Error: GCC_ANALYZER_WARNING (CWE-476): [#def1] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:118:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘list’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:442:1: enter_function: entry to ‘xdg_mime_init’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:458:7: call_function: calling ‘xdg_run_command_on_dirs’ from ‘xdg_mime_init’ # 116| list = calloc (1, sizeof (XdgDirTimeList)); # 117| list->checked = XDG_CHECKED_UNCHECKED; # 118|-> list->directory_name = file_name; # 119| list->mtime = mtime; # 120| list->next = dir_time_list; Error: GCC_ANALYZER_WARNING (CWE-688): [#def2] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:146:23: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘directory’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:442:1: enter_function: entry to ‘xdg_mime_init’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:458:7: call_function: calling ‘xdg_run_command_on_dirs’ from ‘xdg_mime_init’ #argument 1 of ‘__builtin_strlen’ must be non-null # 144| assert (directory != NULL); # 145| # 146|-> file_name = malloc (strlen (directory) + strlen ("/mime/mime.cache") + 1); # 147| strcpy (file_name, directory); strcat (file_name, "/mime/mime.cache"); # 148| if (stat (file_name, &st) == 0) Error: GCC_ANALYZER_WARNING (CWE-688): [#def3] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:147:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘file_name’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:442:1: enter_function: entry to ‘xdg_mime_init’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:458:7: call_function: calling ‘xdg_run_command_on_dirs’ from ‘xdg_mime_init’ #argument 1 of ‘__builtin_strcpy’ must be non-null # 145| # 146| file_name = malloc (strlen (directory) + strlen ("/mime/mime.cache") + 1); # 147|-> strcpy (file_name, directory); strcat (file_name, "/mime/mime.cache"); # 148| if (stat (file_name, &st) == 0) # 149| { Error: GCC_ANALYZER_WARNING (CWE-688): [#def4] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:167:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘file_name’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:442:1: enter_function: entry to ‘xdg_mime_init’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:458:7: call_function: calling ‘xdg_run_command_on_dirs’ from ‘xdg_mime_init’ #argument 1 of ‘__builtin_strcpy’ must be non-null # 165| # 166| file_name = malloc (strlen (directory) + strlen ("/mime/globs2") + 1); # 167|-> strcpy (file_name, directory); strcat (file_name, "/mime/globs2"); # 168| if (stat (file_name, &st) == 0) # 169| { Error: GCC_ANALYZER_WARNING (CWE-688): [#def5] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:177:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘file_name’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:442:1: enter_function: entry to ‘xdg_mime_init’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:458:7: call_function: calling ‘xdg_run_command_on_dirs’ from ‘xdg_mime_init’ #argument 1 of ‘__builtin_strcpy’ must be non-null # 175| free (file_name); # 176| file_name = malloc (strlen (directory) + strlen ("/mime/globs") + 1); # 177|-> strcpy (file_name, directory); strcat (file_name, "/mime/globs"); # 178| if (stat (file_name, &st) == 0) # 179| { Error: GCC_ANALYZER_WARNING (CWE-688): [#def6] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:190:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘file_name’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:442:1: enter_function: entry to ‘xdg_mime_init’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:458:7: call_function: calling ‘xdg_run_command_on_dirs’ from ‘xdg_mime_init’ #argument 1 of ‘__builtin_strcpy’ must be non-null # 188| # 189| file_name = malloc (strlen (directory) + strlen ("/mime/magic") + 1); # 190|-> strcpy (file_name, directory); strcat (file_name, "/mime/magic"); # 191| if (stat (file_name, &st) == 0) # 192| { Error: GCC_ANALYZER_WARNING (CWE-688): [#def7] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:202:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘file_name’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:442:1: enter_function: entry to ‘xdg_mime_init’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:458:7: call_function: calling ‘xdg_run_command_on_dirs’ from ‘xdg_mime_init’ #argument 1 of ‘__builtin_strcpy’ must be non-null # 200| # 201| file_name = malloc (strlen (directory) + strlen ("/mime/aliases") + 1); # 202|-> strcpy (file_name, directory); strcat (file_name, "/mime/aliases"); # 203| _xdg_mime_alias_read_from_file (alias_list, file_name); # 204| free (file_name); Error: GCC_ANALYZER_WARNING (CWE-688): [#def8] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:207:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘file_name’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:442:1: enter_function: entry to ‘xdg_mime_init’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:458:7: call_function: calling ‘xdg_run_command_on_dirs’ from ‘xdg_mime_init’ #argument 1 of ‘__builtin_strcpy’ must be non-null # 205| # 206| file_name = malloc (strlen (directory) + strlen ("/mime/subclasses") + 1); # 207|-> strcpy (file_name, directory); strcat (file_name, "/mime/subclasses"); # 208| _xdg_mime_parent_read_from_file (parent_list, file_name); # 209| free (file_name); Error: GCC_ANALYZER_WARNING (CWE-688): [#def9] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:212:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘file_name’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:442:1: enter_function: entry to ‘xdg_mime_init’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:458:7: call_function: calling ‘xdg_run_command_on_dirs’ from ‘xdg_mime_init’ #argument 1 of ‘__builtin_strcpy’ must be non-null # 210| # 211| file_name = malloc (strlen (directory) + strlen ("/mime/icons") + 1); # 212|-> strcpy (file_name, directory); strcat (file_name, "/mime/icons"); # 213| _xdg_mime_icon_read_from_file (icon_list, file_name); # 214| free (file_name); Error: GCC_ANALYZER_WARNING (CWE-688): [#def10] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:217:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘file_name’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:442:1: enter_function: entry to ‘xdg_mime_init’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:458:7: call_function: calling ‘xdg_run_command_on_dirs’ from ‘xdg_mime_init’ #argument 1 of ‘__builtin_strcpy’ must be non-null # 215| # 216| file_name = malloc (strlen (directory) + strlen ("/mime/generic-icons") + 1); # 217|-> strcpy (file_name, directory); strcat (file_name, "/mime/generic-icons"); # 218| _xdg_mime_icon_read_from_file (generic_icon_list, file_name); # 219| free (file_name); Error: GCC_ANALYZER_WARNING (CWE-688): [#def11] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:250:11: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘guessed_xdg_home’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:442:1: enter_function: entry to ‘xdg_mime_init’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:458:7: call_function: calling ‘xdg_run_command_on_dirs’ from ‘xdg_mime_init’ #argument 1 of ‘__builtin_strcpy’ must be non-null # 248| # 249| guessed_xdg_home = malloc (strlen (home) + strlen ("/.local/share/") + 1); # 250|-> strcpy (guessed_xdg_home, home); # 251| strcat (guessed_xdg_home, "/.local/share/"); # 252| stop_processing = (func) (guessed_xdg_home, user_data); Error: GCC_ANALYZER_WARNING (CWE-688): [#def12] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:351:23: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘directory’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:947:1: enter_function: entry to ‘_wk_xdg_get_simple_globs’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:951:3: call_function: calling ‘xdg_mime_init’ from ‘_wk_xdg_get_simple_globs’ #argument 1 of ‘__builtin_strlen’ must be non-null # 349| # 350| /* Check the mime.cache file */ # 351|-> file_name = malloc (strlen (directory) + strlen ("/mime/mime.cache") + 1); # 352| strcpy (file_name, directory); strcat (file_name, "/mime/mime.cache"); # 353| invalid = xdg_check_file (file_name, &exists); Error: GCC_ANALYZER_WARNING (CWE-688): [#def13] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:352:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘file_name’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:947:1: enter_function: entry to ‘_wk_xdg_get_simple_globs’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:951:3: call_function: calling ‘xdg_mime_init’ from ‘_wk_xdg_get_simple_globs’ #argument 1 of ‘__builtin_strcpy’ must be non-null # 350| /* Check the mime.cache file */ # 351| file_name = malloc (strlen (directory) + strlen ("/mime/mime.cache") + 1); # 352|-> strcpy (file_name, directory); strcat (file_name, "/mime/mime.cache"); # 353| invalid = xdg_check_file (file_name, &exists); # 354| free (file_name); Error: GCC_ANALYZER_WARNING (CWE-688): [#def14] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:367:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘file_name’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:947:1: enter_function: entry to ‘_wk_xdg_get_simple_globs’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:951:3: call_function: calling ‘xdg_mime_init’ from ‘_wk_xdg_get_simple_globs’ #argument 1 of ‘__builtin_strcpy’ must be non-null # 365| /* Check the globs file */ # 366| file_name = malloc (strlen (directory) + strlen ("/mime/globs") + 1); # 367|-> strcpy (file_name, directory); strcat (file_name, "/mime/globs"); # 368| invalid = xdg_check_file (file_name, NULL); # 369| free (file_name); Error: GCC_ANALYZER_WARNING (CWE-688): [#def15] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:378:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘file_name’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:947:1: enter_function: entry to ‘_wk_xdg_get_simple_globs’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmime.c:951:3: call_function: calling ‘xdg_mime_init’ from ‘_wk_xdg_get_simple_globs’ #argument 1 of ‘__builtin_strcpy’ must be non-null # 376| /* Check the magic file */ # 377| file_name = malloc (strlen (directory) + strlen ("/mime/magic") + 1); # 378|-> strcpy (file_name, directory); strcat (file_name, "/mime/magic"); # 379| invalid = xdg_check_file (file_name, NULL); # 380| free (file_name); Error: GCC_ANALYZER_WARNING (CWE-476): [#def16] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:69:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘list’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:67:10: acquire_memory: this call could return NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:69:3: danger: ‘list’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 67| list = malloc (sizeof (XdgAliasList)); # 68| # 69|-> list->aliases = NULL; # 70| list->n_aliases = 0; # 71| Error: GCC_ANALYZER_WARNING (CWE-401): [#def17] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:150:11: warning[-Wanalyzer-malloc-leak]: leak of ‘*list.aliases’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:129:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:134:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:136:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:139:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:143:10: branch_false: following ‘false’ branch (when ‘sep’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:145:8: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:147:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:149:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:150:11: danger: ‘*list.aliases’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2) # 148| { # 149| alloc <<= 1; # 150|-> list->aliases = realloc (list->aliases, # 151| alloc * sizeof (XdgAlias)); # 152| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def18] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:157:3: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:129:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:134:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:136:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:139:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:143:10: branch_false: following ‘false’ branch (when ‘sep’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:145:8: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:147:10: branch_false: following ‘false’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:153:7: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:154:50: acquire_memory: allocated here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:136:10: branch_false: following ‘false’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:158:28: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:157:3: danger: ‘<unknown>’ leaks here; was allocated at [(11)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/10) # 155| list->n_aliases++; # 156| } # 157|-> list->aliases = realloc (list->aliases, # 158| list->n_aliases * sizeof (XdgAlias)); # 159| Error: GCC_ANALYZER_WARNING (CWE-122): [#def19] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:157:19: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:129:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:134:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:157:19: danger: write of ‘(long unsigned int)(*list.n_aliases + 16) * 16’ bytes at offset ‘0’ exceeds the buffer # 155| list->n_aliases++; # 156| } # 157|-> list->aliases = realloc (list->aliases, # 158| list->n_aliases * sizeof (XdgAlias)); # 159| Error: GCC_ANALYZER_WARNING (CWE-688): [#def20] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:163:5: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:129:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:134:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:135:3: release_memory: ‘0’ is NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:157:28: release_memory: ‘0’ is NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:162:6: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:163:5: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:163:12: release_memory: ‘0’ is NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimealias.c:163:5: danger: argument 1 (‘*list.aliases’) NULL where non-null expected # 161| # 162| if (list->n_aliases > 1) # 163|-> qsort (list->aliases, list->n_aliases, # 164| sizeof (XdgAlias), alias_entry_cmp); # 165| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def21] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1064:11: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*<unknown> + ((sizetype)(depth - i) + 18446744073709551615)’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1086:1: enter_function: entry to ‘__wk_xdg_cache_get_simple_globs’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1096:15: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1099:34: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1103:19: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1105:72: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1105:16: call_function: calling ‘get_simple_globs’ from ‘__wk_xdg_cache_get_simple_globs’ # 1062| globs[*n] = malloc ((depth + 1) * sizeof (char)); # 1063| for (i = 0; i < depth; i++) # 1064|-> globs[*n][depth - i - 1] = prefix[i]; # 1065| globs[*n][depth] = '\0'; # 1066| Error: GCC_ANALYZER_WARNING (CWE-476): [#def22] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1064:11: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*globs’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1086:1: enter_function: entry to ‘__wk_xdg_cache_get_simple_globs’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1096:15: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1099:34: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1103:19: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1105:72: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1105:16: call_function: calling ‘get_simple_globs’ from ‘__wk_xdg_cache_get_simple_globs’ # 1062| globs[*n] = malloc ((depth + 1) * sizeof (char)); # 1063| for (i = 0; i < depth; i++) # 1064|-> globs[*n][depth - i - 1] = prefix[i]; # 1065| globs[*n][depth] = '\0'; # 1066| Error: GCC_ANALYZER_WARNING (CWE-476): [#def23] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1065:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*<unknown> + (sizetype)depth’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1086:1: enter_function: entry to ‘__wk_xdg_cache_get_simple_globs’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1096:15: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1099:34: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1103:19: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1105:72: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1105:16: call_function: calling ‘get_simple_globs’ from ‘__wk_xdg_cache_get_simple_globs’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1105:16: return_function: returning to ‘__wk_xdg_cache_get_simple_globs’ from ‘get_simple_globs’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1105:14: branch_false: following ‘false’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1103:49: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1103:19: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1105:72: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1105:16: call_function: calling ‘get_simple_globs’ from ‘__wk_xdg_cache_get_simple_globs’ # 1063| for (i = 0; i < depth; i++) # 1064| globs[*n][depth - i - 1] = prefix[i]; # 1065|-> globs[*n][depth] = '\0'; # 1066| # 1067| (*n)++; Error: GCC_ANALYZER_WARNING (CWE-476): [#def24] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1065:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*globs’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1086:1: enter_function: entry to ‘__wk_xdg_cache_get_simple_globs’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1096:15: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1099:34: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1103:19: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1105:72: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimecache.c:1105:16: call_function: calling ‘get_simple_globs’ from ‘__wk_xdg_cache_get_simple_globs’ # 1063| for (i = 0; i < depth; i++) # 1064| globs[*n][depth - i - 1] = prefix[i]; # 1065|-> globs[*n][depth] = '\0'; # 1066| # 1067| (*n)++; Error: GCC_ANALYZER_WARNING (CWE-688): [#def25] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:124:11: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘data’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:609:1: enter_function: entry to ‘__wk_xdg_hash_append_glob’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:625:81: acquire_memory: this call could return NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:625:33: call_function: calling ‘_xdg_glob_list_append’ from ‘__wk_xdg_hash_append_glob’ # 122| while (tmp_element != NULL) # 123| { # 124|-> if (strcmp (tmp_element->data, data) == 0 && # 125| strcmp (tmp_element->mime_type, mime_type) == 0) # 126| return glob_list; Error: GCC_ANALYZER_WARNING (CWE-688): [#def26] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:125:11: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘mime_type’ where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:609:1: enter_function: entry to ‘__wk_xdg_hash_append_glob’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:625:96: acquire_memory: this call could return NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:625:33: call_function: calling ‘_xdg_glob_list_append’ from ‘__wk_xdg_hash_append_glob’ # 123| { # 124| if (strcmp (tmp_element->data, data) == 0 && # 125|-> strcmp (tmp_element->mime_type, mime_type) == 0) # 126| return glob_list; # 127| Error: GCC_ANALYZER_WARNING (CWE-476): [#def27] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:132:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new_element’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:609:1: enter_function: entry to ‘__wk_xdg_hash_append_glob’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:625:33: call_function: calling ‘_xdg_glob_list_append’ from ‘__wk_xdg_hash_append_glob’ # 130| # 131| new_element = _xdg_glob_list_new (); # 132|-> new_element->data = data; # 133| new_element->mime_type = mime_type; # 134| new_element->weight = weight; Error: GCC_ANALYZER_WARNING (CWE-476): [#def28] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:196:7: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘glob_hash_node’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:609:1: enter_function: entry to ‘__wk_xdg_hash_append_glob’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:628:32: call_function: calling ‘_xdg_glob_hash_insert_text’ from ‘__wk_xdg_hash_append_glob’ # 194| { # 195| node = _xdg_glob_hash_node_new (); # 196|-> node->character = character; # 197| node->next = glob_hash_node; # 198| glob_hash_node = node; Error: GCC_ANALYZER_WARNING (CWE-476): [#def29] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:219:15: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘glob_hash_node’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:609:1: enter_function: entry to ‘__wk_xdg_hash_append_glob’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:628:32: call_function: calling ‘_xdg_glob_hash_insert_text’ from ‘__wk_xdg_hash_append_glob’ # 217| { # 218| node = _xdg_glob_hash_node_new (); # 219|-> node->character = character; # 220| node->next = prev_node->next; # 221| prev_node->next = node; Error: GCC_ANALYZER_WARNING (CWE-476): [#def30] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:238:11: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘glob_hash_node’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:609:1: enter_function: entry to ‘__wk_xdg_hash_append_glob’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:628:32: call_function: calling ‘_xdg_glob_hash_insert_text’ from ‘__wk_xdg_hash_append_glob’ # 236| { # 237| node = _xdg_glob_hash_node_new (); # 238|-> node->character = character; # 239| node->next = prev_node->next; # 240| prev_node->next = node; Error: GCC_ANALYZER_WARNING (CWE-476): [#def31] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:269:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘glob_hash_node’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:609:1: enter_function: entry to ‘__wk_xdg_hash_append_glob’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:628:32: call_function: calling ‘_xdg_glob_hash_insert_text’ from ‘__wk_xdg_hash_append_glob’ # 267| child = _xdg_glob_hash_node_new (); # 268| child->character = 0; # 269|-> child->mime_type = strdup (mime_type); # 270| child->weight = weight; # 271| child->case_sensitive = case_sensitive; Error: GCC_ANALYZER_WARNING (CWE-401): [#def32] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:289:10: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:609:1: enter_function: entry to ‘__wk_xdg_hash_append_glob’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:628:32: call_function: calling ‘_xdg_glob_hash_insert_text’ from ‘__wk_xdg_hash_append_glob’ # 287| node->child = _xdg_glob_hash_insert_ucs4 (node->child, text, mime_type, weight, case_sensitive); # 288| } # 289|-> return glob_hash_node; # 290| } # 291| Error: GCC_ANALYZER_WARNING (CWE-401): [#def33] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:289:10: warning[-Wanalyzer-malloc-leak]: leak of ‘node’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:609:1: enter_function: entry to ‘__wk_xdg_hash_append_glob’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:628:32: call_function: calling ‘_xdg_glob_hash_insert_text’ from ‘__wk_xdg_hash_append_glob’ # 287| node->child = _xdg_glob_hash_insert_ucs4 (node->child, text, mime_type, weight, case_sensitive); # 288| } # 289|-> return glob_hash_node; # 290| } # 291| Error: GCC_ANALYZER_WARNING (CWE-401): [#def34] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:625:33: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(glob)’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:609:1: enter_function: entry to ‘__wk_xdg_hash_append_glob’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:625:81: acquire_memory: allocated here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:625:33: call_function: calling ‘_xdg_glob_list_append’ from ‘__wk_xdg_hash_append_glob’ # 623| { # 624| case XDG_GLOB_LITERAL: # 625|-> glob_hash->literal_list = _xdg_glob_list_append (glob_hash->literal_list, strdup (glob), strdup (mime_type), weight, case_sensitive); # 626| break; # 627| case XDG_GLOB_SIMPLE: Error: GCC_ANALYZER_WARNING (CWE-401): [#def35] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:625:33: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(mime_type)’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:609:1: enter_function: entry to ‘__wk_xdg_hash_append_glob’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:625:96: acquire_memory: allocated here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:625:33: call_function: calling ‘_xdg_glob_list_append’ from ‘__wk_xdg_hash_append_glob’ # 623| { # 624| case XDG_GLOB_LITERAL: # 625|-> glob_hash->literal_list = _xdg_glob_list_append (glob_hash->literal_list, strdup (glob), strdup (mime_type), weight, case_sensitive); # 626| break; # 627| case XDG_GLOB_SIMPLE: Error: GCC_ANALYZER_WARNING (CWE-401): [#def36] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:631:30: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(glob)’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:674:1: enter_function: entry to ‘__wk_xdg_glob_read_from_file’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:684:6: branch_false: following ‘false’ branch (when ‘glob_file’ is non-NULL)... branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:689:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:696:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:696:10: branch_false: following ‘false’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:699:20: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:704:10: branch_false: following ‘false’ branch (when ‘version_two == 0’)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:716:15: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:717:10: branch_false: following ‘false’ branch (when ‘colon’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:719:7: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:727:10: branch_false: following ‘false’ branch... branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:751:7: call_function: calling ‘__wk_xdg_hash_append_glob’ from ‘__wk_xdg_glob_read_from_file’ # 629| break; # 630| case XDG_GLOB_FULL: # 631|-> glob_hash->full_list = _xdg_glob_list_append (glob_hash->full_list, strdup (glob), strdup (mime_type), weight, case_sensitive); # 632| break; # 633| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def37] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:631:30: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(mime_type)’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:674:1: enter_function: entry to ‘__wk_xdg_glob_read_from_file’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:684:6: branch_false: following ‘false’ branch (when ‘glob_file’ is non-NULL)... branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:689:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:696:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:696:10: branch_false: following ‘false’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:699:20: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:704:10: branch_false: following ‘false’ branch (when ‘version_two == 0’)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:716:15: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:717:10: branch_false: following ‘false’ branch (when ‘colon’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:719:7: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:727:10: branch_false: following ‘false’ branch... branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeglob.c:751:7: call_function: calling ‘__wk_xdg_hash_append_glob’ from ‘__wk_xdg_glob_read_from_file’ # 629| break; # 630| case XDG_GLOB_FULL: # 631|-> glob_hash->full_list = _xdg_glob_list_append (glob_hash->full_list, strdup (glob), strdup (mime_type), weight, case_sensitive); # 632| break; # 633| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def38] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:68:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘list’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:66:10: acquire_memory: this call could return NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:68:3: danger: ‘list’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 66| list = malloc (sizeof (XdgIconList)); # 67| # 68|-> list->icons = NULL; # 69| list->n_icons = 0; # 70| Error: GCC_ANALYZER_WARNING (CWE-401): [#def39] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:149:11: warning[-Wanalyzer-malloc-leak]: leak of ‘*list.icons’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:128:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:133:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:135:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:138:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:142:10: branch_false: following ‘false’ branch (when ‘sep’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:144:8: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:146:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:148:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:149:11: danger: ‘*list.icons’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2) # 147| { # 148| alloc <<= 1; # 149|-> list->icons = realloc (list->icons, # 150| alloc * sizeof (XdgIcon)); # 151| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def40] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:156:3: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:128:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:133:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:135:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:138:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:142:10: branch_false: following ‘false’ branch (when ‘sep’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:144:8: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:146:10: branch_false: following ‘false’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:152:7: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:153:46: acquire_memory: allocated here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:135:10: branch_false: following ‘false’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:157:28: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:156:3: danger: ‘<unknown>’ leaks here; was allocated at [(11)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/10) # 154| list->n_icons++; # 155| } # 156|-> list->icons = realloc (list->icons, # 157| list->n_icons * sizeof (XdgIcon)); # 158| Error: GCC_ANALYZER_WARNING (CWE-122): [#def41] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:156:17: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:128:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:133:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:156:17: danger: write of ‘(long unsigned int)(*list.n_icons + 16) * 16’ bytes at offset ‘0’ exceeds the buffer # 154| list->n_icons++; # 155| } # 156|-> list->icons = realloc (list->icons, # 157| list->n_icons * sizeof (XdgIcon)); # 158| Error: GCC_ANALYZER_WARNING (CWE-688): [#def42] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:162:5: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:128:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:133:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:134:3: release_memory: ‘0’ is NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:156:26: release_memory: ‘0’ is NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:161:6: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:162:5: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:162:12: release_memory: ‘0’ is NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeicon.c:162:5: danger: argument 1 (‘*list.icons’) NULL where non-null expected # 160| # 161| if (list->n_icons > 1) # 162|-> qsort (list->icons, list->n_icons, # 163| sizeof (XdgIcon), icon_entry_cmp); # 164| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def43] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeint.c:169:7: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeint.c:163:9: acquire_memory: this call could return NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeint.c:167:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeint.c:169:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeint.c:169:7: danger: ‘out + (long unsigned int)i * 4’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 167| while (*p) # 168| { # 169|-> out[i++] = _xdg_utf8_to_ucs4 (p); # 170| p = _xdg_utf8_next_char (p); # 171| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def44] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeint.c:172:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeint.c:163:9: acquire_memory: this call could return NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeint.c:167:10: branch_false: following ‘false’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeint.c:172:6: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeint.c:172:3: danger: ‘out + (long unsigned int)i * 4’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 170| p = _xdg_utf8_next_char (p); # 171| } # 172|-> out[i] = 0; # 173| *len = i; # 174| Error: GCC_ANALYZER_WARNING (CWE-476): [#def45] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:107:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘matchlet’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:800:1: enter_function: entry to ‘__wk_xdg_magic_read_from_file’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:808:6: branch_false: following ‘false’ branch (when ‘magic_file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:811:7: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:811:6: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:813:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:813:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:814:9: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:814:9: call_function: calling ‘_xdg_mime_magic_read_magic_file’ from ‘__wk_xdg_magic_read_from_file’ # 105| matchlet = malloc (sizeof (XdgMimeMagicMatchlet)); # 106| # 107|-> matchlet->indent = 0; # 108| matchlet->offset = 0; # 109| matchlet->value_length = 0; Error: GCC_ANALYZER_WARNING (CWE-476): [#def46] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:261:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘match’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:800:1: enter_function: entry to ‘__wk_xdg_magic_read_from_file’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:808:6: branch_false: following ‘false’ branch (when ‘magic_file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:811:7: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:811:6: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:813:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:813:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:814:9: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:814:9: call_function: calling ‘_xdg_mime_magic_read_magic_file’ from ‘__wk_xdg_magic_read_from_file’ # 259| return XDG_MIME_MAGIC_ERROR; # 260| # 261|-> match->priority = _xdg_mime_magic_read_a_number (magic_file, &end_of_file); # 262| if (end_of_file) # 263| return XDG_MIME_MAGIC_EOF; Error: GCC_ANALYZER_WARNING (CWE-476): [#def47] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:779:47: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘match’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:800:1: enter_function: entry to ‘__wk_xdg_magic_read_from_file’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:808:6: branch_false: following ‘false’ branch (when ‘magic_file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:811:7: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:811:6: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:813:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:813:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:814:9: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:814:9: call_function: calling ‘_xdg_mime_magic_read_magic_file’ from ‘__wk_xdg_magic_read_from_file’ # 777| state = _xdg_mime_magic_parse_magic_line (magic_file, match); # 778| if (state == XDG_MIME_MAGIC_SECTION || # 779|-> (state == XDG_MIME_MAGIC_EOF && match->mime_type)) # 780| { # 781| match->matchlet = _xdg_mime_magic_matchlet_mirror (match->matchlet); Error: GCC_ANALYZER_WARNING (CWE-476): [#def48] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:781:33: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘match’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:800:1: enter_function: entry to ‘__wk_xdg_magic_read_from_file’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:808:6: branch_false: following ‘false’ branch (when ‘magic_file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:811:7: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:811:6: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:813:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:813:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:814:9: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimemagic.c:814:9: call_function: calling ‘_xdg_mime_magic_read_magic_file’ from ‘__wk_xdg_magic_read_from_file’ # 779| (state == XDG_MIME_MAGIC_EOF && match->mime_type)) # 780| { # 781|-> match->matchlet = _xdg_mime_magic_matchlet_mirror (match->matchlet); # 782| _xdg_mime_magic_insert_match (mime_magic, match); # 783| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def49] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:70:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘list’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:68:10: acquire_memory: this call could return NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:70:3: danger: ‘list’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 68| list = malloc (sizeof (XdgParentList)); # 69| # 70|-> list->parents = NULL; # 71| list->n_mimes = 0; # 72| Error: GCC_ANALYZER_WARNING (CWE-476): [#def50] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:156:23: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:135:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:140:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:142:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:145:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:149:10: branch_false: following ‘false’ branch (when ‘sep’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:151:8: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:154:19: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:156:23: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:156:36: release_memory: ‘0’ is NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:156:23: danger: dereference of NULL ‘*list.parents + (long unsigned int)i * 24’ # 154| for (i = 0; i < list->n_mimes; i++) # 155| { # 156|-> if (strcmp (list->parents[i].mime, line) == 0) # 157| { # 158| entry = &(list->parents[i]); Error: GCC_ANALYZER_WARNING (CWE-401): [#def51] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:168:15: warning[-Wanalyzer-malloc-leak]: leak of ‘*list.parents’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:135:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:140:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:142:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:145:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:149:10: branch_false: following ‘false’ branch (when ‘sep’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:151:8: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:163:10: branch_true: following ‘true’ branch (when ‘entry’ is NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:165:14: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:165:14: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:167:15: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:168:15: danger: ‘*list.parents’ leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2) # 166| { # 167| alloc <<= 1; # 168|-> list->parents = realloc (list->parents, # 169| alloc * sizeof (XdgMimeParents)); # 170| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def52] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:188:7: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*entry.parents + ((long unsigned int)*entry.n_parents + 18446744073709551615) * 8’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:135:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:140:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:142:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:145:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:149:10: branch_false: following ‘false’ branch (when ‘sep’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:151:8: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:154:19: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:156:23: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:156:14: branch_true: following ‘true’ branch (when the strings are equal)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:163:10: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:163:10: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:177:12: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:177:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:179:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:180:28: acquire_memory: this call could return NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:188:7: danger: ‘*entry.parents + ((long unsigned int)*entry.n_parents + 18446744073709551615) * 8’ could be NULL: unchecked value from [(17)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/16) # 186| (entry->n_parents + 2) * sizeof (char *)); # 187| } # 188|-> entry->parents[entry->n_parents - 1] = strdup (sep); # 189| entry->parents[entry->n_parents] = NULL; # 190| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def53] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:192:3: warning[-Wanalyzer-malloc-leak]: leak of ‘*list.parents’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:135:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:140:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:192:3: danger: ‘*list.parents’ leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2) # 190| } # 191| # 192|-> list->parents = realloc (list->parents, # 193| list->n_mimes * sizeof (XdgMimeParents)); # 194| Error: GCC_ANALYZER_WARNING (CWE-401): [#def54] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:192:3: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:135:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:140:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:142:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:145:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:149:10: branch_false: following ‘false’ branch (when ‘sep’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:151:8: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:154:19: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:156:23: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:156:14: branch_true: following ‘true’ branch (when the strings are equal)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:163:10: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:163:10: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:177:12: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:177:10: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:179:11: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:188:46: acquire_memory: allocated here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:192:3: danger: ‘<unknown>’ leaks here; was allocated at [(17)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/16) # 190| } # 191| # 192|-> list->parents = realloc (list->parents, # 193| list->n_mimes * sizeof (XdgMimeParents)); # 194| Error: GCC_ANALYZER_WARNING (CWE-122): [#def55] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:192:19: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:135:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:140:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:192:19: danger: write of ‘(long unsigned int)(*list.n_mimes + 16) * 24’ bytes at offset ‘0’ exceeds the buffer # 190| } # 191| # 192|-> list->parents = realloc (list->parents, # 193| list->n_mimes * sizeof (XdgMimeParents)); # 194| Error: GCC_ANALYZER_WARNING (CWE-688): [#def56] webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:198:5: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:135:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:140:11: branch_false: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:141:3: release_memory: ‘0’ is NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:192:28: release_memory: ‘0’ is NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:197:6: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:198:5: branch_true: ...to here webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:198:12: release_memory: ‘0’ is NULL webkitgtk-2.49.1/Source/ThirdParty/xdgmime/src/xdgmimeparent.c:198:5: danger: argument 1 (‘*list.parents’) NULL where non-null expected # 196| # 197| if (list->n_mimes > 1) # 198|-> qsort (list->parents, list->n_mimes, # 199| sizeof (XdgMimeParents), &parent_entry_cmp); # 200| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def57] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_bitfit_allocator.c:61:5: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘directory’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_bitfit_allocator.c:51:6: enter_function: entry to ‘pas_bitfit_allocator_commit_view’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_bitfit_allocator.c:60:17: call_function: calling ‘pas_compact_bitfit_directory_ptr_load’ from ‘pas_bitfit_allocator_commit_view’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_bitfit_allocator.c:60:17: return_function: return of NULL to ‘pas_bitfit_allocator_commit_view’ from ‘pas_compact_bitfit_directory_ptr_load’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_bitfit_allocator.c:61:5: danger: dereference of NULL ‘directory’ # 59| # 60| directory = pas_compact_bitfit_directory_ptr_load(&view->directory); # 61|-> heap = directory->heap; # 62| # 63| /* We're almost certainly gonna commit a page, so let's just get this out of the way. We need to Error: GCC_ANALYZER_WARNING (CWE-476): [#def58] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_bitfit_directory.h:60:1: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_bitfit_heap.c:200:6: enter_function: entry to ‘pas_bitfit_heap_for_each_live_object’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_bitfit_heap.c:212:10: branch_true: following ‘true’ branch (when ‘variant != 3’)... webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_bitfit_heap.c:216:21: call_function: inlined call to ‘pas_bitfit_heap_get_directory’ from ‘pas_bitfit_heap_for_each_live_object’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_bitfit_heap.c:218:25: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_bitfit_heap.c:221:20: branch_true: ...to here webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_bitfit_heap.c:221:20: call_function: calling ‘pas_bitfit_directory_get_view’ from ‘pas_bitfit_heap_for_each_live_object’ # 58| 128); # 59| # 60|-> PAS_DECLARE_SEGMENTED_VECTOR(pas_bitfit_directory_view_vector, # 61| pas_compact_atomic_bitfit_view_ptr, # 62| 8); Error: GCC_ANALYZER_WARNING (CWE-476): [#def59] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_bitfit_page_inlines.h:219:21: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/jit_heap_config.c:375:1: enter_function: entry to ‘jit_heap_config_specialized_local_allocator_try_allocate_slow’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/jit_heap_config.c:375:1: call_function: inlined call to ‘pas_local_allocator_try_allocate_slow’ from ‘jit_heap_config_specialized_local_allocator_try_allocate_slow’ branch_true: ...to here webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/jit_heap_config.c:375:1: call_function: inlined call to ‘pas_local_allocator_try_allocate_slow’ from ‘jit_heap_config_specialized_local_allocator_try_allocate_slow’ # 217| PAS_ASSERT(page_config.base.is_enabled); # 218| # 219|-> num_live_bits = page->num_live_bits; # 220| if (!num_live_bits) # 221| pas_bitfit_view_note_nonemptiness(view); Error: GCC_ANALYZER_WARNING (CWE-476): [#def60] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_deallocate.h:112:17: warning[-Wanalyzer-jump-through-null]: jump through null pointer webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: enter_function: entry to ‘pas_utility_heap_config_specialized_try_deallocate_not_small_exclusive_segregated’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: call_function: inlined call to ‘pas_try_deallocate_not_small_exclusive_segregated’ from ‘pas_utility_heap_config_specialized_try_deallocate_not_small_exclusive_segregated’ # 110| pas_msl_free_logging((void*)begin); # 111| # 112|-> page_base = config.page_header_func(begin); # 113| if (page_base) { # 114| switch (pas_page_base_get_kind(page_base)) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def61] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_deallocate.h:127:13: warning[-Wanalyzer-jump-through-null]: jump through null pointer webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: enter_function: entry to ‘pas_utility_heap_config_specialized_try_deallocate_not_small_exclusive_segregated’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: call_function: inlined call to ‘pas_try_deallocate_not_small_exclusive_segregated’ from ‘pas_utility_heap_config_specialized_try_deallocate_not_small_exclusive_segregated’ # 125| case pas_small_bitfit_page_kind: # 126| PAS_ASSERT(!config.small_bitfit_is_in_megapage); # 127|-> config.small_bitfit_config.specialized_page_deallocate_with_page( # 128| pas_page_base_get_bitfit(page_base), # 129| begin); Error: GCC_ANALYZER_WARNING (CWE-476): [#def62] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_deallocate.h:140:13: warning[-Wanalyzer-jump-through-null]: jump through null pointer webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: enter_function: entry to ‘pas_utility_heap_config_specialized_try_deallocate_not_small_exclusive_segregated’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: call_function: inlined call to ‘pas_try_deallocate_not_small_exclusive_segregated’ from ‘pas_utility_heap_config_specialized_try_deallocate_not_small_exclusive_segregated’ # 138| return true; # 139| case pas_medium_bitfit_page_kind: # 140|-> config.medium_bitfit_config.specialized_page_deallocate_with_page( # 141| pas_page_base_get_bitfit(page_base), # 142| begin); Error: GCC_ANALYZER_WARNING (CWE-476): [#def63] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_deallocate.h:145:13: warning[-Wanalyzer-jump-through-null]: jump through null pointer webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: enter_function: entry to ‘pas_utility_heap_config_specialized_try_deallocate_not_small_exclusive_segregated’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: call_function: inlined call to ‘pas_try_deallocate_not_small_exclusive_segregated’ from ‘pas_utility_heap_config_specialized_try_deallocate_not_small_exclusive_segregated’ # 143| return true; # 144| case pas_marge_bitfit_page_kind: # 145|-> config.marge_bitfit_config.specialized_page_deallocate_with_page( # 146| pas_page_base_get_bitfit(page_base), # 147| begin); Error: GCC_ANALYZER_WARNING (CWE-457): [#def64] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_heap_inlines.h:76:12: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘cached_index’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: enter_function: entry to ‘pas_utility_heap_config_specialized_try_allocate_common_impl_slow’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: call_function: inlined call to ‘pas_try_allocate_common_impl_slow’ from ‘pas_utility_heap_config_specialized_try_allocate_common_impl_slow’ # 74| #endif /* PAS_ENABLE_TESTING */ # 75| # 76|-> return pas_heap_ensure_size_directory_for_size_slow( # 77| heap, size, alignment, force_size_lookup, config.config_ptr, cached_index); # 78| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def65] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_local_allocator_inlines.h:969:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/jit_heap_config.c:375:1: enter_function: entry to ‘jit_heap_config_specialized_local_allocator_try_allocate_small_segregated_slow’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/jit_heap_config.c:375:1: call_function: inlined call to ‘pas_local_allocator_try_allocate_small_segregated_slow’ from ‘jit_heap_config_specialized_local_allocator_try_allocate_small_segregated_slow’ branch_true: ...to here webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/jit_heap_config.c:375:1: call_function: inlined call to ‘pas_local_allocator_try_allocate_small_segregated_slow’ from ‘jit_heap_config_specialized_local_allocator_try_allocate_small_segregated_slow’ # 967| old_page = pas_segregated_page_for_boundary( # 968| (void*)pas_local_allocator_page_boundary(allocator, page_config), page_config); # 969|-> old_view = old_page->owner; # 970| if (!pas_segregated_view_is_some_exclusive(old_view)) { # 971| PAS_ASSERT(!pas_segregated_page_config_is_utility(page_config)); Error: GCC_ANALYZER_WARNING (CWE-476): [#def66] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_page_sharing_pool.c:120:13: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘word_ptr’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_page_sharing_pool.c:923:6: enter_function: entry to ‘pas_page_sharing_pool_verify’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_page_sharing_pool.c:927:5: call_function: calling ‘verify_first_delta’ from ‘pas_page_sharing_pool_verify’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_page_sharing_pool.c:927:5: return_function: returning to ‘pas_page_sharing_pool_verify’ from ‘verify_first_delta’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_page_sharing_pool.c:928:5: call_function: calling ‘verify_participants’ from ‘pas_page_sharing_pool_verify’ # 118| word_ptr = pas_page_sharing_pool_segmented_delta_bitvector_get_ptr( # 119| &pool->delta, PAS_BITVECTOR_WORD_INDEX(index)); # 120|-> PAS_ASSERT(pas_bitvector_get_from_word(*word_ptr, index)); # 121| } else { # 122| uint64_t epoch; Error: GCC_ANALYZER_WARNING (CWE-476): [#def67] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_page_sharing_pool.h:51:1: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_page_sharing_pool.c:923:6: enter_function: entry to ‘pas_page_sharing_pool_verify’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_page_sharing_pool.c:927:5: call_function: calling ‘verify_first_delta’ from ‘pas_page_sharing_pool_verify’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_page_sharing_pool.c:927:5: return_function: returning to ‘pas_page_sharing_pool_verify’ from ‘verify_first_delta’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_page_sharing_pool.c:928:5: call_function: calling ‘verify_participants’ from ‘pas_page_sharing_pool_verify’ # 49| typedef struct pas_page_sharing_pool pas_page_sharing_pool; # 50| # 51|-> PAS_DECLARE_SEGMENTED_VECTOR(pas_page_sharing_pool_segmented_delta_bitvector, # 52| unsigned, # 53| 4); Error: GCC_ANALYZER_WARNING (CWE-476): [#def68] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_red_black_tree.h:54:1: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘y’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_red_black_tree.c:311:1: enter_function: entry to ‘pas_red_black_tree_remove’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_red_black_tree.c:324:5: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_red_black_tree.c:325:5: call_function: inlined call to ‘pas_red_black_tree_node_get_parent’ from ‘pas_red_black_tree_remove’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_red_black_tree.c:328:10: call_function: inlined call to ‘pas_red_black_tree_node_get_left’ from ‘pas_red_black_tree_remove’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_red_black_tree.c:328:8: branch_false: following ‘false’ branch... webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_red_black_tree.c:328:50: call_function: inlined call to ‘pas_red_black_tree_node_get_right’ from ‘pas_red_black_tree_remove’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_red_black_tree.c:328:9: branch_false: following ‘false’ branch... webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_red_black_tree.c:331:13: branch_false: ...to here webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_red_black_tree.c:331:13: call_function: calling ‘pas_red_black_tree_node_successor’ from ‘pas_red_black_tree_remove’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_red_black_tree.c:331:13: return_function: return of NULL to ‘pas_red_black_tree_remove’ from ‘pas_red_black_tree_node_successor’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_red_black_tree.c:333:14: call_function: inlined call to ‘pas_red_black_tree_node_get_left’ from ‘pas_red_black_tree_remove’ # 52| typedef struct pas_red_black_tree_node pas_red_black_tree_node; # 53| # 54|-> PAS_DEFINE_COMPACT_ATOMIC_PTR(pas_red_black_tree_node, pas_red_black_tree_node_ptr); # 55| PAS_DEFINE_COMPACT_TAGGED_ATOMIC_PTR(uintptr_t, pas_red_black_tree_node_tagged_ptr); # 56| Error: GCC_ANALYZER_WARNING (CWE-476): [#def69] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_directory.h:109:1: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_page_sharing_participant.c:56:1: enter_function: entry to ‘pas_page_sharing_participant_get_payload’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_page_sharing_participant.c:70:18: call_function: inlined call to ‘pas_segregated_directory_data_ptr_load’ from ‘pas_page_sharing_participant_get_payload’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_page_sharing_participant.c:70:18: call_function: inlined call to ‘pas_segregated_directory_data_try_get_sharing_payload’ from ‘pas_page_sharing_participant_get_payload’ release_memory: ‘0’ is NULL webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_page_sharing_participant.c:70:18: call_function: inlined call to ‘pas_segregated_directory_data_try_get_sharing_payload’ from ‘pas_page_sharing_participant_get_payload’ # 107| PAS_DEFINE_COMPACT_ATOMIC_PTR(pas_segregated_directory_data, pas_segregated_directory_data_ptr); # 108| # 109|-> PAS_DEFINE_COMPACT_TAGGED_ATOMIC_PTR(uintptr_t, pas_segregated_directory_sharing_payload_ptr); # 110| # 111| struct pas_segregated_directory { Error: GCC_ANALYZER_WARNING (CWE-457): [#def70] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_heap_inlines.h:70:12: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘cached_index’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: enter_function: entry to ‘pas_utility_heap_config_specialized_try_allocate_common_impl_slow’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: call_function: inlined call to ‘pas_try_allocate_common_impl_slow’ from ‘pas_utility_heap_config_specialized_try_allocate_common_impl_slow’ # 68| # 69| slow: # 70|-> return pas_segregated_heap_size_directory_for_index_slow(heap, index, cached_index, config); # 71| } # 72| Error: GCC_ANALYZER_WARNING (CWE-476): [#def71] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_page_inlines.h:214:5: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_thread_local_cache.c:1204:23: enter_function: entry to ‘pas_thread_local_cache_append_deallocation_slow’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_thread_local_cache.c:1212:5: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_thread_local_cache.c:1213:42: branch_true: ...to here webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_thread_local_cache.c:1216:5: call_function: calling ‘pas_thread_local_cache_flush_deallocation_log’ from ‘pas_thread_local_cache_append_deallocation_slow’ # 212| # 213| held_lock_value = *held_lock; # 214|-> page_lock = page->lock_ptr; # 215| # 216| PAS_TESTING_ASSERT(page_lock); Error: GCC_ANALYZER_WARNING (CWE-476): [#def72] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_page_inlines.h:440:18: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_deallocate.c:121:6: enter_function: entry to ‘pas_try_deallocate_slow_no_cache’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_deallocate.c:131:8: branch_false: following ‘false’ branch... webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_deallocate.c:143:9: call_function: inlined call to ‘pas_thread_local_cache_can_set’ from ‘pas_try_deallocate_slow_no_cache’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_deallocate.c:152:8: branch_false: following ‘false’ branch... webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_deallocate.c:155:13: branch_false: ...to here webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_deallocate.c:183:12: branch_true: following ‘true’ branch (when ‘page_base’ is non-NULL)... webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_deallocate.c:184:21: call_function: inlined call to ‘pas_page_base_get_kind’ from ‘pas_try_deallocate_slow_no_cache’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_deallocate.c:202:17: call_function: calling ‘deallocate_segregated’ from ‘pas_try_deallocate_slow_no_cache’ # 438| pas_log("Notifying partial eligibility on view %p.\n", partial_view); # 439| # 440|-> if (!partial_view->eligibility_has_been_noted) # 441| pas_segregated_partial_view_note_eligibility(partial_view, page); # 442| break; Error: GCC_ANALYZER_WARNING (CWE-476): [#def73] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_shared_handle.c:80:5: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘shared_view’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_shared_handle.c:65:6: enter_function: entry to ‘pas_segregated_shared_handle_destroy’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_shared_handle.c:78:19: call_function: calling ‘pas_compact_segregated_shared_view_ptr_load’ from ‘pas_segregated_shared_handle_destroy’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_shared_handle.c:78:19: return_function: return of NULL to ‘pas_segregated_shared_handle_destroy’ from ‘pas_compact_segregated_shared_view_ptr_load’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_shared_handle.c:80:5: danger: dereference of NULL ‘shared_view’ # 78| shared_view = pas_compact_segregated_shared_view_ptr_load(&handle->shared_view); # 79| # 80|-> PAS_ASSERT(pas_unwrap_shared_handle(shared_view->shared_handle_or_page_boundary, # 81| page_config) == handle); # 82| Error: GCC_ANALYZER_WARNING (CWE-476): [#def74] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_shared_handle.c:111:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘shared_view’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_shared_handle.c:91:6: enter_function: entry to ‘pas_segregated_shared_handle_note_emptiness’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_shared_handle.c:98:19: call_function: calling ‘pas_compact_segregated_shared_view_ptr_load’ from ‘pas_segregated_shared_handle_note_emptiness’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_shared_handle.c:98:19: return_function: return of NULL to ‘pas_segregated_shared_handle_note_emptiness’ from ‘pas_compact_segregated_shared_view_ptr_load’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_shared_handle.c:111:9: danger: dereference of NULL ‘shared_view’ # 109| Also, this will at worst happen once per granule. So this loop is likely not a # 110| terrible thing. */ # 111|-> if (shared_view->is_in_use_for_allocation_count) { # 112| if (verbose) # 113| pas_log("Not setting shared %p as empty because it's in use.\n", shared_view); Error: GCC_ANALYZER_WARNING (CWE-476): [#def75] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_size_directory.c:972:21: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_size_directory.c:957:18: enter_function: entry to ‘pas_segregated_size_directory_compute_summary_for_unowned_exclusive’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_size_directory.c:965:5: branch_true: following ‘true’ branch... webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_size_directory.c:967:12: call_function: inlined call to ‘pas_segregated_size_directory_data_ptr_load’ from ‘pas_segregated_size_directory_compute_summary_for_unowned_exclusive’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_size_directory.c:968:20: branch_true: ...to here release_memory: ‘0’ is NULL webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_size_directory.c:972:21: danger: dereference of NULL ‘(pas_segregated_size_directory_data *)<unknown>’ # 970| result = pas_heap_summary_create_empty(); # 971| # 972|-> payload_size = (data->offset_from_page_boundary_to_end_of_last_object - # 973| data->offset_from_page_boundary_to_first_object); # 974| Error: GCC_ANALYZER_WARNING (CWE-457): [#def76] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_segregated_size_directory_inlines.h:62:16: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘cached_index’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: enter_function: entry to ‘pas_utility_heap_config_specialized_try_allocate_common_impl_slow’ webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: call_function: inlined call to ‘pas_try_allocate_common_impl_slow’ from ‘pas_utility_heap_config_specialized_try_allocate_common_impl_slow’ # 60| if (pas_segregated_size_directory_has_tlc_allocator(directory) # 61| && (pas_thread_local_cache_try_get() || pas_thread_local_cache_can_set())) { # 62|-> return pas_segregated_size_directory_get_allocator_from_tlc( # 63| directory, size, size_lookup_mode, config, cached_index); # 64| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def77] webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_try_allocate_common.h:167:17: warning[-Wanalyzer-jump-through-null]: jump through null pointer webkitgtk-2.49.1/Source/bmalloc/libpas/src/libpas/pas_utility_heap_config.c:43:1: call_function: inlined call to ‘pas_try_allocate_common_impl_slow’ from ‘pas_utility_heap_config_specialized_try_allocate_common_impl_slow’ # 165| # 166| type = heap_ref->type; # 167|-> alignment = PAS_MAX(alignment, config.get_type_alignment(type)); # 168| # 169| if (PAS_UNLIKELY(pas_debug_heap_is_enabled(config.kind))) { Error: COMPILER_WARNING: [#def78] [important] webkitgtk-2.49.1/redhat-linux-build/webkit2gtk-4.1/CMakeFiles/CMakeScratch/TryCompile-2agr9n/CheckSymbolExists.c:8:19: error[error]: ‘timingsafe_bcmp’ undeclared (first use in this function) Error: COMPILER_WARNING: [#def79] [important] webkitgtk-2.49.1/redhat-linux-build/webkit2gtk-4.1/CMakeFiles/CMakeScratch/TryCompile-Ed0Hxo/CheckSymbolExists.c:8:19: error[error]: ‘MAP_ALIGNED’ undeclared (first use in this function) Error: COMPILER_WARNING: [#def80] [important] webkitgtk-2.49.1/redhat-linux-build/webkit2gtk-4.1/CMakeFiles/CMakeScratch/TryCompile-JGAJkZ/src.c:6:34: error[error]: ‘struct stat’ has no member named ‘st_birthtime’ Error: COMPILER_WARNING: [#def81] [important] webkitgtk-2.49.1/redhat-linux-build/webkit2gtk-4.1/CMakeFiles/CMakeScratch/TryCompile-JriwGI/CheckSymbolExists.c:8:19: error[error]: ‘_aligned_malloc’ undeclared (first use in this function) Error: COMPILER_WARNING: [#def82] webkitgtk-2.49.1/redhat-linux-build/webkit2gtk-4.1/CMakeFiles/CMakeScratch/TryCompile-LCIOaq/CheckSymbolExists.c:2:10: warning[fatal error]: pthread_np.h: No such file or directory Error: COMPILER_WARNING: [#def83] [important] webkitgtk-2.49.1/redhat-linux-build/webkit2gtk-4.1/CMakeFiles/CMakeScratch/TryCompile-b0jGfL/CheckSymbolExists.c:8:19: error[error]: ‘SHM_ANON’ undeclared (first use in this function) Error: COMPILER_WARNING: [#def84] webkitgtk-2.49.1/redhat-linux-build/webkit2gtk-4.1/CMakeFiles/CMakeScratch/TryCompile-f1nJZg/CheckIncludeFile.c:1:10: warning[fatal error]: pthread_np.h: No such file or directory Error: COMPILER_WARNING: [#def85] [important] webkitgtk-2.49.1/redhat-linux-build/webkitgtk-6.0/CMakeFiles/CMakeScratch/TryCompile-6oI3BN/CheckSymbolExists.c:8:19: error[error]: ‘_aligned_malloc’ undeclared (first use in this function) Error: COMPILER_WARNING: [#def86] [important] webkitgtk-2.49.1/redhat-linux-build/webkitgtk-6.0/CMakeFiles/CMakeScratch/TryCompile-AGz2WJ/src.c:6:34: error[error]: ‘struct stat’ has no member named ‘st_birthtime’ Error: COMPILER_WARNING: [#def87] webkitgtk-2.49.1/redhat-linux-build/webkitgtk-6.0/CMakeFiles/CMakeScratch/TryCompile-IaPMZV/CheckSymbolExists.c:2:10: warning[fatal error]: pthread_np.h: No such file or directory Error: COMPILER_WARNING: [#def88] [important] webkitgtk-2.49.1/redhat-linux-build/webkitgtk-6.0/CMakeFiles/CMakeScratch/TryCompile-KYh1UI/CheckSymbolExists.c:8:19: error[error]: ‘SHM_ANON’ undeclared (first use in this function) Error: COMPILER_WARNING: [#def89] [important] webkitgtk-2.49.1/redhat-linux-build/webkitgtk-6.0/CMakeFiles/CMakeScratch/TryCompile-Q7AcGz/CheckSymbolExists.c:8:19: error[error]: ‘MAP_ALIGNED’ undeclared (first use in this function) Error: COMPILER_WARNING: [#def90] webkitgtk-2.49.1/redhat-linux-build/webkitgtk-6.0/CMakeFiles/CMakeScratch/TryCompile-VnDsJT/CheckIncludeFile.c:1:10: warning[fatal error]: pthread_np.h: No such file or directory Error: COMPILER_WARNING: [#def91] [important] webkitgtk-2.49.1/redhat-linux-build/webkitgtk-6.0/CMakeFiles/CMakeScratch/TryCompile-uhkmgc/CheckSymbolExists.c:8:19: error[error]: ‘timingsafe_bcmp’ undeclared (first use in this function)
| analyzer-version-clippy | 1.86.0 |
| analyzer-version-cppcheck | 2.17.1 |
| analyzer-version-gcc | 15.0.1 |
| analyzer-version-gcc-analyzer | 15.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.86.0 |
| diffbase-analyzer-version-cppcheck | 2.17.1 |
| diffbase-analyzer-version-gcc | 15.0.1 |
| diffbase-analyzer-version-gcc-analyzer | 15.0.1 |
| diffbase-analyzer-version-shellcheck | 0.10.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-167.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | webkitgtk-2.48.0-1.fc42 |
| diffbase-store-results-to | /tmp/tmpfb8z5sk2/webkitgtk-2.48.0-1.fc42.tar.xz |
| diffbase-time-created | 2025-04-25 15:56:18 |
| diffbase-time-finished | 2025-04-25 21:14:02 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpfb8z5sk2/webkitgtk-2.48.0-1.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpfb8z5sk2/webkitgtk-2.48.0-1.fc42.src.rpm' |
| diffbase-tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-167.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | webkitgtk-2.49.1-1.fc43 |
| store-results-to | /tmp/tmps6d8ztt0/webkitgtk-2.49.1-1.fc43.tar.xz |
| time-created | 2025-04-25 21:14:54 |
| time-finished | 2025-04-26 02:10:39 |
| title | Newly introduced findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmps6d8ztt0/webkitgtk-2.49.1-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmps6d8ztt0/webkitgtk-2.49.1-1.fc43.src.rpm' |
| tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |