Error: GCC_ANALYZER_WARNING (CWE-1335): [#def1] brotli-1.1.0/c/common/constants.h:161:12: warning[-Wanalyzer-shift-count-overflow]: shift by count (‘4294967295’) >= precision of type (‘32’) brotli-1.1.0/c/enc/metablock.c:126:6: enter_function: entry to ‘BrotliBuildMetaBlock’ brotli-1.1.0/c/enc/metablock.c:156:22: branch_true: following ‘true’ branch (when ‘npostfix != 4’)... branch_true: ...to here brotli-1.1.0/c/enc/metablock.c:157:12: branch_true: following ‘true’ branch (when ‘ndirect_msb <= 15’)... brotli-1.1.0/c/enc/metablock.c:158:16: branch_true: ...to here brotli-1.1.0/c/enc/metablock.c:156:22: branch_true: following ‘true’ branch (when ‘npostfix != 4’)... branch_true: ...to here brotli-1.1.0/c/enc/metablock.c:161:7: call_function: calling ‘BrotliInitDistanceParams’ from ‘BrotliBuildMetaBlock’ # 159| ndistbits--; # 160| /* Find subrange. */ # 161|-> half = (offset >> ndistbits) & 1; # 162| /* Calculate the "group" part of dcode. */ # 163| group = ((ndistbits - 1) << 1) | half; Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] brotli-1.1.0/c/common/shared_dictionary.c:509:20: warning[-Wanalyzer-malloc-leak]: leak of ‘dict’ brotli-1.1.0/c/common/shared_dictionary.c:491:6: branch_true: following ‘true’ branch... brotli-1.1.0/c/common/shared_dictionary.c:492:37: branch_true: ...to here brotli-1.1.0/c/common/shared_dictionary.c:492:37: acquire_memory: allocated here brotli-1.1.0/c/common/shared_dictionary.c:497:6: branch_false: following ‘false’ branch (when ‘dict’ is non-NULL)... brotli-1.1.0/c/common/shared_dictionary.c:502:3: branch_false: ...to here brotli-1.1.0/c/common/shared_dictionary.c:509:20: danger: ‘dict’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2) # 507| dict->num_transform_lists = 0; # 508| # 509|-> dict->words[0] = BrotliGetDictionary(); # 510| dict->transforms[0] = BrotliGetTransforms(); # 511| Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] brotli-1.1.0/c/common/shared_dictionary.c:510:25: warning[-Wanalyzer-malloc-leak]: leak of ‘dict’ brotli-1.1.0/c/common/shared_dictionary.c:491:6: branch_true: following ‘true’ branch... brotli-1.1.0/c/common/shared_dictionary.c:492:37: branch_true: ...to here brotli-1.1.0/c/common/shared_dictionary.c:492:37: acquire_memory: allocated here brotli-1.1.0/c/common/shared_dictionary.c:497:6: branch_false: following ‘false’ branch (when ‘dict’ is non-NULL)... brotli-1.1.0/c/common/shared_dictionary.c:502:3: branch_false: ...to here brotli-1.1.0/c/common/shared_dictionary.c:510:25: danger: ‘dict’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2) # 508| # 509| dict->words[0] = BrotliGetDictionary(); # 510|-> dict->transforms[0] = BrotliGetTransforms(); # 511| # 512| dict->alloc_func = alloc_func ? alloc_func : BrotliDefaultAllocFunc; Error: GCC_ANALYZER_WARNING (CWE-1335): [#def4] brotli-1.1.0/c/dec/../common/constants.h:161:12: warning[-Wanalyzer-shift-count-overflow]: shift by count (‘4294967295’) >= precision of type (‘32’) brotli-1.1.0/c/dec/decode.c:2300:21: enter_function: entry to ‘BrotliDecoderDecompressStream’ brotli-1.1.0/c/dec/decode.c:2313:6: branch_false: following ‘false’ branch... brotli-1.1.0/c/dec/decode.c:2316:7: branch_false: ...to here brotli-1.1.0/c/dec/decode.c:2320:6: branch_true: following ‘true’ branch... branch_true: ...to here brotli-1.1.0/c/dec/decode.c:2332:8: branch_false: following ‘false’ branch (when ‘result == 1’)... brotli-1.1.0/c/dec/decode.c:2400:13: branch_false: ...to here brotli-1.1.0/c/dec/decode.c:2628:12: branch_true: following ‘true’ branch... brotli-1.1.0/c/dec/decode.c:2629:43: branch_true: ...to here brotli-1.1.0/c/dec/decode.c:2629:43: call_function: inlined call to ‘BrotliCalculateDistanceCodeLimit’ from ‘BrotliDecoderDecompressStream’ # 159| ndistbits--; # 160| /* Find subrange. */ # 161|-> half = (offset >> ndistbits) & 1; # 162| /* Calculate the "group" part of dcode. */ # 163| group = ((ndistbits - 1) << 1) | half; Error: GCC_ANALYZER_WARNING (CWE-1335): [#def5] brotli-1.1.0/c/enc/../common/constants.h:161:12: warning[-Wanalyzer-shift-count-overflow]: shift by count (‘4294967295’) >= precision of type (‘32’) brotli-1.1.0/c/enc/metablock.c:126:6: enter_function: entry to ‘BrotliBuildMetaBlock’ brotli-1.1.0/c/enc/metablock.c:156:22: branch_true: following ‘true’ branch (when ‘npostfix != 4’)... branch_true: ...to here brotli-1.1.0/c/enc/metablock.c:157:12: branch_true: following ‘true’ branch (when ‘ndirect_msb <= 15’)... brotli-1.1.0/c/enc/metablock.c:158:16: branch_true: ...to here brotli-1.1.0/c/enc/metablock.c:156:22: branch_true: following ‘true’ branch (when ‘npostfix != 4’)... branch_true: ...to here brotli-1.1.0/c/enc/metablock.c:161:7: call_function: calling ‘BrotliInitDistanceParams’ from ‘BrotliBuildMetaBlock’ # 159| ndistbits--; # 160| /* Find subrange. */ # 161|-> half = (offset >> ndistbits) & 1; # 162| /* Calculate the "group" part of dcode. */ # 163| group = ((ndistbits - 1) << 1) | half; Error: GCC_ANALYZER_WARNING (CWE-476): [#def6] brotli-1.1.0/c/enc/backward_references_hq.c:51:32: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘nodes’ brotli-1.1.0/c/enc/backward_references_hq.c:797:6: enter_function: entry to ‘BrotliCreateZopfliBackwardReferences’ brotli-1.1.0/c/enc/backward_references_hq.c:802:23: branch_false: following ‘false’ branch (when ‘num_bytes == 18446744073709551615’)... brotli-1.1.0/c/enc/backward_references_hq.c:804:3: branch_false: ...to here brotli-1.1.0/c/enc/backward_references_hq.c:804:3: call_function: inlined call to ‘BrotliInitZopfliNodes’ from ‘BrotliCreateZopfliBackwardReferences’ # 49| stub.dcode_insert_length = 0; # 50| stub.u.cost = kInfinity; # 51|-> for (i = 0; i < length; ++i) array[i] = stub; # 52| } # 53| Error: GCC_ANALYZER_WARNING (CWE-476): [#def7] brotli-1.1.0/c/enc/backward_references_hq.c:224:3: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘literal_costs’ brotli-1.1.0/c/enc/backward_references_hq.c:707:8: enter_function: entry to ‘BrotliZopfliComputeShortestPath’ brotli-1.1.0/c/enc/backward_references_hq.c:730:3: call_function: calling ‘InitZopfliCostModel’ from ‘BrotliZopfliComputeShortestPath’ brotli-1.1.0/c/enc/backward_references_hq.c:730:3: return_function: returning to ‘BrotliZopfliComputeShortestPath’ from ‘InitZopfliCostModel’ brotli-1.1.0/c/enc/backward_references_hq.c:732:3: call_function: calling ‘ZopfliCostModelSetFromLiteralCosts’ from ‘BrotliZopfliComputeShortestPath’ # 222| ringbuffer, self->literal_histograms, # 223| &literal_costs[1]); # 224|-> literal_costs[0] = 0.0; # 225| for (i = 0; i < num_bytes; ++i) { # 226| literal_carry += literal_costs[i + 1]; Error: CPPCHECK_WARNING (CWE-476): [#def8] brotli-1.1.0/c/enc/backward_references_hq.c:611: error[ctunullpointer]: Null pointer dereference: nodes # 609| const size_t max_backward_limit = BROTLI_MAX_BACKWARD_LIMIT(params->lgwin); # 610| size_t pos = 0; # 611|-> uint32_t offset = nodes[0].u.next; # 612| size_t i; # 613| size_t gap = params->dictionary.compound.total_size; Error: CPPCHECK_WARNING (CWE-476): [#def9] brotli-1.1.0/c/enc/backward_references_hq.c:611: warning[nullPointer]: Possible null pointer dereference: nodes # 609| const size_t max_backward_limit = BROTLI_MAX_BACKWARD_LIMIT(params->lgwin); # 610| size_t pos = 0; # 611|-> uint32_t offset = nodes[0].u.next; # 612| size_t i; # 613| size_t gap = params->dictionary.compound.total_size; Error: GCC_ANALYZER_WARNING (CWE-476): [#def10] brotli-1.1.0/c/enc/backward_references_hq.c:728:3: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘nodes’ brotli-1.1.0/c/enc/backward_references_hq.c:797:6: enter_function: entry to ‘BrotliCreateZopfliBackwardReferences’ brotli-1.1.0/c/enc/backward_references_hq.c:802:23: branch_false: following ‘false’ branch (when ‘num_bytes == 18446744073709551615’)... brotli-1.1.0/c/enc/backward_references_hq.c:804:3: branch_false: ...to here brotli-1.1.0/c/enc/backward_references_hq.c:804:3: call_function: inlined call to ‘BrotliInitZopfliNodes’ from ‘BrotliCreateZopfliBackwardReferences’ brotli-1.1.0/c/enc/backward_references_hq.c:805:20: branch_false: ...to here brotli-1.1.0/c/enc/backward_references_hq.c:805:20: call_function: calling ‘BrotliZopfliComputeShortestPath’ from ‘BrotliCreateZopfliBackwardReferences’ # 726| return 0; # 727| } # 728|-> nodes[0].length = 0; # 729| nodes[0].u.cost = 0; # 730| InitZopfliCostModel(m, model, ¶ms->dist, num_bytes); Error: GCC_ANALYZER_WARNING (CWE-476): [#def11] brotli-1.1.0/c/enc/block_splitter_inc.h:96:5: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘insert_cost’ brotli-1.1.0/c/enc/block_splitter_inc.h:397:13: enter_function: entry to ‘SplitByteVectorLiteral’ brotli-1.1.0/c/enc/block_splitter_inc.h:416:6: branch_false: following ‘false’ branch (when ‘length != 0’)... brotli-1.1.0/c/enc/block_splitter_inc.h:421:6: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:421:6: branch_false: following ‘false’ branch (when ‘length > 127’)... brotli-1.1.0/c/enc/block_splitter_inc.h:433:16: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:433:16: branch_true: following ‘true’ branch... brotli-1.1.0/c/enc/block_splitter_inc.h:433:16: branch_true: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:437:3: call_function: calling ‘InitialEntropyCodesLiteral’ from ‘SplitByteVectorLiteral’ brotli-1.1.0/c/enc/block_splitter_inc.h:437:3: return_function: returning to ‘SplitByteVectorLiteral’ from ‘InitialEntropyCodesLiteral’ brotli-1.1.0/c/enc/block_splitter_inc.h:448:27: branch_false: following ‘false’ branch... brotli-1.1.0/c/enc/block_splitter_inc.h:449:20: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:449:20: branch_true: following ‘true’ branch... brotli-1.1.0/c/enc/block_splitter_inc.h:449:20: branch_true: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:450:30: branch_true: following ‘true’ branch... brotli-1.1.0/c/enc/block_splitter_inc.h:450:30: branch_true: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:451:24: branch_true: following ‘true’ branch... brotli-1.1.0/c/enc/block_splitter_inc.h:451:24: branch_true: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:459:17: branch_true: following ‘true’ branch (when ‘iters > i’)... brotli-1.1.0/c/enc/block_splitter_inc.h:460:20: branch_true: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:460:20: call_function: calling ‘FindBlocksLiteral’ from ‘SplitByteVectorLiteral’ # 94| sizeof(insert_cost[0]) * alphabet_size * num_histograms); # 95| for (i = 0; i < num_histograms; ++i) { # 96|-> insert_cost[i] = FastLog2((uint32_t)histograms[i].total_count_); # 97| } # 98| for (i = alphabet_size; i != 0;) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def12] brotli-1.1.0/c/enc/block_splitter_inc.h:278:7: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘u32’ brotli-1.1.0/c/enc/block_splitter_inc.h:201:13: enter_function: entry to ‘ClusterBlocksLiteral’ brotli-1.1.0/c/enc/block_splitter_inc.h:206:33: branch_true: following ‘true’ branch (when ‘num_blocks != 0’)... brotli-1.1.0/c/enc/block_splitter_inc.h:206:33: branch_true: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:208:7: branch_false: following ‘false’ branch (when ‘num_blocks == 18446744073709551360’)... brotli-1.1.0/c/enc/block_splitter_inc.h:210:7: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:214:7: branch_false: following ‘false’ branch (when ‘expected_num_clusters == 0’)... brotli-1.1.0/c/enc/block_splitter_inc.h:219:31: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:219:31: branch_true: following ‘true’ branch (when ‘num_blocks != 0’)... brotli-1.1.0/c/enc/block_splitter_inc.h:219:31: call_function: inlined call to ‘brotli_min_size_t’ from ‘ClusterBlocksLiteral’ brotli-1.1.0/c/enc/block_splitter_inc.h:263:15: branch_true: following ‘true’ branch (when ‘i < num_blocks’)... brotli-1.1.0/c/enc/block_splitter_inc.h:265:9: branch_true: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:268:17: branch_true: following ‘true’ branch... brotli-1.1.0/c/enc/block_splitter_inc.h:270:43: branch_true: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:278:12: release_memory: ‘u32’ is NULL brotli-1.1.0/c/enc/block_splitter_inc.h:278:7: danger: dereference of NULL ‘u32 + j * 4’ # 276| new_clusters[j] = (uint32_t)j; # 277| symbols[j] = (uint32_t)j; # 278|-> sizes[j] = 1; # 279| } # 280| num_new_clusters = FN(BrotliHistogramCombine)( Error: GCC_ANALYZER_WARNING (CWE-476): [#def13] brotli-1.1.0/c/enc/block_splitter_inc.h:344:34: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘u32’ brotli-1.1.0/c/enc/block_splitter_inc.h:201:13: enter_function: entry to ‘ClusterBlocksCommand’ brotli-1.1.0/c/enc/block_splitter_inc.h:206:33: branch_true: following ‘true’ branch (when ‘num_blocks != 0’)... brotli-1.1.0/c/enc/block_splitter_inc.h:206:33: branch_true: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:208:7: branch_false: following ‘false’ branch (when ‘num_blocks == 18446744073709551360’)... brotli-1.1.0/c/enc/block_splitter_inc.h:210:7: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:214:7: branch_false: following ‘false’ branch (when ‘expected_num_clusters == 0’)... brotli-1.1.0/c/enc/block_splitter_inc.h:219:31: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:219:31: branch_true: following ‘true’ branch (when ‘num_blocks != 0’)... brotli-1.1.0/c/enc/block_splitter_inc.h:219:31: call_function: inlined call to ‘brotli_min_size_t’ from ‘ClusterBlocksCommand’ brotli-1.1.0/c/enc/block_splitter_inc.h:263:15: branch_true: following ‘true’ branch (when ‘i < num_blocks’)... brotli-1.1.0/c/enc/block_splitter_inc.h:265:9: branch_true: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:268:17: branch_false: following ‘false’ branch... brotli-1.1.0/c/enc/block_splitter_inc.h:280:24: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:283:5: branch_false: following ‘false’ branch... brotli-1.1.0/c/enc/block_splitter_inc.h:285:5: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:285:5: branch_false: following ‘false’ branch... brotli-1.1.0/c/enc/block_splitter_inc.h:288:5: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:288:17: branch_false: following ‘false’ branch... branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:293:17: branch_false: following ‘false’ branch... brotli-1.1.0/c/enc/block_splitter_inc.h:296:5: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:263:15: branch_false: following ‘false’ branch (when ‘i >= num_blocks’)... brotli-1.1.0/c/enc/block_splitter_inc.h:300:3: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:310:14: branch_false: following ‘false’ branch (when ‘num_clusters == 0’)... brotli-1.1.0/c/enc/block_splitter_inc.h:312:3: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:312:15: branch_false: following ‘false’ branch (when ‘num_clusters <= i’)... brotli-1.1.0/c/enc/block_splitter_inc.h:315:24: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:323:15: branch_false: following ‘false’ branch (when ‘num_clusters == 0’)... brotli-1.1.0/c/enc/block_splitter_inc.h:325:3: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:325:15: branch_false: following ‘false’ branch (when ‘num_clusters <= i’)... branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:329:17: branch_true: following ‘true’ branch (when ‘i < num_blocks’)... brotli-1.1.0/c/enc/block_splitter_inc.h:333:7: call_function: inlined call to ‘HistogramClearCommand’ from ‘ClusterBlocksCommand’ brotli-1.1.0/c/enc/block_splitter_inc.h:339:18: branch_true: following ‘true’ branch (when ‘i == 0’)... brotli-1.1.0/c/enc/block_splitter_inc.h:339:7: branch_true: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:342:19: branch_true: following ‘true’ branch... brotli-1.1.0/c/enc/block_splitter_inc.h:344:42: branch_true: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:344:42: release_memory: ‘u32’ is NULL brotli-1.1.0/c/enc/block_splitter_inc.h:344:34: danger: dereference of NULL ‘clusters + j * 4’ # 342| for (j = 0; j < num_final_clusters; ++j) { # 343| const double cur_bits = FN(BrotliHistogramBitCostDistance)( # 344|-> tmp, &all_histograms[clusters[j]], tmp + 1); # 345| if (cur_bits < best_bits) { # 346| best_bits = cur_bits; Error: CPPCHECK_WARNING (CWE-682): [#def14] brotli-1.1.0/c/enc/block_splitter_inc.h:434: error[nullPointerArithmetic]: Pointer addition with NULL pointer. # 432| } # 433| histograms = BROTLI_ALLOC(m, HistogramType, num_histograms + 1); # 434|-> tmp = histograms + num_histograms; # 435| if (BROTLI_IS_OOM(m) || BROTLI_IS_NULL(histograms)) return; # 436| /* Find good entropy codes. */ Error: GCC_ANALYZER_WARNING (CWE-476): [#def15] brotli-1.1.0/c/enc/cluster_inc.h:214:59: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘tmp’ brotli-1.1.0/c/enc/cluster_inc.h:214:59: branch_true: following ‘true’ branch (when ‘length != 0’)... brotli-1.1.0/c/enc/cluster_inc.h:214:59: branch_true: ...to here brotli-1.1.0/c/enc/cluster_inc.h:214:59: branch_false: following ‘false’ branch (when ‘next_index == 0’)... brotli-1.1.0/c/enc/cluster_inc.h:214:59: branch_false: ...to here brotli-1.1.0/c/enc/cluster_inc.h:214:59: branch_true: following ‘true’ branch... brotli-1.1.0/c/enc/cluster_inc.h:214:59: release_memory: ‘tmp’ is NULL brotli-1.1.0/c/enc/cluster_inc.h:214:59: danger: dereference of NULL ‘tmp + (long unsigned int)next_index * 2192’ # 212| Returns N, the number of unique values in symbols[]. */ # 213| BROTLI_INTERNAL size_t FN(BrotliHistogramReindex)(MemoryManager* m, # 214|-> HistogramType* out, uint32_t* symbols, size_t length) CODE({ # 215| static const uint32_t kInvalidIndex = BROTLI_UINT32_MAX; # 216| uint32_t* new_index = BROTLI_ALLOC(m, uint32_t, length); Error: GCC_ANALYZER_WARNING (CWE-476): [#def16] brotli-1.1.0/c/enc/compound_dictionary.c:90:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ brotli-1.1.0/c/enc/compound_dictionary.c:42:6: branch_false: following ‘false’ branch (when ‘slot_bits <= 16’)... brotli-1.1.0/c/enc/compound_dictionary.c:43:6: branch_false: ...to here brotli-1.1.0/c/enc/compound_dictionary.c:43:6: branch_false: following ‘false’ branch (when ‘slot_bits <= bucket_bits’)... brotli-1.1.0/c/enc/compound_dictionary.c:44:7: branch_false: ...to here brotli-1.1.0/c/enc/compound_dictionary.c:44:6: branch_false: following ‘false’ branch... brotli-1.1.0/c/enc/compound_dictionary.c:46:10: branch_false: ...to here brotli-1.1.0/c/enc/compound_dictionary.c:46:10: branch_false: following ‘false’ branch (when ‘alloc_size == 0’)... brotli-1.1.0/c/enc/compound_dictionary.c:50:38: branch_false: ...to here brotli-1.1.0/c/enc/compound_dictionary.c:70:15: branch_true: following ‘true’ branch (when ‘i < num_slots’)... brotli-1.1.0/c/enc/compound_dictionary.c:72:15: branch_true: ...to here brotli-1.1.0/c/enc/compound_dictionary.c:89:10: branch_true: following ‘true’ branch (when ‘overflow == 0’)... brotli-1.1.0/c/enc/compound_dictionary.c:90:18: branch_true: ...to here brotli-1.1.0/c/enc/compound_dictionary.c:90:18: release_memory: using NULL here brotli-1.1.0/c/enc/compound_dictionary.c:90:9: danger: dereference of NULL ‘flat + (long unsigned int)i * 4’ # 88| } # 89| if (!overflow) { # 90|-> slot_size[i] = count; # 91| total_items += count; # 92| break; Error: CPPCHECK_WARNING (CWE-476): [#def17] brotli-1.1.0/c/enc/compound_dictionary.c:113: warning[nullPointer]: Possible null pointer dereference: result # 111| source_ref = (uint8_t**)(&items[total_items]); # 112| # 113|-> result->magic = kLeanPreparedDictionaryMagic; # 114| result->num_items = total_items; # 115| result->source_size = (uint32_t)source_size; Error: CPPCHECK_WARNING (CWE-476): [#def18] brotli-1.1.0/c/enc/compound_dictionary.c:114: warning[nullPointer]: Possible null pointer dereference: result # 112| # 113| result->magic = kLeanPreparedDictionaryMagic; # 114|-> result->num_items = total_items; # 115| result->source_size = (uint32_t)source_size; # 116| result->hash_bits = hash_bits; Error: CPPCHECK_WARNING (CWE-476): [#def19] brotli-1.1.0/c/enc/compound_dictionary.c:115: warning[nullPointer]: Possible null pointer dereference: result # 113| result->magic = kLeanPreparedDictionaryMagic; # 114| result->num_items = total_items; # 115|-> result->source_size = (uint32_t)source_size; # 116| result->hash_bits = hash_bits; # 117| result->bucket_bits = bucket_bits; Error: CPPCHECK_WARNING (CWE-476): [#def20] brotli-1.1.0/c/enc/compound_dictionary.c:116: warning[nullPointer]: Possible null pointer dereference: result # 114| result->num_items = total_items; # 115| result->source_size = (uint32_t)source_size; # 116|-> result->hash_bits = hash_bits; # 117| result->bucket_bits = bucket_bits; # 118| result->slot_bits = slot_bits; Error: CPPCHECK_WARNING (CWE-476): [#def21] brotli-1.1.0/c/enc/compound_dictionary.c:117: warning[nullPointer]: Possible null pointer dereference: result # 115| result->source_size = (uint32_t)source_size; # 116| result->hash_bits = hash_bits; # 117|-> result->bucket_bits = bucket_bits; # 118| result->slot_bits = slot_bits; # 119| BROTLI_UNALIGNED_STORE_PTR(source_ref, source); Error: CPPCHECK_WARNING (CWE-476): [#def22] brotli-1.1.0/c/enc/compound_dictionary.c:118: warning[nullPointer]: Possible null pointer dereference: result # 116| result->hash_bits = hash_bits; # 117| result->bucket_bits = bucket_bits; # 118|-> result->slot_bits = slot_bits; # 119| BROTLI_UNALIGNED_STORE_PTR(source_ref, source); # 120| Error: GCC_ANALYZER_WARNING (CWE-476): [#def23] brotli-1.1.0/c/enc/compound_dictionary.c:132:21: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ brotli-1.1.0/c/enc/compound_dictionary.c:42:6: branch_false: following ‘false’ branch (when ‘slot_bits <= 16’)... brotli-1.1.0/c/enc/compound_dictionary.c:43:6: branch_false: ...to here brotli-1.1.0/c/enc/compound_dictionary.c:43:6: branch_false: following ‘false’ branch (when ‘slot_bits <= bucket_bits’)... brotli-1.1.0/c/enc/compound_dictionary.c:44:7: branch_false: ...to here brotli-1.1.0/c/enc/compound_dictionary.c:44:6: branch_false: following ‘false’ branch... brotli-1.1.0/c/enc/compound_dictionary.c:46:10: branch_false: ...to here brotli-1.1.0/c/enc/compound_dictionary.c:46:10: branch_false: following ‘false’ branch (when ‘alloc_size == 0’)... brotli-1.1.0/c/enc/compound_dictionary.c:50:38: branch_false: ...to here brotli-1.1.0/c/enc/compound_dictionary.c:70:15: branch_false: following ‘false’ branch (when ‘i >= num_slots’)... brotli-1.1.0/c/enc/compound_dictionary.c:99:45: branch_false: ...to here brotli-1.1.0/c/enc/compound_dictionary.c:122:15: branch_false: following ‘false’ branch (when ‘i >= num_slots’)... branch_false: ...to here brotli-1.1.0/c/enc/compound_dictionary.c:127:15: branch_true: following ‘true’ branch (when ‘i < num_buckets’)... brotli-1.1.0/c/enc/compound_dictionary.c:128:14: branch_true: ...to here brotli-1.1.0/c/enc/compound_dictionary.c:132:30: release_memory: using NULL here brotli-1.1.0/c/enc/compound_dictionary.c:132:21: danger: dereference of NULL ‘flat + (long unsigned int)slot * 4’ # 130| uint32_t pos; # 131| size_t j; # 132|-> size_t cursor = slot_size[slot]; # 133| if (count > slot_limit[slot]) count = slot_limit[slot]; # 134| if (count == 0) { Error: CPPCHECK_WARNING (CWE-476): [#def24] brotli-1.1.0/c/enc/encode.c:176: warning[nullPointer]: Possible null pointer dereference: table # 174| # 175| *table_size = htsize; # 176|-> memset(table, 0, htsize * sizeof(*table)); # 177| return table; # 178| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def25] brotli-1.1.0/c/enc/histogram_inc.h:20:3: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ brotli-1.1.0/c/enc/metablock.c:338:13: enter_function: entry to ‘InitContextBlockSplitter’ brotli-1.1.0/c/enc/metablock.c:373:17: branch_false: following ‘false’ branch... brotli-1.1.0/c/enc/metablock.c:373:3: branch_false: ...to here brotli-1.1.0/c/enc/metablock.c:373:3: release_memory: ‘*histograms’ is NULL brotli-1.1.0/c/enc/metablock.c:374:3: release_memory: ‘*self.histograms_’ is NULL brotli-1.1.0/c/enc/metablock.c:377:3: call_function: inlined call to ‘ClearHistogramsLiteral’ from ‘InitContextBlockSplitter’ # 18| static BROTLI_INLINE void FN(HistogramClear)(FN(Histogram)* self) { # 19| memset(self->data_, 0, sizeof(self->data_)); # 20|-> self->total_count_ = 0; # 21| self->bit_cost_ = HUGE_VAL; # 22| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def26] brotli-1.1.0/c/enc/histogram_inc.h:20:3: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘histograms’ brotli-1.1.0/c/enc/block_splitter_inc.h:397:13: enter_function: entry to ‘SplitByteVectorLiteral’ brotli-1.1.0/c/enc/block_splitter_inc.h:416:6: branch_false: following ‘false’ branch (when ‘length != 0’)... brotli-1.1.0/c/enc/block_splitter_inc.h:421:6: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:421:6: branch_false: following ‘false’ branch (when ‘length > 127’)... brotli-1.1.0/c/enc/block_splitter_inc.h:433:16: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:433:16: branch_false: following ‘false’ branch... brotli-1.1.0/c/enc/block_splitter_inc.h:434:20: branch_false: ...to here brotli-1.1.0/c/enc/block_splitter_inc.h:437:3: call_function: calling ‘InitialEntropyCodesLiteral’ from ‘SplitByteVectorLiteral’ # 18| static BROTLI_INLINE void FN(HistogramClear)(FN(Histogram)* self) { # 19| memset(self->data_, 0, sizeof(self->data_)); # 20|-> self->total_count_ = 0; # 21| self->bit_cost_ = HUGE_VAL; # 22| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def27] brotli-1.1.0/c/enc/metablock.c:434:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘combined_histo’ brotli-1.1.0/c/enc/metablock.c:385:13: enter_function: entry to ‘ContextBlockSplitterFinishBlock’ brotli-1.1.0/c/enc/metablock.c:395:6: branch_false: following ‘false’ branch... brotli-1.1.0/c/enc/metablock.c:414:14: branch_false: ...to here brotli-1.1.0/c/enc/metablock.c:414:13: branch_true: following ‘true’ branch... brotli-1.1.0/c/enc/metablock.c:421:9: branch_true: ...to here brotli-1.1.0/c/enc/metablock.c:421:9: branch_false: following ‘false’ branch... brotli-1.1.0/c/enc/metablock.c:423:12: branch_false: ...to here brotli-1.1.0/c/enc/metablock.c:426:17: branch_true: following ‘true’ branch (when ‘i < num_contexts’)... brotli-1.1.0/c/enc/metablock.c:427:30: branch_true: ...to here brotli-1.1.0/c/enc/metablock.c:429:20: call_function: inlined call to ‘BitsEntropy’ from ‘ContextBlockSplitterFinishBlock’ brotli-1.1.0/c/enc/metablock.c:431:19: branch_true: following ‘true’ branch (when ‘j != 2’)... brotli-1.1.0/c/enc/metablock.c:432:21: branch_true: ...to here brotli-1.1.0/c/enc/metablock.c:434:23: release_memory: ‘combined_histo’ is NULL brotli-1.1.0/c/enc/metablock.c:434:9: danger: dereference of NULL ‘combined_histo + jx * 1040’ # 432| size_t jx = j * num_contexts + i; # 433| size_t last_histogram_ix = self->last_histogram_ix_[j] + i; # 434|-> combined_histo[jx] = histograms[curr_histo_ix]; # 435| HistogramAddHistogramLiteral(&combined_histo[jx], # 436| &histograms[last_histogram_ix]); Error: GCC_ANALYZER_WARNING (CWE-476): [#def28] brotli-1.1.0/c/enc/metablock.c:535:7: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ brotli-1.1.0/c/enc/metablock.c:528:7: branch_false: following ‘false’ branch... brotli-1.1.0/c/enc/metablock.c:527:3: branch_false: ...to here brotli-1.1.0/c/enc/metablock.c:527:3: release_memory: ‘*mb.literal_context_map’ is NULL brotli-1.1.0/c/enc/metablock.c:531:15: branch_true: following ‘true’ branch... brotli-1.1.0/c/enc/metablock.c:532:23: branch_true: ...to here brotli-1.1.0/c/enc/metablock.c:534:17: branch_true: following ‘true’ branch (when ‘j != 64’)... brotli-1.1.0/c/enc/metablock.c:536:38: branch_true: ...to here brotli-1.1.0/c/enc/metablock.c:535:30: release_memory: ‘*mb.literal_context_map’ is NULL brotli-1.1.0/c/enc/metablock.c:535:30: release_memory: ‘*mb.literal_context_map’ is NULL brotli-1.1.0/c/enc/metablock.c:535:30: release_memory: ‘*mb.literal_context_map’ is NULL brotli-1.1.0/c/enc/metablock.c:535:7: danger: dereference of NULL ‘<unknown> + ((i << 6) + j) * 4’ # 533| size_t j; # 534| for (j = 0; j < (1u << BROTLI_LITERAL_CONTEXT_BITS); ++j) { # 535|-> mb->literal_context_map[(i << BROTLI_LITERAL_CONTEXT_BITS) + j] = # 536| offset + static_context_map[j]; # 537| } Error: COMPILER_WARNING (CWE-686): [#def29] brotli-1.1.0/redhat-linux-build/CMakeFiles/CMakeScratch/TryCompile-U3zysh/CheckFunctionExists.c:7:3: warning[-Wbuiltin-declaration-mismatch]: conflicting types for built-in function ‘log2’; expected ‘double(double)’ Error: COMPILER_WARNING (CWE-686): [#def30] brotli-1.1.0/redhat-linux-build/CMakeFiles/CMakeScratch/TryCompile-rz0zwr/CheckFunctionExists.c:7:3: warning[-Wbuiltin-declaration-mismatch]: conflicting types for built-in function ‘log2’; expected ‘double(double)’
| analyzer-version-clippy | 1.90.0 |
| analyzer-version-cppcheck | 2.18.3 |
| analyzer-version-gcc | 15.2.1 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-8.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | brotli-1.1.0-10.fc44 |
| store-results-to | /tmp/tmpcndil0xc/brotli-1.1.0-10.fc44.tar.xz |
| time-created | 2025-10-28 17:34:58 |
| time-finished | 2025-10-28 17:38:16 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmpcndil0xc/brotli-1.1.0-10.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpcndil0xc/brotli-1.1.0-10.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251027.143044.ge6b947b-1.el9 |