metrica
Мы используем куки, чтобы пользоваться сайтом было удобно.
Хорошо
to the top
close form

Заполните форму в два простых шага ниже:

Ваши контактные данные:

Шаг 1
Поздравляем! У вас есть промокод!

Тип желаемой лицензии:

Шаг 2
Team license
Enterprise license
** Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности
close form
Запросите информацию о ценах
Новая лицензия
Продление лицензии
--Выберите валюту--
USD
EUR
RUB
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Бесплатная лицензия PVS‑Studio для специалистов Microsoft MVP
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Для получения лицензии для вашего открытого
проекта заполните, пожалуйста, эту форму
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Мне интересно попробовать плагин на:
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
check circle
Ваше сообщение отправлено.

Мы ответим вам на


Если вы так и не получили ответ, пожалуйста, проверьте папку
Spam/Junk и нажмите на письме кнопку "Не спам".
Так Вы не пропустите ответы от нашей команды.

Вебинар: Трудности при интеграции SAST, как с ними справляться - 04.04

>
>
>
Примеры ошибок, обнаруженных с помощью …

Примеры ошибок, обнаруженных с помощью диагностики V595

V595. Pointer was used before its check for nullptr. Check lines: N1, N2.


Doom 3

V595 The 'node' pointer was utilized before it was verified against nullptr. Check lines: 1421, 1424. DoomDLL brushbsp.cpp 1421


void idBrushBSP::FloodThroughPortals_r(idBrushBSPNode *node, ...)
{
  ....
  if ( node->occupied ) {
    common->Error(
      "FloodThroughPortals_r: node already occupied\n" );
  }
  if ( !node ) {
    common->Error(
      "FloodThroughPortals_r: NULL node\n" );
  }
  ....
}

This is what should have been written here: if ( node && node->occupied ) {


LAME

V595 The 'mp->tail' pointer was utilized before it was verified against nullptr. Check lines: 136, 139. mpglib interface.c 136


static int read_buf_byte(PMPSTR mp)
{
  ....
  pos = mp->tail->pos;
  while(pos >= mp->tail->size) {
    remove_buf(mp);
    if(!mp->tail) {
      fprintf(stderr,
        "Fatal error! tried to read past mp buffer\n");
      exit(1);
    }
    pos = mp->tail->pos;
  }
  ....
}

LAME

V595 The 'buf' pointer was utilized before it was verified against nullptr. Check lines: 226, 227. mpglib interface.c 226


static int
check_vbr_header(PMPSTR mp,int bytes)
{
  ....
  buf  = buf->next;
  pos = buf->pos;
  if(!buf) return -1; /* fatal error */
  ....
}

Similar errors can be found in some other places:

  • V595 The 'buf' pointer was utilized before it was verified against nullptr. Check lines: 285, 286. mpglib interface.c 285

Pixie

V595 The 'dest' pointer was utilized before it was verified against nullptr. Check lines: 86, 88. sdrc expression.cpp 86


inline void getContainer(FILE *out,int type,
          CVariable *&dest,CExpression *src)
{
  ....
  fprintf(out,"%s %s %s\n",
    opcode,nDest->codeName(),dest->codeName());

  if (dest != NULL) {
    sdr->releaseRegister(dest);
  }
  ....
}

Paranoia library

V595 The 'v' pointer was utilized before it was verified against nullptr. Check lines: 532, 535. daoParanoia paranoia.c 532


static long i_stage2_each(root_block *root, v_fragment *v,
  void(*callback)(long,int))
{
  cdrom_paranoia *p=v->p;
  long dynoverlap=p->dynoverlap/2*2;

  if(!v || !v->one)return(0);
  ....
}

Wolfenstein 3D

V595 The 'slot' pointer was utilized before it was verified against nullptr. Check lines: 477, 484. renderer ftglyph.c 477


FT_Error FT_Get_Glyph( FT_GlyphSlot slot,
  FT_Glyph *aglyph )
{
  FT_Library library = slot->library;
  FT_Error error;
  FT_Glyph glyph;

  const FT_Glyph_Class*  clazz = 0;

  if ( !slot ) {
    return FT_Err_Invalid_Slot_Handle;
  }
  ....
}

Pthreads-w32

V595 The 'assoc' pointer was utilized before it was verified against nullptr. Check lines: 88, 90. pthread80 pthread_key_delete.c 88


int
pthread_key_delete (pthread_key_t key)
{
  ....
  while ((assoc = (ThreadKeyAssoc *) key->threads) != NULL)
  {
     ptw32_thread_t * thread = assoc->thread;
     if (assoc == NULL)
     {
       /* Finished */
       break;
     }
     ....
  }
  ....
}

Mozilla Firefox

V595 The '* jitp' pointer was utilized before it was verified against nullptr. Check lines: 547, 549. compiler.cpp 547


CompileStatus
mjit::Compiler::performCompilation(JITScript **jitp)
{
  ....
  JaegerSpew(JSpew_Scripts,
    "successfully compiled (code \"%p\") (size \"%u\")\n",
    (*jitp)->code.m_code.executableAddress(),
      unsigned((*jitp)->code.m_size));

  if (!*jitp)
      return Compile_Abort;
  ....
}

Mozilla Firefox

V595 The 'mShellLink' pointer was utilized before it was verified against nullptr. Check lines: 183, 187. nslocalfilewin.cpp 183


nsresult
ShortcutResolver::Init()
{
    CoInitialize(NULL);  // FIX: we should probably move
                         // somewhere higher up during startup

    HRESULT hres;
    hres = CoCreateInstance(CLSID_ShellLink,
                            NULL,
                            CLSCTX_INPROC_SERVER,
                            IID_IShellLinkW,
                            (void**)&(mShellLink));
    if (SUCCEEDED(hres))
    {
        // Get a pointer to the IPersistFile interface.
        hres = mShellLink->QueryInterface(
          IID_IPersistFile, (void**)&mPersistFile);
    }

    if (mPersistFile == nsnull || mShellLink == nsnull)
        return NS_ERROR_FAILURE;

    return NS_OK;
}

Mozilla Firefox

V595 The 'mShell' pointer was utilized before it was verified against nullptr. Check lines: 1107, 1109. nsselection.cpp 1107


nsresult
nsFrameSelection::MoveCaret(....)
{
  ....
  mShell->FlushPendingNotifications(Flush_Layout);

  if (!mShell) {
    return NS_OK;
  }
  ....
}

Quake-III-Arena

V595 The 'item' pointer was utilized before it was verified against nullptr. Check lines: 3865, 3869. cgame ui_shared.c 3865


void Item_Paint(itemDef_t *item) {
  vec4_t red;
  menuDef_t *parent = (menuDef_t*)item->parent;
  red[0] = red[3] = 1;
  red[1] = red[2] = 0;

  if (item == NULL) {
    return;
  }
  ....
}

Quake-III-Arena

V595 The 'node' pointer was utilized before it was verified against nullptr. Check lines: 769, 770. bspc portals.c 769


void FloodPortals_r (node_t *node, int dist)
{
  ....
  if (node->occupied)
    Error("FloodPortals_r: node already occupied\n");
  if (!node)
  {
    Error("FloodPortals_r: NULL node\n");
  }
  ....
}

Trinity Core

V595 The 'player' pointer was utilized before it was verified against nullptr. Check lines: 310, 312. scripts achievement_scripts.cpp 310


bool OnCheck(Player* player, Unit* /*target*/)
{
  bool checkArea =
    player->GetAreaId() == AREA_ARGENT_TOURNAMENT_FIELDS ||
    player->GetAreaId() == AREA_RING_OF_ASPIRANTS ||
    player->GetAreaId() == AREA_RING_OF_ARGENT_VALIANTS ||
    player->GetAreaId() == AREA_RING_OF_ALLIANCE_VALIANTS ||
    player->GetAreaId() == AREA_RING_OF_HORDE_VALIANTS ||
    player->GetAreaId() == AREA_RING_OF_CHAMPIONS;

  return player && checkArea && player->duel
    && player->duel->isMounted;
}

Trinity Core

V595 The 'player' pointer was utilized before it was verified against nullptr. Check lines: 224, 225. scripts hyjal.cpp 224


CreatureAI* GetAI(Creature* creature) const
{
  ....
  Item* item = player->StoreNewItem(
    dest, ITEM_TEAR_OF_GODDESS, true);
  if (item && player)
    player->SendNewItem(item, 1, true, false, true);
  ....
}

ADAPTIVE Communication Environment (ACE)

V595 The 'this->reactor()' pointer was utilized before it was verified against nullptr. Check lines: 1139, 1145. Gateway acceptor.cpp 1139


ACE_Reactor *
ACE_Event_Handler::reactor (void) const
{
  ACE_TRACE ("ACE_Event_Handler::reactor");
  return this->reactor_;
}

template <class SVC_HANDLER, ACE_PEER_ACCEPTOR_1> int
ACE_Oneshot_Acceptor<SVC_HANDLER, ACE_PEER_ACCEPTOR_2>::
  handle_input (ACE_HANDLE)
{
  ....
  bool const reset_new_handle =
    this->reactor ()->uses_event_associations ();

  if (this->reactor ())
  ....
}

ADAPTIVE Communication Environment (ACE)

V595 The 'mb' pointer was utilized before it was verified against nullptr. Check lines: 455, 463. JAWS3 reactive_io.cpp 455


JAWS_IO_Reactive_Transmit::handle_output_source
  (ACE_HANDLE handle)
{
  ACE_Message_Block *mb = this->source_buf_;
  ....
  if (mb->length () > 0)
    result = this->handle_output_mb (handle, mb);
  if (result < 0) {
    ....
  } else if (mb == 0 && this->source_ == ACE_INVALID_HANDLE)
    this->source_buf_ = 0;
  ....
}

wxWidgets

V595 The 'm_art' pointer was utilized before it was verified against nullptr. Check lines: 2659, 2664. aui auibar.cpp 2659


void wxAuiToolBar::OnRightDown(wxMouseEvent& evt)
{
  ....
  if (m_overflowSizerItem)
  {
    int dropdown_size =
      m_art->GetElementSize(wxAUI_TBART_OVERFLOW_SIZE);
    if (dropdown_size > 0 &&
      evt.m_x > cli_rect.width - dropdown_size &&
      evt.m_y >= 0 &&
      evt.m_y < cli_rect.height &&
      m_art)
    {
       return;
    }
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'm_art' pointer was utilized before it was verified against nullptr. Check lines: 2726, 2731. aui auibar.cpp 2726

WinMerge

V595 The 'm_pOwner' pointer was utilized before it was verified against nullptr. Check lines: 1033, 1035. Merge ccrystaleditview.cpp 1033


BOOL CEditDropTargetImpl::
OnDrop (CWnd * pWnd, COleDataObject * pDataObject,
        DROPEFFECT dropEffect, CPoint point)
{
  bool bDataSupported = false;

  m_pOwner->HideDropIndicator ();

  if ((!m_pOwner) ||
      (!(m_pOwner->QueryEditable ())) ||
      (m_pOwner->GetDisableDragAndDrop ()))
  ....
}

WinMerge

V595 The 'rent' pointer was utilized before it was verified against nullptr. Check lines: 608, 611. Merge dirscan.cpp 608


static DIFFITEM *AddToList(const String &sLeftDir,
 const String &sRightDir,
 const DirItem * lent, const DirItem * rent,
 UINT code, DiffFuncStruct *myStruct, DIFFITEM *parent)
{
  ....
  if (lent)
  {
    ....
  }
  else
  {
    di->left.filename = rent->filename;
  }

  if (rent)
  {
  ....
}

LLVM/Clang

V595 The 'BBLoop' pointer was utilized before it was verified against nullptr. Check lines: 142, 160. LLVMAnalysis profileestimatorpass.cpp 142


void ProfileEstimatorPass::recurseBasicBlock(BasicBlock *BB) {
  ....
  Loop* BBLoop = LI->getLoopFor(BB);
  ....
  if (BBisHeader && BBLoop->contains(*bbi)) {
    ....
  }
  ....
  if (BBLoop) {
    BBLoop->getExitEdges(ExitEdges);
  }
  ....
}

LLVM/Clang

V595 The 'StrippedPtr' pointer was utilized before it was verified against nullptr. Check lines: 918, 920. LLVMInstCombine instructioncombining.cpp 918


Instruction *InstCombiner::visitGetElementPtrInst(
                             GetElementPtrInst &GEP) {
  ....
  Value *StrippedPtr = PtrOp->stripPointerCasts();
  PointerType *StrippedPtrTy =
    dyn_cast<PointerType>(StrippedPtr->getType());

  if (!StrippedPtr)
    return 0;
  ....
}

LLVM/Clang

V595 The 'OtherUse' pointer was utilized before it was verified against nullptr. Check lines: 2522, 2527. LLVMScalarOpts loopstrengthreduce.cpp 2522


void LSRInstance::ChainInstruction(....)
{
  ....
  Instruction *OtherUse = dyn_cast<Instruction>(*UseIter);
  if (SE.isSCEVable(OtherUse->getType())
      && !isa<SCEVUnknown>(SE.getSCEV(OtherUse))
      && IU.isIVUserOrOperand(OtherUse)) {
    continue;
  }
  if (OtherUse && OtherUse != UserInst)
    NearUsers.insert(OtherUse);
  ....
}

EchoVNC

V595 The 'table' pointer was utilized before it was verified against nullptr. Check lines: 47, 49. miniWinVNC tableinittctemplate.cpp 47


static void
rfbInitTrueColourSingleTableOUTVNC (char **table,
  rfbPixelFormat *in, rfbPixelFormat *out)
{
  ....
  if (*table) free(*table);
    *table = (char *)malloc(nEntries * sizeof(OUT_T));
  if (table == NULL) return;
    t = (OUT_T *)*table;
  ....
}

IPP Samples

V595 The 'driver' pointer was utilized before it was verified against nullptr. Check lines: 40, 46. video_renders drv.c 40


VIDEO_DRV_CREATE_BUFFERS_FUNC(umc_vdrv_CreateBuffers,
                              driver, min_b, max_b, bufs,
                              video_mem_type, video_mem_info)
{
  ....
  VideoDrvVideoMemInfo*   drv_vm  = &(driver->m_VideoMemInfo);
  ....
  if ((NULL == driver) || (NULL == bufs))
  {
    ERR_SET(VM_NULL_PTR, "null ptr");
  }
  ....
}

IPP Samples

V595 The 'encoderObj' pointer was utilized before it was verified against nullptr. Check lines: 296, 298. speech encgsmamr.c 296


GSMAMR_CODECFUN(  APIGSMAMR_Status, apiGSMAMREncode,
         (GSMAMREncoder_Obj* encoderObj,const Ipp16s* src,
          GSMAMR_Rate_t rate, Ipp8u* dst, Ipp32s *pVad ))
{
  ....
  Ipp16s *pNewSpeech = encoderObj->stEncState.pSpeechPtrNew;

  if (NULL==encoderObj || NULL==src || NULL ==dst )
    return APIGSMAMR_StsBadArgErr;
  ....
}

IPP Samples

V595 The 'm_pAVSCompressorParams' pointer was utilized before it was verified against nullptr. Check lines: 88, 91. avs_enc umc_avs_enc_fusion_core.cpp 88


Status AVSEncFusionCore::Init(Ipp32u numThreads,
                              BaseCodecParams *pParams)
{
  m_pAVSCompressorParams =
    DynamicCast<AVSVideoEncoderParams> (pParams);
  ....
  m_qp = m_pAVSCompressorParams->m_iConstQuant;


  // check error(s)
  if (NULL == m_pAVSCompressorParams)
    return UMC_ERR_NULL_PTR;
  ....
}

Blender

V595 The 'surface' pointer was utilized before it was verified against nullptr. Check lines: 1585, 1587. bf_blenkernel dynamicpaint.c 1585


static struct DerivedMesh *dynamicPaint_Modifier_apply(....)
{
  ....
  for (; surface; surface=surface->next) {
    PaintSurfaceData *sData = surface->data;
    if (surface &&
        surface->format !=
          MOD_DPAINT_SURFACE_F_IMAGESEQ &&
        sData)
    {
      ....
}

MAME

V595 The 'gfx' pointer was utilized before it was verified against nullptr. Check lines: 2457, 2483. stvvdp2.c 2457


static void stv_vdp2_drawgfxzoom(...,
  const gfx_element *gfx, ...)
{
  ....
  if (gfx->pen_usage &&
      transparency == STV_TRANSPARENCY_PEN)
  {
    ....
  }

  if( gfx )
  {
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'gfx' pointer was utilized before it was verified against nullptr. Check lines: 2605, 2615. taito_f3.c 2605
  • V595 The 'gfx' pointer was utilized before it was verified against nullptr. Check lines: 812, 819. psikyosh.c 812
  • V595 The 'gfx' pointer was utilized before it was verified against nullptr. Check lines: 2756, 2766. taito_f3.c 2756
  • And 1 additional diagnostic messages.

MAME

V595 The 'software_list_ptr' pointer was utilized before it was verified against nullptr. Check lines: 1586, 1591. softlist.c 1586


static void find_software_item(....)
{
  char *software_list_ptr = NULL;
  ....
  *software_list_ptr =
    software_list_open( options, swlist_name, FALSE, NULL );
  if ( software_list_ptr )
  {
    *software_info_ptr =
      software_list_find( *software_list_ptr, swname, NULL );
  ....
}

Most likely this is what should be written here: if ( *software_list_ptr )


MongoDB

V595 The 'lc->cvec' pointer was utilized before it was verified against nullptr. Check lines: 447, 448. linenoise.cpp 447


static void freeCompletions(linenoiseCompletions *lc) {
  size_t i;
  for (i = 0; i < lc->len; i++)
    free(lc->cvec[i]);
  if (lc->cvec != NULL)
    free(lc->cvec);
}

MongoDB

V595 The 'm' pointer was utilized before it was verified against nullptr. Check lines: 402, 404. rs.cpp 402


void ReplSetImpl::setSelfTo(Member *m) {
  // already locked in initFromConfig
  _self = m;
  _id = m->id();
  _config = m->config();
  if( m ) _buildIndexes = m->config().buildIndexes;
  else _buildIndexes = true;
}

MongoDB

V595 The 'd' pointer was utilized before it was verified against nullptr. Check lines: 1446, 1447. dbcommands.cpp 1446


bool run(....)
{
  result.appendNumber( "fileSize" , d->fileSize() / scale );
  if( d )
    result.appendNumber( "nsSizeMB",
      (int) d->namespaceIndex.fileLength() / 1024 / 1024 );
}

ffdshow

V595 The 's' pointer was utilized before it was verified against nullptr. tsubreadermplayer.cpp 151


Tsubtitle* TsubtitleParserSami::parse(....)
{
  ....
  for (; *s != '>' && *s != '\0'; s++) {
    ;    /* skip remains of non-<P> TAG */
  }
  if (s == '\0') {
    break;
  }
  ....
}

This is an example of errors detected indirectly. The programmer actually wanted to check this: if (*s == '\0'). However, this error can be found in a different way through the V528 message.


Samba

V595 The 'ctx' pointer was utilized before it was verified against nullptr. Check lines: 67, 72. cm.c 67


static WERROR libnetapi_open_ipc_connection(
              struct libnetapi_ctx *ctx,
              const char *server_name,
              struct client_ipc_connection **pp)
{
  struct libnetapi_private_ctx *priv_ctx =
    (struct libnetapi_private_ctx *)ctx->private_data;
  struct user_auth_info *auth_info = NULL;
  struct cli_state *cli_ipc = NULL;
  struct client_ipc_connection *p;

  if (!ctx || !pp || !server_name) {
    return WERR_INVALID_PARAM;
  }
  ....
}

Newton Game Dynamics

V595 The 'child' pointer was utilized before it was verified against nullptr. Check lines: 78, 84. dgtree.cpp 78


void dgRedBackNode::RotateLeft(dgRedBackNode** const head)
{
  ....
  me->m_right = child->m_left;
  ....
  if (child != NULL) {
    child->m_parent = me->m_parent;
  }
  ....
}

Newton Game Dynamics

V595 The 'ptr' pointer was utilized before it was verified against nullptr. Check lines: 229, 230. dgtree.cpp 229


void dgRedBackNode::RemoveFixup (....)
{
  ....
  tmp = ptr->m_right;
  if (!ptr || !tmp) {
    return;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'ptr' pointer was utilized before it was verified against nullptr. Check lines: 272, 273. dgtree.cpp 272
  • V595 The 'ptr' pointer was utilized before it was verified against nullptr. Check lines: 234, 238. dgtree.cpp 234
  • V595 The 'ptr' pointer was utilized before it was verified against nullptr. Check lines: 277, 281. dgtree.cpp 277

OpenSSL

V595 The 'buf' pointer was utilized before it was verified against nullptr. Check lines: 448, 461. obj_dat.c 448


int OBJ_obj2txt(char *buf, int buf_len,
  const ASN1_OBJECT *a, int no_name)
{
  ....
  if ((a == NULL) || (a->data == NULL)) {
    buf[0]='\0';
    return(0);
  }
  ....
  if (buf)
  ....
}

OpenCV

V595 The 'fs' pointer was utilized before it was verified against nullptr. Check lines: 617, 619. persistence.cpp 617


CV_IMPL CvStringHashNode*
cvGetHashedKey( CvFileStorage* fs, .... )
{
  ....
  CvStringHash* map = fs->str_hash;
  if( !fs )
    return 0;
  ....
}

OpenCV

V595 The 'pBN' pointer was utilized before it was verified against nullptr. Check lines: 432, 434. blobtrackingauto.cpp 432


void CvBlobTrackerAuto1::Process(IplImage* pImg, IplImage* pMask)
{
  ....
  CvBlob* pBN = NewBlobList.GetBlob(i);
  pBN->ID = m_NextBlobID;

  if(pBN &&
     pBN->w >= CV_BLOB_MINW &&
     pBN->h >= CV_BLOB_MINH)
  ....
}

OpenCV

V595 The 'ConDensation' pointer was utilized before it was verified against nullptr. Check lines: 114, 116. condens.cpp 114


CV_IMPL void
cvReleaseConDensation( CvConDensation ** ConDensation )
{
  ....
  CvConDensation *CD = *ConDensation;

  if( !ConDensation )
      CV_Error( CV_StsNullPtr, "" );
  ....
}

ReactOS

V595 The 'PolicyAccountDomainInfo' pointer was utilized before it was verified against nullptr. Check lines: 254, 257. sidcache.c 254


static BOOL
LookupSidInformation(....)
{
  ....
  DomainName = &PolicyAccountDomainInfo->DomainName;
  SidNameUse = (PolicyAccountDomainInfo != NULL ?
                SidTypeGroup : SidTypeUser);
  ....
}

Similar errors can be found in some other places:

  • V595 The 'oldRelations' pointer was utilized before it was verified against nullptr. Check lines: 216, 246. pnp.c 216
  • V595 The 'Op->Common.Value.Arg' pointer was utilized before it was verified against nullptr. Check lines: 531, 554. dswload.c 531
  • V595 The 'OutOp' pointer was utilized before it was verified against nullptr. Check lines: 325, 346. dswexec.c 325
  • And 207 additional diagnostic messages.

Windows 8 Driver Samples

V595 The 'm_pWdfRequest' pointer was utilized before it was verified against nullptr. Check lines: 266, 267. filecontext.cpp 266


HRESULT
CFileContext::GetNextSubscribedMessage()
{
  ....
  m_pWdfRequest = pWdfRequest;
  m_pWdfRequest->MarkCancelable(pCallbackCancel);
  if (m_pWdfRequest != NULL)
  {
    CompleteOneArrivalEvent();
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'pAdapterCommon' pointer was utilized before it was verified against nullptr. Check lines: 456, 477. adapter.cpp 456
  • V595 The 'PortStream' pointer was utilized before it was verified against nullptr. Check lines: 111, 123. rtstream.cpp 111
  • V595 The 'pncLock' pointer was utilized before it was verified against nullptr. Check lines: 85, 112. netcfgapi.cpp 85
  • And 97 additional diagnostic messages.

NetXMS

V595 The 'securityContext' pointer was utilized before it was verified against nullptr. Check lines: 1159, 1162. pdu.cpp 1159


DWORD SNMP_PDU::encodeV3SecurityParameters(
  BYTE *buffer, DWORD bufferSize,
  SNMP_SecurityContext *securityContext)
{
  BYTE securityParameters[1024], sequence[1040];
  DWORD bytes;
  DWORD engineBoots =
    securityContext->getAuthoritativeEngine().getBoots();
  DWORD engineTime =
    securityContext->getAuthoritativeEngine().getTime();

  if ((securityContext != NULL) &&
      (securityContext->getSecurityModel() ==
       SNMP_SECURITY_MODEL_USM))
  {
  ....
}

Chromium

V595 The 'browser' pointer was utilized before it was verified against nullptr. Check lines: 5489, 5493. testing_automation_provider.cc 5489


void TestingAutomationProvider::IsPageActionVisible(
    base::DictionaryValue* args,
    IPC::Message* reply_message) {
  ....
  Browser* browser = automation_util::GetBrowserForTab(tab);
  const Extension* extension;
  if (!GetEnabledExtensionFromJSONArgs(
          ...., browser->profile(), ....)) {
    reply.SendError(error);
    return;
  }
  if (!browser) {
    reply.SendError("Tab does not belong to an open browser");
    return;
  }
  ....
}

Chromium

V595 The 'extension' pointer was utilized before it was verified against nullptr. Check lines: 277, 280. managed_user_service.cc 277


bool ManagedUserService::UserMayLoad(
  const extensions::Extension* extension,
  string16* error) const
{
  if (extension_service &&
      extension_service->GetInstalledExtension(extension->id()))
    return true;

  if (extension) {
    bool was_installed_by_default =
      extension->was_installed_by_default();
    ....
  }
}

Yasm

V595 The 'shead' pointer was utilized before it was verified against nullptr. Check lines: 672, 674. elf.c 672


unsigned long
elf_secthead_write_to_file(FILE *f, elf_secthead *shead,
                           elf_section_index sindex)
{
    unsigned char buf[SHDR_MAXSIZE], *bufp = buf;
    shead->index = sindex;

    if (shead == NULL)
        yasm_internal_error("shead is null");
  ....
}

Multi Theft Auto

V595 The 'pGame' pointer was utilized before it was verified against nullptr. Check lines: 636, 639. ccrashdumpwriter.cpp 636


void CCrashDumpWriter::GetD3DInfo ( CBuffer& buffer )
{
  ....
  CRenderWare* pRenderWare = pGame->GetRenderWare ();
  stream.Write ( (uchar)( pCore ? 1 : 0 ) );
  stream.Write ( (uchar)( pGame ? 1 : 0 ) );
  ....
}

Similar errors can be found in some other places:

  • V595 The 're' pointer was utilized before it was verified against nullptr. Check lines: 416, 421. study.c 416
  • V595 The 'szComment' pointer was utilized before it was verified against nullptr. Check lines: 1553, 1558. unzip.c 1553
  • V595 The 'pVehicle' pointer was utilized before it was verified against nullptr. Check lines: 5586, 5587. cmultiplayersa.cpp 5586
  • And 4 additional diagnostic messages.

TinyCAD

V595 The 'i' pointer was utilized before it was verified against nullptr. Check lines: 142, 144. drawmetafile.cpp 142


bool CDrawMetaFile::setImageFile(const TCHAR *filename)
{
  CImage *i = NULL;

  ....

  // Read in the buffer
  i->SetCompressedData(buffer, bytes);

  if (i != NULL)
  {
    m_metafile = m_pDesign->GetOptions()->AddMetaFile(i);
  }

  return i != NULL;
}

Apache Xerces Project

V595 The 'doc' pointer was utilized before it was verified against nullptr. Check lines: 106, 114. domcommentimpl.cpp 106


DOMComment *DOMCommentImpl::splitText(XMLSize_t offset)
{
  ....
  DOMDocumentImpl *doc = (DOMDocumentImpl *)getOwnerDocument();

  DOMComment *newText =
    doc->createComment(
      this->substringData(offset, len - offset));
  ....
  if (doc != 0) {
  ....
}

Similar errors can be found in some other places:

  • V595 The 'doc' pointer was utilized before it was verified against nullptr. Check lines: 106, 114. domcdatasectionimpl.cpp 106
  • V595 The 'doc' pointer was utilized before it was verified against nullptr. Check lines: 137, 146. domprocessinginstructionimpl.cpp 137
  • V595 The 'doc' pointer was utilized before it was verified against nullptr. Check lines: 102, 111. domtextimpl.cpp 102
  • And 3 additional diagnostic messages.

VirtualDub

V595 The 'mpData' pointer was utilized before it was verified against nullptr. Check lines: 1422, 1429. Tessa context_d3d9.cpp 1422


void VDTContextD3D9::Shutdown() {
  ....
  mpData->mFenceManager.Shutdown();
  ....
  if (mpData) {
    if (mpData->mhmodD3D9)
      FreeLibrary(mpData->mhmodD3D9);
  ....
}

Similar errors can be found in some other places:

  • V595 The 'lpbiOutput' pointer was utilized before it was verified against nullptr. Check lines: 82, 85. VirtualDub yuvcodec.cpp 82
  • V595 The 'lBytesRead' pointer was utilized before it was verified against nullptr. Check lines: 1351, 1362. VirtualDub mpeg.cpp 1351
  • V595 The 'lSamplesRead' pointer was utilized before it was verified against nullptr. Check lines: 1352, 1361. VirtualDub mpeg.cpp 1352
  • And 8 additional diagnostic messages.

Geant4 software

V595 The 'theDef' pointer was utilized before it was verified against nullptr. Check lines: 123, 125. G4hadronic_deex_photon_evaporation g4neutronradcapture.cc 123


G4HadFinalState* G4NeutronRadCapture::ApplyYourself(
  const G4HadProjectile& aTrack, G4Nucleus& theNucleus)
{
  ....
  if (verboseLevel > 1) {
    G4cout << "Gamma 4-mom: " << lv2 << "   "
     << theDef->GetParticleName() << "   " << lv1 << G4endl;
  }
  if(theDef) {
    theParticleChange.AddSecondary(
      new G4DynamicParticle(theDef, lv1));
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'theDef' pointer was utilized before it was verified against nullptr. Check lines: 164, 167. G4hadronic_deex_photon_evaporation g4neutronradcapture.cc 164
  • V595 The 'theElementVector' pointer was utilized before it was verified against nullptr. Check lines: 521, 522. G4materials g4material.cc 521
  • V595 The 'theFinalStatePhotons[i]' pointer was utilized before it was verified against nullptr. Check lines: 403, 410. G4had_neu_hp g4neutronhpinelasticcompfs.cc 403
  • And 27 additional diagnostic messages.

GNU C Library

V595 The 'h_errnop' pointer was utilized before it was verified against nullptr. Check lines: 146, 172. getnssent_r.c 146


int __nss_getent_r (....)
{
  ....
  if (res && __res_maybe_init (&_res, 0) == -1)
  {
    *h_errnop = NETDB_INTERNAL;
    *result = NULL;
    return errno;
  }
  ....
  if (status == NSS_STATUS_TRYAGAIN
      && (h_errnop == NULL || *h_errnop == NETDB_INTERNAL)
      && errno == ERANGE)
}

GNU C Library

V595 The 'clp' pointer was utilized before it was verified against nullptr. Check lines: 145, 150. clnt_raw.c 145


static enum clnt_stat
clntraw_call (h, proc, xargs, argsp, xresults, resultsp, timeout)
     CLIENT *h;
     u_long proc;
     xdrproc_t xargs;
     caddr_t argsp;
     xdrproc_t xresults;
     caddr_t resultsp;
     struct timeval timeout;
{
  struct clntraw_private_s *clp = clntraw_private;
  XDR *xdrs = &clp->xdr_stream;
  ....
  if (clp == NULL)
    return RPC_FAILED;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'clp' pointer was utilized before it was verified against nullptr. Check lines: 232, 235. clnt_raw.c 232

Coin3D

V595 The 'node' pointer was utilized before it was verified against nullptr. Check lines: 2397, 2407. sobasekit.cpp 2397


SbBool
SoBaseKit::setPart(const int partnum, SoNode * node)
{
  ....
  if (childlist->find(node) >= 0) {
    SoDebugError::postWarning("SoBaseKit::setPart",
      "Node pointer (%p, '%s', '%s') is "
      "already used under the same group node in the catalog "
      "as a child of part '%s' -- this is not allowed",
      node,
      node->getName().getString(),
      node->getTypeId().getName().getString(),
      catalog->getName(parentIdx).getString());
    return FALSE;
  }
  ....
  if (node)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'this->getAttachedField()' pointer was utilized before it was verified against nullptr. Check lines: 141, 145. sofieldsensor.cpp 141

Firebird

V595 The 'bcb' pointer was utilized before it was verified against nullptr. Check lines: 271, 274. cch.cpp 271


int CCH_down_grade_dbb(void* ast_object)
{
  ....
  SyncLockGuard bcbSync(&bcb->bcb_syncObject, SYNC_EXCLUSIVE,
                        "CCH_down_grade_dbb");
  bcb->bcb_flags &= ~BCB_exclusive;

  if (bcb && bcb->bcb_count)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'tdgbl->action->act_file' pointer was utilized before it was verified against nullptr. Check lines: 1396, 1398. mvol.cpp 1396
  • V595 The 'desc' pointer was utilized before it was verified against nullptr. Check lines: 1928, 1933. cvt.cpp 1928
  • V595 The 'eof' pointer was utilized before it was verified against nullptr. Check lines: 239, 241. dsql.cpp 239
  • And 28 additional diagnostic messages.

CryEngine 3 SDK

V595 The 'p' pointer was utilized before it was verified against nullptr. Check lines: 325, 326. scripthelpers.h 325


bool Create( IScriptSystem *pSS,bool bCreateEmpty=false )
{
  if (p) p->Release();
  p = pSS->CreateTable(bCreateEmpty);
  p->AddRef();
  return (p)?true:false;
}

Similar errors can be found in some other places:

  • V595 The 'm_pControlledPlayer' pointer was utilized before it was verified against nullptr. Check lines: 70, 91. mountedguncontroller.cpp 70
  • V595 The 'pRagdollContext' pointer was utilized before it was verified against nullptr. Check lines: 4569, 4596. player.cpp 4569
  • V595 The 'pEquipmentLoadout' pointer was utilized before it was verified against nullptr. Check lines: 9794, 9798. player.cpp 9794
  • And 32 additional diagnostic messages.

Push Framework

V595 The 'pClient' pointer was utilized before it was verified against nullptr. Check lines: 244, 250. dispatcher.cpp 244


void Dispatcher::processFirstPacket(....)
{
  ....
  std::string clientKey = pClient->getKey();
  ....
  if(pClient)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'buf' pointer was utilized before it was verified against nullptr. Check lines: 2251, 2256. xmlparser.cpp 2251
  • V595 The 'pEntry' pointer was utilized before it was verified against nullptr. Check lines: 2282, 2286. xmlparser.cpp 2282
  • V595 The 'outlen' pointer was utilized before it was verified against nullptr. Check lines: 3703, 3707. xmlparser.cpp 3703

Wild Magic 5

V595 The 'compiledShader' pointer was utilized before it was verified against nullptr. Check lines: 44, 48. wm5dx9pixelshader.cpp 44


PdrPixelShader::PdrPixelShader (Renderer* renderer,
    const PixelShader* pshader)
{
  ....
  hr = device->CreatePixelShader(
   (DWORD*)(compiledShader->GetBufferPointer()), &mShader);

  assertion(hr == D3D_OK, "Failed to create pixel shader\n");

  if (compiledShader)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'compiledShader' pointer was utilized before it was verified against nullptr. Check lines: 44, 48. wm5dx9vertexshader.cpp 44
  • V595 The 'indices' pointer was utilized before it was verified against nullptr. Check lines: 93, 111. convexhull2d.cpp 93

V8 JavaScript Engine

V595 The 'collator' pointer was utilized before it was verified against nullptr. Check lines: 1142, 1145. nfrule.cpp 1142


int32_t
NFRule::prefixLength(....) const
{
  ....
  CollationElementIterator* strIter =
    collator->createCollationElementIterator(str);
  ....
  if (collator == NULL || strIter == NULL || prefixIter == NULL)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'collator' pointer was utilized before it was verified against nullptr. Check lines: 1444, 1447. nfrule.cpp 1444
  • V595 The 'firstFinalTZTransition' pointer was utilized before it was verified against nullptr. Check lines: 865, 886. olsontz.cpp 865
  • V595 The 'coll' pointer was utilized before it was verified against nullptr. Check lines: 1104, 1121. ucol_res.cpp 1104
  • And 15 additional diagnostic messages.

Data Distribution Service

V595 The 'topic_servant_' pointer was utilized before it was verified against nullptr. Check lines: 164, 168. datareaderimpl.cpp 164


void
DataReaderImpl::cleanup()
{
  ....
  if (owner_manager_) {
    owner_manager_->unregister_reader(
      topic_servant_->type_name(), this);
  }
  if (topic_servant_) {
  ....
}

Similar errors can be found in some other places:

  • V595 The 'this->current_' pointer was utilized before it was verified against nullptr. Check lines: 522, 524. serializer.inl 522
  • V595 The 'this->reactor()' pointer was utilized before it was verified against nullptr. Check lines: 1131, 1137. acceptor.cpp 1131
  • V595 The 'file' pointer was utilized before it was verified against nullptr. Check lines: 404, 407. filecache.cpp 404
  • And 3 additional diagnostic messages.

FlightGear

V595 The 'prev' pointer was utilized before it was verified against nullptr. Check lines: 858, 868. aiship.cxx 858


bool FGAIShip::initFlightPlan() {
  ....
  prev = fp->getPreviousWaypoint();
  ....
  setHeading(getCourse(prev->getLatitude(),
                       prev->getLongitude(),
                       curr->getLatitude(),
                       curr->getLongitude()));
  ....
  if (prev)
    init = true;
  ....
}

FlightGear

V595 The 'a' pointer was utilized before it was verified against nullptr. Check lines: 478, 479. codegen.c 478


static int tokMatch(struct Token* a, struct Token* b)
{
  int i, l = a->strlen;
  if(!a || !b) return 0;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'apt' pointer was utilized before it was verified against nullptr. Check lines: 1076, 1083. route_mgr.cxx 1076
  • V595 The 'aFilter' pointer was utilized before it was verified against nullptr. Check lines: 66, 76. positionedoctree.cxx 66
  • V595 The 'n' pointer was utilized before it was verified against nullptr. Check lines: 168, 173. props.cxx 168
  • And 12 additional diagnostic messages.

FFmpeg

V595 The 'ts->pids[pid]' pointer was utilized before it was verified against nullptr. Check lines: 1377, 1379. mpegts.c 1377


static void m4sl_cb(....)
{
  ....
  if (ts->pids[pid]->es_id != mp4_descr[i].es_id)
    continue;
  if (!(ts->pids[pid] && ts->pids[pid]->type == MPEGTS_PES)) {
  ....
}

Scilab

V595 The 'sco' pointer was utilized before it was verified against nullptr. Check lines: 305, 311. canimxy3d.c 305


static void appendData(....)
{
  ....
  sco_data *sco = (sco_data *) * (block->work);
  int maxNumberOfPoints = sco->internal.maxNumberOfPoints;
  int numberOfPoints = sco->internal.numberOfPoints;

  if (sco != NULL && numberOfPoints >= maxNumberOfPoints)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'style' pointer was utilized before it was verified against nullptr. Check lines: 115, 124. champ.c 115
  • V595 The 'lenStVarOne' pointer was utilized before it was verified against nullptr. Check lines: 270, 274. sci_toprint.cpp 270
  • V595 The 'root->attr' pointer was utilized before it was verified against nullptr. Check lines: 819, 824. ezxml.c 819
  • And 58 additional diagnostic messages.

Unreal Engine 4

V595 The 'GEngine' pointer was utilized before it was verified against nullptr. Check lines: 9714, 9719. unrealengine.cpp 9714


/**
 * Global engine pointer.
 * Can be 0 so don't use without checking.
 */
ENGINE_API UEngine* GEngine = NULL;

bool UEngine::LoadMap( FWorldContext& WorldContext,
  FURL URL, class UPendingNetGame* Pending, FString& Error )
{
  ....
  if (GEngine->GameViewport != NULL)
  {
    ClearDebugDisplayProperties();
  }

  if( GEngine )
  {
    GEngine->WorldDestroyed( WorldContext.World() );
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'Linker' pointer was utilized before it was verified against nullptr. Check lines: 754, 772. asyncloading.cpp 754
  • V595 The 'InstanceGraph' pointer was utilized before it was verified against nullptr. Check lines: 93, 112. reloadobjectarc.cpp 93
  • V595 The 'Linker' pointer was utilized before it was verified against nullptr. Check lines: 3381, 3384. savepackage.cpp 3381
  • And 80 additional diagnostic messages.

Qt

V595 The 'outline' pointer was utilized before it was verified against nullptr. Check lines: 1746, 1749. qgrayraster.c 1746


static int gray_raster_render(....)
{
  const QT_FT_Outline* outline =
    (const QT_FT_Outline*)params->source;

  ....

  /* return immediately if the outline is empty */
  if ( outline->n_points == 0 || outline->n_contours <= 0 )
    return 0;

  if ( !outline || !outline->contours || !outline->points )
    return ErrRaster_Invalid_Outline;

  ....
}

Optimization too early.

Similar errors can be found in some other places:

  • V595 The 'd' pointer was utilized before it was verified against nullptr. Check lines: 264, 266. qpluginloader.cpp 264
  • V595 The 'lib' pointer was utilized before it was verified against nullptr. Check lines: 309, 317. qlibrary.cpp 309
  • V595 The 'self' pointer was utilized before it was verified against nullptr. Check lines: 1132, 1136. qcoreapplication.cpp 1132
  • And 78 additional diagnostic messages.

ANGLE

V595 The 'textureObject' pointer was utilized before it was verified against nullptr. Check lines: 7088, 7093. libglesv2.cpp 7088


bool __stdcall glBindTexImage(egl::Surface *surface)
{
  ....
  gl::Texture2D *textureObject = context->getTexture2D();

  if (textureObject->isImmutable())
  {
    return false;
  }

  if (textureObject)
  {
    textureObject->bindTexImage(surface);
  }
  ....
}

OpenSSL

V595 The 's' pointer was utilized before it was verified against nullptr. Check lines: 1013, 1019. ssl_lib.c 1013


int SSL_shutdown(SSL *s)
{
  if (s->handshake_func == 0)
  {
    SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
    return -1;
  }

  if ((s != NULL) && !SSL_in_init(s))
    return(s->method->ssl_shutdown(s));
  else
    return(1);
  }
  ....
}

OpenSSL

V595 The 'pub_key' pointer was utilized before it was verified against nullptr. Check lines: 951, 952. e_ubsec.c 951


#define bn_wexpand(a,words) \
  (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))

static int ubsec_dh_generate_key(DH *dh)
{
  ....
  if(bn_wexpand(pub_key, dh->p->top) == NULL) goto err;
  if(pub_key == NULL) goto err;
  ....
}

The 'pub_key' pointer was dereferenced in bn_wexpand macros.


SlimDX

V595 The 'effects' pointer was utilized before it was verified against nullptr. Check lines: 66, 73. secondarysoundbuffer.cpp 66


array<SoundEffectResult>^ SecondarySoundBuffer::SetEffects(
  array<Guid>^ effects )
{
  DWORD count = effects->Length;
  ....
  if( effects != nullptr && count > 0 )
  ....
}

TortoiseGit

V595 The 'n' pointer was utilized before it was verified against nullptr. Check lines: 41, 43. decorate.c 41


void free_decoration(struct decoration *n)
{
  unsigned int i;
  struct object_decoration *hash = n->hash;
  if (n == NULL || n->hash == NULL)
    return;
  ....
}

OpenMW

V595 The 'mPlayer' pointer was utilized before it was verified against nullptr. Check lines: 234, 245. openmw worldimp.cpp 234


void World::clear()
{
  mLocalScripts.clear();
  mPlayer->clear();
  ....
  if (mPlayer)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'mBody' pointer was utilized before it was verified against nullptr. Check lines: 95, 99. openmw physic.cpp 95

Mozilla Firefox

V595 The 'head' pointer was utilized before it was verified against nullptr. Check lines: 1915, 1920. nshttptransaction.cpp 1915


void
nsHttpTransaction::RestartVerifier::Set(int64_t contentLength,
                                        nsHttpResponseHead *head)
{
  if (mSetup)
    return;

  if (head->Status() != 200)
    return;

  mContentLength = contentLength;

  if (head) {
  ....
}

Newton Game Dynamics

V595 The 'sp' pointer was utilized before it was verified against nullptr. Check lines: 77, 85. ptw32_throw.c 77


void
ptw32_throw (DWORD exception)
{
  ....
  ptw32_thread_t * sp =
    (ptw32_thread_t *) pthread_getspecific (ptw32_selfThreadKey);

  sp->state = PThreadStateExiting;

  if (exception != PTW32_EPS_CANCEL &&
      exception != PTW32_EPS_EXIT)
  {
    exit (1);
  }
  ....
  if (NULL == sp || sp->implicit)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'sem' pointer was utilized before it was verified against nullptr. Check lines: 138, 142. sem_timedwait.c 138
  • V595 The 'assoc' pointer was utilized before it was verified against nullptr. Check lines: 89, 91. pthread_key_delete.c 89
  • V595 The 'faceNode' pointer was utilized before it was verified against nullptr. Check lines: 785, 795. dgconvexhull3d.cpp 785
  • And 17 additional diagnostic messages.

Wine Is Not an Emulator

V595 The 'decl' pointer was utilized before it was verified against nullptr. Check lines: 1411, 1417. parser.y 1411


static var_t *declare_var(....)
{
  ....
  var_t *v = decl->var;                                 // <=
  expr_list_t *sizes = get_attrp(attrs, ATTR_SIZEIS);
  expr_list_t *lengs = get_attrp(attrs, ATTR_LENGTHIS);
  int sizeless;
  expr_t *dim;
  type_t **ptype;
  array_dims_t *arr = decl ? decl->array : NULL;        // <=
  type_t *func_type = decl ? decl->func_type : NULL;    // <=
  ....
}

Similar errors can be found in some other places:

  • V595 The 'pcbData' pointer was utilized before it was verified against nullptr. Check lines: 1859, 1862. registry.c 1859
  • V595 The 'token_user' pointer was utilized before it was verified against nullptr. Check lines: 206, 213. lsa.c 206
  • V595 The 'psp' pointer was utilized before it was verified against nullptr. Check lines: 2680, 2689. propsheet.c 2680
  • And 4 additional diagnostic messages.

Cocos2d-x

V595 The 'values' pointer was utilized before it was verified against nullptr. Check lines: 188, 189. ccbundlereader.h 188


template<>
inline bool BundleReader::readArray<std::string>(
  unsigned int *length, std::vector<std::string> *values)
{
  ....
  values->clear();             // <=
  if (*length > 0 && values)   // <=
  {
    for (int i = 0; i < (int)*length; ++i)
    {
      values->push_back(readString());
    }
  }
  return true;
}

Similar errors can be found in some other places:

  • V595 The '_openGLView' pointer was utilized before it was verified against nullptr. Check lines: 410, 417. ccdirector.cpp 410
  • V595 The 'node' pointer was utilized before it was verified against nullptr. Check lines: 365, 374. cctween.cpp 365
  • V595 The 'rootEle' pointer was utilized before it was verified against nullptr. Check lines: 378, 379. ccfileutils.cpp 378
  • And 6 additional diagnostic messages.

Asterisk

V595 The 'object_wizard->wizard' pointer was utilized before it was verified against nullptr. Check lines: 683, 686. sorcery.c 683


static void sorcery_object_wizard_destructor(void *obj)
{
  struct ast_sorcery_object_wizard *object_wizard = obj;

  if (object_wizard->data) {
    object_wizard->wizard->close(object_wizard->data);      // <=
  }

  if (object_wizard->wizard) {                              // <=
    ast_module_unref(object_wizard->wizard->module);
  }

  ao2_cleanup(object_wizard->wizard);                       // <=
}

PHP:Hypertext Preprocessor

V595 The 'function_name' pointer was utilized before it was verified against nullptr. Check lines: 4859, 4860. basic_functions.c 4859


static int user_shutdown_function_call(zval *zv TSRMLS_DC)
{
  ....
  php_error(E_WARNING, "....", function_name->val);  // <=
  if (function_name) {                               // <=
    STR_RELEASE(function_name);
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'callback_name' pointer was utilized before it was verified against nullptr. Check lines: 5007, 5021. basic_functions.c 5007

Grassroots DICOM library (GDCM)

V595 The 'str' pointer was utilized before it was verified against nullptr. Check lines: 26, 27. gdcmprivatetag.cxx 26


bool PrivateTag::ReadFromCommaSeparatedString(const char *str)
{
  unsigned int group = 0, element = 0;
  std::string owner;
  owner.resize( strlen(str) );
  if( !str || sscanf(str, "%04x,%04x,%s", &group ,
                     &element, &owner[0] ) != 3 )
  {
    gdcmDebugMacro( "Problem reading Private Tag: " << str );
    return false;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'Internal' pointer was utilized before it was verified against nullptr. Check lines: 217, 223. gdcmjpegcodec.cxx 217
  • V595 The 'Internal' pointer was utilized before it was verified against nullptr. Check lines: 321, 327. gdcmjpegcodec.cxx 321

K Desktop Environment

V595 The 'priv->slider' pointer was utilized before it was verified against nullptr. Check lines: 786, 792. knuminput.cpp 786


void KDoubleNumInput::spinBoxChanged(double val)
{
  ....
  const double slidemin = priv->slider->minimum();      // <=
  const double slidemax = priv->slider->maximum();      // <=
  ....
  if (priv->slider) {                                   // <=
    priv->slider->blockSignals(true);
    priv->slider->setValue(qRound(slidemin + rel * (....)));
    priv->slider->blockSignals(false);
  }
}

Similar errors can be found in some other places:

  • V595 The 'incBase' pointer was utilized before it was verified against nullptr. Check lines: 2487, 2491. incidenceformatter.cpp 2487
  • V595 The 'm_instance' pointer was utilized before it was verified against nullptr. Check lines: 364, 376. ksystemtimezone.cpp 364
  • V595 The 'job' pointer was utilized before it was verified against nullptr. Check lines: 778, 783. knewfilemenu.cpp 778
  • And 3 additional diagnostic messages.

Miranda NG

V595 The 'dat' pointer was utilized before it was verified against nullptr. Check lines: 428, 430. TabSRMM buttonsbar.cpp 428


void TSAPI BB_InitDlgButtons(TWindowData *dat)
{
  ....
  HWND hdlg = dat->hwnd;
  ....
  if (dat == 0 || hdlg == 0) { return; }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'gce' pointer was utilized before it was verified against nullptr. Check lines: 519, 522. Miranda chat_svc.cpp 519
  • V595 The 'group->cl.items' pointer was utilized before it was verified against nullptr. Check lines: 137, 139. Miranda clcitems.cpp 137
  • V595 The 'text' pointer was utilized before it was verified against nullptr. Check lines: 357, 372. Miranda clcutils.cpp 357
  • And 161 additional diagnostic messages.

Spring Engine

V595 The 'model->GetRootPiece()' pointer was utilized before it was verified against nullptr. Check lines: 236, 238. engine-headless%engine-legacy imodelparser.cpp 236


S3DModel* C3DModelLoader::Load3DModel(std::string modelName)
{
  ....
  model->GetRootPiece()->SetCollisionVolume(                // <=
    new CollisionVolume("box", -UpVector, ZeroVector));

  if (model->GetRootPiece() != NULL) {                      // <=
    CreateLists(model->GetRootPiece());
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'szComment' pointer was utilized before it was verified against nullptr. Check lines: 1559, 1564. assimp unzip.c 1559
  • V595 The 'facCAI' pointer was utilized before it was verified against nullptr. Check lines: 1059, 1064. engineSim commandai.cpp 1059
  • V595 The 'projectileDrawer' pointer was utilized before it was verified against nullptr. Check lines: 170, 176. engineSim shieldprojectile.cpp 170
  • And 1 additional diagnostic messages.

Linux Kernel

V595 The 'podhd' pointer was utilized before it was verified against nullptr. Check lines: 96, 98. podhd.c 96


static int podhd_try_init(struct usb_interface *interface,
        struct usb_line6_podhd *podhd)
{
  int err;
  struct usb_line6 *line6 = &podhd->line6;

  if ((interface == NULL) || (podhd == NULL))
    return -ENODEV;
  ....
}

Discussion: http://www.viva64.com/en/b/0306/


Linux Kernel

V595 The 'skb' pointer was utilized before it was verified against nullptr. Check lines: 949, 951. act_api.c 949


static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n)
{
  struct net *net = sock_net(skb->sk);
  struct nlattr *tca[TCA_ACT_MAX + 1];
  u32 portid = skb ? NETLINK_CB(skb).portid : 0;
  ....
}

Linux Kernel

V595 The 'inode' pointer was utilized before it was verified against nullptr. Check lines: 905, 907. move_extents.c 905


static int ocfs2_move_extents(
  struct ocfs2_move_extents_context *context)
{
  int status;
  handle_t *handle;
  struct inode *inode = context->inode;
  struct ocfs2_dinode *di;
  struct buffer_head *di_bh = NULL;
  struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);

  if (!inode)
    return -ENOENT;
  ....
}

Linux Kernel

V595 The 'i2400m->tx_msg' pointer was utilized before it was verified against nullptr. Check lines: 759, 764. tx.c 759


int i2400m_tx(struct i2400m *i2400m, ....)
{
  ....
  if (i2400m->tx_msg->size + padded_len > I2400M_TX_MSG_SIZE) {
    d_printf(2, dev, "TX: message too big, going new\n");
    i2400m_tx_close(i2400m);
    i2400m_tx_new(i2400m);
  }
  if (i2400m->tx_msg == NULL)
    goto error_tx_new;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'txpeer' pointer was utilized before it was verified against nullptr. Check lines: 1011, 1022. lib-move.c 1011
  • V595 The 'odev' pointer was utilized before it was verified against nullptr. Check lines: 1012, 1017. hso.c 1012
  • V595 The 'skb' pointer was utilized before it was verified against nullptr. Check lines: 1012, 1032. r8192U_core.c 1012
  • And 235 additional diagnostic messages.

LibreOffice

V595 The 'pSysWin' pointer was utilized before it was verified against nullptr. Check lines: 738, 739. updatecheckui.cxx 738


IMPL_LINK( UpdateCheckUI, ApplicationEventHdl,
           VclSimpleEvent *, pEvent)
{
  ....
  SystemWindow *pSysWin = pWindow->GetSystemWindow();
  MenuBar      *pMBar   = pSysWin->GetMenuBar();
  if ( pSysWin && pMBar )
  {
    AddMenuBarIcon( pSysWin, true );
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'm_pData' pointer was utilized before it was verified against nullptr. Check lines: 1716, 1731. owriteablestream.cxx 1716
  • V595 The 'm_pData' pointer was utilized before it was verified against nullptr. Check lines: 1923, 1938. xstorage.cxx 1923
  • V595 The 'pOld0RGB' pointer was utilized before it was verified against nullptr. Check lines: 750, 754. ios2met.cxx 750
  • And 17 additional diagnostic messages.

.NET CoreCLR

V595 The 'tree' pointer was utilized before it was verified against nullptr. Check lines: 6970, 6976. ClrJit gentree.cpp 6970


void Compiler::gtDispNode(GenTreePtr tree, ....)
{
  ....
  if (tree->gtOper >= GT_COUNT)
  {
    printf(" **** ILLEGAL NODE ****");
    return;
  }

  if  (tree && printFlags)
  {
    /* First print the flags associated with the node */
    switch (tree->gtOper)
    {
      ....
    }
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'm_table' pointer was utilized before it was verified against nullptr. Check lines: 422, 437. ClrJit simplerhash.inl 422
  • V595 The 'block' pointer was utilized before it was verified against nullptr. Check lines: 7548, 7550. ClrJit codegencommon.cpp 7548
  • V595 The 'op1' pointer was utilized before it was verified against nullptr. Check lines: 10808, 10831. ClrJit gentree.cpp 10808
  • And 26 additional diagnostic messages.

SETI@home

V595 The 'ChirpSteps' pointer was utilized before it was verified against nullptr. Check lines: 138, 166. chirpfft.cpp 138


size_t GenChirpFftPairs(....)
{
  ....
  double * ChirpSteps;
  ....
  ChirpSteps = (double *)calloc(swi.num_fft_lengths,
    sizeof(double));
  ....
  CRate+=ChirpSteps[j];
  ....
  if (ChirpSteps) free (ChirpSteps);
  ....
}

#info Don't need check ChirpSteps before used 'free' function

Unreal Engine 4

V595 The 'GEngine' pointer was utilized before it was verified against nullptr. Check lines: 629, 647. sgamemenupagewidget.cpp 629


void SGameMenuPageWidget::Tick(....)
{
  //ugly code seeing if the console is open
  UConsole* ViewportConsole = (GEngine->GameViewport != nullptr)
    ? GEngine->GameViewport->ViewportConsole : nullptr;
  ....
  if (GEngine && GEngine->GameViewport )
  {
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'ToRenderBitmapSource' pointer was utilized before it was verified against nullptr. Check lines: 317, 337. windowsplatformsplash.cpp 317
  • V595 The 'PropertyClass' pointer was utilized before it was verified against nullptr. Check lines: 430, 445. propertybaseobject.cpp 430
  • V595 The 'Linker' pointer was utilized before it was verified against nullptr. Check lines: 3610, 3613. savepackage.cpp 3610
  • And 11 additional diagnostic messages.

Unreal Engine 4

V595 The 'GEngine' pointer was utilized before it was verified against nullptr. Check lines: 47, 48. gammauipanel.cpp 47


float SGammaUIPanel::OnGetGamma() const
{
  float DisplayGamma = GEngine->DisplayGamma;
  return GEngine ? DisplayGamma : 2.2f;
}

Unreal Engine 4

V595 The 'Object' pointer was utilized before it was verified against nullptr. Check lines: 814, 815. uobjectbase.cpp 814


const TCHAR* DebugFName(UObject* Object)
{
  static TCHAR TempName[256];
  FName Name = Object->GetFName();
  FCString::Strcpy(TempName,
    Object ? *FName::SafeString(Name.GetDisplayIndex(),
    Name.GetNumber()) : TEXT("NULL"));
  return TempName;
}

Unreal Engine 4

V595 The 'GEditor' pointer was utilized before it was verified against nullptr. Check lines: 1115, 1123. behaviortreedebugger.cpp 1115


void FBehaviorTreeDebugger::OnInstanceSelectedInDropdown(....)
{
  ....
  USelection* SelectedActors =
    GEditor->GetSelectedActors();                       // <=
  if (SelectedActors && OldPawn)
  {
    SelectedActors->Deselect(OldPawn);
  }

  TreeInstance = SelectedInstance;

  if (SelectedActors && GEditor && SelectedInstance &&  // <=
      SelectedInstance->GetOwner())
  {
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'PuppetActor' pointer was utilized before it was verified against nullptr. Check lines: 561, 570. sequenceractorbindingmanager.cpp 561
  • V595 The 'ViewState' pointer was utilized before it was verified against nullptr. Check lines: 3112, 3114. shadowrendering.cpp 3112
  • V595 The 'DuplicatedNode' pointer was utilized before it was verified against nullptr. Check lines: 2954, 2957. kismetcompiler.cpp 2954
  • And 2 additional diagnostic messages.

Unreal Engine 4

V595 The 'Asset' pointer was utilized before it was verified against nullptr. Check lines: 581, 583. assetrenamemanager.cpp 581


void FAssetRenameManager::PerformAssetRename(....) const
{
  ....
  UObject* Asset = RenameData.Asset.Get();
  FString OldAssetPath = Asset->GetPathName();
  if ( !Asset )
  {
    RenameData.bRenameFailed = true;
    continue;
  }
  ....
}

Unreal Engine 4

V595 The 'Rig' pointer was utilized before it was verified against nullptr. Check lines: 1844, 1846. animsequence.cpp 1844


void FillUpTransformBasedOnRig(USkeleton* Skeleton, ....)
{
  ....
  const URig* Rig = Skeleton->GetRig();

  // this one has to collect all Nodes in Rig data
  // since we're comparing two of them together.
  int32 NodeNum = Rig->GetNodeNum();

  if (Rig && NodeNum > 0)
  {
    ....
  }
  ....
}

Unreal Engine 4

V595 The 'InstanceGraph' pointer was utilized before it was verified against nullptr. Check lines: 93, 112. reloadobjectarc.cpp 93


void FReloadObjectArc::SerializeObject( UObject* Obj )
{
  ....
  // set this to prevent recursion in serialization
  if ( IsLoading() )
  {
    ....
    InstanceGraph->EnableSubobjectInstancing(false);
    ....
  }
  ....
  if ( IsLoading() )
  {
    if ( InstanceGraph != NULL )
    {
      InstanceGraph->EnableSubobjectInstancing(true);
      ....
  }
  ....
}

FreeCAD

V595 The 'root' pointer was utilized before it was verified against nullptr. Check lines: 293, 294. view3dinventorexamples.cpp 293


void LightManip(SoSeparator * root)
{

  SoInput in;
  in.setBuffer((void *)scenegraph, std::strlen(scenegraph));
  SoSeparator * _root = SoDB::readAll( &in );
  root->addChild(_root);       // <=
  if ( root == NULL ) return;  // <=
  root->ref();
  ....
}

Similar errors can be found in some other places:

  • V595 The 'cam' pointer was utilized before it was verified against nullptr. Check lines: 1049, 1056. viewprovider.cpp 1049
  • V595 The 'viewProviderRoot' pointer was utilized before it was verified against nullptr. Check lines: 187, 188. taskcheckgeometry.cpp 187
  • V595 The 'node' pointer was utilized before it was verified against nullptr. Check lines: 209, 210. viewproviderrobotobject.cpp 209
  • And 6 additional diagnostic messages.

Apple II emulator

V595 The 'pArg' pointer was utilized before it was verified against nullptr. Check lines: 204, 207. debugger_parser.cpp 204


bool ArgsGetValue (
  Arg_t *pArg, WORD * pAddressValue_, const int nBase )
{
  TCHAR *pSrc = & (pArg->sArg[ 0 ]);
  TCHAR *pEnd = NULL;

  if (pArg && pAddressValue_)
  {
    *pAddressValue_ =
       (WORD)(_tcstoul( pSrc, &pEnd, nBase) & _6502_MEM_END);
    return true;
  }
  return false;
}

Null Pointer Dereferencing Causes Undefined Behavior: http://www.viva64.com/en/b/0306/

Similar errors can be found in some other places:

  • V595 The 'pToken_' pointer was utilized before it was verified against nullptr. Check lines: 811, 823. debugger_parser.cpp 811

Gamer_Z eXtreme Party

V595 The 'ec' pointer was utilized before it was verified against nullptr. Check lines: 859, 860. operations.cpp 859


BOOST_FILESYSTEM_DECL
void copy(...., system::error_code* ec)
{
  file_status s(symlink_status(from, *ec));
  if (ec != 0 && *ec) return;
  ....
}

Git

V595 The 'two' pointer was utilized before it was verified against nullptr. Check lines: 51, 52. diffcore-pickaxe.c 51


static int diff_grep(mmfile_t *one, mmfile_t *two,
                     regex_t *regexp, ....)
{
  ....
  regmatch_t regmatch;
  if (!one)
    return !regexec(regexp, two->ptr, 1, ®match, 0);
  if (!two)
    return !regexec(regexp, one->ptr, 1, ®match, 0);
  ....
}

Git

V595 The 'abbrev_option' pointer was utilized before it was verified against nullptr. Check lines: 305, 312. parse-options.c 305


static int parse_long_opt(struct parse_opt_ctx_t *p,
                          const struct option *options, ....)
{
  const struct option *all_opts = options;
  const struct option *abbrev_option = NULL,
                      *ambiguous_option = NULL;
  ....
  if (ambiguous_option)
    return error(...., abbrev_option->long_name);
  if (abbrev_option)
    return get_value(p, abbrev_option, all_opts, abbrev_flags);
  ....
}

Git

V595 The 'ctx->opt' pointer was utilized before it was verified against nullptr. Check lines: 439, 445. parse-options.c 439


int parse_options_step(struct parse_opt_ctx_t *ctx,
                       const struct option *options,
                       const char * const usagestr[])
{
  int internal_help = !(ctx->flags & PARSE_OPT_NO_INTERNAL_HELP);
  ....
  if (internal_help && *ctx->opt == 'h')
    return parse_options_usage(ctx, usagestr, options, 0);
  ....
  if (ctx->opt)
  ....
}

Git

V595 The 'tree' pointer was utilized before it was verified against nullptr. Check lines: 134, 136. revision.c 134


void mark_tree_uninteresting(struct tree *tree)
{
  struct object *obj = &tree->object;
  if (!tree)
    return;
  ....
}

Git

V595 The 'match' pointer was utilized before it was verified against nullptr. Check lines: 927, 929. sha1_name.c 927


static int grab_nth_branch_switch(const char *message, ....)
{
  const char *match = NULL, *target = NULL;
  ....
  if (skip_prefix(message, "checkout: moving from ", &match))
    target = strstr(match, " to ");
  if (!match || !target)
    return 0;
  ....
}

Git

V595 The 'prefix' pointer was utilized before it was verified against nullptr. Check lines: 395, 411. pathspec.c 395


void parse_pathspec(const char *prefix, ....)
{
  struct pathspec_item *item;
  int prefixlen;
  ....
  item->nowildcard_len = item->len = strlen(prefix);
  ....
  prefixlen = prefix ? strlen(prefix) : 0;
  ....
}

Git

V595 The 'last' pointer was utilized before it was verified against nullptr. Check lines: 1116, 1141. fast-import.c 1116


static int store_object(struct last_object *last, ....)
{
  off_t ofs = e->idx.offset - last->offset;
  ....
  e->depth = last->depth + 1;
  ....
  if (last)
  ....
}

Git

V595 The 'head_commit' pointer was utilized before it was verified against nullptr. Check lines: 1294, 1315. merge.c 1294


static int have_message;

int cmd_merge(int argc, const char **argv, ....)
{
  struct commit *head_commit;
  ....
  if (!have_message && is_old_style_invocation(argc, argv,
                                       head_commit->object.sha1))
  ....
  if (!head_commit || !argc)
  ....
}

Git

V595 The 'shortname' pointer was utilized before it was verified against nullptr. Check lines: 58, 80. branch.c 58


void install_branch_config(int flag, const char *local,
                          const char *origin, const char *remote)
{
  const char *shortname = NULL;
  ....
  if (!strcmp(local, shortname) && ....)
  ....
  if (shortname)
  ....
}

Git

V595 The 'rhs' pointer was utilized before it was verified against nullptr. Check lines: 558, 563. remote.c 558


static struct refspec *parse_refspec_internal(....)
{
  ....
  const char *lhs, *rhs;
  ....
  rhs = strrchr(lhs, ':');
  if (.... && rhs[1] == '\0')
  ....
  if (rhs)
  ....
}

Git

V595 The 'interesting_cache' pointer was utilized before it was verified against nullptr. Check lines: 354, 364. revision.c 354


static int everybody_uninteresting(....,
               struct commit **interesting_cache)
{
  if (*interesting_cache)
  ....
  if (interesting_cache)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'tp' pointer was utilized before it was verified against nullptr. Check lines: 198, 220. tree-diff.c 198
  • V595 The 'mctx->state_log[* pidx]' pointer was utilized before it was verified against nullptr. Check lines: 1328, 1339. regexec.c 1328
  • V595 The 'set->elems' pointer was utilized before it was verified against nullptr. Check lines: 1306, 1316. regex_internal.c 1306

GNU Octave

V595 The 'Pinv' pointer was utilized before it was verified against nullptr. Check lines: 66, 79. colamd.cc 66


static void
symetree(const octave_idx_type *ridx, octave_idx_type *P, ....)
{
  ....
  Pinv[P[k]] = k;
  ....
  octave_idx_type i = (Pinv) ? (Pinv[ridx[p]]) : (ridx[p]);
  ....
}

Doxygen

V595 The 'bfd' pointer was utilized before it was verified against nullptr. Check lines: 3371, 3384. dot.cpp 3371


void DotInclDepGraph::buildGraph(....)
{
  ....
  FileDef *bfd = ii->fileDef;
  QCString url="";
  ....
  url=bfd->getSourceFileBase();
  ....
  if (bfd)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'cd' pointer was utilized before it was verified against nullptr. Check lines: 6123, 6131. doxygen.cpp 6123
  • V595 The 'p' pointer was utilized before it was verified against nullptr. Check lines: 1069, 1070. htmldocvisitor.cpp 1069
  • V595 The 'Doxygen::mainPage' pointer was utilized before it was verified against nullptr. Check lines: 3792, 3798. index.cpp 3792
  • And 5 additional diagnostic messages.

Doxygen

V595 The 'lne' pointer was utilized before it was verified against nullptr. Check lines: 4078, 4089. index.cpp 4078


static void writeIndexHierarchyEntries(OutputList &ol, ....)
{
  QListIterator<LayoutNavEntry> li(entries);
  LayoutNavEntry *lne;
  for (li.toFirst();(lne=li.current());++li)
  {
    LayoutNavEntry::Kind kind = lne->kind();
    ....
    bool addToIndex=lne==0 || lne->visible();
    ....
  }
}

Telegram

V595 The 'dlgList' pointer was utilized before it was verified against nullptr. Check lines: 1620, 1626. Telegram dialogswidget.cpp 1620


void DialogsWidget::dialogsReceived(....)
{
  const QVector<MTPDialog> *dlgList = 0;
  ....
  unreadCountsReceived(*dlgList);
  ....
  if (dlgList)
  ....
}

FreeSWITCH

V595 The 'val' pointer was utilized before it was verified against nullptr. Check lines: 2496, 2499. switch_ivr.c 2496


static int
switch_ivr_set_xml_chan_var(...., const char *val, int off)
{
  char *data;
  switch_size_t dlen = strlen(val) * 3 + 1;            // <=
  switch_xml_t variable;

  if (!val) val = "";                                  // <=
  ....
}

FreeSWITCH

V595 The 'a_engine' pointer was utilized before it was verified against nullptr. Check lines: 6024, 6052. switch_core_media.c 6024


WITCH_DECLARE(switch_status_t)
switch_core_media_activate_rtp(switch_core_session_t *session)
{
  ....
  switch_port_t remote_rtcp_port = a_engine->remote_rtcp_port;
  ....
  if (session && a_engine) {
    check_dtls_reinvite(session, a_engine);
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'session' pointer was utilized before it was verified against nullptr. Check lines: 6027, 6052. switch_core_media.c 6027
  • V595 The 'session' pointer was utilized before it was verified against nullptr. Check lines: 6689, 6696. switch_core_media.c 6689
  • V595 The 'v_engine' pointer was utilized before it was verified against nullptr. Check lines: 6677, 6696. switch_core_media.c 6677
  • And 4 additional diagnostic messages.

Mozilla Thunderbird

V595 The 'aParent' pointer was utilized before it was verified against nullptr. Check lines: 511, 518. nsgenericdomdatanode.cpp 511


nsresult
nsGenericDOMDataNode::BindToTree(nsIContent* aParent, ....)
{
  ....
  ShadowRoot*
  parentContainingShadow = aParent->GetContainingShadow();
  ....
  if (aParent)
  {
  ....
}

Cfront

V595 The 'cl' pointer was utilized before it was verified against nullptr. Check lines: 927, 928. expr.c 927


typedef class classdef * Pclass;

#define PERM(p) p->permanent=1

Pexpr expr::typ(Ptable tbl)
{
  ....
  Pclass cl;
  ....
  cl = (Pclass) nn->tp;
  PERM(cl);
  if (cl == 0) error('i',"%k %s'sT missing",CLASS,s);
  ....
}

Cfront

V595 The 'b' pointer was utilized before it was verified against nullptr. Check lines: 608, 615. norm.c 608


Pname name::normalize(Pbase b, Pblock bl, bit cast)
{
  ....
  Pname n;
  Pname nn;
  TOK stc = b->b_sto;
  bit tpdf = b->b_typedef;
  bit inli = b->b_inline;
  bit virt = b->b_virtual;
  Pfct f;
  Pname nx;

  if (b == 0) error('i',"%d->N.normalize(0)",this);
  ....
}

Unreal Engine 4

V595 The 'frame' pointer was utilized before it was verified against nullptr. Check lines: 301, 302. oculusrifthmd.cpp 301


bool FOculusRiftHMD::DoesSupportPositionalTracking() const
{
  const FGameFrame* frame = GetFrame();
  const FSettings* OculusSettings = frame->GetSettings();
  return (frame && OculusSettings->Flags.bHmdPosTracking &&
          (OculusSettings->SupportedTrackingCaps &
           ovrTrackingCap_Position) != 0);
}

Unreal Engine 4

V595 The 'Enum' pointer was utilized before it was verified against nullptr. Check lines: 146, 147. kismetnodehelperlibrary.cpp 146


FName UKismetNodeHelperLibrary::GetEnumeratorName(
  const UEnum* Enum, uint8 EnumeratorValue)
{
  int32 EnumeratorIndex = Enum->GetIndexByValue(EnumeratorValue);
  return (NULL != Enum) ?
         Enum->GetEnum(EnumeratorIndex) : NAME_None;
}

Similar errors can be found in some other places:

  • V595 The 'Class' pointer was utilized before it was verified against nullptr. Check lines: 278, 282. levelactor.cpp 278
  • V595 The 'Template' pointer was utilized before it was verified against nullptr. Check lines: 380, 386. levelactor.cpp 380
  • V595 The 'UpdatedComponent' pointer was utilized before it was verified against nullptr. Check lines: 100, 116. interptomovementcomponent.cpp 100
  • And 5 additional diagnostic messages.

ChakraCore

V595 The 'instrLd' pointer was utilized before it was verified against nullptr. Check lines: 1823, 1831. flowgraph.cpp 1823


IR::Instr *
FlowGraph::PeepTypedCm(IR::Instr *instr)
{
 ....
 if (instrLd && !instrLd->GetSrc1()->IsEqual(instr->GetDst()))
 {
   return nullptr;
 }

 if(instrLd2 && !instrLd2->GetSrc1()->IsEqual(instrLd->GetDst()))
 {
   return nullptr;
 }
 ....
}

ChakraCore

V595 The 'src2Val' pointer was utilized before it was verified against nullptr. Check lines: 9717, 9725. globopt.cpp 9717


bool GlobOpt::TypeSpecializeIntBinary(....)
{
  ....
  bool isIntConstMissingItem = src2Val->GetValueInfo()->....

  if(isIntConstMissingItem)
  {
      isIntConstMissingItem = Js::SparseArraySegment<int>::....
  }

  if (!src2Val || !(src2Val->GetValueInfo()->IsLikelyInt()) ||
      isIntConstMissingItem)
  {
      return false;
  }
  ....
}

ChakraCore

V595 The 'm_lastInstr' pointer was utilized before it was verified against nullptr. Check lines: 214, 228. irbuilderasmjs.cpp 214


void
IRBuilderAsmJs::AddInstr(IR::Instr * instr, uint32 offset)
{
  m_lastInstr->InsertAfter(instr);                  // <=
  if (offset != Js::Constants::NoByteCodeOffset)
  {
    ....
  }
  else if (m_lastInstr)                             // <=
  {
      instr->SetByteCodeOffset(m_lastInstr->GetByteCodeOffset());
  }
  m_lastInstr = instr;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'arrayData' pointer was utilized before it was verified against nullptr. Check lines: 868, 870. immutablelist.h 868
  • V595 The 'pMembersList' pointer was utilized before it was verified against nullptr. Check lines: 2012, 2015. diagobjectmodel.cpp 2012
  • V595 The 'walkerRef' pointer was utilized before it was verified against nullptr. Check lines: 3191, 3193. diagobjectmodel.cpp 3191
  • And 9 additional diagnostic messages.

Computational Network Toolkit

V595 The 'm_rowIndices' pointer was utilized before it was verified against nullptr. Check lines: 171, 175. libsvmbinaryreader.cpp 171


template <class ElemType>
void SparseBinaryMatrix<ElemType>::ResizeArrays(size_t newNNz)
{
  ....
  if (m_nnz > 0)
  {
    memcpy(rowIndices, m_rowIndices, sizeof(int32_t)....);  // <=
    memcpy(values, this->m_values, sizeof(ElemType)....);   // <=
  }

  if (m_rowIndices != nullptr)
  {
    // free(m_rowIndices);
    CUDAPageLockedMemAllocator::Free(this->m_rowIndices, ....);
  }
  if (this->m_values != nullptr)
  {
    // free(this->m_values);
    CUDAPageLockedMemAllocator::Free(this->m_values, ....);
  }
  ....
}

The GTK+ Project

V595 The 'completion' pointer was utilized before it was verified against nullptr. Check lines: 2231, 2239. gtkentrycompletion.c 2231


static gboolean
gtk_entry_completion_key_press (...., gpointer user_data)
{
  ....
  GtkEntryCompletion *completion =
    GTK_ENTRY_COMPLETION (user_data);

  if (!completion->priv->popup_completion)
    return FALSE;

  ....
  if (completion && completion->priv->completion_timeout) // <=
    {
      ....
    }
  ....
}

The GTK+ Project

V595 The 'dispatch->backend' pointer was utilized before it was verified against nullptr. Check lines: 1570, 1580. gtkprintbackendcups.c 1570


static void
cups_dispatch_watch_finalize (GSource *source)
{
  ....
  if (dispatch->backend->username != NULL)
    username = dispatch->backend->username;
  else
    username = cupsUser ();
  ....
  if (dispatch->backend)
    dispatch->backend->authentication_lock = FALSE;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'impl->toplevel' pointer was utilized before it was verified against nullptr. Check lines: 514, 524. gdkwindow-x11.c 514
  • V595 The 'pointer_info' pointer was utilized before it was verified against nullptr. Check lines: 9610, 9638. gdkwindow.c 9610
  • V595 The 'elt' pointer was utilized before it was verified against nullptr. Check lines: 2218, 2225. gtktreemodelfilter.c 2218
  • And 2 additional diagnostic messages.

Serious Engine 1 v.1.10

V595 The 'pAD' pointer was utilized before it was verified against nullptr. Check lines: 791, 796. anim.cpp 791


void CAnimObject::SetData(CAnimData *pAD) {
  // mark new data as referenced once more
  pAD->AddReference();                      // <=
  // mark old data as referenced once less
  ao_AnimData->RemReference();
  // remember new data
  ao_AnimData = pAD;
  if( pAD != NULL) StartAnim( 0);           // <=
  // mark that something has changed
  MarkChanged();
}

Similar errors can be found in some other places:

  • V595 The '_meshEditOperations' pointer was utilized before it was verified against nullptr. Check lines: 416, 418. modelermeshexporter.cpp 416
  • V595 The '_fpOutput' pointer was utilized before it was verified against nullptr. Check lines: 654, 664. modelermeshexporter.cpp 654
  • V595 The '_appPolPnts' pointer was utilized before it was verified against nullptr. Check lines: 647, 676. modelermeshexporter.cpp 647
  • And 6 additional diagnostic messages.

OpenToonz

V595 The 'batchesTask' pointer was utilized before it was verified against nullptr. Check lines: 1064, 1066. batches.cpp 1064


void BatchesController::update()
{
  ....
  TFarmTask *batchesTask = getTask(batchesTaskId);   // <=
  TFarmTask farmTask = *batchesTask;                 // <=

  if (batchesTask) {                                 // <=
    QString batchesTaskParentId = batchesTask->m_parentId;
    m_controller->queryTaskInfo(farmTaskId, farmTask);
    int chunkSize = batchesTask->m_chunkSize;
    *batchesTask = farmTask;
    batchesTask->m_chunkSize = chunkSize;
    batchesTask->m_id = batchesTaskId;
    batchesTask->m_parentId = batchesTaskParentId;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'column' pointer was utilized before it was verified against nullptr. Check lines: 2106, 2107. cellselection.cpp 2106
  • V595 The 'm_currentRefreshedNode' pointer was utilized before it was verified against nullptr. Check lines: 1275, 1281. dvdirtreeview.cpp 1275
  • V595 The 'childXsh' pointer was utilized before it was verified against nullptr. Check lines: 2082, 2090. iocommand.cpp 2082
  • And 26 additional diagnostic messages.

ReactOS

V595 The 'EnumContext' pointer was utilized before it was verified against nullptr. Check lines: 2557, 2560. user.c 2557


NET_API_STATUS WINAPI NetUserEnum(....)
{
  done:
    if (ApiStatus == NERR_Success &&
        EnumContext->Index < EnumContext->Count) // <=
      ApiStatus = ERROR_MORE_DATA;

    if (EnumContext != NULL)                     // <=
      *totalentries = EnumContext->Count;
}

Firebird

V595 The 'lpName' pointer was utilized before it was verified against nullptr. Check lines: 2814, 2824. isc_sync.cpp 2814


static bool initializeFastMutex(FAST_MUTEX* lpMutex,
  LPSECURITY_ATTRIBUTES lpAttributes, BOOL bInitialState,
  LPCSTR lpName)
{
  if (pid == 0)
    pid = GetCurrentProcessId();

  LPCSTR name = lpName;

  if (strlen(lpName) + strlen(FAST_MUTEX_EVT_NAME) - 2
                                                   >= MAXPATHLEN)
  {
    SetLastError(ERROR_FILENAME_EXCED_RANGE);
    return false;
  }

  setupMutex(lpMutex);

  char sz[MAXPATHLEN];
  if (lpName)
  ....
}

7-Zip

V595 The 'outStreamSpec' pointer was utilized before it was verified against nullptr. Check lines: 753, 755. lzmaalone.cpp 753


static int main2(int numArgs, const char *args[])
{
  ....
  if (!stdOutMode)
    Print_Size("Output size: ",
                outStreamSpec->ProcessedSize);  // <=

  if (outStreamSpec)  // <=
  {
    if (outStreamSpec->Close() != S_OK)
      throw "File closing error";
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The '_file' pointer was utilized before it was verified against nullptr. Check lines: 2099, 2112. bench.cpp 2099
  • V595 The 'ai' pointer was utilized before it was verified against nullptr. Check lines: 204, 214. updatepair.cpp 204
  • V595 The 'options' pointer was utilized before it was verified against nullptr. Check lines: 631, 636. zipupdate.cpp 631
  • And 1 additional diagnostic messages.

Open X-Ray Engine

V595 The 'object' pointer was utilized before it was verified against nullptr. Check lines: 42, 47. level_bullet_manager_firetrace.cpp 42


class IGameObject :
  public virtual IFactoryObject,
  public virtual ISpatial,
  public virtual ISheduled,
  public virtual IRenderable,
  public virtual ICollidable
{
public:
  ....
  virtual u16 ID() const = 0;
  ....
}

BOOL CBulletManager::test_callback(
  const collide::ray_defs& rd,
  IGameObject* object,
  LPVOID params)
{
  bullet_test_callback_data* pData =
             (bullet_test_callback_data*)params;
  SBullet* bullet = pData->pBullet;

  if( (object->ID() == bullet->parent_id) &&
      (bullet->fly_dist<parent_ignore_distance) &&
      (!bullet->flags.ricochet_was)) return FALSE;

  BOOL bRes = TRUE;
  if (object){
    ....
  }

  return bRes;
}

OpenJDK

V595 The 'classes' pointer was utilized before it was verified against nullptr. Check lines: 58, 66. ClassLoaderReferenceImpl.c 58


static jboolean
visibleClasses(PacketInputStream *in, PacketOutputStream *out)
{
  ....
  else {
    (void)outStream_writeInt(out, count);
    for (i = 0; i < count; i++) {
      jbyte tag;
      jclass clazz;

      clazz = classes[i];                     // <=
      tag = referenceTypeTag(clazz);

      (void)outStream_writeByte(out, tag);
      (void)outStream_writeObjectRef(env, out, clazz);
    }
  }

  if ( classes != NULL )                      // <=
    jvmtiDeallocate(classes);
  ....
  return JNI_TRUE;
}

OpenJDK

V595 The '_matrule' pointer was utilized before it was verified against nullptr. Check lines: 3534, 3540. formssel.cpp 3534


int InstructForm::needs_base_oop_edge(FormDict &globals) const {
  if( is_simple_chain_rule(globals) ) {
    const char *src = _matrule->_rChild->_opType;
    OperandForm *src_op = globals[src]->is_operand();
    assert( src_op, "Not operand class of chain rule" );
    return src_op->_matrule ?
           src_op->_matrule->needs_base_oop_edge() : 0;
  }                             // Else check instruction

  return _matrule ? _matrule->needs_base_oop_edge() : 0;
}

Similar errors can be found in some other places:

  • V595 The '_pipeline' pointer was utilized before it was verified against nullptr. Check lines: 3265, 3274. output_c.cpp 3265
  • V595 The 'index_bound' pointer was utilized before it was verified against nullptr. Check lines: 790, 806. c1_RangeCheckElimination.cpp 790
  • V595 The 'g_type_init' pointer was utilized before it was verified against nullptr. Check lines: 94, 108. GioFileTypeDetector.c 94
  • And 15 additional diagnostic messages.

Nana

V595 The 'owner' pointer was utilized before it was verified against nullptr. Check lines: 299, 315. window_manager.cpp 299


window_manager::core_window_t*
window_manager::create_root(core_window_t* owner, ....)
{
  ....
  if (nested)
  {
    wd->owner = nullptr;
    wd->parent = owner;
    wd->index = static_cast<unsigned>(owner->children.size());
    owner->children.push_back(wd);  // <=
  }
  ....
  if (owner
      && owner->other.category
      == category::frame_tag::value)  // <=
    insert_frame(owner, wd);
  ....
}

Similar errors can be found in some other places:

  • V595 The 'wd' pointer was utilized before it was verified against nullptr. Check lines: 1066, 1083. window_manager.cpp 1066

CPython

V595 The 'self->extra' pointer was utilized before it was verified against nullptr. Check lines: 917, 923. _elementtree.c 917


int
_PyState_AddModule(PyObject* module, struct PyModuleDef* def)
{
  PyInterpreterState *state;
  if (def->m_slots) {
    PyErr_SetString(PyExc_SystemError,
        "PyState_AddModule called on module with slots");
    return -1;
  }
  state = GET_INTERP_STATE();
  if (!def)
    return -1;
  ....
}

Ruby MRI

V595 The 'bind' pointer was utilized before it was verified against nullptr. Check lines: 377, 382. vm.c 377


static void
vm_set_main_stack(rb_thread_t *th, const rb_iseq_t *iseq)
{
  VALUE toplevel_binding = rb_const_get(rb_cObject,
              rb_intern("TOPLEVEL_BINDING"));
  rb_binding_t *bind;
  rb_env_t *env;

  GetBindingPtr(toplevel_binding, bind);
  GetEnvPtr(bind->env, env);

  vm_set_eval_stack(th, iseq, 0, &env->block);

  /* save binding */
  if (bind && iseq->body->local_size > 0) {
    bind->env = vm_make_env_object(th, th->cfp);
  }
}

CryEngine V

V595 The 'm_pPartManager' pointer was utilized before it was verified against nullptr. Check lines: 1441, 1442. 3denginerender.cpp 1441


void C3DEngine::RenderInternal(....)
{
  ....
  m_pPartManager->GetLightProfileCounts().ResetFrameTicks();
  if (passInfo.IsGeneralPass() && m_pPartManager)
    m_pPartManager->Update();
  ....
}

CryEngine V

V595 The 'gEnv->p3DEngine' pointer was utilized before it was verified against nullptr. Check lines: 1477, 1480. gameserialize.cpp 1477


bool CGameSerialize::LoadLevel(....)
{
  ....
  // can quick-load
  if (!gEnv->p3DEngine->RestoreTerrainFromDisk())
    return false;

  if (gEnv->p3DEngine)
  {
    gEnv->p3DEngine->ResetPostEffects();
  }
  ....
}

CryEngine V

V595 The 'pSpline' pointer was utilized before it was verified against nullptr. Check lines: 158, 161. facechannelkeycleanup.cpp 158


void FaceChannel::CleanupKeys(....)
{

  CFacialAnimChannelInterpolator backupSpline(*pSpline);

  // Create the key entries array.
  int numKeys = (pSpline ? pSpline->num_keys() : 0);
  ....
}

Inkscape

V595 The 'priv' pointer was utilized before it was verified against nullptr. Check lines: 154, 160. document.cpp 154


SPDocument::~SPDocument()
{
  priv->destroySignal.emit();                      // <=
  ....
  if (oldSignalsConnected) {
    priv->selChangeConnection.disconnect();        // <=
    priv->desktopActivatedConnection.disconnect(); // <=
  } else {
    ....
  }
  if (priv) {                                      // <=
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'parts' pointer was utilized before it was verified against nullptr. Check lines: 624, 641. sp-offset.cpp 624
  • V595 The '_effects_list' pointer was utilized before it was verified against nullptr. Check lines: 103, 113. effect.cpp 103
  • V595 The 'num' pointer was utilized before it was verified against nullptr. Check lines: 1312, 1315. cr-tknzr.c 1312
  • And 10 additional diagnostic messages.

GCC

V595 The 'list' pointer was utilized before it was verified against nullptr. Check lines: 1627, 1629. sched-int.h 1627


#define DEPS_LIST_FIRST(L) ((L)->first)

static inline bool
sd_iterator_cond (sd_iterator_def *it_ptr, dep_t *dep_ptr)
{
  ....
  it_ptr->linkp = &DEPS_LIST_FIRST (list);
  if (list)
    continue;
  ....
}

GCC

V595 The 'odr_types_ptr' pointer was utilized before it was verified against nullptr. Check lines: 2135, 2139. ipa-devirt.c 2135


#define odr_types (*odr_types_ptr)

odr_type
get_odr_type (tree type, bool insert)
{
  ....
  odr_types[val->id] = 0;
  gcc_assert (val->derived_types.length() == 0);
  if (odr_types_ptr)
    val->id = odr_types.length ();
  ....
}

ReOpenLDAP

V595 The 'key' pointer was utilized before it was verified against nullptr. Check lines: 1324, 1327. mdb.c 1324


char *
mdb_dkey(MDB_val *key, char *buf)
{
  ....
  unsigned char *c = key->mv_data; // <=
  ....
  if (!key)                        // <=
    return "";
  ....
}

Similar errors can be found in some other places:

  • V595 The 'key' pointer was utilized before it was verified against nullptr. Check lines: 7282, 7291. mdb.c 7282

ICQ

V595 The 'stream' pointer was utilized before it was verified against nullptr. Check lines: 62, 63. gui contact.cpp 62


QPixmap* UnserializeAvatar(core::coll_helper* helper)
{
  ....
  core::istream* stream = helper->get_value_as_stream("avatar");
  uint32_t size = stream->size();
  if (stream)
  {
    result->loadFromData(stream->read(size), size);
    stream->reset();
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'core_connector_' pointer was utilized before it was verified against nullptr. Check lines: 279, 285. gui core_dispatcher.cpp 279
  • V595 The 'Shadow_' pointer was utilized before it was verified against nullptr. Check lines: 625, 628. gui mainwindow.cpp 625
  • V595 The 'chatMembersModel_' pointer was utilized before it was verified against nullptr. Check lines: 793, 796. gui menupage.cpp 793
  • And 1 additional diagnostic messages.

CodeLite

V595 The 'pResult' pointer was utilized before it was verified against nullptr. Check lines: 522, 526. SqliteDatabaseLayer.cpp 522


bool CodeBlocksImporter::isSupportedWorkspace()
{
  ....
  wxXmlNode* root = codeBlocksProject.GetRoot();
  wxString nodeName = root->GetName();                     // <=

  if(root &&                                               // <=
    (nodeName == wxT("CodeBlocks_workspace_file") ||
     nodeName == wxT("CodeBlocks_project_file")))
      return true;
  }
  return false;
}

Similar errors can be found in some other places:

  • V595 The 'ms_instance' pointer was utilized before it was verified against nullptr. Check lines: 24, 25. php_parser_thread.cpp 24

LLVM/Clang

V595 The 'MMI' pointer was utilized before it was verified against nullptr. Check lines: 1357, 1359. PPCAsmPrinter.cpp 1357


bool PPCDarwinAsmPrinter::doFinalization(Module &M) {
  ....
  MachineModuleInfoMachO &MMIMacho =
      MMI->getObjFileInfo<MachineModuleInfoMachO>();

  if (MAI->doesSupportExceptionHandling() && MMI) {
  ....
}

LLVM/Clang

V595 The 'CodeCompleter' pointer was utilized before it was verified against nullptr. Check lines: 5952, 5955. SemaCodeComplete.cpp 5952


void Sema::CodeCompleteObjCProtocolReferences(
  ArrayRef<IdentifierLocPair> Protocols)
{
  ResultBuilder
    Results(*this, CodeCompleter->getAllocator(),
            CodeCompleter->getCodeCompletionTUInfo(),
            CodeCompletionContext::CCC_ObjCProtocolName);

  if (CodeCompleter && CodeCompleter->includeGlobals()) {
    Results.EnterNewScope();
  ....
}

Similar errors can be found in some other places:

  • V595 The 'CodeCompleter' pointer was utilized before it was verified against nullptr. Check lines: 5980, 5983. SemaCodeComplete.cpp 5980
  • V595 The 'CodeCompleter' pointer was utilized before it was verified against nullptr. Check lines: 7455, 7458. SemaCodeComplete.cpp 7455
  • V595 The 'CodeCompleter' pointer was utilized before it was verified against nullptr. Check lines: 7483, 7486. SemaCodeComplete.cpp 7483

OpenSubdiv

V595 The 'destination' pointer was utilized before it was verified against nullptr. Check lines: 481, 483. hbr_utils.h 481


template <class T> void
createTopology(....)
{
  ....
  OpenSubdiv::HbrVertex<T> * destination =
                        mesh->GetVertex( fv[(j+1)%nv] );
  OpenSubdiv::HbrHalfedge<T> * opposite  =
                        destination->GetEdge(origin);  // <=

  if(origin==NULL || destination==NULL)                // <=
  {
    printf(....);
    valid=false;
    break;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'destination' pointer was utilized before it was verified against nullptr. Check lines: 145, 148. hbr_tutorial_1.cpp 145
  • V595 The 'destination' pointer was utilized before it was verified against nullptr. Check lines: 215, 218. hbr_tutorial_2.cpp 215

CMaNGOS

V595 The 'model' pointer was utilized before it was verified against nullptr. Check lines: 303, 305. MapTree.cpp 303


bool StaticMapTree::InitMap(const std::string& fname,
                            VMapManager2* vm)
{
  ....
  WorldModel* model =
    vm->acquireModelInstance(iBasePath, spawn.name);

  model->setModelFlags(spawn.flags);                   // <=
  ....
  if (model)                                           // <=
  {
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'model' pointer was utilized before it was verified against nullptr. Check lines: 374, 375. MapTree.cpp 374
  • V595 The 'unit' pointer was utilized before it was verified against nullptr. Check lines: 272, 290. Object.cpp 272
  • V595 The 'updateMask' pointer was utilized before it was verified against nullptr. Check lines: 351, 355. Object.cpp 351
  • And 1 additional diagnostic messages.

GCC

V595 The 'm->component' pointer was utilized before it was verified against nullptr. Check lines: 399, 407. genmodes.c 399


static void complete_mode (struct mode_data *m)
{
  ....
  if (   m->cl == MODE_COMPLEX_INT
      || m->cl == MODE_COMPLEX_FLOAT)
    alignment = m->component->bytesize;        // <=
  else
    alignment = m->bytesize;

  m->alignment = alignment & (~alignment + 1);

  if (m->component)                            // <=
  {
    m->next_cont = m->component->contained;
    m->component->contained = m;
  }
}

FreeBSD Kernel

V595 The 'mc' pointer was utilized before it was verified against nullptr. Check lines: 2954, 2955. mly.c 2954


static int
mly_user_command(struct mly_softc *sc,
                 struct mly_user_command *uc)
{
  struct mly_command  *mc;
  ....
  if (mc->mc_data != NULL)           // <=
    free(mc->mc_data, M_DEVBUF);     // <=
  if (mc != NULL) {                  // <=
    MLY_LOCK(sc);
    mly_release_command(mc);
    MLY_UNLOCK(sc);
  }
  return(error);
}

CryEngine V

V595 The 'pTrack' pointer was utilized before it was verified against nullptr. Check lines: 60, 61. AudioNode.cpp 60


void CAudioNode::Animate(SAnimContext& animContext)
{
  ....
  const bool bMuted = gEnv->IsEditor() && (pTrack->GetFlags() &
    IAnimTrack::eAnimTrackFlags_Muted);
  if (!pTrack || pTrack->GetNumKeys() == 0 ||
       pTrack->GetFlags() & IAnimTrack::eAnimTrackFlags_Disabled)
  {
    continue;
  }
  ....
}

LLVM/Clang

V595 The 'DIExpr' pointer was utilized before it was verified against nullptr. Check lines: 949, 950. codeviewdebug.cpp 949


void CodeViewDebug::collectVariableInfo(const DISubprogram *SP) {
  ....
  const DIExpression *DIExpr = DVInst->getDebugExpression();
  bool IsSubfield = false;
  unsigned StructOffset = 0;

  // Handle fragments.
  auto Fragment = DIExpr->getFragmentInfo();   // <=
  if (DIExpr && Fragment) {                    // <=
    IsSubfield = true;
    StructOffset = Fragment->OffsetInBits / 8;
  } else if (DIExpr && DIExpr->getNumElements() > 0) {
    continue; // Ignore unrecognized exprs.
  }
  ....
}

LLVM/Clang

V595 The 'Initializer' pointer was utilized before it was verified against nullptr. Check lines: 335, 338. semaoverload.cpp 335


NarrowingKind
StandardConversionSequence::getNarrowingKind(....) const {
  ....
  const Expr *Initializer = IgnoreNarrowingConversion(Converted);

  if (Initializer->isValueDependent()) // <=
    return NK_Dependent_Narrowing;

  if (Initializer &&                   // <=
      Initializer->isIntegerConstantExpr(IntConstantValue, Ctx)){
  ....
}

FreeBSD Kernel

V595 The 'mac' pointer was utilized before it was verified against nullptr. Check lines: 6757, 6760. if_bwn.c 6757


static void
bwn_txpwr(void *arg, int npending)
{
  struct bwn_mac *mac = arg;
  struct bwn_softc *sc = mac->mac_sc;

  BWN_LOCK(sc);
  if (mac && mac->mac_status >= BWN_MAC_STATUS_STARTED &&
      mac->mac_phy.set_txpwr != NULL)
    mac->mac_phy.set_txpwr(mac);
  BWN_UNLOCK(sc);
}

FreeBSD Kernel

V595 The 'ilt' pointer was utilized before it was verified against nullptr. Check lines: 667, 669. ecore_init_ops.h 667


static int ecore_ilt_client_mem_op(struct bxe_softc *sc,
                                   int cli_num, uint8_t memop)
{
  int i, rc;
  struct ecore_ilt *ilt = SC_ILT(sc);
  struct ilt_client_info *ilt_cli = &ilt->clients[cli_num];

  if (!ilt || !ilt->lines)
    return -1;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'ccb' pointer was utilized before it was verified against nullptr. Check lines: 540, 547. iscsi_subr.c 540

FreeBSD Kernel

V595 The 'ctl3_rewriters' pointer was utilized before it was verified against nullptr. Check lines: 3206, 3210. ip_fw_sockopt.c 3206


struct opcode_obj_rewrite *ctl3_rewriters;

void
ipfw_add_obj_rewriter(struct opcode_obj_rewrite *rw,
                      size_t count)
{
  ....
  memcpy(tmp, ctl3_rewriters, ctl3_rsize * sizeof(*rw));  // <=
  memcpy(&tmp[ctl3_rsize], rw, count * sizeof(*rw));
  qsort(tmp, sz, sizeof(*rw), compare_opcodes);
  /* Switch new and free old */
  if (ctl3_rewriters != NULL)                             // <=
    free(ctl3_rewriters, M_IPFW);
  ctl3_rewriters = tmp;
  ctl3_rsize = sz;

  CTL3_UNLOCK();
}

Similar errors can be found in some other places:

  • V595 The 'ctl3_handlers' pointer was utilized before it was verified against nullptr. Check lines: 3441, 3445. ip_fw_sockopt.c 3441
  • V595 The 'cm' pointer was utilized before it was verified against nullptr. Check lines: 3361, 3381. mfi.c 3361
  • V595 The 'cm' pointer was utilized before it was verified against nullptr. Check lines: 1383, 1394. mpr_sas_lsi.c 1383
  • And 7 additional diagnostic messages.

TensorFlow

V595 The 'e' pointer was utilized before it was verified against nullptr. Check lines: 1044, 1045. function.cc 1044


void ToGraphDef(const Graph* g, GraphDef* gdef, bool pretty) {
  ....
  gtl::InlinedVector<const Edge*, 4> inputs;
  ....
  for (const Edge* e : inputs) {
    const string srcname = NewName(e->src(), pretty);    // <=
    if (e == nullptr) {
      ndef->add_input("unknown");
    } else if (!e->src()->IsOp()) {
    } else if (e->IsControlEdge()) {
      ndef->add_input(strings::StrCat("^", srcname));
    } else if (e->src_output() == 0) {
      ndef->add_input(srcname);
    } else {
      ndef->add_input(strings::StrCat(
        srcname, ":", e->src_output()));
    }
  }
  ....
}

Valgrind

V595 The 'op' pointer was utilized before it was verified against nullptr. Check lines: 350, 360. syswrap-xen.c 350


PRE(xsm_op)
{
   struct vki_xen_flask_op *op = (struct vki_xen_flask_op *)ARG1;

   PRINT("__HYPERVISOR_xsm_op ( %u )", op->cmd);            // <=

   PRE_MEM_READ("__HYPERVISOR_xsm_op", ARG1,
                sizeof(vki_uint32_t) + sizeof(vki_uint32_t));

   if (!op)                                                 // <=
      return;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'sysctl' pointer was utilized before it was verified against nullptr. Check lines: 568, 578. syswrap-xen.c 568
  • V595 The 'domctl' pointer was utilized before it was verified against nullptr. Check lines: 710, 722. syswrap-xen.c 710
  • V595 The 'ent' pointer was utilized before it was verified against nullptr. Check lines: 2131, 2133. syswrap-xen.c 2131
  • And 1 additional diagnostic messages.

Notepad++

V595 The 'pScint' pointer was utilized before it was verified against nullptr. Check lines: 347, 353. scintillaeditview.cpp 347


LRESULT CALLBACK ScintillaEditView::scintillaStatic_Proc(....)
{
  ScintillaEditView *pScint = (ScintillaEditView *)(....);

  if (Message == WM_MOUSEWHEEL || Message == WM_MOUSEHWHEEL)
  {
    ....
    if (isSynpnatic || makeTouchPadCompetible)
      return (pScint->scintillaNew_Proc(....); // <=
    ....
  }
  if (pScint)
    return (pScint->scintillaNew_Proc(....));
  else
    return ::DefWindowProc(hwnd, Message, wParam, lParam);
}

Scilab

V595 The 'Block.inptr' pointer was utilized before it was verified against nullptr. Check lines: 478, 479. sci_model2blk.cpp 478


types::Function::ReturnValue sci_model2blk(....)
{
  ....

  Block.inptr[i] = MALLOC(size);
  if (Block.inptr == nullptr)
  {
      freeBlock(&Block);
      Scierror(888, _("%s : Allocation error.\n"), name.data());
      return types::Function::Error;
  }

  memset(Block.inptr[i], 0x00, size);
  ....
}

Scilab

V595 The 'pwstLines' pointer was utilized before it was verified against nullptr. Check lines: 78, 79. mgetl.cpp 78


int mgetl(int iFileID, int iLineCount, wchar_t ***pwstLines)
{
  *pwstLines = NULL;
  ....
  *pwstLines = (wchar_t**)MALLOC(iLineCount * sizeof(wchar_t*));
  if (pwstLines == NULL)
  {
      return -1;
  }
  ....
}

Scilab

V595 The 'array_size' pointer was utilized before it was verified against nullptr. Check lines: 67, 68. diary_manager.cpp 67


wchar_t **getDiaryFilenames(int *array_size)
{
  *array_size = 0;
  if (SCIDIARY)
  {
    std::list<std::wstring> wstringFilenames = SCIDIARY->get....
    *array_size = (int)wstringFilenames.size();
    if (array_size > 0)
    {
      ....
    }
  ....
}

Scilab

V595 The 'number' pointer was utilized before it was verified against nullptr. Check lines: 410, 425. scilab_sscanf.cpp 410


int scilab_sscanf(....)
{
  ....
  wchar_t* number = NULL;
  ....
  number = (wchar_t*)MALLOC((nbrOfDigit + 1) * sizeof(wchar_t));
  memcpy(number, wcsData, nbrOfDigit * sizeof(wchar_t));
  number[nbrOfDigit] = L'\0';
  iSingleData = wcstoul(number, &number, base);
  if ((iSingleData == 0) && (number[0] == wcsData[0]))
  {
    ....
  }
  if (number == NULL)
  {
      wcsData += nbrOfDigit;
  }
  else
  {
      wcsData += (nbrOfDigit - wcslen(number));
  }
  ....
}

Scilab

V595 The 'OuputStrings' pointer was utilized before it was verified against nullptr. Check lines: 271, 272. spawncommand.c 271


char **CreateOuput(pipeinfo *pipe, BOOL DetachProcess)
{
  char **OuputStrings = NULL;
  ....
  OuputStrings = (char**)MALLOC((pipe->NumberOfLines) * ....);
  memset(OuputStrings, 0x00,sizeof(char*) * pipe->NumberOfLines);
  if (OuputStrings)
  {
    char *line = strtok(buffer, LF_STR);
    int i = 0;

    while (line)
    {
      OuputStrings[i] = convertLine(line, DetachProcess);
  ....
}

Augeas

V595 The 'out' pointer was utilized before it was verified against nullptr. Check lines: 245, 253. internal.c 245


int print_chars(FILE *out, const char *text, int cnt) {
  int total = 0;
  char *esc;

  if (text == NULL) {
    fprintf(out, "nil");                // <=
    return 3;
  }
  if (cnt < 0)
    cnt = strlen(text);

  esc = escape(text, cnt, "\"");
  total = strlen(esc);
  if (out != NULL)                      // <=
    fprintf(out, "%s", esc);
  free(esc);

  return total;
}

Augeas

V595 The 'u' pointer was utilized before it was verified against nullptr. Check lines: 59, 61. lexer.l 59


static char *regexp_literal(const char *s, int len) {
  char *u = unescape(s, len, RX_ESCAPES);
  size_t u_len = strlen(u);                  // <=

  if (u == NULL)                             // <=
    return NULL;

  regexp_c_locale(&u, &u_len);

  return u;
}

Similar errors can be found in some other places:

  • V595 The 'tree' pointer was utilized before it was verified against nullptr. Check lines: 335, 352. internal.c 335
  • V595 The 'eq' pointer was utilized before it was verified against nullptr. Check lines: 1091, 1092. lens.c 1091

Bind

V595 The 'ipkl->addrs' pointer was utilized before it was verified against nullptr. Check lines: 190, 191. ipkeylist.c 190


isc_result_t
dns_ipkeylist_resize(isc_mem_t *mctx, dns_ipkeylist_t *ipkl,
                     unsigned int n)
{
  ....
  memmove(addrs, ipkl->addrs,
          ipkl->allocated * sizeof(isc_sockaddr_t));
  if (ipkl->addrs != NULL)
    isc_mem_put(mctx, ipkl->addrs,
          ipkl->allocated * sizeof(isc_sockaddr_t));
  ....
}

Similar errors can be found in some other places:

  • V595 The 'ipkl->dscps' pointer was utilized before it was verified against nullptr. Check lines: 198, 199. ipkeylist.c 198
  • V595 The 'ipkl->keys' pointer was utilized before it was verified against nullptr. Check lines: 206, 207. ipkeylist.c 206
  • V595 The 'ipkl->labels' pointer was utilized before it was verified against nullptr. Check lines: 214, 215. ipkeylist.c 214
  • And 12 additional diagnostic messages.

EFL Core Libraries

V595 The 'im' pointer was utilized before it was verified against nullptr. Check lines: 217, 221. evas_native_tbm.c 217


static void
_native_bind_cb(void *data EINA_UNUSED, void *image, ....)
{
  RGBA_Image *im = image;
  Native *n = im->native.data;     // <=
  tbm_surface_info_s info;
  tbm_surface_h tbm_surf;

  if (!im || !n) return;           // <=
  ....
}

EFL Core Libraries

V595 The 'buf->priv.fb.fb' pointer was utilized before it was verified against nullptr. Check lines: 379, 392. evas_outbuf.c 379


void
evas_fb_outbuf_fb_reconfigure(....)
{
  ....
  refresh = buf->priv.fb.fb->refresh;                      // <=

   if (rot == 0 || rot == 180)
   {
      fb_w = w;
      fb_h = h;
   }
   else
   {
      fb_w = h;
      fb_h = w;
   }

   if (buf->priv.fb.fb)                                    // <=
     buf->priv.fb.fb = fb_changemode(buf->priv.fb.fb, fb_w, fb_h,
                                        fb_depth, refresh);
   else
     buf->priv.fb.fb = fb_setmode(fb_w, fb_h, fb_depth, refresh);
  ....
}

EFL Core Libraries

V595 The 'w' pointer was utilized before it was verified against nullptr. Check lines: 575, 585. evas_engine.c 575


static void
eng_image_size_get(void *engine EINA_UNUSED, void *image,
                   int *w, int *h)
{
   Evas_GL_Image *im;
   if (!image)
     {
        *w = 0;                                            // <=
        *h = 0;                                            // <=
        return;
     }
   im = image;
   if (im->orient == EVAS_IMAGE_ORIENT_90 ||
       im->orient == EVAS_IMAGE_ORIENT_270 ||
       im->orient == EVAS_IMAGE_FLIP_TRANSPOSE ||
       im->orient == EVAS_IMAGE_FLIP_TRANSVERSE)
     {
        if (w) *w = im->h;
        if (h) *h = im->w;
     }
   else
     {
        if (w) *w = im->w;
        if (h) *h = im->h;
     }
}

Similar errors can be found in some other places:

  • V595 The 'h' pointer was utilized before it was verified against nullptr. Check lines: 576, 586. evas_engine.c 576
  • V595 The '_eo_classes' pointer was utilized before it was verified against nullptr. Check lines: 1332, 1333. eo.c 1332
  • V595 The 'cur->node' pointer was utilized before it was verified against nullptr. Check lines: 9889, 9894. evas_object_textblock.c 9889
  • And 2 additional diagnostic messages.

Tizen

V595 The 'priv' pointer was utilized before it was verified against nullptr. Check lines: 110, 114. view_generic_popup.c 110


static void _show(void *data)
{
  SETTING_TRACE_BEGIN;
  struct _priv *priv = (struct _priv *)data;
  Eina_List *children = elm_box_children_get(priv->box);    // <=
  Evas_Object *first = eina_list_data_get(children);
  Evas_Object *selected =
    eina_list_nth(children, priv->item_selected_on_show);   // <=

  if (!priv) {                                              // <=
    _ERR("Invalid parameter.");
    return;
  }
  ....
}

Tizen

V595 The 'core' pointer was utilized before it was verified against nullptr. Check lines: 2252, 2254. media_codec_port_gst.c 2252


void _mc_gst_handle_input_buffer_used(mc_gst_core_t *core,
                                      media_packet_h packet)
{
  g_atomic_int_dec_and_test(&core->etb_count);

  if (core && core->user_cb[_MEDIACODEC_EVENT_TYPE_EMPTYBUFFER])
  {
    ....
  }
  ....
}

Tizen

V595 The 'ticker.ad' pointer was utilized before it was verified against nullptr. Check lines: 590, 600. ticker.c 590


static Evas_Object *_ticker_window_create(struct appdata *ad)
{
  ....
  // The pointer is dereferenced without checking for NULL.
  evas_object_resize(win, ad->win.w, indicator_height_get());
  ....
}

static int _ticker_view_create(void)
{
  if (!ticker.win)
    ticker.win = _ticker_window_create(ticker.ad);         // <=
  if (!ticker.layout)
    ticker.layout = _ticker_layout_create(ticker.win);
  if (!ticker.scroller)
    ticker.scroller = _ticker_scroller_create(ticker.layout);

  evas_object_show(ticker.layout);
  evas_object_show(ticker.scroller);
  evas_object_show(ticker.win);

  if (ticker.ad)                                           // <=
    util_signal_emit_by_win(&ticker.ad->win,
      "message.show.noeffect", "indicator.prog");
  ....
}

Similar errors can be found in some other places:

  • V595 The 'eyeCondition' pointer was utilized before it was verified against nullptr. Check lines: 162, 168. FaceEyeCondition.cpp 162
  • V595 The 'dev->name' pointer was utilized before it was verified against nullptr. Check lines: 122, 127. e_devicemgr_device.c 122

Enlightenment

V595 The 'cpufreq_config->status' pointer was utilized before it was verified against nullptr. Check lines: 1325, 1326. e_mod_main.c 1325


static void
_cpufreq_cb_frequency_check_notify(....)
{
  ....
  active = cpufreq_config->status->active;
  if ((cpufreq_config->status) && ....
  ....
}

ClickHouse

V595 The 'lambda_type' pointer was utilized before it was verified against nullptr. Check lines: 359, 361. TypeAndConstantInference.cpp 359


void processHigherOrderFunction(....)
{
  ....
  const DataTypeExpression * lambda_type =
    typeid_cast<const DataTypeExpression *>(types[i].get());

  const DataTypes & lambda_argument_types =
    lambda_type->getArgumentTypes();

  if (!lambda_type)
    throw Exception("Logical error: .....",
                    ErrorCodes::LOGICAL_ERROR);
  ....
}

MuseScore

V595 The 'sample' pointer was utilized before it was verified against nullptr. Check lines: 926, 929. voice.cpp 926


void Voice::update_param(int _gen)
{
 ....
 if (gen[GEN_OVERRIDEROOTKEY].val > -1) {
  root_pitch = gen[GEN_OVERRIDEROOTKEY].val * 100.0f - ....
 }
 else {
  root_pitch = sample->origpitch * 100.0f - sample->pitchadj;
 }
 root_pitch = _fluid->ct2hz(root_pitch);
 if (sample != 0)
  root_pitch *= (float) _fluid->sample_rate / sample->samplerate;
 break;
  ....
}

Audacity

V595 The 'clip' pointer was utilized before it was verified against nullptr. Check lines: 4094, 4095. Project.cpp 4094


void AudacityProject::AddImportedTracks(....)
{
  ....
  WaveClip* clip = ((WaveTrack*)newTrack)->GetClipByIndex(0);
  BlockArray &blocks = clip->GetSequence()->GetBlockArray();
  if (clip && blocks.size())
  {
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'outputMeterFloats' pointer was utilized before it was verified against nullptr. Check lines: 5246, 5255. AudioIO.cpp 5246
  • V595 The 'buffer2' pointer was utilized before it was verified against nullptr. Check lines: 404, 409. Compressor.cpp 404
  • V595 The 'p' pointer was utilized before it was verified against nullptr. Check lines: 946, 974. ControlToolBar.cpp 946
  • And 1 additional diagnostic messages.

Rosegarden

V595 The 'm_scene' pointer was utilized before it was verified against nullptr. Check lines: 1001, 1002. NotationWidget.cpp 1001


void
NotationWidget::slotEnsureTimeVisible(timeT t)
{
  m_inMove = true;
  QPointF pos = m_view->mapToScene(0,m_view->height()/2);
  pos.setX(m_scene->getRulerScale()->getXForTime(t));     // <=
  if (m_scene) m_scene->constrainToSegmentArea(pos);      // <=
  m_view->ensureVisible(QRectF(pos, pos));
  m_inMove = false;
}

Rosegarden

V595 The 'm_hideSignatureButton' pointer was utilized before it was verified against nullptr. Check lines: 248, 258. TimeSignatureDialog.cpp 248


TimeSignature
TimeSignatureDialog::getTimeSignature() const
{
  QSettings settings;
  settings.beginGroup( GeneralOptionsConfigGroup );

  settings.setValue("timesigdialogmakehidden",
    m_hideSignatureButton->isChecked());                    // <=
  settings.setValue("timesigdialogmakehiddenbars",
    m_hideBarsButton->isChecked());                         // <=
  settings.setValue("timesigdialogshowcommon",
    m_commonTimeButton->isChecked());                       // <=
  settings.setValue("timesigdialognormalize",
    m_normalizeRestsButton->isChecked());

  TimeSignature ts(m_timeSignature.getNumerator(),
                   m_timeSignature.getDenominator(),
                   (m_commonTimeButton &&
                    m_commonTimeButton->isEnabled() &&
                    m_commonTimeButton->isChecked()),
                   (m_hideSignatureButton &&                // <=
                    m_hideSignatureButton->isEnabled() &&
                    m_hideSignatureButton->isChecked()),
                   (m_hideBarsButton &&
                    m_hideBarsButton->isEnabled() &&
                    m_hideBarsButton->isChecked()));

  settings.endGroup();

  return ts;
}

Similar errors can be found in some other places:

  • V595 The 'm_timeT' pointer was utilized before it was verified against nullptr. Check lines: 690, 696. TimeWidget.cpp 690
  • V595 The 'm_scene' pointer was utilized before it was verified against nullptr. Check lines: 526, 538. NoteRestInserter.cpp 526
  • V595 The 'item' pointer was utilized before it was verified against nullptr. Check lines: 318, 320. TempoView.cpp 318
  • And 9 additional diagnostic messages.

Sphinx (search engine)

V595 The 'pServed' pointer was utilized before it was verified against nullptr. Check lines: 17334, 17337. searchd.cpp 17334


static bool CheckServedEntry(const ServedIndex_c * pEntry,
                             const char * sIndex,
                             CSphString & sError );

static bool RotateIndexMT ( .... )
{
  ....
  ServedIndex_c * pServed =
    g_pLocalIndexes->GetWlockedEntry ( sIndex );
  pServed->m_sNewPath = "";                            // <=
  if ( !CheckServedEntry ( pServed, sIndex.cstr(), sError ) )
  {
    if ( pServed )                                     // <=
      pServed->Unlock();
    return false;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'tCP.m_sWord' pointer was utilized before it was verified against nullptr. Check lines: 5214, 5215. sphinxrt.cpp 5214

Ardour

V595 The '_session' pointer was utilized before it was verified against nullptr. Check lines: 1576, 1579. editor_rulers.cc 1576


void
Editor::set_minsec_ruler_scale (samplepos_t lower,
samplepos_t upper)
{
  samplepos_t fr = _session->sample_rate() * 1000;
  samplepos_t spacer;

  if (_session == 0) {
    return;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'rui' pointer was utilized before it was verified against nullptr. Check lines: 250, 253. analysis_window.cc 250
  • V595 The 'scan_dlg' pointer was utilized before it was verified against nullptr. Check lines: 5089, 5099. ardour_ui.cc 5089
  • V595 The '_session' pointer was utilized before it was verified against nullptr. Check lines: 352, 361. ardour_ui_options.cc 352
  • And 3 additional diagnostic messages.

Steinberg SDKs

V595 The 'inputBitmap' pointer was utilized before it was verified against nullptr. Check lines: 409, 410. cbitmapfilter.cpp 409


bool run (bool replace) override
{
  CBitmap* inputBitmap = getInputBitmap ();
  uint32_t radius = static_cast<uint32_t>(static_cast<double>(
    .... * inputBitmap->getPlatformBitmap()->getScaleFactor());
  if (inputBitmap == nullptr || radius == UINT_MAX)
    return false;
  ....
}

Chromium

V595 CWE-476 The 'reason' pointer was utilized before it was verified against nullptr. Check lines: 167, 174. win_util.cc 167


bool IsKeyboardPresentOnSlate(std::string* reason, HWND hwnd) {
  bool result = false;

  if (GetVersion() < VERSION_WIN8) {
    *reason = "Detection not supported";
    return false;
  }

  // This function is only supported for Windows 8 and up.
  if (CommandLine::ForCurrentProcess()->HasSwitch(
          switches::kDisableUsbKeyboardDetect)) {
    if (reason)
      *reason = "Detection disabled";
    return false;
  }
  ....
}

A check that the reason pointer is not null is not performed in all needed cases.


Chromium

V595 CWE-476 The 'val' pointer was utilized before it was verified against nullptr. Check lines: 124, 126. paint_op_reader.cc 124


template <typename T>
void PaintOpReader::ReadFlattenable(sk_sp<T>* val) {
  // ....
  // Here the argument val is not used and is not checked.
  // ....
  val->reset(static_cast<T*>(SkValidatingDeserializeFlattenable(
      const_cast<const char*>(memory_), bytes,
      T::GetFlattenableType())));
  if (!val)
    SetInvalid();
  ....
}

The val pointer is dereferenced before the check for null equality.


Chromium

V595 CWE-476 The 'factory' pointer was utilized before it was verified against nullptr. Check lines: 122, 124. http_auth_handler_factory.cc 122


void HttpAuthHandlerRegistryFactory::RegisterSchemeFactory(
    const std::string& scheme,
    HttpAuthHandlerFactory* factory)
{
  factory->set_http_auth_preferences(http_auth_preferences());
  std::string lower_scheme = base::ToLowerASCII(scheme);
  if (factory)
    factory_map_[lower_scheme] = base::WrapUnique(factory);
  else
    factory_map_.erase(lower_scheme);
}

A factory pointer is dereferenced before checking for nullptr equality.


Chromium

V595 CWE-476 The 'inline_style' pointer was utilized before it was verified against nullptr. Check lines: 142, 143. css_agent.cc 142


Response CSSAgent::getMatchedStylesForNode(int node_id,
  Maybe<CSS::CSSStyle>* inline_style)
{
  UIElement* ui_element =
    dom_agent_->GetElementFromNodeId(node_id);
  *inline_style = GetStylesForUIElement(ui_element);
  if (!inline_style)
    return NodeNotFoundError(node_id);
  return Response::OK();
}

An inline_style pointer gets dereferenced before checking for nullptr equality.


ANGLE

V595 CWE-476 The 'program' pointer was utilized before it was verified against nullptr. Check lines: 272, 276. vertexarray11.cpp 272


gl::Error VertexArray11::updateDirtyAndDynamicAttribs(....)
{
  ....
  const gl::Program *program  = glState.getProgram();
  const auto &activeLocations =
    program->getActiveAttribLocationsMask();                // <=
  ....
  mAppliedNumViewsToDivisor =
    (program != nullptr && program->usesMultiview()) ?      // <=
       program->getNumViews() : 1;
  ....
}

A program pointer can be equal to nullptr, as evidenced by the check program != nullptr. Besides, earlier the pointer is dereferenced before the preliminary check.


ICU

V595 CWE-476 The 'fData' pointer was utilized before it was verified against nullptr. Check lines: 967, 976. rbbi.cpp 967


int32_t RuleBasedBreakIterator::handlePrevious(
  int32_t fromPosition)
{
  ....
  const RBBIStateTable *stateTable = fData->fSafeRevTable;
  ....
  if (fText == NULL || fData == NULL ||
      UTEXT_GETNATIVEINDEX(fText)==0) {
    return BreakIterator::DONE;
  }
  ....
}

A fData pointer can be equal to nullptr, as evidenced by the check program != nullptr. Besides, earlier the pointer is dereferenced before the preliminary check.


XNU kernel

V595 CWE-476 The 'sym' pointer was utilized before it was verified against nullptr. Check lines: 889, 896. IORegistryEntry.cpp 889


bool
IORegistryEntry::compareName(....) const
{
  const OSSymbol *  sym = copyName();
  bool    isEqual;

  isEqual = sym->isEqualTo( name );

  if( isEqual && matched) {
    name->retain();
    *matched = name;
  }

  if( sym)
    sym->release();
  return( isEqual );
}

XNU kernel

V595 CWE-476 The 'list_ptr' pointer was utilized before it was verified against nullptr. Check lines: 7175, 7176. kern_memorystatus.c 7175


static int
memorystatus_get_priority_list(
  memorystatus_priority_entry_t **list_ptr, size_t *buffer_size,
  size_t *list_size, boolean_t size_only)
{
  ....
  *list_ptr = (memorystatus_priority_entry_t*)kalloc(*list_size);
  if (!list_ptr) {
    return ENOMEM;
  }
  ....
}

Most likely, it is a forgotten dereferencing of a pointer and it should be as follows: if (!*list_ptr) {


XNU kernel

V595 CWE-476 The 'so' pointer was utilized before it was verified against nullptr. Check lines: 3450, 3453. in_pcb.c 3450


inline void
inp_decr_sndbytes_unsent(struct socket *so, int32_t len)
{
  struct inpcb *inp = (struct inpcb *)so->so_pcb;
  struct ifnet *ifp = inp->inp_last_outifp;

  if (so == NULL || !(so->so_snd.sb_flags & SB_SNDBYTE_CNT))
    return;

  if (ifp != NULL) {
    if (ifp->if_sndbyte_unsent >= len)
      OSAddAtomic64(-len, &ifp->if_sndbyte_unsent);
    else
      ifp->if_sndbyte_unsent = 0;
  }
}

In the beginning the so pointer is dereferenced in the expression so->so_pcb. The check below so == NULL tells us that the pointer can be null.

Similar errors can be found in some other places:

  • V595 CWE-476 The 'startDict' pointer was utilized before it was verified against nullptr. Check lines: 3369, 3373. IOService.cpp 3369
  • V595 CWE-476 The 'job' pointer was utilized before it was verified against nullptr. Check lines: 4083, 4085. IOService.cpp 4083
  • V595 CWE-476 The 'typeinst' pointer was utilized before it was verified against nullptr. Check lines: 176, 177. OSMetaClass.cpp 176
  • And 12 additional diagnostic messages.

RT-Thread

V595 CWE-476 The 'handle' pointer was utilized before it was verified against nullptr. Check lines: 449, 458. fsl_lpi2c_edma.c 449


static void LPI2C_MasterEDMACallback(
  edma_handle_t *dmaHandle, void *userData,
  bool isTransferDone, uint32_t tcds)
{
  lpi2c_master_edma_handle_t *handle =
    (lpi2c_master_edma_handle_t *)userData;

  bool hasReceiveData =
         (handle->transfer.direction == kLPI2C_Read) &&
         (handle->transfer.dataSize);
  if (hasReceiveData &&
      !FSL_FEATURE_LPI2C_HAS_SEPARATE_DMA_RX_TX_REQn(base))
  {
    if (EDMA_GetNextTCDAddress(handle->tx) != 0)
    {
      LPI2C_MasterEnableDMA(handle->base, false, true);
    }
  }

  if (!handle)
  {
    return;
  }
  ....
}

RT-Thread

V595 CWE-476 The 'dev' pointer was utilized before it was verified against nullptr. Check lines: 497, 499. sdcard.c 497


static rt_size_t rt_sdcard_read(rt_device_t dev,
                                rt_off_t    pos,
                                void       *buffer,
                                rt_size_t   size)
{
  int i, addr;
  struct dfs_partition *part =
    (struct dfs_partition *)dev->user_data;

  if (dev == RT_NULL)
  {
    rt_set_errno(-EINVAL);
    return 0;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 CWE-476 The 'dev' pointer was utilized before it was verified against nullptr. Check lines: 528, 530. sdcard.c 528

Krita

V595 The 'l' pointer was utilized before it was verified against nullptr. Check lines: 428, 429. kis_node_manager.cpp 428


void KisNodeManager::moveNodeAt(....)
{
    ....
    KisLayer *l = qobject_cast<KisLayer*>(parent.data());
    KisSelectionMaskSP selMask = l->selectionMask(); // <=
    if (m && m->active() && l && l->selectionMask()) // <=
    selMask->setActive(false);
    ....
}

Similar errors can be found in some other places:

  • V595 The 'gradient' pointer was utilized before it was verified against nullptr. Check lines: 164, 166. kis_gradient_chooser.cc 164
  • V595 The 'm_currentShape' pointer was utilized before it was verified against nullptr. Check lines: 316, 325. ArtisticTextTool.cpp 316
  • V595 The 'painter()' pointer was utilized before it was verified against nullptr. Check lines: 87, 89. kis_grid_paintop.cpp 87
  • And 1 additional diagnostic messages.

Android

V595 CWE-476 The 'rsmp' pointer was utilized before it was verified against nullptr. Check lines: 54, 57. resampler.c 54


static void resampler_reset(struct resampler_itfe *resampler)
{
  struct resampler *rsmp = (struct resampler *)resampler;

  rsmp->frames_in = 0;
  rsmp->frames_rq = 0;

  if (rsmp != NULL && rsmp->speex_resampler != NULL) {
    speex_resampler_reset_mem(rsmp->speex_resampler);
  }
}

Android

V595 CWE-476 The 'video' pointer was utilized before it was verified against nullptr. Check lines: 385, 388. rate_control.cpp 385


PV_STATUS RC_UpdateBuffer(VideoEncData *video,
                          Int currLayer, Int num_skip)
{
  rateControl *rc  = video->rc[currLayer];
  MultiPass   *pMP = video->pMP[currLayer];

  if (video == NULL || rc == NULL || pMP == NULL)
    return PV_FAIL;
  ....
}

Android

V595 CWE-476 The 'iwnn' pointer was utilized before it was verified against nullptr. Check lines: 686, 689. ndapi.c 686


NJ_EXTERN NJ_INT16 njx_search_word(NJ_CLASS *iwnn, ....) {
  ....
  NJ_PREVIOUS_SELECTION_INFO *prev_info =
      &(iwnn->previous_selection);

  if (iwnn == NULL) {
    return NJ_SET_ERR_VAL(NJ_FUNC_NJ_SEARCH_WORD,
                          NJ_ERR_PARAM_ENV_NULL);
  }
  ....
}

Similar errors can be found in some other places:

  • V595 CWE-476 The 'outError' pointer was utilized before it was verified against nullptr. Check lines: 437, 450. Command.cpp 437
  • V595 CWE-476 The 'out_last_reference' pointer was utilized before it was verified against nullptr. Check lines: 432, 436. AssetManager2.cpp 432
  • V595 CWE-476 The 'set' pointer was utilized before it was verified against nullptr. Check lines: 4524, 4529. ResourceTypes.cpp 4524
  • And 6 additional diagnostic messages.

System Shock

V595 The 'ch' pointer was utilized before it was verified against nullptr. Check lines: 200, 202. HOTKEY.C 200


static bool shutdown_iter_func(void* elem, void* data)
{
  ....
  hotkey_link *chain = (hotkey_link*)(ch->keychain.vec);
  if (ch == NULL) return FALSE;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'ch' pointer was utilized before it was verified against nullptr. Check lines: 381, 392. EVENT.C 381
  • V595 The 'dp' pointer was utilized before it was verified against nullptr. Check lines: 2508, 2522. INVENT.C 2508
  • V595 The 'mug' pointer was utilized before it was verified against nullptr. Check lines: 702, 704. EMAIL.C 702

Azure Service Fabric

V595 CWE-476 The 'globalDomain' pointer was utilized before it was verified against nullptr. Check lines: 196, 197. PlacementReplica.cpp 196


void PlacementReplica::ForEachWeightedDefragMetric(....) const
{
  ....
  size_t metricIndexInGlobalDomain =
    totalMetricIndexInGloba.... - globalDomain->MetricStartIndex;
  if (globalDomain != nullptr &&
    globalDomain->Metrics[metricIndexInGlobalDomain].Weight > 0)
  {
    if (!processor(totalMetricIndexInGlobalDomain))
    {
      break;
    }
  }
}

0 A.D.

V595 CWE-476 The 'dst' pointer was utilized before it was verified against nullptr. Check lines: 140, 143. test_secure_crt.h 140


static void TEST_CAT2(char* dst, size_t max_dst_chars, const char* src,
    const char* dst_val, int expected_ret, const char* expected_dst)
{
  strcpy(dst, dst_val);                                 // <=
  int ret = strcat_s(dst, max_dst_chars, src);
  TS_ASSERT_EQUALS(ret, expected_ret);
  if(dst != 0)                                          // <=
    TS_ASSERT(!strcmp(dst, expected_dst));
}

Similar errors can be found in some other places:

  • V595 CWE-476 The 'dst' pointer was utilized before it was verified against nullptr. Check lines: 150, 153. test_secure_crt.h 150
  • V595 CWE-476 The 'dst' pointer was utilized before it was verified against nullptr. Check lines: 314, 317. test_secure_crt.h 314

Perl 5

V595 The 'k' pointer was utilized before it was verified against nullptr. Check lines: 15919, 15920. op.c 15919


void
Perl_rpeep(pTHX_ OP *o)
{
  ....
  OP *k = o->op_next;
  U8 want = (k->op_flags & OPf_WANT);   // <=
  if (   k                              // <=
      && k->op_type == OP_KEYS
      && (   want == OPf_WANT_VOID
          || want == OPf_WANT_SCALAR)
      && !(k->op_private & OPpMAYBE_LVSUB)
      && !(k->op_flags & OPf_MOD)
  ) {
  ....
}

Qt

V595 CWE-476 The 'str' pointer was utilized before it was verified against nullptr. Check lines: 2118, 2119. qbytearray.cpp 2118


QByteArray &QByteArray::append(const char *str, int len)
{
  if (len < 0)
    len = qstrlen(str);
  if (str && len) {
    ....
}

Qt

V595 CWE-476 The 'mobj' pointer was utilized before it was verified against nullptr. Check lines: 2671, 2672. qmetaobject.cpp 2671


static inline const QMetaObjectPrivate *priv(const uint* data)
{ return reinterpret_cast<const QMetaObjectPrivate*>(data); }

bool QMetaEnum::isFlag() const
{
  const int offset = priv(mobj->d.data)->revision >= 8 ? 2 : 1;
  return mobj && mobj->d.data[handle + offset] & EnumIsFlag;
}

Qt

V595 CWE-476 The 'mobj' pointer was utilized before it was verified against nullptr. Check lines: 2683, 2684. qmetaobject.cpp 2683


static inline const QMetaObjectPrivate *priv(const uint* data)
{ return reinterpret_cast<const QMetaObjectPrivate*>(data); }

bool QMetaEnum::isScoped() const
{
    const int offset = priv(mobj->d.data)->revision >= 8 ? 2 : 1;
    return mobj && mobj->d.data[handle + offset] & EnumIsScoped;
}

Qt

V595 CWE-476 The 'fragment.d' pointer was utilized before it was verified against nullptr. Check lines: 2238, 2241. qtextcursor.cpp 2238


void QTextCursor::insertFragment(const QTextDocumentFragment &fragment)
{
    if (!d || !d->priv || fragment.isEmpty())
        return;

    d->priv->beginEditBlock();
    d->remove();
    fragment.d->insert(*this);
    d->priv->endEditBlock();

    if (fragment.d && fragment.d->doc)
        d->priv->mergeCachedResources(fragment.d->doc->docHandle());
}

Qt

V595 CWE-476 The 'window' pointer was utilized before it was verified against nullptr. Check lines: 1846, 1848. qapplication.cpp 1846


bool QApplicationPrivate::tryCloseAllWidgetWindows(....)
{
  ....
  QWindow *window = w->windowHandle();
  if (!window->close()) // Qt::WA_DeleteOnClose may cause deletion.
    return false;
  if (window)
    processedWindows->append(window);
  ....
}

Similar errors can be found in some other places:

  • V595 CWE-476 The 'window' pointer was utilized before it was verified against nullptr. Check lines: 1858, 1860. qapplication.cpp 1858
  • V595 CWE-476 The 'reply' pointer was utilized before it was verified against nullptr. Check lines: 492, 502. qhttpnetworkconnectionchannel.cpp 492
  • V595 CWE-476 The 'newHandle' pointer was utilized before it was verified against nullptr. Check lines: 877, 883. qsplitter.cpp 877
  • And 1 additional diagnostic messages.

Libwebsockets

V595 CWE-476 The 'wsi' pointer was utilized before it was verified against nullptr. Check lines: 232, 234. lws-plat-win.c 232


LWS_VISIBLE LWS_EXTERN int
_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi)
{
  struct lws *wsi;
  ....
  wsi = wsi_from_fd(context, pfd->fd);
  if (wsi->listener)                              // <=
    continue;
  if (!wsi || wsi->sock_send_blocking)            // <=
    continue;
  ....
}

WebP codec

V595 CWE-476 The 'orig_histo' pointer was utilized before it was verified against nullptr. Check lines: 991, 993. histogram_enc.c 991


int VP8LGetHistoImageSymbols(....)
{
  ....
  VP8LHistogramSet* const orig_histo =
    VP8LAllocateHistogramSet(image_histo_raw_size, cache_bits);
  ....
  const int entropy_combine =
    (orig_histo->size > entropy_combine_num_bins * 2) && (quality < 100); // <=

  if (orig_histo == NULL) goto Error;                                     // <=
  ....
}

WebP codec

V595 CWE-476 The 'curr_canvas' pointer was utilized before it was verified against nullptr. Check lines: 599, 603. anim_encode.c 599


int WebPAnimEncoderRefineRect(
    const WebPPicture* const prev_canvas, const WebPPicture* const curr_canvas,
    int is_lossless, float quality, int* const x_offset, int* const y_offset,
    int* const width, int* const height) {
  FrameRectangle rect;
  const int right = clip(*x_offset + *width, 0, curr_canvas->width);     // <=
  const int left = clip(*x_offset, 0, curr_canvas->width - 1);
  const int bottom = clip(*y_offset + *height, 0, curr_canvas->height);
  const int top = clip(*y_offset, 0, curr_canvas->height - 1);
  if (prev_canvas == NULL || curr_canvas == NULL ||                      // <=
      prev_canvas->width != curr_canvas->width ||
      prev_canvas->height != curr_canvas->height ||
      !prev_canvas->use_argb || !curr_canvas->use_argb) {
    return 0;
  }
  ....
}

Godot Engine

V595 CWE-476 The 'from_node' pointer was utilized before it was verified against nullptr. Check lines: 565, 567. canvas_item_editor_plugin.cpp 565


bool CanvasItemEditor::_get_bone_shape(....) {
  ....
  Node2D *from_node =
    Object::cast_to<Node2D>(ObjectDB::get_instance(bone->key().from));
  ....
  if (!from_node->is_inside_tree())
    return false; //may have been removed
  if (!from_node)
    return false;
  ....
}

NCBI Genome Workbench

V595 The 'dst_len' pointer was utilized before it was verified against nullptr. Check lines: 309, 315. zlib.cpp 309


bool CZipCompression::CompressBuffer(
  const void* src_buf, size_t  src_len,
  void*       dst_buf, size_t  dst_size,
  /* out */   size_t* dst_len)
{
  *dst_len = 0;

  // Check parameters
  if (!src_len  &&  !F_ISSET(fAllowEmptyData)) {
    src_buf = NULL;
  }
  if (!src_buf || !dst_buf || !dst_len) {
    SetError(Z_STREAM_ERROR, "bad argument");
    ERR_COMPRESS(48, FormatErrorMessage("CZipCompression::CompressBuffer"));
    return false;
  }
  ....
}

LibrePCB

V595 CWE-476 The 'szComment' pointer was utilized before it was verified against nullptr. Check lines: 2068, 2073. unzip.c 2068


extern int ZEXPORT unzGetGlobalComment (
  unzFile file, char * szComment, uLong uSizeBuf)
{
  ....
  if (uReadThis>0)
  {
    *szComment='\0';
    if (ZREAD64(s->z_filefunc,s->filestream,szComment,uReadThis)!=uReadThis)
      return UNZ_ERRNO;
  }

  if ((szComment != NULL) && (uSizeBuf > s->gi.size_comment))
    *(szComment+s->gi.size_comment)='\0';
  ....
}

SpeedCrunch

V595 The 'ioparams' pointer was utilized before it was verified against nullptr. Check lines: 969, 983. floatio.c 969


int cattokens(....)
{
  ....
  if (printexp)
  {
    if (expbase < 2)
      expbase = ioparams->expbase;  // <=
    ....
  }
  dot = '.';
  expbegin = "(";
  expend = ")";
  if (ioparams != NULL)             // <=
  {
    dot = ioparams->dot;
    expbegin = ioparams->expbegin;
    expend = ioparams->expend;
  }
  ....
}

Qalculate!

V595 The 'o_data' pointer was utilized before it was verified against nullptr. Check lines: 1108, 1112. DataSet.cc 1108


string DataObjectArgument::subprintlong() const {
  string str = _("an object from");
  str += " \"";
  str += o_data->title();               // <=
  str += "\"";
  DataPropertyIter it;
  DataProperty *o = NULL;
  if(o_data) {                          // <=
    o = o_data->getFirstProperty(&it);
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'o_assumption' pointer was utilized before it was verified against nullptr. Check lines: 229, 230. Variable.cc 229
  • V595 The 'i_value' pointer was utilized before it was verified against nullptr. Check lines: 3412, 3427. Number.cc 3412

FreeRDP

V595 The 'context' pointer was utilized before it was verified against nullptr. Check lines: 746, 748. gfx.c 746


static UINT gdi_SurfaceCommand(RdpgfxClientContext* context,
                               const RDPGFX_SURFACE_COMMAND* cmd)
{
  ....
  rdpGdi* gdi = (rdpGdi*) context->custom;

  if (!context || !cmd)
    return ERROR_INVALID_PARAMETER;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'ntlm' pointer was utilized before it was verified against nullptr. Check lines: 236, 255. ntlm.c 236
  • V595 The 'context' pointer was utilized before it was verified against nullptr. Check lines: 1003, 1007. rfx.c 1003
  • V595 The 'rdpei' pointer was utilized before it was verified against nullptr. Check lines: 176, 180. rdpei_main.c 176
  • And 1 additional diagnostic messages.

LLVM/Clang

V595 [CWE-476] The 'Callee' pointer was utilized before it was verified against nullptr. Check lines: 172, 174. AMDGPUInline.cpp 172


InlineCost AMDGPUInliner::getInlineCost(CallSite CS) {
  Function *Callee = CS.getCalledFunction();
  Function *Caller = CS.getCaller();
  TargetTransformInfo &TTI = TTIWP->getTTI(*Callee);

  if (!Callee || Callee->isDeclaration())
    return llvm::InlineCost::getNever("undefined callee");
  ....
}

LLVM/Clang

V595 [CWE-476] The 'CalleeFn' pointer was utilized before it was verified against nullptr. Check lines: 1079, 1081. SimplifyLibCalls.cpp 1079


static Value *optimizeDoubleFP(CallInst *CI, IRBuilder<> &B,
                               bool isBinary, bool isPrecise = false) {
  ....
  Function *CalleeFn = CI->getCalledFunction();
  StringRef CalleeNm = CalleeFn->getName();                 // <=
  AttributeList CalleeAt = CalleeFn->getAttributes();
  if (CalleeFn && !CalleeFn->isIntrinsic()) {               // <=
  ....
}

LLVM/Clang

V595 [CWE-476] The 'ND' pointer was utilized before it was verified against nullptr. Check lines: 532, 534. SemaTemplateInstantiateDecl.cpp 532


void Sema::InstantiateAttrs(const MultiLevelTemplateArgumentList &TemplateArgs,
                            const Decl *Tmpl, Decl *New,
                            LateInstantiatedAttrVec *LateAttrs,
                            LocalInstantiationScope *OuterMostScope) {
  ....
  NamedDecl *ND = dyn_cast<NamedDecl>(New);
  CXXRecordDecl *ThisContext =
    dyn_cast_or_null<CXXRecordDecl>(ND->getDeclContext());         // <=
  CXXThisScopeRAII ThisScope(*this, ThisContext, Qualifiers(),
                             ND && ND->isCXXInstanceMember());     // <=
  ....
}

Similar errors can be found in some other places:

  • V595 [CWE-476] The 'U' pointer was utilized before it was verified against nullptr. Check lines: 404, 407. DWARFFormValue.cpp 404
  • V595 [CWE-476] The 'ND' pointer was utilized before it was verified against nullptr. Check lines: 2149, 2151. SemaTemplateInstantiate.cpp 2149

Haiku Operation System

V595 The 'fReply' pointer was utilized before it was verified against nullptr. Check lines: 49, 52. ReplyBuilder.cpp 49


RPC::CallbackReply*
ReplyBuilder::Reply()
{
  fReply->Stream().InsertUInt(fStatusPosition, _HaikuErrorToNFS4(fStatus));
  fReply->Stream().InsertUInt(fOpCountPosition, fOpCount);

  if (fReply == NULL || fReply->Stream().Error() == B_OK)
    return fReply;
  else
    return NULL;
}

Haiku Operation System

V595 The 'mq' pointer was utilized before it was verified against nullptr. Check lines: 782, 786. oce_queue.c 782


static void
oce_mq_free(struct oce_mq *mq)
{
  POCE_SOFTC sc = (POCE_SOFTC) mq->parent;
  struct oce_mbx mbx;
  struct mbx_destroy_common_mq *fwcmd;

  if (!mq)
    return;
  ....
}

CMake

V595 The 'this->BuildFileStream' pointer was utilized before it was verified against nullptr. Check lines: 133, 134. cmMakefileTargetGenerator.cxx 133


void cmMakefileTargetGenerator::CreateRuleFile()
{
  ....
  this->BuildFileStream->SetCopyIfDifferent(true);
  if (!this->BuildFileStream) {
    return;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'this->FlagFileStream' pointer was utilized before it was verified against nullptr. Check lines: 303, 304. cmMakefileTargetGenerator.cxx 303

Mozilla Thunderbird

V595 The 'aValues' pointer was utilized before it was verified against nullptr. Check lines: 553, 555. nsLDAPMessage.cpp 553


NS_IMETHODIMP
nsLDAPMessage::GetBinaryValues(const char *aAttr, uint32_t *aCount,
                               nsILDAPBERValue ***aValues) {
  ....
  *aValues = static_cast<nsILDAPBERValue **>(
      moz_xmalloc(numVals * sizeof(nsILDAPBERValue)));
  if (!aValues) {
    ldap_value_free_len(values);
    return NS_ERROR_OUT_OF_MEMORY;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The '_retval' pointer was utilized before it was verified against nullptr. Check lines: 357, 358. nsLDAPSyncQuery.cpp 357

Celestia

V595 The 'destinations' pointer was utilized before it was verified against nullptr. Check lines: 48, 50. wintourguide.cpp 48


BOOL APIENTRY TourGuideProc(....)
{
  ....
  const DestinationList* destinations = guide->appCore->getDestinations();
  Destination* dest = (*destinations)[0];
  guide->selectedDest = dest;
  if (hwnd != NULL && destinations != NULL)
  {
    ....
  }
  ....
}

ROOT

V595 The 'N' pointer was utilized before it was verified against nullptr. Check lines: 484, 488. Scanner.cxx 484


bool RScanner::shouldVisitDecl(clang::NamedDecl *D)
{
   if (auto M = D->getOwningModule()) {                      // <= 2
      return fInterpreter.getSema().isModuleVisible(M);
   }
   return true;
}

bool RScanner::VisitNamespaceDecl(clang::NamespaceDecl* N)
{
 if (fScanType == EScanType::kOnePCM)
  return true;

 if (!shouldVisitDecl(N))                                    // <= 1
  return true;

 if((N && N->isImplicit()) || !N){                           // <= 3
    return true;
 }
 ....
}

Similar errors can be found in some other places:

  • V595 The 'file' pointer was utilized before it was verified against nullptr. Check lines: 141, 153. TFileCacheRead.cxx 141
  • V595 The 'fFree' pointer was utilized before it was verified against nullptr. Check lines: 2029, 2038. TFile.cxx 2029
  • V595 The 'tbuf' pointer was utilized before it was verified against nullptr. Check lines: 586, 591. TGText.cxx 586
  • And 3 additional diagnostic messages.

Amazon FreeRTOS

V595 [CWE-476] The 'pxMbedSignature' pointer was utilized before it was verified against nullptr. Check lines: 52, 54. iot_pki_utils.c 52


int PKI_mbedTLSSignatureToPkcs11Signature
    (uint8_t * pxSignaturePKCS, uint8_t * pxMbedSignature )
{
  int xReturn = 0;
  uint8_t * pxNextLength;

  /* The 4th byte contains the length of the R component */
  uint8_t ucSigComponentLength = pxMbedSignature[ 3 ]; // <=

  if(  ( pxSignaturePKCS == NULL )
    || ( pxMbedSignature == NULL ) )
  {
      xReturn = FAILURE;
  }

  ....
}

SDCC

V595 [CWE-476] The 'sfr' pointer was utilized before it was verified against nullptr. Check lines: 54, 56. timer2.cc 54


cl_timer2::init(void)
{
  cl_timer0::init();
  cell_rcap2l= sfr->get_cell(RCAP2L);//use_cell(sfr, RCAP2L);
  cell_rcap2h= sfr->get_cell(RCAP2H);//use_cell(sfr, RCAP2H);
  if (sfr)
    bit_t2ex= sfr->read(P1) & bmT2EX;
  return(0);
}

Similar errors can be found in some other places:

  • V595 [CWE-476] The 'value.string.string' pointer was utilized before it was verified against nullptr. Check lines: 244, 246. arg.cc 244
  • V595 [CWE-476] The 'app' pointer was utilized before it was verified against nullptr. Check lines: 668, 675. command.cc 668
  • V595 [CWE-476] The 'param_str' pointer was utilized before it was verified against nullptr. Check lines: 245, 247. command.cc 245
  • And 1 additional diagnostic messages.

Zephyr

V595 [CWE-476] The 'pub' pointer was utilized before it was verified against nullptr. Check lines: 708, 719. access.c 708


int bt_mesh_model_publish(struct bt_mesh_model *model)
{
  ....
  struct bt_mesh_model_pub *pub = model->pub;
  ....
  struct bt_mesh_msg_ctx ctx = {
    .send_rel = pub->send_rel,
  };
  ....
  if (!pub) {
    return -ENOTSUP;
  }
  ....
}

Zephyr

V595 [CWE-476] The 'conn' pointer was utilized before it was verified against nullptr. Check lines: 1071, 1073. tcp2.c 1071


int net_tcp_accept(struct net_context *context, net_tcp_accept_cb_t cb,
       void *user_data)
{
  ....
  struct tcp *conn = context->tcp;
  ....
  conn->accept_cb = cb;

  if (!conn || conn->state != TCP_LISTEN) {
    return -EINVAL;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 [CWE-476] The 'context->tcp' pointer was utilized before it was verified against nullptr. Check lines: 1512, 1518. tcp.c 1512
  • V595 [CWE-476] The 'fsm' pointer was utilized before it was verified against nullptr. Check lines: 365, 382. fsm.c 365

GCC

V595 The 'm->component' pointer was utilized before it was verified against nullptr. Check lines: 407, 415. genmodes.c 407


static void
complete_mode (struct mode_data *m)
{
  ....
  if (m->cl == MODE_COMPLEX_INT || m->cl == MODE_COMPLEX_FLOAT)
    alignment = m->component->bytesize;
  else
    alignment = m->bytesize;

  m->alignment = alignment & (~alignment + 1);

  if (m->component)
  ....
}

Command & Conquer

V595 The 'enemy' pointer was utilized before it was verified against nullptr. Check lines: 3689, 3695. TECHNO.CPP 3689


void TechnoClass::Base_Is_Attacked(TechnoClass const *enemy)
{
  FootClass *defender[6];
  int value[6];
  int count = 0;
  int weakest = 0;
  int desired = enemy->Risk() * 2;
  int risktotal = 0;

  /*
  ** Humans have to deal with their own base is attacked problems.
  */
  if (!enemy || House->Is_Ally(enemy) || House->IsHuman) {
    return;
  }
  ....
}

Minetest

V595 The 'm_client' pointer was utilized before it was verified against nullptr. Check lines: 183, 187. game.cpp 183


void gotText(const StringMap &fields)
{
  ....
  if (m_formname == "MT_DEATH_SCREEN") {
    assert(m_client != 0);
    m_client->sendRespawn();
    return;
  }

  if (m_client && m_client->modsLoaded())
    m_client->getScript()->on_formspec_input(m_formname, fields);
}

Qemu

V595 The 'blen2p' pointer was utilized before it was verified against nullptr. Check lines: 103, 106. dsound_template.h 103


static int glue (
    ....
    DWORD *blen1p,
    DWORD *blen2p,
    int entire,
    dsound *s
    )
{
  ....
  dolog("DirectSound returned misaligned buffer %ld %ld\n",
        *blen1p, *blen2p);
  glue(.... p2p ? *p2p : NULL, *blen1p,
                            blen2p ? *blen2p : 0);
....
}

DeepSpeech

V595 The 'istrm' pointer was utilized before it was verified against nullptr. Check lines: 60, 61. mapped-file.cc 60


MappedFile *MappedFile::Map(std::istream *istrm, bool memorymap,
                            const string &source, size_t size) {
  const auto spos = istrm->tellg();        // <=
  ....
  istrm->seekg(pos + size, std::ios::beg); // <=
  if (istrm) {                             // <=
    VLOG(1) << "mmap'ed region of " << size
            << " at offset " << pos
            << " from " << source
            << " to addr " << map;
  return mmf.release();
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'istrm' pointer was utilized before it was verified against nullptr. Check lines: 39, 61. mapped-file.cc 39

LLVM/Clang

V595 The 'CDecl' pointer was utilized before it was verified against nullptr. Check lines: 5275, 5284. RewriteObjC.cpp 5275


void RewriteObjCFragileABI::RewriteObjCClassMetaData(
  ObjCImplementationDecl *IDecl, std::string &Result)
{
  ObjCInterfaceDecl *CDecl = IDecl->getClassInterface();

  if (CDecl->isImplicitInterfaceDecl()) {
    RewriteObjCInternalStruct(CDecl, Result);
  }

  unsigned NumIvars = !IDecl->ivar_empty()
  ? IDecl->ivar_size()
  : (CDecl ? CDecl->ivar_size() : 0);
  ....
}

LLVM/Clang

V595 The 'ND' pointer was utilized before it was verified against nullptr. Check lines: 2803, 2805. SemaTemplateInstantiate.cpp 2803


bool
Sema::InstantiateClass(....)
{
  ....
  NamedDecl *ND = dyn_cast<NamedDecl>(I->NewDecl);
  CXXRecordDecl *ThisContext =
      dyn_cast_or_null<CXXRecordDecl>(ND->getDeclContext());
  CXXThisScopeRAII ThisScope(*this, ThisContext, Qualifiers(),
                              ND && ND->isCXXInstanceMember());
  ....
}

Espressif IoT Development Framework

V595 The 'outbuf' pointer was utilized before it was verified against nullptr. Check lines: 374, 381. protocomm.c 374


static int protocomm_version_handler(uint32_t session_id,
                                     const uint8_t *inbuf, ssize_t inlen,
                                     uint8_t **outbuf, ssize_t *outlen,
                                     void *priv_data)
{
    protocomm_t *pc = (protocomm_t *) priv_data;
    if (!pc->ver) {
        *outlen = 0;
        *outbuf = NULL;                                  // <=
        return ESP_OK;
    }

    /* Output is a non null terminated string with length specified */
    *outlen = strlen(pc->ver);
    *outbuf = malloc(*outlen);                           // <=
    if (outbuf == NULL) {                                // <=
        ESP_LOGE(TAG, "Failed to allocate memory for version response");
        return ESP_ERR_NO_MEM;
    }

    memcpy(*outbuf, pc->ver, *outlen);
    return ESP_OK;
}

Most likely this is what should be written here: if (*outbuf == NULL)


Espressif IoT Development Framework

V595 The 'hapd->wpa_auth' pointer was utilized before it was verified against nullptr. Check lines: 106, 113. esp_hostap.c 106


bool hostap_deinit(void *data)
{
  struct hostapd_data *hapd = (struct hostapd_data *)data;

  if (hapd == NULL) {
    return true;
  }

  if (hapd->wpa_auth->wpa_ie != NULL) {
    os_free(hapd->wpa_auth->wpa_ie);
  }

  if (hapd->wpa_auth->group != NULL) {
    os_free(hapd->wpa_auth->group);
  }

  if (hapd->wpa_auth != NULL) {
    os_free(hapd->wpa_auth);
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'hapd->conf' pointer was utilized before it was verified against nullptr. Check lines: 118, 125. esp_hostap.c 118
  • V595 The 'sm' pointer was utilized before it was verified against nullptr. Check lines: 1637, 1647. esp_wps.c 1637
  • V595 The 'sm' pointer was utilized before it was verified against nullptr. Check lines: 1693, 1703. esp_wps.c 1693

GTK

V595 [CWE-476] The 'iw' pointer was utilized before it was verified against nullptr. Check lines: 194, 199. inspect-button.c 194


static gboolean
on_flash_timeout (GtkInspectorWindow *iw)
{
  iw->flash_count++;

  gtk_highlight_overlay_set_color (GTK_HIGHLIGHT_OVERLAY (iw->flash_overlay),
                               &(GdkRGBA) {
                                   0.0, 0.0, 1.0,
                                   (iw && iw->flash_count % 2 == 0) ? 0.0 : 0.2
                               });
  ....
}

GTK

V595 [CWE-476] The 'bottom_node' pointer was utilized before it was verified against nullptr. Check lines: 1189, 1190. gtksnapshot.c 1189


static GskRenderNode *
gtk_snapshot_collect_blend_top (GtkSnapshot      *snapshot,
                                GtkSnapshotState *state,
                                GskRenderNode   **nodes,
                                guint             n_nodes)
{
  GskRenderNode *bottom_node, *top_node, *blend_node;
  GdkRGBA transparent = { 0, 0, 0, 0 };

  top_node = gtk_snapshot_collect_default (snapshot, state, nodes, n_nodes);
  bottom_node = state->data.blend.bottom_node != NULL
              ? gsk_render_node_ref (state->data.blend.bottom_node)
              : NULL;

  g_assert (top_node != NULL || bottom_node != NULL);

  if (top_node == NULL)
    top_node = gsk_color_node_new (&transparent, &bottom_node->bounds);
  if (bottom_node == NULL)
    bottom_node = gsk_color_node_new (&transparent, &top_node->bounds);
  ....
}

GTK

V595 [CWE-476] The 'dispatch->backend' pointer was utilized before it was verified against nullptr. Check lines: 1603, 1613. gtkprintbackendcups.c 1603


static void
cups_dispatch_watch_finalize (GSource *source)
{
  ....
  const char *username;
  char         hostname[HTTP_MAX_URI];
  char        *key;

  httpGetHostname (dispatch->request->http, hostname, sizeof (hostname));
  if (is_address_local (hostname))
    strcpy (hostname, "localhost");

  if (dispatch->backend->username != NULL)                     // <=
    username = dispatch->backend->username;                    // <=
  else
    username = cupsUser ();

  key = g_strconcat (username, "@", hostname, NULL);
  GTK_NOTE (PRINTING,
            g_print ("CUPS backend: removing stored password for %s\n", key));
  g_hash_table_remove (dispatch->backend->auth, key);          // <=
  g_free (key);

  if (dispatch->backend)                                       // <=
    dispatch->backend->authentication_lock = FALSE;
  ....
}

Qt

V595 [CWE-476] The 'd_ptr' pointer was utilized before it was verified against nullptr. Check lines: 710, 713. qmetatype.cpp 710


class __attribute__((visibility("default"))) QMetaType {
  ....
  const QtPrivate::QMetaTypeInterface *d_ptr = nullptr;
};

QPartialOrdering QMetaType::compare(const void *lhs, const void *rhs) const
{
    if (!lhs || !rhs)
        return QPartialOrdering::Unordered;
    if (d_ptr->flags & QMetaType::IsPointer)
        return threeWayCompare(*reinterpret_cast<const void * const *>(lhs),
                               *reinterpret_cast<const void * const *>(rhs));
    if (d_ptr && d_ptr->lessThan) {
        if (d_ptr->equals && d_ptr->equals(d_ptr, lhs, rhs))
            return QPartialOrdering::Equivalent;
        if (d_ptr->lessThan(d_ptr, lhs, rhs))
            return QPartialOrdering::Less;
        if (d_ptr->lessThan(d_ptr, rhs, lhs))
            return QPartialOrdering::Greater;
        if (!d_ptr->equals)
            return QPartialOrdering::Equivalent;
    }
    return QPartialOrdering::Unordered;
}

Similar errors can be found in some other places:

  • V595 [CWE-476] The 'self' pointer was utilized before it was verified against nullptr. Check lines: 1346, 1351. qcoreapplication.cpp 1346
  • V595 [CWE-476] The 'currentTimerInfo' pointer was utilized before it was verified against nullptr. Check lines: 636, 641. qtimerinfo_unix.cpp 636
  • V595 [CWE-476] The 'lib' pointer was utilized before it was verified against nullptr. Check lines: 325, 333. qlibrary.cpp 325
  • And 13 additional diagnostic messages.

Free Heroes of Might and Magic II

V595 The '_currentUnit' pointer was utilized before it was verified against nullptr. Check lines: 2336, 2358. battle_interface.cpp 2336


void Battle::Interface::MouseLeftClickBoardAction( .... )
{
  ....
  themes = GetSwordCursorDirection( Board::GetDirection( index,
                                  _currentUnit->GetHeadIndex()));
  ....
  if ( _currentUnit )
  {
    ....
  }
  ....
}

MuseScore

V595 The 'fd' pointer was utilized before it was verified against nullptr. Check lines: 5365, 5366. edit.cpp 5365


void Score::undoAddElement(Element* element)
{
  ....
  FretDiagram* fd = toFretDiagram(ne);
  Harmony* fdHarmony = fd->harmony();
  if (fd) {
    fdHarmony->setScore(score);
    fdHarmony->setSelected(false);
    fdHarmony->setTrack(staffIdx * VOICES + element->voice());
  }
  ....
}

MuseScore

V595 The 'startSegment' pointer was utilized before it was verified against nullptr. Check lines: 129, 131. notationselectionrange.cpp 129


Ms::Segment* NotationSelectionRange::rangeStartSegment() const
{
  Ms::Segment* startSegment = score()->selection().startSegment();

  startSegment->measure()->firstEnabled();  // <=

  if (!startSegment) {                      // <=
    return nullptr;
  }

  if (!startSegment->enabled()) {
    startSegment = startSegment->next1MMenabled();
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'note' pointer was utilized before it was verified against nullptr. Check lines: 5932, 5941. importmxmlpass2.cpp 5932
  • V595 The 'ed' pointer was utilized before it was verified against nullptr. Check lines: 599, 608. textedit.cpp 599
  • V595 The 's' pointer was utilized before it was verified against nullptr. Check lines: 139, 143. elements.cpp 139

Blender

V595 The 'nldrag' pointer was utilized before it was verified against nullptr. Check lines: 1037, 1039. node_relationships.c


static int node_link_invoke(bContext *C, wmOperator *op, const wmEvent *event)
{
  ....
  bNodeLinkDrag *nldrag = node_link_init(bmain, snode, cursor, detach);
  nldrag->last_picked_multi_input_socket_link = NULL;
  if (nldrag) {
    op->customdata = nldrag;
  ....
}

Similar errors can be found in some other places:

  • V595: The 'seq' pointer was utilized before it was verified against nullptr. Check lines: 373, 385. strip_add.c

Snort

V595 The 'ssd' pointer was utilized before it was verified against nullptr. dce2_smb2.c 900


void DCE2_Smb2Process(DCE2_SmbSsnData *ssd)
{
    const SFSnortPacket *p = ssd->sd.wire_pkt;
....
    if (ssd && ssd->pdu_state != DCE2_SMB_PDU_STATE__RAW_DATA)
    {
....
    }
....
}

Snort

V595 The 'it' pointer was utilized before it was verified against nullptr. Check lines: 158, 160. u2spewfoo.c 158


static inline void free_iterator(u2iterator *it) {
    if(it->file) fclose(it->file);
    if(it->filename) free(it->filename);
    if(it) free(it);
}

Storm Engine

V595 The 'rs' pointer was utilized before it was verified against nullptr. Check lines: 163, 164. Fader.cpp 163


uint64_t Fader::ProcessMessage(....)
{
  ....
  textureID = rs->TextureCreate(_name);
  if (rs)
  {
    rs->SetProgressImage(_name);
    ....
}

Similar errors can be found in some other places:

  • V595 The 'pACh' pointer was utilized before it was verified against nullptr. Check lines: 1214, 1215. sail.cpp 1214

LLVM/Clang

V595 [CWE-476, CERT-EXP12-C] The 'OS' pointer was utilized before it was verified against nullptr. Check lines: 791, 793. DWARFDebugLine.cpp 791


Error DWARFDebugLine::LineTable::parse(...., raw_ostream *OS, bool Verbose) {
  ....
  auto EmitRow = [&] {
    if (!TombstonedAddress) {
      if (Verbose) {
        *OS << "\n";
        OS->indent(12);
      }
      if (OS)
        State.Row.dump(*OS);
      State.appendRowToMatrix();
    }
  };
  ....
}

RPCS3

V595 The 'cached_dest' pointer was utilized before it was verified against nullptr. Check lines: 3059, 3064. texture_cache.h 3059


template <typename surface_store_type, typename blitter_type, typename ...Args>
blit_op_result upload_scaled_image(....)
{
  // ....

  if (!use_null_region) [[likely]]
  {
    // Do preliminary analysis
    typeless_info.analyse();

    blitter.scale_image(cmd, vram_texture, dest_texture, src_area, dst_area,
                        interpolate, typeless_info);
  }
  else
  {
    cached_dest->dma_transfer(cmd, vram_texture, src_area,
                              dst_range, dst.pitch);
  }

  blit_op_result result = true;

  if (cached_dest)
  {
    result.real_dst_address = cached_dest->get_section_base();
    result.real_dst_size = cached_dest->get_section_size();
  }
  else
  {
    result.real_dst_address = dst_base_address;
    result.real_dst_size = dst.pitch * dst_dimensions.height;
  }

  return result;
}

Chromium

V595 The 'client_' pointer was utilized before it was verified against nullptr. Check lines: 'password_manager_util.cc:119', 'password_manager.cc:1216', 'password_manager.cc:1218'. password_manager.cc 1216


// File: src\components\password_manager\core\browser\password_manager_util.cc
bool IsLoggingActive(const password_manager::PasswordManagerClient* client)
{
  const autofill::LogManager* log_manager = client->GetLogManager();
  return log_manager && log_manager->IsLoggingActive();
}

// File: src\components\password_manager\core\browser\password_manager.cc
void PasswordManager::RecordProvisionalSaveFailure(
    PasswordManagerMetricsRecorder::ProvisionalSaveFailure failure,
    const GURL& form_origin)
  {
  std::unique_ptr<BrowserSavePasswordProgressLogger> logger;
  if (password_manager_util::IsLoggingActive(client_)) {            // <=
    logger = std::make_unique<BrowserSavePasswordProgressLogger>(
        client_->GetLogManager());
  }
  if (client_ && client_->GetMetricsRecorder()) {                   // <=
    ....
  }
}

Intermodular analysis


Chromium

V595 The 'parent' pointer was utilized before it was verified against nullptr. Check lines: 'visibility_controller.cc:95', 'native_web_contents_modal_dialog_manager_views.cc:72', 'native_web_contents_modal_dialog_manager_views.cc:75'. native_web_contents_modal_dialog_manager_views.cc 72


// File: src\ui\wm\core\visibility_controller.cc
void SetChildWindowVisibilityChangesAnimated(aura::Window* window)
{
  window->SetProperty(kChildWindowVisibilityChangesAnimatedKey, true);
}

// File: src\components\constrained_window
//       \native_web_contents_modal_dialog_manager_views.cc
void NativeWebContentsModalDialogManagerViews::ManageDialog()
{
  views::Widget* widget = GetWidget(dialog());
  ....
#if defined(USE_AURA)
  ....
  gfx::NativeView parent = widget->GetNativeView()->parent();
  wm::SetChildWindowVisibilityChangesAnimated(parent);
  ....
  if (parent && parent->parent())
  {
    parent->parent()->SetProperty(aura::client::kAnimationsDisabledKey, true);
  }
  ....
#endif
}

Intermodular analysis


Blend2D

V595 The '_threadPool' pointer was utilized before it was verified against nullptr. Check lines: 158, 164. rasterworkermanager.cpp 158


class BLRasterWorkerManager {
public:
  BLThreadPool* _threadPool;
  uint32_t _workerCount;
  // ....
}
// ....
void BLRasterWorkerManager::reset() noexcept {
  // ....
  if (_workerCount) {
    // ....
    _threadPool->releaseThreads(_workerThreads, _workerCount);
    _workerCount = 0;
    // ....
  }
  if (_threadPool) {
    _threadPool->release();
    _threadPool = nullptr;
  }
  // ....
}

FlipperZero

V595 [CWE-476, CERT-EXP12-C] The 'subghz->txrx->protocol_result' pointer was utilized before it was verified against nullptr. Check lines: 70, 78. subghz_scene_receiver_info.c 70


void subghz_scene_receiver_info_on_enter(void* context) {
  ....
  subghz->txrx->protocol_result->to_string(subghz->txrx->protocol_result, text);
  widget_add_string_multiline_element(....);

  string_clear(frequency_str);
  string_clear(modulation_str);
  string_clear(text);

  if(subghz->txrx->protocol_result &&
     subghz->txrx->protocol_result->to_save_file &&
     strcmp(subghz->txrx->protocol_result->name, "KeeLoq")) {
  ....
}

MuditaOS

V595 [CERT-EXP12-C] The 'result' pointer was utilized before it was verified against nullptr. Check lines: 81, 82. AudioModel.cpp 81


void AudioModel::play(....)
{
  ....
  auto cb = [_callback = callback, this](auto response)
            {
              auto result = dynamic_cast
                            <service::AudioStartPlaybackResponse *>(response);
              lastPlayedToken = result->token;
              if (result == nullptr)
              {
                ....
              }
              ....
            };
  ....
}

Ogre3D

V595 The 'params' pointer was utilized before it was verified against nullptr. Check lines: 95, 101. OgreGpuProgramManager.cpp 95


Resource* GpuProgramManager::createImpl(....,
                                        const NameValuePairList* params)
{
  auto langIt = params->find("language");
  auto typeIt = params->find("type");

  if (langIt == params->end())
    langIt = params->find("syntax");

  if (!params || langIt == params->end() || typeIt == params->end())
  {
    OGRE_EXCEPT(Exception::ERR_INVALIDPARAMS,
      "You must supply 'language' or 'syntax' and 'type' parameters");
  }
}

In this code fragment, the passed params pointer had been dereferenced before it was checked against null. A classic error. The code works until someone passes nullptr into the function.


GPCS4

V595 The 'm_moduleData' pointer was utilized before it was verified against nullptr. Check lines: 49, 53. ELFMapper.cpp 49


bool ELFMapper::validateHeader()
{
  bool retVal      = false;
  auto &fileMemory = m_moduleData->m_fileMemory;
  do
  {
    if (m_moduleData == nullptr)
    {
      LOG_ERR("file has not been loaded");
      break;
    }
    ....
  } while (false);

  return retVal;
}

Overgrowth

V595 [CERT-EXP12-C] The 'ctx' pointer was utilized before it was verified against nullptr. Check lines: 130, 131. ascontext.cpp 130


class ASContext
{
public:
  asIScriptContext *ctx;
}

ASContext::ASContext(....)
{
  ctx = ....;
  ctx->SetUserData(this, 0);
  if( ctx == 0 )
  {
    FatalError("Error","Failed to create the context.");
    return;
  }
  ....
}

LLVM/Clang

V595 [CWE-476, CERT-EXP12-C] The 'CI' pointer was utilized before it was verified against nullptr. Check lines: 2515, 2517. SimplifyLibCalls.cpp 2515


void LibCallSimplifier::classifyArgUse(....) {
  CallInst *CI = dyn_cast<CallInst>(Val);
  Module *M = CI->getModule();

  if (!CI || CI->use_empty())
    return;
  ....
}

LLVM/Clang

V595 [CWE-476, CERT-EXP12-C] The 'sc.symbol' pointer was utilized before it was verified against nullptr. Check lines: 877, 878. Module.cpp 877


void Module::FindFunctions(....) {
  ....
  for (size_t i = 0; i < num_matches; ++i) {
    sc.symbol = symtab->SymbolAtIndex(symbol_indexes[i]);
    SymbolType sym_type = sc.symbol->GetType();
    if (sc.symbol && (sym_type == eSymbolTypeCode ||
                      sym_type == eSymbolTypeResolver))
      sc_list.Append(sc);
  }
  ....
}

Similar errors can be found in some other places:

  • V595 [CWE-476, CERT-EXP12-C] The 'sc.symbol' pointer was utilized before it was verified against nullptr. Check lines: 899, 900. Module.cpp 899
  • V595 [CWE-476, CERT-EXP12-C] The 'process' pointer was utilized before it was verified against nullptr. Check lines: 159, 184. IRExecutionUnit.cpp 159
  • V595 [CWE-476, CERT-EXP12-C] The 'localVarCst' pointer was utilized before it was verified against nullptr. Check lines: 77, 96. AffineStructures.cpp 77
  • And 2 additional diagnostic messages.

RPCS3

V595 The 'm_finfo' pointer was utilized before it was verified against nullptr. Check lines: 5316, 5344. SPURecompiler.cpp 5316


class spu_llvm_recompiler : public spu_recompiler_base
                          , public cpu_translator
{
  // ....
  function_info* m_finfo;
  // ....
  virtual spu_function_t compile(spu_program&& _func) override
  {
    // ....
    const u32 src = m_finfo->fn ? bb.reg_origin_abs[i]
                                : bb.reg_origin[i];
    // ....
    value = m_finfo && m_finfo->load[i] ? m_finfo->load[i]
                                        : m_ir->CreateLoad(regptr);
    // ....
  }
}

VCMI

V595 The 'hero' pointer was utilized before it was verified against nullptr. Check lines: 182, 184. NetPacksServer.cpp 182


void ApplyGhNetPackVisitor::visitTradeOnMarketplace(....)
{
  ....
  bool allyTownSkillTrade = (....
                          && gh.getPlayerRelations(player, hero->tempOwner)
                          && ....);
  if (hero && ....)
    gh.throwAndComplain(&pack, "This hero can't use this marketplace!");
  ....
}

CodeLite

V595 The 'dbgr' pointer was utilized before it was verified against nullptr. Check lines: 349, 351. simpletable.cpp:349, simpletable.cpp:351


void WatchesTable::OnCreateVariableObject(....)
{
  ....
  if (dbgr->GetDebuggerInformation().defaultHexDisplay == true)
    dbgr->SetVariableObbjectDisplayFormat(DoGetGdbId(item),
                                        DBG_DF_HEXADECIMAL);

  if (dbgr)
    DoRefreshItem(dbgr, item, true);
  ....
}

Similar errors can be found in some other places:

  • V595 The 'win' pointer was utilized before it was verified against nullptr. Check lines: 1115, 1127. DiffSideBySidePanel.cpp:1115, DiffSideBySidePanel.cpp:1127
  • V595 The 'm_vsb' pointer was utilized before it was verified against nullptr. Check lines: 212, 224. clScrolledPanel.cpp:212, clScrolledPanel.cpp:224
  • V595 The 'ms_instance' pointer was utilized before it was verified against nullptr. Check lines: 24, 25. php_parser_thread.cpp:24, php_parser_thread.cpp:25
  • And 4 additional diagnostic messages.

FreeCAD

V595 [CWE-476, CERT-EXP12-C] The 'detail' pointer was utilized before it was verified against nullptr. Check lines: 842, 843. QGIViewPart.cpp 842


void QGIViewPart::highlightMoved(QGIHighlight* highlight, QPointF newPos)
{
  std::string highlightName = highlight->getFeatureName();
  App::Document* doc = getViewObject()->getDocument();
  App::DocumentObject* docObj = doc->getObject(highlightName.c_str());
  auto detail = dynamic_cast<DrawViewDetail*>(docObj);
  auto oldAnchor = detail->AnchorPoint.getValue();
  if (detail) {
    Base::Vector3d delta = Rez::appX(DrawUtil::toVector3d(newPos)) /
                           getViewObject()->getScale();
    delta = DrawUtil::invertY(delta);
    detail->AnchorPoint.setValue(oldAnchor + delta);
  }
}

FreeCAD

V595 [CWE-476, CERT-EXP12-C] The 'CutCompoundBF' pointer was utilized before it was verified against nullptr. Check lines: 690, 691. SectionCutting.cpp 690


void SectionCut::startCutting(bool isInitial)
{
  ....
  App::PropertyLinkList* CutLinkList =
    dynamic_cast<App::PropertyLinkList*>(
      CutCompoundBF->getPropertyByName("Objects"));

  if (!CutCompoundBF) {
    Base::Console().Error((std::string("SectionCut error: ")
                           + std::string(CompoundName)
                           + std::string(" could not be added\n")).c_str());
    return;
  }
  CutLinkList->setValue(ObjectsListLinks);
  ....
}

GTK

V595 [CWE-476, CERT-EXP12-C] The 'top' pointer was utilized before it was verified against nullptr. Check lines: 1024, 1051. gdkscreen-x11.c 1024


void
_gdk_x11_screen_get_edge_monitors (GdkX11Screen *x11_screen,
                                   int       *top,
                                   int       *bottom,
                                   int       *left,
                                   int       *right)
{
  ....
  *top = *bottom = *left = *right = -1;
  ....
  if (left && left_most_pos > x_monitors[i].x_org)
  ....
  if (right && right_most_pos < x_monitors[i].x_org + x_monitors[i].width)
  ....
  if (top && top_most_pos > x_monitors[i].y_org)
  ....
  if (bottom && bottom_most_pos < x_monitors[i].y_org + x_monitors[i].height)
  ....
}

GTK

V595 [CWE-476, CERT-EXP12-C] The 'action' pointer was utilized before it was verified against nullptr. Check lines: 449, 452. gtkactionmuxer.c 449


static void
notify_observers_added (GtkActionMuxer *muxer,
                        GtkActionMuxer *parent)
{
  ....
  Action *action;
  ....
  while (....)
  {
    ....
    if (!action->watchers)
      continue;

    for (node = action ? action->watchers : NULL; node; node = node->next)
      gtk_action_observer_primary_accel_changed (node->data,
                                                 GTK_ACTION_OBSERVABLE (muxer),
                                                 action_name, NULL);
  ....
}

Similar errors can be found in some other places:

  • V595 [CWE-476, CERT-EXP12-C] The 'icon' pointer was utilized before it was verified against nullptr. Check lines: 2225, 2231. gtkicontheme.c 2225
  • V595 [CWE-476, CERT-EXP12-C] The 'iw' pointer was utilized before it was verified against nullptr. Check lines: 194, 199. inspect-button.c 194
  • V595 [CWE-476, CERT-EXP12-C] The 'contents' pointer was utilized before it was verified against nullptr. Check lines: 493, 501. file.cpp 493
  • And 2 additional diagnostic messages.

GZDoom

V595 The 'node' pointer was utilized before it was verified against nullptr. Check lines: 231, 234. ParseContextBase.cpp 231


void TParseContextBase::rValueErrorCheck(const TSourceLoc& loc,
                                         const char* op,
                                         TIntermTyped* node)
{
  TIntermBinary* binaryNode = node->getAsBinaryNode();
  const TIntermSymbol* symNode = node->getAsSymbolNode();

  if (!node) return;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'linker' pointer was utilized before it was verified against nullptr. Check lines: 1550, 1552. ShaderLang.cpp 1550
  • V595 The 'mo' pointer was utilized before it was verified against nullptr. Check lines: 6358, 6359. p_mobj.cpp 6358

iSulad

V595 [CWE-476, CERT-EXP12-C] The 'response' pointer was utilized before it was verified against nullptr. Check lines: 2334, 2335. image.c 2334


int im_search_images(im_search_request *request, im_search_response **response)
{
  ....
  *response = (im_search_response *)
     util_common_calloc_s(sizeof(im_search_response));
  if (response == NULL) {
    ERROR("Out of memory");
    return -1;
  }
  ....
}