc (sizeof (f32) * ((flags & MONO_DATA) ? sample_count : sample_count * 2));
#  569|->             memcpy (orig_data, buffer, sizeof (f32) * ((flags & MONO_DATA) ? sample_count : sample_count * 2));
#  570|   
#  571|               if (flags & FLOAT_DATA) {                                       // if lossless float data come here

Error: CPPCHECK_WARNING (CWE-476): [#def284]
wavpack-5.8.1/src/pack.c:1109: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: saved_buffer
# 1107|       if (repack_possible && !(flags & HYBRID_FLAG)) {
# 1108|           saved_buffer = malloc (sample_count * sizeof (int32_t) * (flags & MONO_DATA ? 1 : 2));
# 1109|->         memcpy (saved_buffer, buffer, sample_count * sizeof (int32_t) * (flags & MONO_DATA ? 1 : 2));
# 1110|       }
# 1111|   

Error: CPPCHECK_WARNING (CWE-758): [#def285]
wavpack-5.8.1/src/pack.c:1254: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1252|                   while (--dpp >= wps->decorr_passes) {
# 1253|                       if (dpp->term > MAX_TERM) {
# 1254|->                         update_weight (dpp->weight_A, dpp->delta, dpp->samples_A [2], code);
# 1255|                           dpp->samples_A [1] = dpp->samples_A [0];
# 1256|                           dpp->samples_A [0] = (code += dpp->aweight_A);

Error: CPPCHECK_WARNING (CWE-758): [#def286]
wavpack-5.8.1/src/pack.c:1261: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1259|                           int32_t sam = dpp->samples_A [m];
# 1260|   
# 1261|->                         update_weight (dpp->weight_A, dpp->delta, sam, code);
# 1262|                           dpp->samples_A [(m + dpp->term) & (MAX_TERM - 1)] = (code += dpp->aweight_A);
# 1263|                       }

Error: CPPCHECK_WARNING (CWE-758): [#def287]
wavpack-5.8.1/src/pack.c:1364: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1362|                   while (--dpp >= wps->decorr_passes)
# 1363|                       if (dpp->term > MAX_TERM) {
# 1364|->                         update_weight (dpp->weight_A, dpp->delta, dpp->samples_A [2], left);
# 1365|                           update_weight (dpp->weight_B, dpp->delta, dpp->samples_B [2], right);
# 1366|   

Error: CPPCHECK_WARNING (CWE-758): [#def288]
wavpack-5.8.1/src/pack.c:1365: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1363|                       if (dpp->term > MAX_TERM) {
# 1364|                           update_weight (dpp->weight_A, dpp->delta, dpp->samples_A [2], left);
# 1365|->                         update_weight (dpp->weight_B, dpp->delta, dpp->samples_B [2], right);
# 1366|   
# 1367|                           dpp->samples_A [1] = dpp->samples_A [0];

Error: CPPCHECK_WARNING (CWE-758): [#def289]
wavpack-5.8.1/src/pack.c:1376: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1374|                           int k = (m + dpp->term) & (MAX_TERM - 1);
# 1375|   
# 1376|->                         update_weight (dpp->weight_A, dpp->delta, dpp->samples_A [m], left);
# 1377|                           dpp->samples_A [k] = (left += dpp->aweight_A);
# 1378|   

Error: CPPCHECK_WARNING (CWE-758): [#def290]
wavpack-5.8.1/src/pack.c:1379: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1377|                           dpp->samples_A [k] = (left += dpp->aweight_A);
# 1378|   
# 1379|->                         update_weight (dpp->weight_B, dpp->delta, dpp->samples_B [m], right);
# 1380|                           dpp->samples_B [k] = (right += dpp->aweight_B);
# 1381|                       }

Error: CPPCHECK_WARNING (CWE-758): [#def291]
wavpack-5.8.1/src/pack.c:1392: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1390|                           }
# 1391|   
# 1392|->                         update_weight_clip (dpp->weight_A, dpp->delta, dpp->samples_A [0], left);
# 1393|                           update_weight_clip (dpp->weight_B, dpp->delta, dpp->samples_B [0], right);
# 1394|                           dpp->samples_B [0] = (left += dpp->aweight_A);

Error: CPPCHECK_WARNING (CWE-758): [#def292]
wavpack-5.8.1/src/pack.c:1393: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1391|   
# 1392|                           update_weight_clip (dpp->weight_A, dpp->delta, dpp->samples_A [0], left);
# 1393|->                         update_weight_clip (dpp->weight_B, dpp->delta, dpp->samples_B [0], right);
# 1394|                           dpp->samples_B [0] = (left += dpp->aweight_A);
# 1395|                           dpp->samples_A [0] = (right += dpp->aweight_B);

Error: CPPCHECK_WARNING (CWE-758): [#def293]
wavpack-5.8.1/src/pack.c:1543: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1541|                   dpp->samples_A [1] = dpp->samples_A [0];
# 1542|                   bptr [0] = tmp = (dpp->samples_A [0] = bptr [0]) - apply_weight (dpp->weight_A, sam);
# 1543|->                 update_weight (dpp->weight_A, dpp->delta, sam, tmp);
# 1544|   
# 1545|                   sam = 2 * dpp->samples_B [0] - dpp->samples_B [1];

Error: CPPCHECK_WARNING (CWE-758): [#def294]
wavpack-5.8.1/src/pack.c:1548: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1546|                   dpp->samples_B [1] = dpp->samples_B [0];
# 1547|                   bptr [1] = tmp = (dpp->samples_B [0] = bptr [1]) - apply_weight (dpp->weight_B, sam);
# 1548|->                 update_weight (dpp->weight_B, dpp->delta, sam, tmp);
# 1549|               }
# 1550|   

Error: CPPCHECK_WARNING (CWE-758): [#def295]
wavpack-5.8.1/src/pack.c:1560: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1558|                   dpp->samples_A [1] = dpp->samples_A [0];
# 1559|                   bptr [0] = tmp = (dpp->samples_A [0] = bptr [0]) - apply_weight (dpp->weight_A, sam);
# 1560|->                 update_weight (dpp->weight_A, dpp->delta, sam, tmp);
# 1561|   
# 1562|                   sam = dpp->samples_B [0] + ((dpp->samples_B [0] - dpp->samples_B [1]) >> 1);

Error: CPPCHECK_WARNING (CWE-758): [#def296]
wavpack-5.8.1/src/pack.c:1565: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1563|                   dpp->samples_B [1] = dpp->samples_B [0];
# 1564|                   bptr [1] = tmp = (dpp->samples_B [0] = bptr [1]) - apply_weight (dpp->weight_B, sam);
# 1565|->                 update_weight (dpp->weight_B, dpp->delta, sam, tmp);
# 1566|               }
# 1567|   

Error: CPPCHECK_WARNING (CWE-758): [#def297]
wavpack-5.8.1/src/pack.c:1576: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1574|                   sam = dpp->samples_A [m];
# 1575|                   bptr [0] = tmp = (dpp->samples_A [k] = bptr [0]) - apply_weight (dpp->weight_A, sam);
# 1576|->                 update_weight (dpp->weight_A, dpp->delta, sam, tmp);
# 1577|   
# 1578|                   sam = dpp->samples_B [m];

Error: CPPCHECK_WARNING (CWE-758): [#def298]
wavpack-5.8.1/src/pack.c:1580: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1578|                   sam = dpp->samples_B [m];
# 1579|                   bptr [1] = tmp = (dpp->samples_B [k] = bptr [1]) - apply_weight (dpp->weight_B, sam);
# 1580|->                 update_weight (dpp->weight_B, dpp->delta, sam, tmp);
# 1581|   
# 1582|                   m = (m + 1) & (MAX_TERM - 1);

Error: CPPCHECK_WARNING (CWE-758): [#def299]
wavpack-5.8.1/src/pack.c:1594: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1592|                   sam_A = dpp->samples_A [0];
# 1593|                   bptr [0] = tmp = (sam_B = bptr [0]) - apply_weight (dpp->weight_A, sam_A);
# 1594|->                 update_weight_clip (dpp->weight_A, dpp->delta, sam_A, tmp);
# 1595|   
# 1596|                   bptr [1] = tmp = (dpp->samples_A [0] = bptr [1]) - apply_weight (dpp->weight_B, sam_B);

Error: CPPCHECK_WARNING (CWE-758): [#def300]
wavpack-5.8.1/src/pack.c:1597: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1595|   
# 1596|                   bptr [1] = tmp = (dpp->samples_A [0] = bptr [1]) - apply_weight (dpp->weight_B, sam_B);
# 1597|->                 update_weight_clip (dpp->weight_B, dpp->delta, sam_B, tmp);
# 1598|               }
# 1599|   

Error: CPPCHECK_WARNING (CWE-758): [#def301]
wavpack-5.8.1/src/pack.c:1608: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1606|                   sam_B = dpp->samples_B [0];
# 1607|                   bptr [1] = tmp = (sam_A = bptr [1]) - apply_weight (dpp->weight_B, sam_B);
# 1608|->                 update_weight_clip (dpp->weight_B, dpp->delta, sam_B, tmp);
# 1609|   
# 1610|                   bptr [0] = tmp = (dpp->samples_B [0] = bptr [0]) - apply_weight (dpp->weight_A, sam_A);

Error: CPPCHECK_WARNING (CWE-758): [#def302]
wavpack-5.8.1/src/pack.c:1611: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1609|   
# 1610|                   bptr [0] = tmp = (dpp->samples_B [0] = bptr [0]) - apply_weight (dpp->weight_A, sam_A);
# 1611|->                 update_weight_clip (dpp->weight_A, dpp->delta, sam_A, tmp);
# 1612|               }
# 1613|   

Error: CPPCHECK_WARNING (CWE-758): [#def303]
wavpack-5.8.1/src/pack.c:1625: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1623|                   dpp->samples_A [0] = tmp = bptr [1];
# 1624|                   bptr [1] = tmp -= apply_weight (dpp->weight_B, sam_B);
# 1625|->                 update_weight_clip (dpp->weight_B, dpp->delta, sam_B, tmp);
# 1626|   
# 1627|                   dpp->samples_B [0] = tmp = bptr [0];

Error: CPPCHECK_WARNING (CWE-758): [#def304]
wavpack-5.8.1/src/pack.c:1629: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1627|                   dpp->samples_B [0] = tmp = bptr [0];
# 1628|                   bptr [0] = tmp -= apply_weight (dpp->weight_A, sam_A);
# 1629|->                 update_weight_clip (dpp->weight_A, dpp->delta, sam_A, tmp);
# 1630|               }
# 1631|   

Error: CPPCHECK_WARNING (CWE-758): [#def305]
wavpack-5.8.1/src/pack.c:1695: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 1693|   
# 1694|               code -= apply_weight (dpp->weight_A, sam);
# 1695|->             update_weight (dpp->weight_A, dpp->delta, sam, code);
# 1696|           }
# 1697|   

Error: CPPCHECK_WARNING (CWE-682): [#def306]
wavpack-5.8.1/src/pack_dns.c:58: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#   56|   
#   57|           generate_dns_values (buffer + values_to_skip * num_chans, new_values_to_generate, num_chans, sample_rate, new_values, min_value);
#   58|->         memcpy (wps->dc.shaping_data + existing_values_to_use, new_values + (new_values_to_generate - new_values_to_use), new_values_to_use * sizeof (short));
#   59|           wps->dc.shaping_samples = sample_count;
#   60|           free (new_values);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def307]
wavpack-5.8.1/src/pack_dns.c:160:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘output’
wavpack-5.8.1/src/pack_dns.c:138:21: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_dns.c:143:17: branch_true: following ‘true’ branch (when ‘i < sample_count’)...
wavpack-5.8.1/src/pack_dns.c:144:13: branch_true: ...to here
wavpack-5.8.1/src/pack_dns.c:160:9: danger: ‘output + (long unsigned int)i * 4’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  158|           }
#  159|   
#  160|->         output [i] = (float) sqrt (sum / (n - m));
#  161|       }
#  162|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def308]
wavpack-5.8.1/src/pack_dns.c:163:5: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘output’
wavpack-5.8.1/src/pack_dns.c:143:17: branch_false: following ‘false’ branch (when ‘i >= sample_count’)...
wavpack-5.8.1/src/pack_dns.c:163:5: branch_false: ...to here
wavpack-5.8.1/src/pack_dns.c:163:5: danger: use of uninitialized value ‘output’ here
#  161|       }
#  162|   
#  163|->     memcpy (samples, output, sample_count * sizeof (float));
#  164|       free (output);
#  165|   }

Error: CPPCHECK_WARNING (CWE-476): [#def309]
wavpack-5.8.1/src/pack_dns.c:188: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: values
#  186|       float *low_freq, *high_freq;
#  187|   
#  188|->     memset (values, 0, sample_count * sizeof (values [0]));
#  189|   
#  190|       if (filtered_count <= 0)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def310]
wavpack-5.8.1/src/pack_dns.c:213:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘high_freq’
wavpack-5.8.1/src/pack_dns.c:190:8: branch_false: following ‘false’ branch (when ‘filtered_count > 0’)...
wavpack-5.8.1/src/pack_dns.c:193:16: branch_false: ...to here
wavpack-5.8.1/src/pack_dns.c:194:17: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_dns.c:202:8: branch_true: following ‘true’ branch (when ‘num_chans == 1’)...
 branch_true: ...to here
wavpack-5.8.1/src/pack_dns.c:203:21: branch_true: following ‘true’ branch (when ‘i < filtered_count’)...
wavpack-5.8.1/src/pack_dns.c:205:18: branch_true: ...to here
wavpack-5.8.1/src/pack_dns.c:213:13: danger: ‘high_freq + (long unsigned int)i * 4’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#  211|               );
#  212|   
#  213|->             high_freq [i] = samples [FILTER_LENGTH >> 1] - filter_sum;
#  214|               low_freq [i] = filter_sum;
#  215|           }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def311]
wavpack-5.8.1/src/pack_dns.c:214:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘low_freq’
wavpack-5.8.1/src/pack_dns.c:190:8: branch_false: following ‘false’ branch (when ‘filtered_count > 0’)...
wavpack-5.8.1/src/pack_dns.c:193:16: branch_false: ...to here
wavpack-5.8.1/src/pack_dns.c:193:16: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_dns.c:202:8: branch_true: following ‘true’ branch (when ‘num_chans == 1’)...
 branch_true: ...to here
wavpack-5.8.1/src/pack_dns.c:203:21: branch_true: following ‘true’ branch (when ‘i < filtered_count’)...
wavpack-5.8.1/src/pack_dns.c:205:18: branch_true: ...to here
wavpack-5.8.1/src/pack_dns.c:214:13: danger: ‘low_freq + (long unsigned int)i * 4’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#  212|   
#  213|               high_freq [i] = samples [FILTER_LENGTH >> 1] - filter_sum;
#  214|->             low_freq [i] = filter_sum;
#  215|           }
#  216|       else

Error: GCC_ANALYZER_WARNING (CWE-476): [#def312]
wavpack-5.8.1/src/pack_dns.c:227:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘high_freq’
wavpack-5.8.1/src/pack_dns.c:190:8: branch_false: following ‘false’ branch (when ‘filtered_count > 0’)...
wavpack-5.8.1/src/pack_dns.c:193:16: branch_false: ...to here
wavpack-5.8.1/src/pack_dns.c:194:17: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_dns.c:202:8: branch_false: following ‘false’ branch (when ‘num_chans != 1’)...
 branch_false: ...to here
wavpack-5.8.1/src/pack_dns.c:217:21: branch_true: following ‘true’ branch (when ‘i < filtered_count’)...
wavpack-5.8.1/src/pack_dns.c:219:18: branch_true: ...to here
wavpack-5.8.1/src/pack_dns.c:227:13: danger: ‘high_freq + (long unsigned int)i * 4’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  225|               );
#  226|   
#  227|->             high_freq [i] = samples [FILTER_LENGTH & ~1] + samples [FILTER_LENGTH] - filter_sum;
#  228|               low_freq [i] = filter_sum;
#  229|           }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def313]
wavpack-5.8.1/src/pack_dns.c:228:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘low_freq’
wavpack-5.8.1/src/pack_dns.c:190:8: branch_false: following ‘false’ branch (when ‘filtered_count > 0’)...
wavpack-5.8.1/src/pack_dns.c:193:16: branch_false: ...to here
wavpack-5.8.1/src/pack_dns.c:193:16: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_dns.c:202:8: branch_false: following ‘false’ branch (when ‘num_chans != 1’)...
 branch_false: ...to here
wavpack-5.8.1/src/pack_dns.c:217:21: branch_true: following ‘true’ branch (when ‘i < filtered_count’)...
wavpack-5.8.1/src/pack_dns.c:219:18: branch_true: ...to here
wavpack-5.8.1/src/pack_dns.c:228:13: danger: ‘low_freq + (long unsigned int)i * 4’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  226|   
#  227|               high_freq [i] = samples [FILTER_LENGTH & ~1] + samples [FILTER_LENGTH] - filter_sum;
#  228|->             low_freq [i] = filter_sum;
#  229|           }
#  230|   

Error: CPPCHECK_WARNING (CWE-476): [#def314]
wavpack-5.8.1/src/pack_dns.c:238: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: low_freq
#  236|   
#  237|       for (i = filtered_count - 1; i; --i)
#  238|->         low_freq [i] -= low_freq [i - 1];
#  239|   
#  240|       low_freq [0] = low_freq [1];    // simply duplicate for the "unknown" sample

Error: CPPCHECK_WARNING (CWE-476): [#def315]
wavpack-5.8.1/src/pack_dns.c:240: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: low_freq
#  238|           low_freq [i] -= low_freq [i - 1];
#  239|   
#  240|->     low_freq [0] = low_freq [1];    // simply duplicate for the "unknown" sample
#  241|   
#  242|       // Next we determine the averaged (absolute) levels for each sample using a box filter.

Error: GCC_ANALYZER_WARNING (CWE-476): [#def316]
wavpack-5.8.1/src/pack_dns.c:287:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘values’
wavpack-5.8.1/src/pack_dns.c:30:6: enter_function: entry to ‘dynamic_noise_shaping’
wavpack-5.8.1/src/pack_dns.c:46:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack_dns.c:47:38: branch_true: ...to here
wavpack-5.8.1/src/pack_dns.c:50:29: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_dns.c:57:9: call_function: calling ‘generate_dns_values’ from ‘dynamic_noise_shaping’
#  285|   
#  286|       for (i = 0; i < FILTER_LENGTH >> 1; ++i)
#  287|->         values [i] = values [FILTER_LENGTH >> 1];
#  288|   
#  289|       for (i = filtered_count + (FILTER_LENGTH >> 1); i < sample_count; ++i)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def317]
wavpack-5.8.1/src/pack_dsd.c:200:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘hist’
wavpack-5.8.1/src/pack_dsd.c:269:12: enter_function: entry to ‘encode_buffer_fast’
wavpack-5.8.1/src/pack_dsd.c:285:8: branch_false: following ‘false’ branch (when ‘num_samples > 279’)...
wavpack-5.8.1/src/pack_dsd.c:287:13: branch_false: ...to here
wavpack-5.8.1/src/pack_dsd.c:310:17: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_dsd.c:318:16: branch_true: following ‘true’ branch (when ‘bc != 0’)...
wavpack-5.8.1/src/pack_dsd.c:319:20: branch_true: ...to here
wavpack-5.8.1/src/pack_dsd.c:318:16: branch_false: following ‘false’ branch (when ‘bc == 0’)...
wavpack-5.8.1/src/pack_dsd.c:331:5: branch_false: ...to here
wavpack-5.8.1/src/pack_dsd.c:331:18: branch_true: following ‘true’ branch (when ‘p0 < history_bins’)...
wavpack-5.8.1/src/pack_dsd.c:332:91: branch_true: ...to here
wavpack-5.8.1/src/pack_dsd.c:332:9: call_function: calling ‘calculate_probabilities’ from ‘encode_buffer_fast’
#  198|   
#  199|       for (i = 0; i < 256; ++i) {
#  200|->         if (hist [i] < min_hits) min_hits = hist [i];
#  201|           if (hist [i] > max_hits) max_hits = hist [i];
#  202|       }

Error: GCC_ANALYZER_WARNING (CWE-688): [#def318]
wavpack-5.8.1/src/pack_dsd.c:205:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘probs’ where non-null expected
wavpack-5.8.1/src/pack_dsd.c:269:12: enter_function: entry to ‘encode_buffer_fast’
wavpack-5.8.1/src/pack_dsd.c:285:8: branch_false: following ‘false’ branch (when ‘num_samples > 279’)...
wavpack-5.8.1/src/pack_dsd.c:287:13: branch_false: ...to here
wavpack-5.8.1/src/pack_dsd.c:312:21: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_dsd.c:318:16: branch_true: following ‘true’ branch (when ‘bc != 0’)...
wavpack-5.8.1/src/pack_dsd.c:319:20: branch_true: ...to here
wavpack-5.8.1/src/pack_dsd.c:318:16: branch_false: following ‘false’ branch (when ‘bc == 0’)...
wavpack-5.8.1/src/pack_dsd.c:331:5: branch_false: ...to here
wavpack-5.8.1/src/pack_dsd.c:331:18: branch_true: following ‘true’ branch (when ‘p0 < history_bins’)...
wavpack-5.8.1/src/pack_dsd.c:332:91: branch_true: ...to here
wavpack-5.8.1/src/pack_dsd.c:332:9: call_function: calling ‘calculate_probabilities’ from ‘encode_buffer_fast’
#argument 1 of ‘__builtin_memset’ must be non-null
#  203|   
#  204|       if (max_hits == 0) {
#  205|->         memset (probs, 0, sizeof (*probs) * 256);
#  206|           memset (prob_sums, 0, sizeof (*prob_sums) * 256);
#  207|           return;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def319]
wavpack-5.8.1/src/pack_dsd.c:206:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘prob_sums’ where non-null expected
wavpack-5.8.1/src/pack_dsd.c:269:12: enter_function: entry to ‘encode_buffer_fast’
wavpack-5.8.1/src/pack_dsd.c:285:8: branch_false: following ‘false’ branch (when ‘num_samples > 279’)...
wavpack-5.8.1/src/pack_dsd.c:287:13: branch_false: ...to here
wavpack-5.8.1/src/pack_dsd.c:313:28: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_dsd.c:318:16: branch_true: following ‘true’ branch (when ‘bc != 0’)...
wavpack-5.8.1/src/pack_dsd.c:319:20: branch_true: ...to here
wavpack-5.8.1/src/pack_dsd.c:318:16: branch_false: following ‘false’ branch (when ‘bc == 0’)...
wavpack-5.8.1/src/pack_dsd.c:331:5: branch_false: ...to here
wavpack-5.8.1/src/pack_dsd.c:331:18: branch_true: following ‘true’ branch (when ‘p0 < history_bins’)...
wavpack-5.8.1/src/pack_dsd.c:332:91: branch_true: ...to here
wavpack-5.8.1/src/pack_dsd.c:332:9: call_function: calling ‘calculate_probabilities’ from ‘encode_buffer_fast’
#argument 1 of ‘__builtin_memset’ must be non-null
#  204|       if (max_hits == 0) {
#  205|           memset (probs, 0, sizeof (*probs) * 256);
#  206|->         memset (prob_sums, 0, sizeof (*prob_sums) * 256);
#  207|           return;
#  208|       }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def320]
wavpack-5.8.1/src/pack_dsd.c:237:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘prob_sums’
wavpack-5.8.1/src/pack_dsd.c:269:12: enter_function: entry to ‘encode_buffer_fast’
wavpack-5.8.1/src/pack_dsd.c:285:8: branch_false: following ‘false’ branch (when ‘num_samples > 279’)...
wavpack-5.8.1/src/pack_dsd.c:287:13: branch_false: ...to here
wavpack-5.8.1/src/pack_dsd.c:313:28: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_dsd.c:318:16: branch_true: following ‘true’ branch (when ‘bc != 0’)...
wavpack-5.8.1/src/pack_dsd.c:319:20: branch_true: ...to here
wavpack-5.8.1/src/pack_dsd.c:318:16: branch_false: following ‘false’ branch (when ‘bc == 0’)...
wavpack-5.8.1/src/pack_dsd.c:331:5: branch_false: ...to here
wavpack-5.8.1/src/pack_dsd.c:331:18: branch_true: following ‘true’ branch (when ‘p0 < history_bins’)...
wavpack-5.8.1/src/pack_dsd.c:332:91: branch_true: ...to here
wavpack-5.8.1/src/pack_dsd.c:332:9: call_function: calling ‘calculate_probabilities’ from ‘encode_buffer_fast’
#  235|                   value = 0;
#  236|   
#  237|->             prob_sums [i] = sum_values += value;
#  238|               probs [i] = value;
#  239|           }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def321]
wavpack-5.8.1/src/pack_dsd.c:238:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘probs’
wavpack-5.8.1/src/pack_dsd.c:269:12: enter_function: entry to ‘encode_buffer_fast’
wavpack-5.8.1/src/pack_dsd.c:285:8: branch_false: following ‘false’ branch (when ‘num_samples > 279’)...
wavpack-5.8.1/src/pack_dsd.c:287:13: branch_false: ...to here
wavpack-5.8.1/src/pack_dsd.c:312:21: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_dsd.c:318:16: branch_true: following ‘true’ branch (when ‘bc != 0’)...
wavpack-5.8.1/src/pack_dsd.c:319:20: branch_true: ...to here
wavpack-5.8.1/src/pack_dsd.c:318:16: branch_false: following ‘false’ branch (when ‘bc == 0’)...
wavpack-5.8.1/src/pack_dsd.c:331:5: branch_false: ...to here
wavpack-5.8.1/src/pack_dsd.c:331:18: branch_true: following ‘true’ branch (when ‘p0 < history_bins’)...
wavpack-5.8.1/src/pack_dsd.c:332:91: branch_true: ...to here
wavpack-5.8.1/src/pack_dsd.c:332:9: call_function: calling ‘calculate_probabilities’ from ‘encode_buffer_fast’
#  236|   
#  237|               prob_sums [i] = sum_values += value;
#  238|->             probs [i] = value;
#  239|           }
#  240|   

Error: CPPCHECK_WARNING (CWE-476): [#def322]
wavpack-5.8.1/src/pack_dsd.c:311: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: histogram
#  309|       history_bins = 1 << history_bits;
#  310|       histogram = malloc (sizeof (*histogram) * history_bins);
#  311|->     memset (histogram, 0, sizeof (*histogram) * history_bins);
#  312|       probabilities = malloc (sizeof (*probabilities) * history_bins);
#  313|       summed_probabilities = malloc (sizeof (*summed_probabilities) * history_bins);

Error: CPPCHECK_WARNING (CWE-476): [#def323]
wavpack-5.8.1/src/pack_dsd.c:332: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: histogram
#  330|   
#  331|       for (p0 = 0; p0 < history_bins; p0++) {
#  332|->         calculate_probabilities (histogram [p0], probabilities [p0], summed_probabilities [p0]);
#  333|           total_summed_probabilities += summed_probabilities [p0] [255];
#  334|       }

Error: CPPCHECK_WARNING (CWE-476): [#def324]
wavpack-5.8.1/src/pack_dsd.c:332: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: probabilities
#  330|   
#  331|       for (p0 = 0; p0 < history_bins; p0++) {
#  332|->         calculate_probabilities (histogram [p0], probabilities [p0], summed_probabilities [p0]);
#  333|           total_summed_probabilities += summed_probabilities [p0] [255];
#  334|       }

Error: CPPCHECK_WARNING (CWE-476): [#def325]
wavpack-5.8.1/src/pack_dsd.c:332: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: summed_probabilities
#  330|   
#  331|       for (p0 = 0; p0 < history_bins; p0++) {
#  332|->         calculate_probabilities (histogram [p0], probabilities [p0], summed_probabilities [p0]);
#  333|           total_summed_probabilities += summed_probabilities [p0] [255];
#  334|       }

Error: CPPCHECK_WARNING (CWE-476): [#def326]
wavpack-5.8.1/src/pack_dsd.c:333: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: summed_probabilities
#  331|       for (p0 = 0; p0 < history_bins; p0++) {
#  332|           calculate_probabilities (histogram [p0], probabilities [p0], summed_probabilities [p0]);
#  333|->         total_summed_probabilities += summed_probabilities [p0] [255];
#  334|       }
#  335|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def327]
wavpack-5.8.1/src/pack_dsd.c:333:39: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>[255]’
wavpack-5.8.1/src/pack_dsd.c:269:12: enter_function: entry to ‘encode_buffer_fast’
wavpack-5.8.1/src/pack_dsd.c:285:8: branch_false: following ‘false’ branch (when ‘num_samples > 279’)...
wavpack-5.8.1/src/pack_dsd.c:287:13: branch_false: ...to here
wavpack-5.8.1/src/pack_dsd.c:318:16: branch_true: following ‘true’ branch (when ‘bc != 0’)...
wavpack-5.8.1/src/pack_dsd.c:319:20: branch_true: ...to here
wavpack-5.8.1/src/pack_dsd.c:318:16: branch_false: following ‘false’ branch (when ‘bc == 0’)...
wavpack-5.8.1/src/pack_dsd.c:331:5: branch_false: ...to here
wavpack-5.8.1/src/pack_dsd.c:331:18: branch_true: following ‘true’ branch (when ‘p0 < history_bins’)...
wavpack-5.8.1/src/pack_dsd.c:332:91: branch_true: ...to here
wavpack-5.8.1/src/pack_dsd.c:332:9: call_function: calling ‘calculate_probabilities’ from ‘encode_buffer_fast’
wavpack-5.8.1/src/pack_dsd.c:332:9: return_function: returning to ‘encode_buffer_fast’ from ‘calculate_probabilities’
wavpack-5.8.1/src/pack_dsd.c:333:39: danger: use of uninitialized value ‘*<unknown>[255]’ here
#  331|       for (p0 = 0; p0 < history_bins; p0++) {
#  332|           calculate_probabilities (histogram [p0], probabilities [p0], summed_probabilities [p0]);
#  333|->         total_summed_probabilities += summed_probabilities [p0] [255];
#  334|       }
#  335|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def328]
wavpack-5.8.1/src/pack_dsd.c:457:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘table’
wavpack-5.8.1/src/pack_dsd.c:494:12: enter_function: entry to ‘encode_buffer_high’
wavpack-5.8.1/src/pack_dsd.c:501:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack_dsd.c:504:5: branch_false: ...to here
wavpack-5.8.1/src/pack_dsd.c:507:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack_dsd.c:508:27: branch_true: ...to here
wavpack-5.8.1/src/pack_dsd.c:508:27: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_dsd.c:509:9: call_function: calling ‘init_ptable’ from ‘encode_buffer_high’
#  455|   
#  456|       for (i = 0; i < PTABLE_BINS/2; ++i) {
#  457|->         table [i] = value;
#  458|           table [PTABLE_BINS-1-i] = 0x100ffff - value;
#  459|   

Error: CPPCHECK_WARNING (CWE-758): [#def329]
wavpack-5.8.1/src/pack_dsd.c:586: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  584|   
#  585|               sp [0].value += sp [0].filter6 * 8;
#  586|->             sp [0].factor += (((sp [0].value ^ sp [0].filter0) >> 31) | 1) & ((sp [0].value ^ (sp [0].value - (sp [0].filter6 * 16))) >> 31);
#  587|               sp [0].filter1 += ((sp [0].filter0 & VALUE_ONE) - sp [0].filter1) >> 6;
#  588|               sp [0].filter2 += ((sp [0].filter0 & VALUE_ONE) - sp [0].filter2) >> 4;

Error: CPPCHECK_WARNING (CWE-758): [#def330]
wavpack-5.8.1/src/pack_dsd.c:620: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  618|   
#  619|               sp [1].value += sp [1].filter6 * 8;
#  620|->             sp [1].factor += (((sp [1].value ^ sp [1].filter0) >> 31) | 1) & ((sp [1].value ^ (sp [1].value - (sp [1].filter6 * 16))) >> 31);
#  621|               sp [1].filter1 += ((sp [1].filter0 & VALUE_ONE) - sp [1].filter1) >> 6;
#  622|               sp [1].filter2 += ((sp [1].filter0 & VALUE_ONE) - sp [1].filter2) >> 4;

Error: CPPCHECK_WARNING (CWE-758): [#def331]
wavpack-5.8.1/src/pack_floats.c:48: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#   46|       // max magnitude that does not have an exponent of 255 (reserved for +/-inf and NaN).
#   47|       for (dp = values, count = num_values; count--; dp++) {
#   48|->         crc = crc * 27 + get_mantissa (*dp) * 9 + get_exponent (*dp) * 3 + get_sign (*dp);
#   49|   
#   50|           if (get_exponent (*dp) < 255 && get_magnitude (*dp) > max_mag)

Error: CPPCHECK_WARNING (CWE-758): [#def332]
wavpack-5.8.1/src/pack_floats.c:105: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  103|               if (get_exponent (*dp) || get_mantissa (*dp))
#  104|                   ++false_zeros;
#  105|->             else if (get_sign (*dp))
#  106|                   ++neg_zeros;
#  107|   #ifdef DISPLAY_DIAGNOSTICS

Error: CPPCHECK_WARNING (CWE-758): [#def333]
wavpack-5.8.1/src/pack_floats.c:130: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  128|   
#  129|           ordata |= value;
#  130|->         * (int32_t *) dp = (get_sign (*dp)) ? -value : value;
#  131|       }
#  132|   

Error: CPPCHECK_WARNING (CWE-758): [#def334]
wavpack-5.8.1/src/pack_floats.c:250: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  248|                       }
#  249|   
#  250|->                     putbit (get_sign (*dp), &wps->wvxbits);
#  251|                   }
#  252|                   else {

Error: CPPCHECK_WARNING (CWE-758): [#def335]
wavpack-5.8.1/src/pack_floats.c:256: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  254|   
#  255|                       if (wps->float_flags & FLOAT_NEG_ZEROS)
#  256|->                         putbit (get_sign (*dp), &wps->wvxbits);
#  257|                   }
#  258|               }

Error: CPPCHECK_WARNING (CWE-476): [#def336]
wavpack-5.8.1/src/pack_utils.c:402: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wps
#  400|           wpc->streams = realloc (wpc->streams, (stream_index + 1) * sizeof (wpc->streams [0]));
#  401|           wpc->streams [stream_index] = wps;
#  402|->         wps->stream_index = stream_index;
#  403|           wps->wpc = wpc;
#  404|   

Error: CPPCHECK_WARNING (CWE-476): [#def337]
wavpack-5.8.1/src/pack_utils.c:403: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wps
#  401|           wpc->streams [stream_index] = wps;
#  402|           wps->stream_index = stream_index;
#  403|->         wps->wpc = wpc;
#  404|   
#  405|           // if there are any bits [still] set in the channel_mask, get the next one or two IDs from there

Error: CPPCHECK_WARNING (CWE-682): [#def338]
wavpack-5.8.1/src/pack_utils.c:1143: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
# 1141|           wps->block2end = (wpc->wvc_flag) ? wps->block2buff + max_blocksize : NULL;
# 1142|           wps->blockbuff = malloc (max_blocksize);
# 1143|->         wps->blockend = wps->blockbuff + max_blocksize;
# 1144|   
# 1145|   #ifdef ENABLE_THREADS

Error: CPPCHECK_WARNING (CWE-476): [#def339]
wavpack-5.8.1/src/pack_utils.c:1167: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wps_copy
# 1165|               WavpackStream *wps_copy = malloc (sizeof (WavpackStream));
# 1166|   
# 1167|->             memcpy (wps_copy, wps, sizeof (WavpackStream));
# 1168|   
# 1169|               // If there is a discontinuity (i.e., the previous block is not done, so we can't get any

Error: GCC_ANALYZER_WARNING (CWE-688): [#def340]
wavpack-5.8.1/src/pack_utils.c:1167:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘wps_copy’ where non-null expected
wavpack-5.8.1/src/pack_utils.c:1130:28: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack_utils.c:1140:27: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack_utils.c:1140:9: branch_false: ...to here
wavpack-5.8.1/src/pack_utils.c:1141:26: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack_utils.c:1141:9: branch_false: ...to here
wavpack-5.8.1/src/pack_utils.c:1164:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack_utils.c:1165:39: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_utils.c:1167:13: danger: argument 1 (‘wps_copy’) from [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8) could be NULL where non-null expected
#argument 1 of ‘__builtin_memcpy’ must be non-null
# 1165|               WavpackStream *wps_copy = malloc (sizeof (WavpackStream));
# 1166|   
# 1167|->             memcpy (wps_copy, wps, sizeof (WavpackStream));
# 1168|   
# 1169|               // If there is a discontinuity (i.e., the previous block is not done, so we can't get any

Error: CPPCHECK_WARNING (CWE-476): [#def341]
wavpack-5.8.1/src/pack_utils.c:1177: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wps_copy
# 1175|                   pack_init (wps_copy);
# 1176|   
# 1177|->             wps_copy->sample_buffer = malloc (block_samples * (wps->wphdr.flags & MONO_FLAG ? 4 : 8));
# 1178|               memcpy (wps_copy->sample_buffer, wps->sample_buffer, block_samples * (wps->wphdr.flags & MONO_FLAG ? 4 : 8));
# 1179|   

Error: CPPCHECK_WARNING (CWE-476): [#def342]
wavpack-5.8.1/src/pack_utils.c:1178: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wps_copy
# 1176|   
# 1177|               wps_copy->sample_buffer = malloc (block_samples * (wps->wphdr.flags & MONO_FLAG ? 4 : 8));
# 1178|->             memcpy (wps_copy->sample_buffer, wps->sample_buffer, block_samples * (wps->wphdr.flags & MONO_FLAG ? 4 : 8));
# 1179|   
# 1180|               if (wps->discontinuous && wps->pre_sample_buffer && wps->num_pre_samples) {

Error: GCC_ANALYZER_WARNING (CWE-688): [#def343]
wavpack-5.8.1/src/pack_utils.c:1191:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc(1024)’ where non-null expected
wavpack-5.8.1/src/pack_utils.c:1130:28: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack_utils.c:1140:27: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack_utils.c:1140:9: branch_false: ...to here
wavpack-5.8.1/src/pack_utils.c:1141:26: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack_utils.c:1141:9: branch_false: ...to here
wavpack-5.8.1/src/pack_utils.c:1164:17: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack_utils.c:1174:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack_utils.c:1177:64: branch_false: ...to here
wavpack-5.8.1/src/pack_utils.c:1180:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/pack_utils.c:1185:17: branch_false: ...to here
wavpack-5.8.1/src/pack_utils.c:1189:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack_utils.c:1190:40: branch_true: ...to here
wavpack-5.8.1/src/pack_utils.c:1190:40: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_utils.c:1191:17: danger: argument 1 (‘malloc(1024)’) from [(15)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/14) could be NULL where non-null expected
#argument 1 of ‘__builtin_memcpy’ must be non-null
# 1189|               if (wps->dsd.ptable) {
# 1190|                   wps_copy->dsd.ptable = malloc (256 * sizeof (*wps->dsd.ptable));
# 1191|->                 memcpy (wps_copy->dsd.ptable, wps->dsd.ptable, 256 * sizeof (*wps->dsd.ptable));
# 1192|               }
# 1193|   

Error: CPPCHECK_WARNING (CWE-476): [#def344]
wavpack-5.8.1/src/pack_utils.c:1514: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
# 1512|   
# 1513|           CLEAR (*wphdr);
# 1514|->         memcpy (wphdr->ckID, "wvpk", 4);
# 1515|           SET_TOTAL_SAMPLES (*wphdr, wpc->total_samples);
# 1516|           wphdr->version = wpc->stream_version;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def345]
wavpack-5.8.1/src/pack_utils.c:1515:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘block_buff’
wavpack-5.8.1/src/pack_utils.c:1500:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack_utils.c:1502:26: branch_true: ...to here
wavpack-5.8.1/src/pack_utils.c:1504:16: branch_true: following ‘true’ branch (when ‘metacount != 0’)...
wavpack-5.8.1/src/pack_utils.c:1505:27: branch_true: ...to here
wavpack-5.8.1/src/pack_utils.c:1511:49: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_utils.c:1515:9: branch_true: following ‘true’ branch (when ‘tmp < 0’)...
wavpack-5.8.1/src/pack_utils.c:1515:9: branch_true: ...to here
wavpack-5.8.1/src/pack_utils.c:1515:9: danger: ‘block_buff’ could be NULL: unchecked value from [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
# 1513|           CLEAR (*wphdr);
# 1514|           memcpy (wphdr->ckID, "wvpk", 4);
# 1515|->         SET_TOTAL_SAMPLES (*wphdr, wpc->total_samples);
# 1516|           wphdr->version = wpc->stream_version;
# 1517|           wphdr->ckSize = block_size - 8;

Error: CPPCHECK_WARNING (CWE-476): [#def346]
wavpack-5.8.1/src/pack_utils.c:1516: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
# 1514|           memcpy (wphdr->ckID, "wvpk", 4);
# 1515|           SET_TOTAL_SAMPLES (*wphdr, wpc->total_samples);
# 1516|->         wphdr->version = wpc->stream_version;
# 1517|           wphdr->ckSize = block_size - 8;
# 1518|           wphdr->block_samples = 0;

Error: CPPCHECK_WARNING (CWE-476): [#def347]
wavpack-5.8.1/src/pack_utils.c:1517: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
# 1515|           SET_TOTAL_SAMPLES (*wphdr, wpc->total_samples);
# 1516|           wphdr->version = wpc->stream_version;
# 1517|->         wphdr->ckSize = block_size - 8;
# 1518|           wphdr->block_samples = 0;
# 1519|   

Error: CPPCHECK_WARNING (CWE-476): [#def348]
wavpack-5.8.1/src/pack_utils.c:1518: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wphdr
# 1516|           wphdr->version = wpc->stream_version;
# 1517|           wphdr->ckSize = block_size - 8;
# 1518|->         wphdr->block_samples = 0;
# 1519|   
# 1520|           block_ptr = (char *)(wphdr + 1);

Error: CPPCHECK_WARNING (CWE-682): [#def349]
wavpack-5.8.1/src/pack_utils.c:1520: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
# 1518|           wphdr->block_samples = 0;
# 1519|   
# 1520|->         block_ptr = (char *)(wphdr + 1);
# 1521|   
# 1522|           wpmdp = wpc->metadata;

Error: CPPCHECK_WARNING (CWE-476): [#def350]
wavpack-5.8.1/src/pack_utils.c:1749: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wps
# 1747|   static void pack_samples_enqueue (WavpackStream *wps, int free_wps)
# 1748|   {
# 1749|->     WavpackContext *wpc = (WavpackContext *) wps->wpc;  // this is safe here because single-threaded
# 1750|       int i;
# 1751|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def351]
wavpack-5.8.1/src/pack_utils.c:1849:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*wpc.workers’
wavpack-5.8.1/src/pack_utils.c:1840:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack_utils.c:1843:9: branch_true: ...to here
wavpack-5.8.1/src/pack_utils.c:1846:24: acquire_memory: this call could return NULL
wavpack-5.8.1/src/pack_utils.c:1848:21: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/pack_utils.c:1849:13: branch_true: ...to here
wavpack-5.8.1/src/pack_utils.c:1849:13: danger: ‘*wpc.workers + (long unsigned int)i * 128’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
# 1847|   
# 1848|           for (i = 0; i < wpc->num_workers; ++i) {
# 1849|->             wpc->workers [i].mutex = &wpc->mutex;
# 1850|               wpc->workers [i].global_cond = &wpc->global_cond;
# 1851|               wpc->workers [i].workers_ready = &wpc->workers_ready;

Error: CPPCHECK_WARNING (CWE-758): [#def352]
wavpack-5.8.1/src/unpack.c:250: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  248|   
#  249|                   temp = apply_weight (dpp->weight_A, sam) + read_word;
#  250|->                 update_weight (dpp->weight_A, dpp->delta, sam, read_word);
#  251|                   dpp->samples_A [k] = read_word = temp;
#  252|               }

Error: CPPCHECK_WARNING (CWE-758): [#def353]
wavpack-5.8.1/src/unpack.c:366: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  364|                       right2 = apply_weight (dpp->weight_B, sam_B) + right;
#  365|   
#  366|->                     update_weight (dpp->weight_A, dpp->delta, sam_A, left);
#  367|                       update_weight (dpp->weight_B, dpp->delta, sam_B, right);
#  368|   

Error: CPPCHECK_WARNING (CWE-758): [#def354]
wavpack-5.8.1/src/unpack.c:367: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  365|   
#  366|                       update_weight (dpp->weight_A, dpp->delta, sam_A, left);
#  367|->                     update_weight (dpp->weight_B, dpp->delta, sam_B, right);
#  368|   
#  369|                       dpp->samples_A [k] = left = left2;

Error: CPPCHECK_WARNING (CWE-758): [#def355]
wavpack-5.8.1/src/unpack.c:374: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  372|                   else if (dpp->term == -1) {
#  373|                       left2 = left + apply_weight (dpp->weight_A, dpp->samples_A [0]);
#  374|->                     update_weight_clip (dpp->weight_A, dpp->delta, dpp->samples_A [0], left);
#  375|                       left = left2;
#  376|                       right2 = right + apply_weight (dpp->weight_B, left2);

Error: CPPCHECK_WARNING (CWE-758): [#def356]
wavpack-5.8.1/src/unpack.c:377: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  375|                       left = left2;
#  376|                       right2 = right + apply_weight (dpp->weight_B, left2);
#  377|->                     update_weight_clip (dpp->weight_B, dpp->delta, left2, right);
#  378|                       dpp->samples_A [0] = right = right2;
#  379|                   }

Error: CPPCHECK_WARNING (CWE-758): [#def357]
wavpack-5.8.1/src/unpack.c:382: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  380|                   else {
#  381|                       right2 = right + apply_weight (dpp->weight_B, dpp->samples_B [0]);
#  382|->                     update_weight_clip (dpp->weight_B, dpp->delta, dpp->samples_B [0], right);
#  383|                       right = right2;
#  384|   

Error: CPPCHECK_WARNING (CWE-758): [#def358]
wavpack-5.8.1/src/unpack.c:391: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  389|   
#  390|                       left2 = left + apply_weight (dpp->weight_A, right2);
#  391|->                     update_weight_clip (dpp->weight_A, dpp->delta, right2, left);
#  392|                       dpp->samples_B [0] = left = left2;
#  393|                   }

Error: CPPCHECK_WARNING (CWE-758): [#def359]
wavpack-5.8.1/src/unpack.c:536: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  534|                   dpp->samples_A [1] = dpp->samples_A [0];
#  535|                   dpp->samples_A [0] = apply_weight (weight_A, sam_A) + bptr [0];
#  536|->                 update_weight (weight_A, delta, sam_A, bptr [0]);
#  537|                   bptr [0] = dpp->samples_A [0];
#  538|               }

Error: CPPCHECK_WARNING (CWE-758): [#def360]
wavpack-5.8.1/src/unpack.c:547: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  545|                   dpp->samples_A [1] = dpp->samples_A [0];
#  546|                   dpp->samples_A [0] = apply_weight (weight_A, sam_A) + bptr [0];
#  547|->                 update_weight (weight_A, delta, sam_A, bptr [0]);
#  548|                   bptr [0] = dpp->samples_A [0];
#  549|               }

Error: CPPCHECK_WARNING (CWE-758): [#def361]
wavpack-5.8.1/src/unpack.c:557: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  555|                   sam_A = dpp->samples_A [m];
#  556|                   dpp->samples_A [k] = apply_weight (weight_A, sam_A) + bptr [0];
#  557|->                 update_weight (weight_A, delta, sam_A, bptr [0]);
#  558|                   bptr [0] = dpp->samples_A [k];
#  559|                   m = (m + 1) & (MAX_TERM - 1);

Error: CPPCHECK_WARNING (CWE-758): [#def362]
wavpack-5.8.1/src/unpack.c:598: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  596|                   dpp->samples_A [1] = dpp->samples_A [0];
#  597|                   bptr [0] = dpp->samples_A [0] = apply_weight (dpp->weight_A, sam) + (tmp = bptr [0]);
#  598|->                 update_weight (dpp->weight_A, dpp->delta, sam, tmp);
#  599|   
#  600|                   sam = 2 * dpp->samples_B [0] - dpp->samples_B [1];

Error: CPPCHECK_WARNING (CWE-758): [#def363]
wavpack-5.8.1/src/unpack.c:603: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  601|                   dpp->samples_B [1] = dpp->samples_B [0];
#  602|                   bptr [1] = dpp->samples_B [0] = apply_weight (dpp->weight_B, sam) + (tmp = bptr [1]);
#  603|->                 update_weight (dpp->weight_B, dpp->delta, sam, tmp);
#  604|               }
#  605|   

Error: CPPCHECK_WARNING (CWE-758): [#def364]
wavpack-5.8.1/src/unpack.c:615: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  613|                   dpp->samples_A [1] = dpp->samples_A [0];
#  614|                   bptr [0] = dpp->samples_A [0] = apply_weight (dpp->weight_A, sam) + (tmp = bptr [0]);
#  615|->                 update_weight (dpp->weight_A, dpp->delta, sam, tmp);
#  616|   
#  617|                   sam = dpp->samples_B [0] + ((dpp->samples_B [0] - dpp->samples_B [1]) >> 1);

Error: CPPCHECK_WARNING (CWE-758): [#def365]
wavpack-5.8.1/src/unpack.c:620: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  618|                   dpp->samples_B [1] = dpp->samples_B [0];
#  619|                   bptr [1] = dpp->samples_B [0] = apply_weight (dpp->weight_B, sam) + (tmp = bptr [1]);
#  620|->                 update_weight (dpp->weight_B, dpp->delta, sam, tmp);
#  621|               }
#  622|   

Error: CPPCHECK_WARNING (CWE-758): [#def366]
wavpack-5.8.1/src/unpack.c:631: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  629|                   sam = dpp->samples_A [m];
#  630|                   dpp->samples_A [k] = apply_weight (dpp->weight_A, sam) + bptr [0];
#  631|->                 update_weight (dpp->weight_A, dpp->delta, sam, bptr [0]);
#  632|                   bptr [0] = dpp->samples_A [k];
#  633|   

Error: CPPCHECK_WARNING (CWE-758): [#def367]
wavpack-5.8.1/src/unpack.c:636: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  634|                   sam = dpp->samples_B [m];
#  635|                   dpp->samples_B [k] = apply_weight (dpp->weight_B, sam) + bptr [1];
#  636|->                 update_weight (dpp->weight_B, dpp->delta, sam, bptr [1]);
#  637|                   bptr [1] = dpp->samples_B [k];
#  638|   

Error: CPPCHECK_WARNING (CWE-758): [#def368]
wavpack-5.8.1/src/unpack.c:650: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  648|   
#  649|                   sam = bptr [0] + apply_weight (dpp->weight_A, dpp->samples_A [0]);
#  650|->                 update_weight_clip (dpp->weight_A, dpp->delta, dpp->samples_A [0], bptr [0]);
#  651|                   bptr [0] = sam;
#  652|                   dpp->samples_A [0] = bptr [1] + apply_weight (dpp->weight_B, sam);

Error: CPPCHECK_WARNING (CWE-758): [#def369]
wavpack-5.8.1/src/unpack.c:653: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  651|                   bptr [0] = sam;
#  652|                   dpp->samples_A [0] = bptr [1] + apply_weight (dpp->weight_B, sam);
#  653|->                 update_weight_clip (dpp->weight_B, dpp->delta, sam, bptr [1]);
#  654|                   bptr [1] = dpp->samples_A [0];
#  655|               }

Error: CPPCHECK_WARNING (CWE-758): [#def370]
wavpack-5.8.1/src/unpack.c:664: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  662|   
#  663|                   sam = bptr [1] + apply_weight (dpp->weight_B, dpp->samples_B [0]);
#  664|->                 update_weight_clip (dpp->weight_B, dpp->delta, dpp->samples_B [0], bptr [1]);
#  665|                   bptr [1] = sam;
#  666|                   dpp->samples_B [0] = bptr [0] + apply_weight (dpp->weight_A, sam);

Error: CPPCHECK_WARNING (CWE-758): [#def371]
wavpack-5.8.1/src/unpack.c:667: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  665|                   bptr [1] = sam;
#  666|                   dpp->samples_B [0] = bptr [0] + apply_weight (dpp->weight_A, sam);
#  667|->                 update_weight_clip (dpp->weight_A, dpp->delta, sam, bptr [0]);
#  668|                   bptr [0] = dpp->samples_B [0];
#  669|               }

Error: CPPCHECK_WARNING (CWE-758): [#def372]
wavpack-5.8.1/src/unpack.c:678: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  676|   
#  677|                   sam_A = bptr [0] + apply_weight (dpp->weight_A, dpp->samples_A [0]);
#  678|->                 update_weight_clip (dpp->weight_A, dpp->delta, dpp->samples_A [0], bptr [0]);
#  679|                   sam_B = bptr [1] + apply_weight (dpp->weight_B, dpp->samples_B [0]);
#  680|                   update_weight_clip (dpp->weight_B, dpp->delta, dpp->samples_B [0], bptr [1]);

Error: CPPCHECK_WARNING (CWE-758): [#def373]
wavpack-5.8.1/src/unpack.c:680: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  678|                   update_weight_clip (dpp->weight_A, dpp->delta, dpp->samples_A [0], bptr [0]);
#  679|                   sam_B = bptr [1] + apply_weight (dpp->weight_B, dpp->samples_B [0]);
#  680|->                 update_weight_clip (dpp->weight_B, dpp->delta, dpp->samples_B [0], bptr [1]);
#  681|                   bptr [0] = dpp->samples_B [0] = sam_A;
#  682|                   bptr [1] = dpp->samples_A [0] = sam_B;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def374]
wavpack-5.8.1/src/unpack_dsd.c:176:21: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘outptr’
wavpack-5.8.1/src/unpack_dsd.c:146:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/unpack_dsd.c:149:21: branch_false: ...to here
wavpack-5.8.1/src/unpack_dsd.c:151:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/unpack_dsd.c:161:54: acquire_memory: this call could return NULL
wavpack-5.8.1/src/unpack_dsd.c:165:8: branch_true: following ‘true’ branch (when ‘max_probability != 255’)...
wavpack-5.8.1/src/unpack_dsd.c:167:24: branch_true: ...to here
wavpack-5.8.1/src/unpack_dsd.c:169:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/unpack_dsd.c:172:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/unpack_dsd.c:173:30: branch_true: ...to here
wavpack-5.8.1/src/unpack_dsd.c:175:24: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/unpack_dsd.c:176:21: danger: ‘outptr’ could be NULL: unchecked value from [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  174|   
#  175|                   while (outptr < outend && zcount--)
#  176|->                     *outptr++ = 0;
#  177|               }
#  178|               else if (code)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def375]
wavpack-5.8.1/src/unpack_dsd.c:179:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘outptr’
wavpack-5.8.1/src/unpack_dsd.c:146:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/unpack_dsd.c:149:21: branch_false: ...to here
wavpack-5.8.1/src/unpack_dsd.c:151:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/unpack_dsd.c:161:54: acquire_memory: this call could return NULL
wavpack-5.8.1/src/unpack_dsd.c:165:8: branch_true: following ‘true’ branch (when ‘max_probability != 255’)...
wavpack-5.8.1/src/unpack_dsd.c:167:24: branch_true: ...to here
wavpack-5.8.1/src/unpack_dsd.c:169:16: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/unpack_dsd.c:172:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/unpack_dsd.c:178:21: branch_false: ...to here
wavpack-5.8.1/src/unpack_dsd.c:178:21: branch_true: following ‘true’ branch (when ‘code != 0’)...
wavpack-5.8.1/src/unpack_dsd.c:179:18: branch_true: ...to here
wavpack-5.8.1/src/unpack_dsd.c:179:17: danger: ‘outptr’ could be NULL: unchecked value from [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  177|               }
#  178|               else if (code)
#  179|->                 *outptr++ = code;
#  180|               else
#  181|                   break;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def376]
wavpack-5.8.1/src/unpack_dsd.c:198:68: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>[i]’
wavpack-5.8.1/src/unpack_dsd.c:146:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/unpack_dsd.c:149:21: branch_false: ...to here
wavpack-5.8.1/src/unpack_dsd.c:151:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/unpack_dsd.c:165:8: branch_true: following ‘true’ branch (when ‘max_probability != 255’)...
wavpack-5.8.1/src/unpack_dsd.c:167:24: branch_true: ...to here
wavpack-5.8.1/src/unpack_dsd.c:184:12: branch_false: following ‘false’ branch (when ‘outptr >= outend’)...
wavpack-5.8.1/src/unpack_dsd.c:184:33: branch_false: ...to here
wavpack-5.8.1/src/unpack_dsd.c:194:18: branch_true: following ‘true’ branch...
 branch_true: ...to here
wavpack-5.8.1/src/unpack_dsd.c:197:34: branch_true: following ‘true’ branch (when ‘i != 256’)...
wavpack-5.8.1/src/unpack_dsd.c:198:68: branch_true: ...to here
wavpack-5.8.1/src/unpack_dsd.c:198:68: danger: use of uninitialized value ‘*<unknown>[i]’ here
#  196|   
#  197|           for (sum_values = i = 0; i < 256; ++i)
#  198|->             wps->dsd.summed_probabilities [bi] [i] = sum_values += wps->dsd.probabilities [bi] [i];
#  199|   
#  200|           if (sum_values) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def377]
wavpack-5.8.1/src/unpack_dsd.c:308:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘table’
wavpack-5.8.1/src/unpack_dsd.c:320:12: enter_function: entry to ‘init_dsd_block_high’
wavpack-5.8.1/src/unpack_dsd.c:325:8: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/unpack_dsd.c:328:15: branch_false: ...to here
wavpack-5.8.1/src/unpack_dsd.c:331:8: branch_false: following ‘false’ branch (when ‘rate_s == 20’)...
wavpack-5.8.1/src/unpack_dsd.c:334:10: branch_false: ...to here
wavpack-5.8.1/src/unpack_dsd.c:334:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/unpack_dsd.c:335:38: branch_true: ...to here
wavpack-5.8.1/src/unpack_dsd.c:335:38: acquire_memory: this call could return NULL
wavpack-5.8.1/src/unpack_dsd.c:337:5: call_function: calling ‘init_ptable’ from ‘init_dsd_block_high’
#  306|   
#  307|       for (i = 0; i < PTABLE_BINS/2; ++i) {
#  308|->         table [i] = value;
#  309|           table [PTABLE_BINS-1-i] = 0x100ffff - value;
#  310|   

Error: CPPCHECK_WARNING (CWE-758): [#def378]
wavpack-5.8.1/src/unpack_dsd.c:400: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  398|               sp [0].value += sp [0].filter6 * 8;
#  399|               sp [0].byte = (sp [0].byte << 1) | (sp [0].filter0 & 1);
#  400|->             sp [0].factor += (((sp [0].value ^ sp [0].filter0) >> 31) | 1) & ((sp [0].value ^ (sp [0].value - (sp [0].filter6 * 16))) >> 31);
#  401|               sp [0].filter1 += ((sp [0].filter0 & VALUE_ONE) - sp [0].filter1) >> 6;
#  402|               sp [0].filter2 += ((sp [0].filter0 & VALUE_ONE) - sp [0].filter2) >> 4;

Error: CPPCHECK_WARNING (CWE-758): [#def379]
wavpack-5.8.1/src/unpack_dsd.c:435: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  433|               sp [1].value += sp [1].filter6 * 8;
#  434|               sp [1].byte = (sp [1].byte << 1) | (sp [1].filter0 & 1);
#  435|->             sp [1].factor += (((sp [1].value ^ sp [1].filter0) >> 31) | 1) & ((sp [1].value ^ (sp [1].value - (sp [1].filter6 * 16))) >> 31);
#  436|               sp [1].filter1 += ((sp [1].filter0 & VALUE_ONE) - sp [1].filter1) >> 6;
#  437|               sp [1].filter2 += ((sp [1].filter0 & VALUE_ONE) - sp [1].filter2) >> 4;

Error: CPPCHECK_WARNING (CWE-758): [#def380]
wavpack-5.8.1/src/unpack_floats.c:104: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  102|           }
#  103|   
#  104|->         crc = crc * 27 + get_mantissa (outval) * 9 + get_exponent (outval) * 3 + get_sign (outval);
#  105|           * (f32 *) values++ = outval;
#  106|       }

Error: CPPCHECK_WARNING (CWE-476): [#def381]
wavpack-5.8.1/src/unpack_seek.c:163: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wps
#  161|               wpc->streams = (WavpackStream **)realloc (wpc->streams, (wpc->num_streams + 1) * sizeof (wpc->streams [0]));
#  162|               wps = wpc->streams [wpc->num_streams] = (WavpackStream *)calloc (1, sizeof (WavpackStream));
#  163|->             wps->stream_index = wpc->num_streams++;
#  164|               wps->wpc = wpc;
#  165|               bcount = read_next_header (wpc->reader, wpc->wv_in, &wps->wphdr);

Error: CPPCHECK_WARNING (CWE-476): [#def382]
wavpack-5.8.1/src/unpack_seek.c:164: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wps
#  162|               wps = wpc->streams [wpc->num_streams] = (WavpackStream *)calloc (1, sizeof (WavpackStream));
#  163|               wps->stream_index = wpc->num_streams++;
#  164|->             wps->wpc = wpc;
#  165|               bcount = read_next_header (wpc->reader, wpc->wv_in, &wps->wphdr);
#  166|   

Error: CPPCHECK_WARNING (CWE-476): [#def383]
wavpack-5.8.1/src/unpack_seek.c:172: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wps
#  170|               }
#  171|   
#  172|->             wps->blockbuff = (unsigned char *)malloc (wps->wphdr.ckSize + 8);
#  173|               memcpy (wps->blockbuff, &wps->wphdr, 32);
#  174|   

Error: CPPCHECK_WARNING (CWE-476): [#def384]
wavpack-5.8.1/src/unpack_seek.c:173: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wps
#  171|   
#  172|               wps->blockbuff = (unsigned char *)malloc (wps->wphdr.ckSize + 8);
#  173|->             memcpy (wps->blockbuff, &wps->wphdr, 32);
#  174|   
#  175|               if (wpc->reader->read_bytes (wpc->wv_in, wps->blockbuff + 32, wps->wphdr.ckSize - 24) !=

Error: CPPCHECK_WARNING (CWE-476): [#def385]
wavpack-5.8.1/src/unpack_seek.c:175: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wps
#  173|               memcpy (wps->blockbuff, &wps->wphdr, 32);
#  174|   
#  175|->             if (wpc->reader->read_bytes (wpc->wv_in, wps->blockbuff + 32, wps->wphdr.ckSize - 24) !=
#  176|                   wps->wphdr.ckSize - 24) {
#  177|                       free_streams (wpc);

Error: CPPCHECK_WARNING (CWE-476): [#def386]
wavpack-5.8.1/src/unpack_seek.c:176: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wps
#  174|   
#  175|               if (wpc->reader->read_bytes (wpc->wv_in, wps->blockbuff + 32, wps->wphdr.ckSize - 24) !=
#  176|->                 wps->wphdr.ckSize - 24) {
#  177|                       free_streams (wpc);
#  178|                       return FALSE;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def387]
wavpack-5.8.1/src/unpack_utils.c:68:23: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘src’
wavpack-5.8.1/src/unpack_utils.c:488:14: enter_function: entry to ‘unpack_samples_worker_thread’
wavpack-5.8.1/src/unpack_utils.c:501:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/unpack_utils.c:504:9: branch_false: ...to here
wavpack-5.8.1/src/unpack_utils.c:506:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/unpack_utils.c:509:13: branch_false: ...to here
wavpack-5.8.1/src/unpack_utils.c:513:9: call_function: calling ‘unpack_samples_interleave’ from ‘unpack_samples_worker_thread’
#   66|       if (wps->wphdr.flags & MONO_FLAG) {
#   67|           while (samcnt--) {
#   68|->             dst [0] = *src++;
#   69|               dst += num_channels;
#   70|           }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def388]
wavpack-5.8.1/src/unpack_utils.c:77:23: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘src’
wavpack-5.8.1/src/unpack_utils.c:488:14: enter_function: entry to ‘unpack_samples_worker_thread’
wavpack-5.8.1/src/unpack_utils.c:501:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/unpack_utils.c:504:9: branch_false: ...to here
wavpack-5.8.1/src/unpack_utils.c:506:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/unpack_utils.c:509:13: branch_false: ...to here
wavpack-5.8.1/src/unpack_utils.c:513:9: call_function: calling ‘unpack_samples_interleave’ from ‘unpack_samples_worker_thread’
#   75|       else if (offset == num_channels - 1) {
#   76|           while (samcnt--) {
#   77|->             dst [0] = src [0];
#   78|               dst += num_channels;
#   79|               src += 2;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def389]
wavpack-5.8.1/src/unpack_utils.c:87:23: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘src’
wavpack-5.8.1/src/unpack_utils.c:488:14: enter_function: entry to ‘unpack_samples_worker_thread’
wavpack-5.8.1/src/unpack_utils.c:501:16: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/unpack_utils.c:504:9: branch_false: ...to here
wavpack-5.8.1/src/unpack_utils.c:506:12: branch_false: following ‘false’ branch...
wavpack-5.8.1/src/unpack_utils.c:509:13: branch_false: ...to here
wavpack-5.8.1/src/unpack_utils.c:513:9: call_function: calling ‘unpack_samples_interleave’ from ‘unpack_samples_worker_thread’
#   85|       else {
#   86|           while (samcnt--) {
#   87|->             dst [0] = *src++;
#   88|               dst [1] = *src++;
#   89|               dst += num_channels;

Error: CPPCHECK_WARNING (CWE-476): [#def390]
wavpack-5.8.1/src/unpack_utils.c:416: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wps_copy
#  414|                   WavpackStream *wps_copy = malloc (sizeof (WavpackStream));
#  415|   
#  416|->                 memcpy (wps_copy, wps, sizeof (WavpackStream));
#  417|   
#  418|                   // Update the existing WavpackStream so we can use it for the next block before the current one

Error: CPPCHECK_WARNING (CWE-401): [#def391]
wavpack-5.8.1/src/unpack_utils.c:510: error[memleakOnRealloc]: Common realloc mistake: 'temp_buffer' nulled but not freed upon failure
#  508|   
#  509|           if (cxt->samcnt > temp_samples)             // reallocate temp buffer if not big enough
#  510|->             temp_buffer = (int32_t *) realloc (temp_buffer, (temp_samples = cxt->samcnt) * 8);
#  511|   
#  512|           // this is where the work is done

Error: CPPCHECK_WARNING (CWE-476): [#def392]
wavpack-5.8.1/src/unpack_utils.c:539: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: wps
#  537|   static void unpack_samples_enqueue (WavpackStream *wps, int32_t *outbuf, int offset, uint32_t samcnt, int free_wps)
#  538|   {
#  539|->     WavpackContext *wpc = (WavpackContext *) wps->wpc;  // this is safe here because single-threaded
#  540|       int i;
#  541|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def393]
wavpack-5.8.1/src/unpack_utils.c:594:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*wpc.workers’
wavpack-5.8.1/src/unpack_utils.c:585:8: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/unpack_utils.c:588:9: branch_true: ...to here
wavpack-5.8.1/src/unpack_utils.c:591:24: acquire_memory: this call could return NULL
wavpack-5.8.1/src/unpack_utils.c:593:21: branch_true: following ‘true’ branch...
wavpack-5.8.1/src/unpack_utils.c:594:13: branch_true: ...to here
wavpack-5.8.1/src/unpack_utils.c:594:13: danger: ‘*wpc.workers + (long unsigned int)i * 128’ could be NULL: unchecked value from [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#  592|   
#  593|           for (i = 0; i < wpc->num_workers; ++i) {
#  594|->             wpc->workers [i].mutex = &wpc->mutex;
#  595|               wpc->workers [i].global_cond = &wpc->global_cond;
#  596|               wpc->workers [i].workers_ready = &wpc->workers_ready;

Error: CPPCHECK_WARNING (CWE-682): [#def394]
wavpack-5.8.1/src/write_words.c:107: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  105|       wpmd->id = ID_ENTROPY_VARS;
#  106|   
#  107|->     *byteptr++ = temp = wp_log2 (wps->w.c [0].median [0]);
#  108|       *byteptr++ = temp >> 8;
#  109|       *byteptr++ = temp = wp_log2 (wps->w.c [0].median [1]);

Error: CPPCHECK_WARNING (CWE-476): [#def395]
wavpack-5.8.1/src/write_words.c:107: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: byteptr++
#  105|       wpmd->id = ID_ENTROPY_VARS;
#  106|   
#  107|->     *byteptr++ = temp = wp_log2 (wps->w.c [0].median [0]);
#  108|       *byteptr++ = temp >> 8;
#  109|       *byteptr++ = temp = wp_log2 (wps->w.c [0].median [1]);

Error: CPPCHECK_WARNING (CWE-682): [#def396]
wavpack-5.8.1/src/write_words.c:153: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  151|       }
#  152|   
#  153|->     *byteptr++ = temp = wps->w.bitrate_acc [0] >> 16;
#  154|       *byteptr++ = temp >> 8;
#  155|   

Error: CPPCHECK_WARNING (CWE-476): [#def397]
wavpack-5.8.1/src/write_words.c:153: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: byteptr++
#  151|       }
#  152|   
#  153|->     *byteptr++ = temp = wps->w.bitrate_acc [0] >> 16;
#  154|       *byteptr++ = temp >> 8;
#  155|