Error: GCC_ANALYZER_WARNING (CWE-476): [#def1] xwayland-24.1.8/Xext/shm.c:214:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘screen_priv’ xwayland-24.1.8/Xext/shm.c:241:1: enter_function: entry to ‘ShmRegisterFuncs’ xwayland-24.1.8/Xext/shm.c:245:5: call_function: calling ‘ShmInitScreenPriv’ from ‘ShmRegisterFuncs’ # 212| if (!screen_priv) { # 213| screen_priv = calloc(1, sizeof(ShmScrPrivateRec)); # 214|-> screen_priv->CloseScreen = pScreen->CloseScreen; # 215| dixSetPrivate(&pScreen->devPrivates, shmScrPrivateKey, screen_priv); # 216| pScreen->CloseScreen = ShmCloseScreen; Error: GCC_ANALYZER_WARNING (CWE-476): [#def2] xwayland-24.1.8/Xext/sync.c:2664:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xwayland-24.1.8/Xext/sync.c:2656:1: enter_function: entry to ‘IdleTimeQueryValue’ xwayland-24.1.8/Xext/sync.c:2661:8: branch_true: following ‘true’ branch (when ‘pCounter’ is non-NULL)... xwayland-24.1.8/Xext/sync.c:2663:33: branch_true: ...to here xwayland-24.1.8/Xext/sync.c:2663:33: call_function: calling ‘SysCounterGetPrivate’ from ‘IdleTimeQueryValue’ xwayland-24.1.8/Xext/sync.c:2663:33: return_function: returning to ‘IdleTimeQueryValue’ from ‘SysCounterGetPrivate’ xwayland-24.1.8/Xext/sync.c:2664:9: danger: dereference of NULL ‘SysCounterGetPrivate(pCounter)’ # 2662| SyncCounter *counter = pCounter; # 2663| IdleCounterPriv *priv = SysCounterGetPrivate(counter); # 2664|-> deviceid = priv->deviceid; # 2665| } # 2666| else Error: GCC_ANALYZER_WARNING (CWE-476): [#def3] xwayland-24.1.8/Xext/sync.c:2677:14: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xwayland-24.1.8/Xext/sync.c:2673:1: enter_function: entry to ‘IdleTimeBlockHandler’ xwayland-24.1.8/Xext/sync.c:2676:29: call_function: calling ‘SysCounterGetPrivate’ from ‘IdleTimeBlockHandler’ xwayland-24.1.8/Xext/sync.c:2676:29: return_function: returning to ‘IdleTimeBlockHandler’ from ‘SysCounterGetPrivate’ xwayland-24.1.8/Xext/sync.c:2677:14: danger: dereference of NULL ‘SysCounterGetPrivate(pCounter)’ # 2675| SyncCounter *counter = pCounter; # 2676| IdleCounterPriv *priv = SysCounterGetPrivate(counter); # 2677|-> int64_t *less = priv->value_less; # 2678| int64_t *greater = priv->value_greater; # 2679| int64_t idle, old_idle; Error: GCC_ANALYZER_WARNING (CWE-476): [#def4] xwayland-24.1.8/Xext/sync.c:2767:14: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xwayland-24.1.8/Xext/sync.c:2763:1: enter_function: entry to ‘IdleTimeWakeupHandler’ xwayland-24.1.8/Xext/sync.c:2766:29: call_function: calling ‘SysCounterGetPrivate’ from ‘IdleTimeWakeupHandler’ xwayland-24.1.8/Xext/sync.c:2766:29: return_function: returning to ‘IdleTimeWakeupHandler’ from ‘SysCounterGetPrivate’ xwayland-24.1.8/Xext/sync.c:2767:14: danger: dereference of NULL ‘SysCounterGetPrivate(pCounter)’ # 2765| SyncCounter *counter = pCounter; # 2766| IdleCounterPriv *priv = SysCounterGetPrivate(counter); # 2767|-> int64_t *less = priv->value_less; # 2768| int64_t *greater = priv->value_greater; # 2769| int64_t idle; Error: GCC_ANALYZER_WARNING (CWE-476): [#def5] xwayland-24.1.8/Xext/sync.c:2800:14: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xwayland-24.1.8/Xext/sync.c:2795:1: enter_function: entry to ‘IdleTimeBracketValues’ xwayland-24.1.8/Xext/sync.c:2799:29: call_function: calling ‘SysCounterGetPrivate’ from ‘IdleTimeBracketValues’ xwayland-24.1.8/Xext/sync.c:2799:29: return_function: returning to ‘IdleTimeBracketValues’ from ‘SysCounterGetPrivate’ xwayland-24.1.8/Xext/sync.c:2800:14: danger: dereference of NULL ‘SysCounterGetPrivate(pCounter)’ # 2798| SyncCounter *counter = pCounter; # 2799| IdleCounterPriv *priv = SysCounterGetPrivate(counter); # 2800|-> int64_t *less = priv->value_less; # 2801| int64_t *greater = priv->value_greater; # 2802| Bool registered = (less || greater); Error: GCC_ANALYZER_WARNING (CWE-476): [#def6] xwayland-24.1.8/Xext/sync.c:2837:28: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘priv’ xwayland-24.1.8/Xext/sync.c:2821:1: enter_function: entry to ‘init_system_idle_counter’ xwayland-24.1.8/Xext/sync.c:2827:5: call_function: calling ‘IdleTimeQueryValue’ from ‘init_system_idle_counter’ xwayland-24.1.8/Xext/sync.c:2827:5: return_function: returning to ‘init_system_idle_counter’ from ‘IdleTimeQueryValue’ xwayland-24.1.8/Xext/sync.c:2829:25: call_function: calling ‘SyncCreateSystemCounter’ from ‘init_system_idle_counter’ xwayland-24.1.8/Xext/sync.c:2829:25: return_function: returning to ‘init_system_idle_counter’ from ‘SyncCreateSystemCounter’ xwayland-24.1.8/Xext/sync.c:2834:8: branch_true: following ‘true’ branch... xwayland-24.1.8/Xext/sync.c:2835:33: branch_true: ...to here xwayland-24.1.8/Xext/sync.c:2835:33: acquire_memory: this call could return NULL xwayland-24.1.8/Xext/sync.c:2837:28: danger: ‘priv’ could be NULL: unchecked value from [(30)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/29) # 2835| IdleCounterPriv *priv = malloc(sizeof(IdleCounterPriv)); # 2836| # 2837|-> priv->value_less = priv->value_greater = NULL; # 2838| priv->deviceid = deviceid; # 2839| Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] xwayland-24.1.8/Xext/sync.c:2843:12: warning[-Wanalyzer-malloc-leak]: leak of ‘priv’ xwayland-24.1.8/Xext/sync.c:2821:1: enter_function: entry to ‘init_system_idle_counter’ xwayland-24.1.8/Xext/sync.c:2827:5: call_function: calling ‘IdleTimeQueryValue’ from ‘init_system_idle_counter’ xwayland-24.1.8/Xext/sync.c:2827:5: return_function: returning to ‘init_system_idle_counter’ from ‘IdleTimeQueryValue’ xwayland-24.1.8/Xext/sync.c:2829:25: call_function: calling ‘SyncCreateSystemCounter’ from ‘init_system_idle_counter’ xwayland-24.1.8/Xext/sync.c:2829:25: return_function: returning to ‘init_system_idle_counter’ from ‘SyncCreateSystemCounter’ xwayland-24.1.8/Xext/sync.c:2834:8: branch_true: following ‘true’ branch... xwayland-24.1.8/Xext/sync.c:2835:33: branch_true: ...to here xwayland-24.1.8/Xext/sync.c:2835:33: acquire_memory: allocated here xwayland-24.1.8/Xext/sync.c:2843:12: danger: ‘priv’ leaks here; was allocated at [(30)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/29) # 2841| } # 2842| # 2843|-> return idle_time_counter; # 2844| } # 2845| Error: GCC_ANALYZER_WARNING (CWE-688): [#def8] xwayland-24.1.8/Xext/vidmode.c:96:5: warning[-Wanalyzer-null-argument]: use of NULL ‘VidModeCreateMode()’ where non-null expected xwayland-24.1.8/Xext/vidmode.c:1648:1: enter_function: entry to ‘ProcVidModeDispatch’ xwayland-24.1.8/Xext/vidmode.c:1661:16: call_function: calling ‘ProcVidModeValidateModeLine’ from ‘ProcVidModeDispatch’ # 94| VidModeCopyMode(DisplayModePtr modefrom, DisplayModePtr modeto) # 95| { # 96|-> memcpy(modeto, modefrom, sizeof(DisplayModeRec)); # 97| } # 98| Error: GCC_ANALYZER_WARNING (CWE-476): [#def9] xwayland-24.1.8/Xext/xres.c:233:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘current_clients’ xwayland-24.1.8/Xext/xres.c:228:23: acquire_memory: this call could return NULL xwayland-24.1.8/Xext/xres.c:231:17: branch_true: following ‘true’ branch... xwayland-24.1.8/Xext/xres.c:232:13: branch_true: ...to here xwayland-24.1.8/Xext/xres.c:232:12: branch_true: following ‘true’ branch... xwayland-24.1.8/Xext/xres.c:233:28: branch_true: ...to here xwayland-24.1.8/Xext/xres.c:233:13: danger: ‘current_clients + (long unsigned int)num_clients * 4’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 231| for (i = 0; i < currentMaxClients; i++) { # 232| if (clients[i]) { # 233|-> current_clients[num_clients] = i; # 234| num_clients++; # 235| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def10] xwayland-24.1.8/Xext/xselinux_ext.c:393:5: warning[-Wanalyzer-malloc-leak]: leak of ‘items’ xwayland-24.1.8/Xext/xselinux_ext.c:445:1: enter_function: entry to ‘ProcSELinuxListSelections’ xwayland-24.1.8/Xext/xselinux_ext.c:458:13: acquire_memory: allocated here xwayland-24.1.8/Xext/xselinux_ext.c:459:8: branch_false: following ‘false’ branch... xwayland-24.1.8/Xext/xselinux_ext.c:464:5: branch_false: ...to here xwayland-24.1.8/Xext/xselinux_ext.c:465:36: branch_false: following ‘false’ branch (when ‘pSel’ is NULL)... xwayland-24.1.8/Xext/xselinux_ext.c:475:12: branch_false: ...to here xwayland-24.1.8/Xext/xselinux_ext.c:475:12: call_function: calling ‘SELinuxSendItemsToClient’ from ‘ProcSELinuxListSelections’ # 391| } # 392| # 393|-> WriteToClient(client, sizeof(SELinuxListItemsReply), &rep); # 394| WriteToClient(client, size * 4, buf); # 395| Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] xwayland-24.1.8/Xext/xselinux_ext.c:394:5: warning[-Wanalyzer-malloc-leak]: leak of ‘items’ xwayland-24.1.8/Xext/xselinux_ext.c:445:1: enter_function: entry to ‘ProcSELinuxListSelections’ xwayland-24.1.8/Xext/xselinux_ext.c:458:13: acquire_memory: allocated here xwayland-24.1.8/Xext/xselinux_ext.c:459:8: branch_false: following ‘false’ branch... xwayland-24.1.8/Xext/xselinux_ext.c:464:5: branch_false: ...to here xwayland-24.1.8/Xext/xselinux_ext.c:465:36: branch_false: following ‘false’ branch (when ‘pSel’ is NULL)... xwayland-24.1.8/Xext/xselinux_ext.c:475:12: branch_false: ...to here xwayland-24.1.8/Xext/xselinux_ext.c:475:12: call_function: calling ‘SELinuxSendItemsToClient’ from ‘ProcSELinuxListSelections’ # 392| # 393| WriteToClient(client, sizeof(SELinuxListItemsReply), &rep); # 394|-> WriteToClient(client, size * 4, buf); # 395| # 396| /* Free stuff and return */ Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] xwayland-24.1.8/Xext/xselinux_label.c:167:1: warning[-Wanalyzer-malloc-leak]: leak of ‘rec’ xwayland-24.1.8/Xext/xselinux_label.c:133:1: enter_function: entry to ‘SELinuxAtomToSID’ xwayland-24.1.8/Xext/xselinux_label.c:141:15: acquire_memory: allocated here xwayland-24.1.8/Xext/xselinux_label.c:142:12: branch_false: following ‘false’ branch (when ‘rec’ is non-NULL)... xwayland-24.1.8/Xext/xselinux_label.c:142:22: branch_false: ...to here xwayland-24.1.8/Xext/xselinux_label.c:142:22: call_function: calling ‘SELinuxArraySet’ from ‘SELinuxAtomToSID’ xwayland-24.1.8/Xext/xselinux_label.c:142:22: return_function: returning to ‘SELinuxAtomToSID’ from ‘SELinuxArraySet’ xwayland-24.1.8/Xext/xselinux_label.c:142:13: branch_true: following ‘true’ branch... xwayland-24.1.8/Xext/xselinux_label.c:165:2: branch_true: ...to here xwayland-24.1.8/Xext/xselinux_label.c:167:1: danger: ‘rec’ leaks here; was allocated at [(2)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/1) # 165| out: # 166| return rc; # 167|-> } # 168| # 169| /* Error: GCC_ANALYZER_WARNING (CWE-476): [#def13] xwayland-24.1.8/Xext/xtest.c:383:14: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘dev’ xwayland-24.1.8/Xext/xtest.c:466:1: enter_function: entry to ‘ProcXTestDispatch’ xwayland-24.1.8/Xext/xtest.c:475:16: call_function: calling ‘ProcXTestFakeInput’ from ‘ProcXTestDispatch’ # 381| case KeyPress: # 382| case KeyRelease: # 383|-> if (!dev->key) # 384| return BadDevice; # 385| Error: GCC_ANALYZER_WARNING (CWE-476): [#def14] xwayland-24.1.8/Xext/xtest.c:395:14: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘dev’ xwayland-24.1.8/Xext/xtest.c:466:1: enter_function: entry to ‘ProcXTestDispatch’ xwayland-24.1.8/Xext/xtest.c:475:16: call_function: calling ‘ProcXTestFakeInput’ from ‘ProcXTestDispatch’ # 393| break; # 394| case MotionNotify: # 395|-> if (!dev->valuator) # 396| return BadDevice; # 397| Error: GCC_ANALYZER_WARNING (CWE-476): [#def15] xwayland-24.1.8/Xext/xtest.c:426:14: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘dev’ xwayland-24.1.8/Xext/xtest.c:466:1: enter_function: entry to ‘ProcXTestDispatch’ xwayland-24.1.8/Xext/xtest.c:475:16: call_function: calling ‘ProcXTestFakeInput’ from ‘ProcXTestDispatch’ # 424| case ButtonPress: # 425| case ButtonRelease: # 426|-> if (!dev->button) # 427| return BadDevice; # 428| Error: GCC_ANALYZER_WARNING (CWE-476): [#def16] xwayland-24.1.8/Xext/xtest.c:440:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘dev’ xwayland-24.1.8/Xext/xtest.c:531:1: enter_function: entry to ‘SProcXTestFakeInput’ xwayland-24.1.8/Xext/xtest.c:539:8: branch_false: following ‘false’ branch... xwayland-24.1.8/Xext/xtest.c:541:12: branch_false: ...to here xwayland-24.1.8/Xext/xtest.c:541:12: call_function: calling ‘ProcXTestFakeInput’ from ‘SProcXTestFakeInput’ # 438| valuator_mask_set_range(&mask, firstValuator, numValuators, valuators); # 439| # 440|-> if (dev->sendEventsProc) # 441| (*dev->sendEventsProc) (dev, type, ev->u.u.detail, flags, &mask); # 442| Error: GCC_ANALYZER_WARNING (CWE-476): [#def17] xwayland-24.1.8/Xi/exevents.c:1390:13: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xwayland-24.1.8/Xi/exevents.c:2194:1: enter_function: entry to ‘DeliverTouchEvents’ xwayland-24.1.8/Xi/exevents.c:2205:17: branch_true: following ‘true’ branch... xwayland-24.1.8/Xi/exevents.c:2206:17: branch_true: ...to here xwayland-24.1.8/Xi/exevents.c:2215:14: call_function: calling ‘RetrieveTouchDeliveryData’ from ‘DeliverTouchEvents’ # 1388| evtype = GetXI2Type(ev->any.type); # 1389| # 1390|-> nt_list_for_each_entry(iclients, # 1391| wOtherInputMasks(*win)->inputClients, next) # 1392| if (xi2mask_isset(iclients->xi2mask, dev, evtype)) Error: GCC_ANALYZER_WARNING (CWE-476): [#def18] xwayland-24.1.8/Xi/exevents.c:1404:13: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xwayland-24.1.8/Xi/exevents.c:2194:1: enter_function: entry to ‘DeliverTouchEvents’ xwayland-24.1.8/Xi/exevents.c:2205:17: branch_true: following ‘true’ branch... xwayland-24.1.8/Xi/exevents.c:2206:17: branch_true: ...to here xwayland-24.1.8/Xi/exevents.c:2215:14: call_function: calling ‘RetrieveTouchDeliveryData’ from ‘DeliverTouchEvents’ # 1402| Mask xi_filter = event_get_filter_from_type(dev, xi_type); # 1403| # 1404|-> nt_list_for_each_entry(iclients, # 1405| wOtherInputMasks(*win)->inputClients, next) # 1406| if (iclients->mask[dev->id] & xi_filter) Error: GCC_ANALYZER_WARNING (CWE-476): [#def19] xwayland-24.1.8/Xi/exevents.c:2293:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xwayland-24.1.8/Xi/exevents.c:2274:8: branch_false: following ‘false’ branch... xwayland-24.1.8/Xi/exevents.c:2284:14: branch_false: ...to here xwayland-24.1.8/Xi/exevents.c:2286:12: branch_false: following ‘false’ branch... xwayland-24.1.8/Xi/exevents.c:2291:18: branch_false: ...to here xwayland-24.1.8/Xi/exevents.c:2293:9: branch_false: following ‘false’ branch... xwayland-24.1.8/Xi/exevents.c:2293:9: branch_false: ...to here xwayland-24.1.8/Xi/exevents.c:2293:9: danger: dereference of NULL ‘<unknown>’ # 2291| evtype = GetXI2Type(ev->any.type); # 2292| # 2293|-> nt_list_for_each_entry(iclients, wOtherInputMasks(*win)->inputClients, next) # 2294| if (xi2mask_isset(iclients->xi2mask, dev, evtype)) # 2295| break; Error: GCC_ANALYZER_WARNING (CWE-476): [#def20] xwayland-24.1.8/Xi/listdev.c:171:5: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘dev’ xwayland-24.1.8/Xi/listdev.c:331:1: enter_function: entry to ‘ProcXListInputDevices’ xwayland-24.1.8/Xi/listdev.c:343:5: branch_false: following ‘false’ branch... xwayland-24.1.8/Xi/listdev.c:348:27: branch_false: ...to here xwayland-24.1.8/Xi/listdev.c:354:8: branch_false: following ‘false’ branch (when ‘skip’ is non-NULL)... xwayland-24.1.8/Xi/listdev.c:359:10: branch_false: ...to here xwayland-24.1.8/Xi/listdev.c:359:33: branch_true: following ‘true’ branch (when ‘d’ is non-NULL)... xwayland-24.1.8/Xi/listdev.c:360:13: branch_true: ...to here xwayland-24.1.8/Xi/listdev.c:361:12: branch_false: following ‘false’ branch... xwayland-24.1.8/Xi/listdev.c:364:9: branch_false: ...to here xwayland-24.1.8/Xi/listdev.c:364:9: call_function: calling ‘SizeDeviceInfo’ from ‘ProcXListInputDevices’ xwayland-24.1.8/Xi/listdev.c:364:9: return_function: returning to ‘ProcXListInputDevices’ from ‘SizeDeviceInfo’ xwayland-24.1.8/Xi/listdev.c:359:33: branch_false: following ‘false’ branch (when ‘d’ is NULL)... xwayland-24.1.8/Xi/listdev.c:368:10: branch_false: ...to here xwayland-24.1.8/Xi/listdev.c:368:37: branch_false: following ‘false’ branch (when ‘d’ is NULL)... xwayland-24.1.8/Xi/listdev.c:378:20: branch_false: ...to here xwayland-24.1.8/Xi/listdev.c:379:23: acquire_memory: this call could return NULL xwayland-24.1.8/Xi/listdev.c:387:33: branch_true: following ‘true’ branch (when ‘d’ is non-NULL)... xwayland-24.1.8/Xi/listdev.c:388:17: branch_true: ...to here xwayland-24.1.8/Xi/listdev.c:388:12: branch_false: following ‘false’ branch... xwayland-24.1.8/Xi/listdev.c:391:9: branch_false: ...to here xwayland-24.1.8/Xi/listdev.c:391:9: call_function: calling ‘ListDeviceInfo’ from ‘ProcXListInputDevices’ # 169| dev = (xDeviceInfoPtr) * buf; # 170| # 171|-> dev->id = d->id; # 172| dev->type = d->xinput_type; # 173| dev->num_classes = num_classes; Error: GCC_ANALYZER_WARNING (CWE-476): [#def21] xwayland-24.1.8/Xi/xibarriers.c:729:5: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘AllocBarrierDevice()’ xwayland-24.1.8/Xi/xibarriers.c:717:13: enter_function: entry to ‘add_master_func’ xwayland-24.1.8/Xi/xibarriers.c:728:11: call_function: calling ‘AllocBarrierDevice’ from ‘add_master_func’ xwayland-24.1.8/Xi/xibarriers.c:728:11: return_function: returning to ‘add_master_func’ from ‘AllocBarrierDevice’ xwayland-24.1.8/Xi/xibarriers.c:729:5: danger: dereference of NULL ‘AllocBarrierDevice()’ # 727| # 728| pbd = AllocBarrierDevice(); # 729|-> pbd->deviceid = *deviceid; # 730| # 731| input_lock(); Error: GCC_ANALYZER_WARNING (CWE-476): [#def22] xwayland-24.1.8/dix/enterleave.c:786:5: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘xi2event’ xwayland-24.1.8/dix/enterleave.c:1421:1: enter_function: entry to ‘DeviceFocusEvents’ xwayland-24.1.8/dix/enterleave.c:1429:8: branch_false: following ‘false’ branch (when ‘from != to’)... xwayland-24.1.8/dix/enterleave.c:1431:11: branch_false: ...to here xwayland-24.1.8/dix/enterleave.c:1440:8: branch_true: following ‘true’ branch (when ‘to <= 1’)... xwayland-24.1.8/dix/enterleave.c:1441:12: branch_true: ...to here xwayland-24.1.8/dix/enterleave.c:1441:12: branch_true: following ‘true’ branch (when ‘from <= 1’)... xwayland-24.1.8/dix/enterleave.c:1442:16: branch_true: ...to here xwayland-24.1.8/dix/enterleave.c:1442:16: branch_true: following ‘true’ branch (when ‘from == 1’)... xwayland-24.1.8/dix/enterleave.c:1443:17: branch_true: ...to here xwayland-24.1.8/dix/enterleave.c:1443:17: call_function: calling ‘DeviceFocusEvent’ from ‘DeviceFocusEvents’ # 784| # 785| xi2event = calloc(1, len); # 786|-> xi2event->type = GenericEvent; # 787| xi2event->extension = IReqCode; # 788| xi2event->evtype = type; Error: GCC_ANALYZER_WARNING (CWE-476): [#def23] xwayland-24.1.8/dix/gestures.c:242:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘inputMasks’ xwayland-24.1.8/dix/gestures.c:236:8: branch_false: following ‘false’ branch... xwayland-24.1.8/dix/gestures.c:239:18: branch_false: ...to here xwayland-24.1.8/dix/gestures.c:239:18: branch_false: following ‘false’ branch... xwayland-24.1.8/dix/gestures.c:241:9: branch_false: ...to here xwayland-24.1.8/dix/gestures.c:241:8: branch_true: following ‘true’ branch... xwayland-24.1.8/dix/gestures.c:242:9: branch_true: ...to here xwayland-24.1.8/dix/gestures.c:242:9: danger: dereference of NULL ‘inputMasks’ # 240| # 241| if (mask & EVENT_XI2_MASK) { # 242|-> nt_list_for_each_entry(iclients, inputMasks->inputClients, next) { # 243| if (!xi2mask_isset(iclients->xi2mask, dev, evtype)) # 244| continue; Error: GCC_ANALYZER_WARNING (CWE-131): [#def24] xwayland-24.1.8/dix/swaprep.c:99:22: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size # 97| # 98| /* Allocate as big a buffer as we can... */ # 99|-> while (!(pbufT = malloc(bufsize))) { # 100| bufsize >>= 1; # 101| if (bufsize == 4) { Error: GCC_ANALYZER_WARNING (CWE-131): [#def25] xwayland-24.1.8/dix/swaprep.c:146:22: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size # 144| # 145| /* Allocate as big a buffer as we can... */ # 146|-> while (!(pbufT = malloc(bufsize))) { # 147| bufsize >>= 1; # 148| if (bufsize == 4) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def26] xwayland-24.1.8/dix/touch.c:765:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘inputMasks’ xwayland-24.1.8/dix/touch.c:762:18: branch_false: following ‘false’ branch... xwayland-24.1.8/dix/touch.c:764:9: branch_false: ...to here xwayland-24.1.8/dix/touch.c:764:8: branch_true: following ‘true’ branch... xwayland-24.1.8/dix/touch.c:765:9: branch_true: ...to here xwayland-24.1.8/dix/touch.c:765:9: danger: dereference of NULL ‘inputMasks’ # 763| # 764| if (mask & EVENT_XI2_MASK) { # 765|-> nt_list_for_each_entry(iclients, inputMasks->inputClients, next) { # 766| if (!xi2mask_isset(iclients->xi2mask, dev, evtype)) # 767| continue; Error: GCC_ANALYZER_WARNING (CWE-476): [#def27] xwayland-24.1.8/dix/touch.c:782:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘inputMasks’ xwayland-24.1.8/dix/touch.c:739:1: enter_function: entry to ‘TouchAddRegularListener’ xwayland-24.1.8/dix/touch.c:762:18: branch_false: following ‘false’ branch... xwayland-24.1.8/dix/touch.c:764:9: branch_false: ...to here xwayland-24.1.8/dix/touch.c:764:8: branch_false: following ‘false’ branch... xwayland-24.1.8/dix/touch.c:778:9: branch_false: ...to here xwayland-24.1.8/dix/touch.c:778:8: branch_true: following ‘true’ branch... xwayland-24.1.8/dix/touch.c:779:32: call_function: inlined call to ‘TouchGetPointerEventType’ from ‘TouchAddRegularListener’ xwayland-24.1.8/dix/touch.c:782:9: danger: dereference of NULL ‘inputMasks’ # 780| Mask xi_filter = event_get_filter_from_type(dev, xitype); # 781| # 782|-> nt_list_for_each_entry(iclients, inputMasks->inputClients, next) { # 783| if (!(iclients->mask[dev->id] & xi_filter)) # 784| continue; Error: GCC_ANALYZER_WARNING (CWE-476): [#def28] xwayland-24.1.8/dix/window.c:3495:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘pNewNode’ xwayland-24.1.8/dix/window.c:3442:1: enter_function: entry to ‘ChangeWindowDeviceCursor’ xwayland-24.1.8/dix/window.c:3449:8: branch_false: following ‘false’ branch... xwayland-24.1.8/dix/window.c:3465:5: branch_false: ...to here xwayland-24.1.8/dix/window.c:3467:9: call_function: calling ‘WindowSeekDeviceCursor’ from ‘ChangeWindowDeviceCursor’ xwayland-24.1.8/dix/window.c:3467:9: return_function: returning to ‘ChangeWindowDeviceCursor’ from ‘WindowSeekDeviceCursor’ xwayland-24.1.8/dix/window.c:3467:8: branch_false: following ‘false’ branch... xwayland-24.1.8/dix/window.c:3491:12: branch_false: ...to here xwayland-24.1.8/dix/window.c:3491:12: branch_false: following ‘false’ branch (when ‘pCursor’ is non-NULL)... xwayland-24.1.8/dix/window.c:3494:20: branch_false: ...to here xwayland-24.1.8/dix/window.c:3494:20: acquire_memory: this call could return NULL xwayland-24.1.8/dix/window.c:3495:9: danger: ‘pNewNode’ could be NULL: unchecked value from [(15)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/14) # 3493| # 3494| pNewNode = malloc(sizeof(DevCursNodeRec)); # 3495|-> pNewNode->dev = pDev; # 3496| pNewNode->next = pWin->optional->deviceCursors; # 3497| pWin->optional->deviceCursors = pNewNode; Error: GCC_ANALYZER_WARNING (CWE-401): [#def29] xwayland-24.1.8/include/privates.h:165:16: warning[-Wanalyzer-malloc-leak]: leak of ‘prop’ xwayland-24.1.8/randr/rrproviderproperty.c:136:1: enter_function: entry to ‘RRChangeProviderProperty’ xwayland-24.1.8/randr/rrproviderproperty.c:141:29: call_function: calling ‘dixLookupPrivate’ from ‘RRChangeProviderProperty’ xwayland-24.1.8/randr/rrproviderproperty.c:141:29: return_function: returning to ‘RRChangeProviderProperty’ from ‘dixLookupPrivate’ xwayland-24.1.8/randr/rrproviderproperty.c:153:8: branch_true: following ‘true’ branch... xwayland-24.1.8/randr/rrproviderproperty.c:154:16: branch_true: ...to here xwayland-24.1.8/randr/rrproviderproperty.c:154:16: call_function: calling ‘RRCreateProviderProperty’ from ‘RRChangeProviderProperty’ xwayland-24.1.8/randr/rrproviderproperty.c:154:16: return_function: returning to ‘RRChangeProviderProperty’ from ‘RRCreateProviderProperty’ xwayland-24.1.8/randr/rrproviderproperty.c:155:12: branch_false: following ‘false’ branch... xwayland-24.1.8/randr/rrproviderproperty.c:160:8: branch_false: ...to here xwayland-24.1.8/randr/rrproviderproperty.c:175:8: branch_true: following ‘true’ branch (when ‘mode == 0’)... xwayland-24.1.8/randr/rrproviderproperty.c:180:9: branch_true: ...to here xwayland-24.1.8/randr/rrproviderproperty.c:180:8: branch_true: following ‘true’ branch... xwayland-24.1.8/randr/rrproviderproperty.c:182:25: branch_true: ...to here xwayland-24.1.8/randr/rrproviderproperty.c:182:12: branch_true: following ‘true’ branch... xwayland-24.1.8/randr/rrproviderproperty.c:156:20: branch_true: ...to here xwayland-24.1.8/include/privates.h:165:16: danger: ‘prop’ leaks here; was allocated at [(15)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/14) # 163| { # 164| if (key->size) # 165|-> return dixGetPrivateAddr(privates, key); # 166| else # 167| return dixGetPrivate(privates, key); Error: COMPILER_WARNING (CWE-477): [#def30] xwayland-24.1.8/os/xsha1.c: scope_hint: In function ‘x_sha1_init’ xwayland-24.1.8/os/xsha1.c:270:5: warning[-Wdeprecated-declarations]: ‘SHA1_Init’ is deprecated: Since OpenSSL 3.0 # 270 | ret = SHA1_Init(ctx); # | ^~~ xwayland-24.1.8/os/xsha1.c:260: included_from: Included from here. /usr/include/openssl/sha.h:49:27: note: declared here # 49 | OSSL_DEPRECATEDIN_3_0 int SHA1_Init(SHA_CTX *c); # | ^~~~~~~~~ # 268| if (!ctx) # 269| return NULL; # 270|-> ret = SHA1_Init(ctx); # 271| if (!ret) { # 272| free(ctx); Error: COMPILER_WARNING (CWE-477): [#def31] xwayland-24.1.8/os/xsha1.c:270:5: warning[-Wdeprecated-declarations]: ‘SHA1_Init’ is deprecated: Since OpenSSL 3.0 # 268| if (!ctx) # 269| return NULL; # 270|-> ret = SHA1_Init(ctx); # 271| if (!ret) { # 272| free(ctx); Error: GCC_ANALYZER_WARNING (CWE-401): [#def32] xwayland-24.1.8/os/xsha1.c:270:11: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’ xwayland-24.1.8/os/xsha1.c:266:20: acquire_memory: allocated here xwayland-24.1.8/os/xsha1.c:268:8: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)... xwayland-24.1.8/os/xsha1.c:270:11: branch_false: ...to here xwayland-24.1.8/os/xsha1.c:270:11: throw: if ‘SHA1_Init’ throws an exception... xwayland-24.1.8/os/xsha1.c:270:11: danger: ‘ctx’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0) # 268| if (!ctx) # 269| return NULL; # 270|-> ret = SHA1_Init(ctx); # 271| if (!ret) { # 272| free(ctx); Error: COMPILER_WARNING (CWE-477): [#def33] xwayland-24.1.8/os/xsha1.c: scope_hint: In function ‘x_sha1_update’ xwayland-24.1.8/os/xsha1.c:284:5: warning[-Wdeprecated-declarations]: ‘SHA1_Update’ is deprecated: Since OpenSSL 3.0 # 284 | ret = SHA1_Update(sha_ctx, data, size); # | ^~~ /usr/include/openssl/sha.h:50:27: note: declared here # 50 | OSSL_DEPRECATEDIN_3_0 int SHA1_Update(SHA_CTX *c, const void *data, size_t len); # | ^~~~~~~~~~~ # 282| SHA_CTX *sha_ctx = ctx; # 283| # 284|-> ret = SHA1_Update(sha_ctx, data, size); # 285| if (!ret) # 286| free(sha_ctx); Error: COMPILER_WARNING (CWE-477): [#def34] xwayland-24.1.8/os/xsha1.c:284:5: warning[-Wdeprecated-declarations]: ‘SHA1_Update’ is deprecated: Since OpenSSL 3.0 # 282| SHA_CTX *sha_ctx = ctx; # 283| # 284|-> ret = SHA1_Update(sha_ctx, data, size); # 285| if (!ret) # 286| free(sha_ctx); Error: COMPILER_WARNING (CWE-477): [#def35] xwayland-24.1.8/os/xsha1.c: scope_hint: In function ‘x_sha1_final’ xwayland-24.1.8/os/xsha1.c:296:5: warning[-Wdeprecated-declarations]: ‘SHA1_Final’ is deprecated: Since OpenSSL 3.0 # 296 | ret = SHA1_Final(result, sha_ctx); # | ^~~ /usr/include/openssl/sha.h:51:27: note: declared here # 51 | OSSL_DEPRECATEDIN_3_0 int SHA1_Final(unsigned char *md, SHA_CTX *c); # | ^~~~~~~~~~ # 294| SHA_CTX *sha_ctx = ctx; # 295| # 296|-> ret = SHA1_Final(result, sha_ctx); # 297| free(sha_ctx); # 298| return ret; Error: COMPILER_WARNING (CWE-477): [#def36] xwayland-24.1.8/os/xsha1.c:296:5: warning[-Wdeprecated-declarations]: ‘SHA1_Final’ is deprecated: Since OpenSSL 3.0 # 294| SHA_CTX *sha_ctx = ctx; # 295| # 296|-> ret = SHA1_Final(result, sha_ctx); # 297| free(sha_ctx); # 298| return ret;
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-24.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | xorg-x11-server-Xwayland-24.1.9-1.fc44 |
| diffbase-store-results-to | /tmp/tmpxda52bcr/xorg-x11-server-Xwayland-24.1.9-1.fc44.tar.xz |
| diffbase-time-created | 2026-01-08 22:15:27 |
| diffbase-time-finished | 2026-01-08 22:18:45 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpxda52bcr/xorg-x11-server-Xwayland-24.1.9-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpxda52bcr/xorg-x11-server-Xwayland-24.1.9-1.fc44.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-24.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | xorg-x11-server-Xwayland-24.1.8-2.fc43 |
| store-results-to | /tmp/tmpi6ja8399/xorg-x11-server-Xwayland-24.1.8-2.fc43.tar.xz |
| time-created | 2026-01-08 22:11:00 |
| time-finished | 2026-01-08 22:14:49 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpi6ja8399/xorg-x11-server-Xwayland-24.1.8-2.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpi6ja8399/xorg-x11-server-Xwayland-24.1.8-2.fc43.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |