Bug Summary

File:define.c
Warning:line 149, column 9
Access to field 'name' results in a dereference of a null pointer (loaded from variable 'def')

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name define.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -mframe-pointer=all -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/tmp/build/foma/foma-0.10.0+g279~a2d32b38 -resource-dir /usr/lib/llvm-16/lib/clang/16 -D _GNU_SOURCE -D foma_shared_EXPORTS -I /tmp/build/foma/foma-0.10.0+g279~a2d32b38 -internal-isystem /usr/lib/llvm-16/lib/clang/16/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -Wno-missing-field-initializers -Wno-deprecated -Wno-unused-parameter -std=c18 -fdebug-compilation-dir=/tmp/build/foma/foma-0.10.0+g279~a2d32b38 -ferror-limit 19 -fvisibility=hidden -fgnuc-version=4.2.1 -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/build/foma/scan-build/2024-09-11-155945-2678-1 -x c /tmp/build/foma/foma-0.10.0+g279~a2d32b38/define.c
1#include <stdio.h>
2#include <string.h>
3#include <stdlib.h>
4#include "foma.h"
5
6extern int g_verbose;
7struct defined_networks *g_defines;
8struct defined_functions *g_defines_f;
9
10/* Find a defined symbol from the symbol table */
11/* Return the corresponding FSM */
12struct fsm *find_defined(struct defined_networks *def, char *string) {
13 struct defined_networks *d;
14 for (d = def; d != NULL((void*)0); d = d->next) {
15 if (d->name != NULL((void*)0) && strcmp(string, d->name) == 0) {
16 return(d->net);
17 }
18 }
19 return NULL((void*)0);
20}
21
22struct defined_networks *defined_networks_init(void) {
23 struct defined_networks *def;
24 def = calloc(1, sizeof(struct defined_networks)); /* Dummy first entry, so we can maintain the ptr */
25 return def;
26}
27
28struct defined_functions *defined_functions_init(void) {
29 struct defined_functions *deff;
30 deff = calloc(1, sizeof(struct defined_functions)); /* Dummy first entry */
31 return deff;
32}
33
34/* Removes a defined network from the list */
35/* Returns 0 on success, 1 if the definition did not exist */
36/* Undefines all if NULL is passed as the string argument */
37
38int remove_defined(struct defined_networks *def, char *string) {
39 struct defined_networks *d, *d_prev, *d_next;
40 int exists = 0;
41 /* Undefine all */
42 if (string == NULL((void*)0)) {
43 for (d = def; d != NULL((void*)0); d = d_next) {
44 d_next = d->next;
45 if (d->net != NULL((void*)0))
46 fsm_destroy(d->net);
47 if (d->name != NULL((void*)0))
48 free(d->name);
49 }
50 return 0;
51 }
52 d_prev = NULL((void*)0);
53 for (d = def; d != NULL((void*)0); d_prev = d, d = d->next) {
54 if (d->name != NULL((void*)0) && strcmp(d->name, string) == 0) {
55 exists = 1;
56 break;
57 }
58 }
59 if (exists == 0) {
60 return 1;
61 }
62 if (d == def) {
63 if (d->next != NULL((void*)0)) {
64 fsm_destroy(d->net);
65 free(d->name);
66 d->name = d->next->name;
67 d->net = d->next->net;
68 d_next = d->next->next;
69 free(d->next);
70 d->next = d_next;
71 } else {
72 fsm_destroy(d->net);
73 free(d->name);
74 d->next = NULL((void*)0);
75 d->name = NULL((void*)0);
76 d->net = NULL((void*)0);
77 }
78 } else {
79 fsm_destroy(d->net);
80 free(d->name);
81 d_prev->next = d->next;
82 free(d);
83 }
84 return 0;
85}
86
87/* Finds defined regex "function" based on name, numargs */
88/* Returns the corresponding regex */
89char *find_defined_function(struct defined_functions *deff, char *name, int numargs) {
90 struct defined_functions *d;
91 for (d = deff ; d != NULL((void*)0); d = d->next) {
92 if (d->name != NULL((void*)0) && strcmp(d->name, name) == 0 && d->numargs == numargs) {
93 return(d->regex);
94 }
95 }
96 return NULL((void*)0);
97}
98
99/* Add a function to list of defined functions */
100int add_defined_function(struct defined_functions *deff, char *name, char *regex, int numargs) {
101 struct defined_functions *d;
102 for (d = deff; d != NULL((void*)0); d = d->next) {
103 if (d->name != NULL((void*)0) && strcmp(d->name, name) == 0 && d->numargs == numargs) {
104 free(d->regex);
105 d->regex = strdup(regex);
106 if (g_verbose)
107 {
108 fprintf(stderrstderr,"redefined %s@%i)\n", name, numargs);
109 fflush(stderrstderr);
110 }
111 return 1;
112 }
113 }
114 if (deff->name == NULL((void*)0)) {
115 d = deff;
116 } else {
117 d = malloc(sizeof(struct defined_functions));
118 d->next = deff->next;
119 deff->next = d;
120 }
121 d->name = strdup(name);
122 d->regex = strdup(regex);
123 d->numargs = numargs;
124 return 0;
125}
126
127/* Add a network to list of defined networks */
128/* Returns 0 on success or 1 on redefinition or -1 if name is too long */
129/* Always maintain head of list at same ptr */
130
131int add_defined(struct defined_networks *def, struct fsm *net, char *string) {
132 struct defined_networks *d;
133 if (net == NULL((void*)0))
1
Assuming 'net' is not equal to NULL
2
Taking false branch
134 return 0;
135 if (strlen(string) > FSM_NAME_LEN40) {
3
Assuming the condition is false
4
Taking false branch
136 return(-1);
137 }
138
139 fsm_count(net);
140 for (d = def; d != NULL((void*)0); d = d->next) {
5
Assuming 'd' is equal to NULL
6
Loop condition is false. Execution continues on line 149
141 if (d->name != NULL((void*)0) && strcmp(d->name, string) == 0) {
142 fsm_destroy(d->net);
143 free(d->name);
144 d->net = net;
145 d->name = strdup(string);
146 return 1;
147 }
148 }
149 if (def->name == NULL((void*)0)) {
7
Access to field 'name' results in a dereference of a null pointer (loaded from variable 'def')
150 d = def;
151 } else {
152 d = malloc(sizeof(struct defined_networks));
153 d->next = def->next;
154 def->next = d;
155 }
156 d->name = strdup(string);
157 d->net = net;
158 return 0;
159}