metrica
Мы используем куки, чтобы пользоваться сайтом было удобно.
Хорошо
to the top
close form

Заполните форму в два простых шага ниже:

Ваши контактные данные:

Шаг 1
Поздравляем! У вас есть промокод!

Тип желаемой лицензии:

Шаг 2
Team license
Enterprise license
** Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности
close form
Запросите информацию о ценах
Новая лицензия
Продление лицензии
--Выберите валюту--
USD
EUR
RUB
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Бесплатная лицензия PVS‑Studio для специалистов Microsoft MVP
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Для получения лицензии для вашего открытого
проекта заполните, пожалуйста, эту форму
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Мне интересно попробовать плагин на:
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
check circle
Ваше сообщение отправлено.

Мы ответим вам на


Если вы так и не получили ответ, пожалуйста, проверьте папку
Spam/Junk и нажмите на письме кнопку "Не спам".
Так Вы не пропустите ответы от нашей команды.

Вебинар: Трудности при интеграции SAST, как с ними справляться - 04.04

>
>
>
Примеры ошибок, обнаруженных с помощью …

Примеры ошибок, обнаруженных с помощью диагностики V614

V614. Use of 'Foo' uninitialized variable.


Trans-Proteomic Pipeline

V614 Uninitialized variable 'fval' used. tpplib mixturemodel.cxx 834


void MixtureModel::assessPeptideProperties(char* filename,
                               Boolean icat, Boolean glyc)
{
  ....
  double fval;
  ....
  // fval is not used
  ....
  if(! icat && strstr(pep, "C") != NULL && fval >= min_fval) {
  ....
}

Trans-Proteomic Pipeline

V614 Uninitialized variable 'iSeqSize' used. xtandem mscore_c.cpp 552


double mscore_c::dot_hr(unsigned long *_v)
{
  ....
  int iSeqSize;
  //perform a single pass through each array.
  //check every point in m_pfSeq,
  //but don't revisit positions in m_vmiType
  for (int a = 0; a < iSeqSize; a++) {
  ....
}

Similar errors can be found in some other places:

  • V614 Uninitialized variable 'separator' used. pwiz sampledatum.hpp 95
  • V614 Uninitialized variable 'close' used. pwiz sampledatum.hpp 96
  • V614 Uninitialized variable 'threshold' used. pwiz spectrumlistfactory.cpp 497
  • And 3 additional diagnostic messages.

IPP Samples

V614 Potentially uninitialized pointer 'pDirEntry' used. Consider checking the first actual argument of the 'vm_dir_close' function. loadcodec.c 287


Ipp32s GetUSCCodecParamsByFormat(
  LoadedCodec *codec, Ipp32s lQuery,FILE *f_log)
{
   ....
   vm_dir *pDirEntry;
   ....
   if(codec->pSOHandle==NULL) {
      ....
      st = vm_dir_open(&pDirEntry,SO_FILE_MASK);
      ....
   }
   ....
   vm_dir_close(pDirEntry);
   return -1;
}

MPC-HC

V614 Potentially uninitialized variable 'rtRefClockTimeNow' used. syncrenderer.cpp 3604


void CSyncAP::RenderThread()
{
  ....
  REFERENCE_TIME rtRefClockTimeNow;
  if (m_pRefClock) {
    m_pRefClock->GetTime(&rtRefClockTimeNow);
  }
  LONG lLastVsyncTime =
    (LONG)((m_llEstVBlankTime - rtRefClockTimeNow) / 10000);
  ....
}

ReactOS

V614 Uninitialized pointer 'hKey' used. Consider checking the first actual argument of the 'RegCreateKeyExW' function. tcpipconf_notify.c 3138


HRESULT WINAPI
INetCfgComponentControl_fnApplyRegistryChanges(
  INetCfgComponentControl * iface)
{
  HKEY hKey;
  ....
  if (RegCreateKeyExW(hKey,
      L"SYSTEM\\CurrentControlSet....",
      ....) == ERROR_SUCCESS)
    ....
}

NetXMS

V614 Potentially uninitialized variable 'nSqlRet' used. odbcsapi.cpp 220


int OdbcDisconnect(void* pvSqlCtx)
{
  ....
  SQLRETURN nSqlRet;
  ....
  if (nRet == SUCCESS)
  {
    ....
    nSqlRet = SQLDisconnect(pSqlCtx->hDbc);
    ....
  }
  if (SQLRET_FAIL(nSqlRet))
  ....
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized variable 'dwNumRows' used. session.cpp 2112
  • V614 Potentially uninitialized variable 'dwNumRows' used. session.cpp 7525
  • V614 Potentially uninitialized variable 'dwNumRows' used. session.cpp 7659
  • And 3 additional diagnostic messages.

Chromium

V614 Potentially uninitialized variable 'result' used. ie_event_sink.cc 240


HRESULT IEEventSink::Attach(IWebBrowser2* browser) {
  DCHECK(browser);
  HRESULT result;
  if (browser) {
    web_browser2_ = browser;
    FindIEProcessId();
    result = DispEventAdvise(web_browser2_,
                             &DIID_DWebBrowserEvents2);
  }
  return result;
}

Chromium

V614 Potentially uninitialized variable 'skip_dir_check' used. Consider checking the fifth actual argument of the 'Bind' function. save_package.cc 1326


void SavePackage::GetSaveInfo() {
  ....
  bool skip_dir_check;
  ....
  if (....) {
    ....->GetSaveDir(...., &skip_dir_check);
  }
  ....
  BrowserThread::PostTask(BrowserThread::FILE,
                          FROM_HERE,
                          base::Bind(..., skip_dir_check, ...));
}

Embedded SSL Library

V614 Potentially uninitialized variable 'rhSize' used. sniffer.c 2255


static int ProcessMessage(....)
{
  int rhSize;
  ....
  notEnough = 0;
  ....
  if (sslBytes >= RECORD_HEADER_SZ) {
    if (GetRecordHeader(sslFrame, &rh, &rhSize) != 0) {
      ....
      return -1;
    }
  }
  else
    notEnough = 1;
  ....
  if (notEnough || rhSize > (sslBytes - RECORD_HEADER_SZ)) {
    ....
  }

  tmp = sslFrame + rhSize;   // <=
  ....
}

Trans-Proteomic Pipeline

V614 Potentially uninitialized pointer 'pScanIndex' used. sqt2xml.cxx 476


int main(int argc, char** argv) {
  ....
  ramp_fileoffset_t *pScanIndex;
  ....
  if ( (pFI=rampOpenFile(mzXmlPath_.c_str()))==NULL) {
    ....
  } else {
    ....
    pScanIndex = readIndex(pFI, indexOffset,
                           &iAnalysisLastScan );
    ....
  }
  ....
  if (pScanIndex != NULL)
    free(pScanIndex);

  return 0;
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'fp_' used. Consider checking the second actual argument of the 'PRINT_DATA' function. dta-xml.cpp 307

OpenCOLLADA

V614 Uninitialized variable 'i' used. mayadmtypes.h 1728


void write(FILE* file) const
{
  fprintf(file,"%i %i %i %i ",
    sDivisionCount, tDivisionCount, uDivisionCount, pointCount);
  size_t size = pointCount*3;
  for(size_t i; i<size; ++i)
  {
    fprintf(file, "%f", points[i]);
    if(i+1<size) fprintf(file, " ");
  }
}

Apache HTTP Server

V614 Potentially uninitialized pointer 'wch' used. apr start.c 58


static int warrsztoastr(const char * const * *retarr,
                        const wchar_t * arrsz, int args)
{
  const apr_wchar_t *wch;
  ....

  if (args < 0) {
    for (args = 1, wch = arrsz; wch[0] || wch[1]; ++wch)
      if (!*wch)
       ++args;
  }
  wsize = 1 + wch - arrsz;
  ....
}

Geant4 software

V614 Potentially uninitialized iterator 'insert_index' used. g4excitedstring.hh 193


typedef std::vector<G4Parton *> G4PartonVector;

inline
void G4ExcitedString::InsertParton(
  G4Parton *aParton, const G4Parton * addafter)
{
  G4PartonVector::iterator insert_index;
  ....
  if ( addafter != NULL )
  {
    insert_index=std::find(thePartons.begin(),
                           thePartons.end(), addafter);
    ....
  }
  thePartons.insert(insert_index+1, aParton);
}

GNU C Library

V614 Uninitialized variable 'resplen' used. res_send.c 790


static int send_vc(....)
{
  ....
  int truncating, connreset, resplen, n;
  ....
  #ifdef _STRING_ARCH_unaligned
    *anssizp2 = orig_anssizp - resplen;
    *ansp2 = *ansp + resplen;
  #else
  ....
}

Firebird

V614 Uninitialized variable 'sdl_operator' used. sdl.cpp 404


static const UCHAR* compile(const UCHAR* sdl, sdl_arg* arg)
{
  SLONG n, count, variable, value, sdl_operator;
  ....
  switch (op)
  {
    ....
    case isc_sdl_add:
      sdl_operator = op_add;
    case isc_sdl_subtract:
      if (!sdl_operator)
        sdl_operator = op_subtract;
  ....
}

Firebird

V614 Potentially uninitialized pointer 'fieldNode' used. blb.cpp 1043


void blb::move(....)
{
  ....
  const FieldNode* fieldNode;
  if (field)
  {
    if ((fieldNode = ExprNode::as<FieldNode>(field)))
    ....
  }
  ....
  const USHORT id = fieldNode->fieldId;
  ....
}

FFmpeg

V614 Potentially uninitialized variable 'info_bits' used. g723_1.c 2335


static int pack_bitstream(G723_1_Context *p,
  unsigned char *frame, int size)
{
  ....
  int info_bits;
  ....
  if (p->cur_rate == RATE_6300) {
    info_bits = 0;
    put_bits(&pb, 2, info_bits);
  }
  ....
  return frame_size[info_bits];
}

Scilab

V614 Potentially uninitialized pointer 'loc' used. getfunctionbyname.c 61


typedef void (*voidf)();

voidf GetFunctionByName (char *name, int *rep, FTAB *table)
{
  void (*loc)();
  if (name)
  {
    ....
    loc = Emptyfunc;
    ....
  }
  else
  {
    ....
  }
  return(loc);
}

Word for Windows 1.1a

V614 Uninitialized pointer 'pfl' used. Consider checking the first actual argument of the 'fclose' function. eldes.c 87


main(argc, argv)
int argc;
char * argv [];
{
  FILE * pfl;
  ....
  for (argi = 1; argi < argc; ++argi)
  {
    if (FWild(argv[argi]))
    {
      FEnumWild(argv[argi], FEWild, 0);
    }
    else
    {
      FEWild(argv[argi], 0);
    }

    fclose(pfl);
  }
  ....
}

Word for Windows 1.1a

V614 Uninitialized pointer 'rgsz0' used. Consider checking the first actual argument of the 'strcpy' function. makeopus.c 961


FPathSpawn( rgsz )
char *rgsz[];
{ /* puts the correct path at the beginning of rgsz[0]
     and calls FSpawnRgsz */
  char *rgsz0;

  strcpy(rgsz0, szToolsDir);
  strcat(rgsz0, "\\");
  strcat(rgsz0, rgsz[0]);
  return FSpawnRgsz(rgsz0, rgsz);
}

OGDF

V614 Potentially uninitialized pointer 'layout' used. ogdf ogmlparser.cpp 2337


bool OgmlParser::buildAttributedClusterGraph(....)
{
  ....
  XmlTagObject* layout;
  if (structure->m_pBrother != NULL) {
    layout = structure->m_pBrother;
  }
  if ((layout) &&
      (layout->getName() == Ogml::s_tagNames[Ogml::t_layout]))
  ....
}

APR

V614 Potentially uninitialized pointer 'wch' used. libapr start.c 58


static int warrsztoastr(const char * const * *retarr,
                        const wchar_t * arrsz, int args)
{
  const apr_wchar_t *wch;
  ....
  if (args < 0) {
    for (args = 1, wch = arrsz; wch[0] || wch[1]; ++wch)
      if (!*wch)
        ++args;
  }
  wsize = 1 + wch - arrsz;
  ....
}

Mozilla Firefox

V614 Potentially uninitialized pointer 'device' used. nptest_windows.cpp 164


static ID3D10Device1*
getD3D10Device()
{
  ID3D10Device1 *device;
  ....
  if (createDXGIFactory1)
  {
    ....
    hr = createD3DDevice(...., &device);
    ....
  }
  return device;
}

Oracle VM Virtual Box

V614 Potentially uninitialized variable 'rc' used. suplib-win.cpp 367


static int suplibOsStopService(void)
{
  /* Assume it didn't exist, so we'll create the service. */
  int  rc;
  SC_HANDLE  hSMgr = OpenSCManager(....);
  ....
  if (hSMgr)
  {
    ....
    rc = VINF_SUCCESS;
    ....
  }
  return rc;
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized variable 'rc' used. suplib-win.cpp 416

Miranda NG

V614 Potentially uninitialized pointer 'url' used. IEView ieview.cpp 1117


BSTR IEView::getHrefFromAnchor(IHTMLElement *element)
{
  ....
  if (SUCCEEDED(....) {
    VARIANT variant;
    BSTR url;
    if (SUCCEEDED(element->getAttribute(L"href", 2, &variant) &&
        variant.vt == VT_BSTR))
    {
      url = mir_tstrdup(variant.bstrVal);
      SysFreeString(variant.bstrVal);
    }
    pAnchor->Release();
    return url;
  }
  ....
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'hTimeZone' used. Consider checking the second actual argument of the 'Template_MakeRelativeDate' function. TabSRMM msglog.cpp 799
  • V614 Potentially uninitialized pointer 'tSet' used. TabSRMM templates.cpp 221
  • V614 Potentially uninitialized pointer 'szLast' used. Consider checking the first actual argument of the 'null_strdup' function. ICQ icq_servlist.cpp 1714
  • And 17 additional diagnostic messages.

Godot Engine

V614 Potentially uninitialized pointer 'name' used. cp_player_data_control.cpp 244


const char* CPPlayer::get_voice_sample_name(int p_voice)
{
  const char *name;
  if (!voice[p_voice].sample_ptr)
    name=voice[p_voice].sample_ptr->get_name();
  return name;
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'name' used. cp_player_data_control.cpp 313

Doxygen

V614 Potentially uninitialized pointer 't' used. vhdlparser.cc 4127


QCString VhdlParser::extended_identifier()
{
  Token *t;
  if (!hasError)
    t = jj_consume_token(EXTENDED_CHARACTER);
  return t->image.c_str();
  assert(false);
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'tmpEntry' used. vhdlparser.cc 4451
  • V614 Potentially uninitialized pointer 't' used. vhdlparser.cc 5304

Mozilla Thunderbird

V614 Potentially uninitialized pointer 'hOldFont' used. progressui_win.cpp 168


static void InitDialog(....)
{
  ....
  HFONT hInfoFont, hOldFont;
  hInfoFont = (HFONT)SendMessage(hWndInfo, WM_GETFONT, 0, 0);

  if (hInfoFont)
    hOldFont = (HFONT)SelectObject(hDCInfo, hInfoFont);
  ....
  if (hOldFont)
    SelectObject(hDCInfo, hOldFont);
  ....
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'queryD3DKMTStatistics' used. gfxwindowsplatform.cpp 206

OpenToonz

V614 Potentially uninitialized pointer 'socket' used. Consider checking the first actual argument of the 'connect' function. tmsgcore.cpp 36


void TMsgCore::OnNewConnection() //server side
{
  QTcpSocket *socket;
  if (m_tcpServer)
    socket = m_tcpServer->nextPendingConnection();
  assert(socket);

  bool ret = connect(socket, ....);
  ret = ret && connect(socket, ....);
  assert(ret);
  m_sockets.insert(socket);
}

OpenToonz

V614 Uninitialized iterator 'it1' used. fxcommand.cpp 2096


QString DeleteLinksUndo::getHistoryString()
{
  ....
  std::list<TFxP>::const_iterator it1; // <=
  std::list<TFx *>::const_iterator ft;
  for (ft = m_terminalFxs.begin(); ft != ....end(); ++ft) {
    if (ft != m_terminalFxs.begin())
      str += QString(",  ");
    str += QString("%1- -Xsheet")
          .arg(QString::fromStdWString((*it1)->getName()));
  }
  ....
}

ReactOS

V614 Potentially uninitialized pointer 'pptr' used. Consider checking the first actual argument of the 'check_hierarchical' function. uri.c 6838


static HRESULT parse_canonicalize(....)
{
  const WCHAR **pptr;
  ....
  if(uri->scheme_start > -1 && uri->path_start > -1) {
    ptr = uri->canon_uri+uri->scheme_start+uri->scheme_len+1;
    pptr = &ptr;
  }
  reduce_path = !(flags & URL_DONT_SIMPLIFY) &&
                  ptr && check_hierarchical(pptr);
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'name' used. Consider checking the third actual argument of the 'disp_get_id' function. engine.c 928
  • V614 Potentially uninitialized pointer 'name_str' used. Consider checking the first actual argument of the 'jsstr_release' function. engine.c 929
  • V614 Potentially uninitialized pointer 'FileHandle' used. Consider checking the first actual argument of the 'CloseHandle' function. dosfiles.c 402
  • And 3 additional diagnostic messages.

CPython

V614 Potentially uninitialized pointer 'sigint_event' used. semaphore.c 120


static PyObject *
semlock_acquire(SemLockObject *self,
                PyObject *args,
                PyObject *kwds)
{
  ....
  HANDLE handles[2], sigint_event;
  ....
  /* prepare list of handles */
  nhandles = 0;
  handles[nhandles++] = self->handle;
  if (_PyOS_IsMainThread()) {
    sigint_event = _PyOS_SigintEvent();
    assert(sigint_event != NULL);
    handles[nhandles++] = sigint_event;
  }

  /* do the wait */
  Py_BEGIN_ALLOW_THREADS
  if (sigint_event != NULL)  // <=
    ResetEvent(sigint_event);
  ....
}

FreeBSD Kernel

V614 Uninitialized variable 'status' used. tdioctl.c 3396


osGLOBAL bit32
tdsaSendTMFIoctl(
      tiRoot_t             *tiRoot,
      tiIOCTLPayload_t     *agIOCTLPayload,
      void                 *agParam1,
      void                 *agParam2,
      unsigned long        resetType
    )
{
  bit32    status;
  tmf_pass_through_req_t  *tmf_req = ....;
#if !(defined(__FreeBSD__))
  status = ostiSendResetDeviceIoctl(tiRoot, agParam2,
    tmf_req->pathId, tmf_req->targetId, tmf_req->lun, resetType);
#endif
  TI_DBG3((
    "Status returned from ostiSendResetDeviceIoctl is %d\n",
    status));
  if(status != IOCTL_CALL_SUCCESS)
  {
    agIOCTLPayload->Status = status;
    return status;
  }
  status = IOCTL_CALL_SUCCESS;
  return status;
}

TensorFlow

V614 Potentially uninitialized variable 'sparse_input_start' used. sample_inputs_op.cc 351


void Compute(OpKernelContext* context) override {
  ....
  int64 sparse_input_start;                               // <=
  ....
  if (sparse_input) {
    num_total_features += GetNumSparseFeatures(
      sparse_input_indices, *it, &sparse_input_start);    // <=
  }
  if (num_total_features == 0) {
    LOG(WARNING) << "num total features is zero.";
    break;
  }
  if (rand_feature < input_spec_.dense_features_size()) {
    ....
  } else {
    ....
    const int32 sparse_index = sparse_input_start +       // <=
      rand_feature - input_spec_.dense_features_size();
    ....
  }
  ....
}

EFL Core Libraries

V614 Uninitialized variable 'temp' used. Consider checking the first actual argument of the 'gmtime' function. elm_calendar.c 720


extern struct tm *gmtime (const time_t *__timer)
  __attribute__ ((__nothrow__ , __leaf__));

static void
_set_headers(Evas_Object *obj)
{
  static char part[] = "ch_0.text";
  int i;
  struct tm *t;
  time_t temp;
  ELM_CALENDAR_DATA_GET(obj, sd);

  elm_layout_freeze(obj);

  sd->filling = EINA_TRUE;

  t = gmtime(&temp);
  ....
}

MuseScore

V614 Uninitialized variable 'pageWidth' used. Consider checking the third actual argument of the 'doCredits' function. importmxmlpass1.cpp 944


void MusicXMLParserPass1::scorePartwise()
{
  ....
  int pageWidth;
  int pageHeight;

  while (_e.readNextStartElement()) {
    if (_e.name() == "part")
      part();
    else if (_e.name() == "part-list") {
      doCredits(_score, credits, pageWidth, pageHeight);// <= USE
      partList(partGroupList);
    }
    ....
    else if (_e.name() == "defaults")
      defaults(pageWidth, pageHeight);                 // <= INIT
    ....
  }
  ....
}

Ardour

V614 Uninitialized variable 'req.height' used. Consider checking the second actual argument of the 'set_size_request' function. time_axis_view.cc 159


TimeAxisView::TimeAxisView (....)
{
  ....
  boost::scoped_ptr<Gtk::Entry> an_entry (new FocusEntry);
  an_entry->set_name (X_("TrackNameEditor"));
  Gtk::Requisition req;
  an_entry->size_request (req);

  name_label.set_size_request (-1, req.height);
  name_label.set_ellipsize (Pango::ELLIPSIZE_MIDDLE);
  ....
}

void size_request(const Requisition& requisition);


RT-Thread

V614 CWE-457 Uninitialized variable 'command.result[0]' used. lpc_iap.c 187


typedef struct {
    uint32_t cmd;   // Command
    uint32_t param[4];      // Parameters
    uint32_t status;        // status code
    uint32_t result[4];     // Result
} IAP_COMMAND_Type;

IAP_STATUS_CODE BlankCheckSector(
  uint32_t start_sec, uint32_t end_sec,
  uint32_t *first_nblank_loc,
  uint32_t *first_nblank_val)
{
  IAP_COMMAND_Type command;

  command.cmd    = IAP_BLANK_CHECK;
  command.param[0] = start_sec;
  command.param[1] = end_sec;
  IAP_Call (&command.cmd, &command.status);

  if(command.status == SECTOR_NOT_BLANK)
  {
    // Update out value
    if(first_nblank_loc != NULL)
      *first_nblank_loc =  command.result[0];
    if(first_nblank_val != NULL)
      *first_nblank_val =  command.result[1];
  }

  return (IAP_STATUS_CODE)command.status;
}

Similar errors can be found in some other places:

  • V614 CWE-457 Uninitialized variable 'command.result[1]' used. lpc_iap.c 189
  • V614 CWE-457 Uninitialized variable 'command.result[0]' used. lpc_iap.c 236
  • V614 CWE-457 Uninitialized variable 'command.result[i]' used. lpc_iap.c 264

RT-Thread

V614 CWE-457 Uninitialized variable 'k' used. lpc_lcd.c 510


void LCD_PutPixel (LCD_PANEL panel, uint32_t X_Left,
                   uint32_t Y_Up, LcdPixel_t color)
{
  uint32_t k;
  uint32_t * pWordData = NULL;
  uint8_t*   pByteData = NULL;
  uint32_t  bitOffset;
  uint8_t*   pByteSrc = (uint8_t*)&color;
  uint8_t  bpp = bits_per_pixel[lcd_config.lcd_bpp];
  uint8_t  bytes_per_pixel = bpp/8;
  uint32_t start_bit;

  if((X_Left >= lcd_hsize)||(Y_Up >= lcd_vsize))
    return;

  if(panel == LCD_PANEL_UPPER)
    pWordData = (uint32_t*) LPC_LCD->UPBASE +
                            LCD_GetWordOffset(X_Left,Y_Up);
  else
    pWordData = (uint32_t*) LPC_LCD->LPBASE +
                            LCD_GetWordOffset(X_Left,Y_Up);

  bitOffset = LCD_GetBitOffset(X_Left,Y_Up);
  pByteData = (uint8_t*) pWordData;
  pByteData += bitOffset/8;

  start_bit =  bitOffset%8;

  if(bpp < 8)
  {
    uint8_t bit_pos = start_bit;
    uint8_t bit_ofs = 0;
    for(bit_ofs = 0;bit_ofs <bpp; bit_ofs++,bit_pos++)
    {
      *pByteData &= ~ (0x01 << bit_pos);
      *pByteData |=
        ((*pByteSrc >> (k+bit_ofs)) & 0x01) << bit_pos;   // <=
    }
  }
  ....
}

Android

V614 CWE-457 Uninitialized variable 't.tv_nsec' used. clock_ns.h 55


struct timespec
{
  __time_t tv_sec;    /* Seconds.  */
  long int tv_nsec;   /* Nanoseconds.  */
};

static inline timespec NsToTimespec(int64_t ns) {
  timespec t;
  int32_t remainder;

  t.tv_sec = ns / kNanosPerSecond;
  remainder = ns % kNanosPerSecond;
  if (remainder < 0) {
    t.tv_nsec--;
    remainder += kNanosPerSecond;
  }
  t.tv_nsec = remainder;

  return t;
}

Android

V614 CWE-824 Potentially uninitialized pointer 'p_opt' used. Consider checking the second actual argument of the 'memcpy' function. mca_main.cc 252


void mca_set_cfg_by_tbl(....) {
  tMCA_DCB* p_dcb;
  const tL2CAP_FCR_OPTS* p_opt;
  tMCA_FCS_OPT fcs = MCA_FCS_NONE;

  if (p_tbl->tcid == MCA_CTRL_TCID) {
    p_opt = &mca_l2c_fcr_opts_def;
  } else {
    p_dcb = mca_dcb_by_hdl(p_tbl->cb_idx);
    if (p_dcb) {
      p_opt = &p_dcb->p_chnl_cfg->fcr_opt;
      fcs = p_dcb->p_chnl_cfg->fcs;
    }
  }
  memset(p_cfg, 0, sizeof(tL2CAP_CFG_INFO));
  p_cfg->mtu_present = true;
  p_cfg->mtu = p_tbl->my_mtu;
  p_cfg->fcr_present = true;
  memcpy(&p_cfg->fcr, p_opt, sizeof(tL2CAP_FCR_OPTS));    // <=
  ....
}

System Shock

V614 Potentially uninitialized pointer 'pc1' used. AI.C 597


typedef enum ObjClass {
  CLASS_GUN,
  CLASS_AMMO,
  CLASS_PHYSICS,
  ....
  CLASS_CRITTER,
  ....
} ObjClass;
errtype do_random_loot(ObjID corpse)
{
 int *pc1, *pc2;
   if (....)
   {
     switch (objs[corpse].obclass)
     {
       case CLASS_CONTAINER:
       ....
       *pc1 = 0;
       *pc2 = 0;
       break;
       case CLASS_SMALLSTUFF:
       ....
        pc1 = &objSmallstuffs[osid].data1;
        pc2 = &objSmallstuffs[osid].data2;
        break;
      }

      if (*pc1 == 0)
      {
        ....
      }
      if (*pc2 == 0)
      {
        ....
      }
   }
....
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'pc2' used. AI.C 609

System Shock

V614 Uninitialized variable 'err' used. EVENT.C 953


errtype uiInit(uiSlab* slab)
{
  ....
  errtype err;
  ....
  // err = ui_init_cursors();
  ....
  if (err != OK) return err;
  ....
}

NCBI Genome Workbench

V614 Uninitialized variable 'm_BitSet' used. SnpBitAttributes.hpp 187


/// SNP bit attribute container.
class CSnpBitAttributes
{
public:
  ....
private:
  /// Internal storage for bits.
  Uint8 m_BitSet;
};

inline CSnpBitAttributes::CSnpBitAttributes(Uint8 bits) : m_BitSet(bits)
{
}

inline CSnpBitAttributes::CSnpBitAttributes(const vector<char>& octet_string)
{
  auto count = sizeof(m_BitSet);
  auto byte = octet_string.end();

  do
    m_BitSet = (m_BitSet << 8) | *--byte;
  while (--count > 0);
}

Haiku Operation System

V614 Uninitialized pointer 'res' used. commands.c 2873


struct addrinfo {
 int ai_flags;
 int ai_family;
 int ai_socktype;
 int ai_protocol;
 socklen_t ai_addrlen;
 char *ai_canonname;
 struct sockaddr *ai_addr;
 struct addrinfo *ai_next;
};

static int
sourceroute(struct addrinfo *ai, char *arg, char **cpp,
            int *lenp, int *protop, int *optp)
{
  static char buf[1024 + ALIGNBYTES];
  char *cp, *cp2, *lsrp, *ep;
  struct sockaddr_in *_sin;
#ifdef INET6
  struct sockaddr_in6 *sin6;
  struct ip6_rthdr *rth;
#endif
  struct addrinfo hints, *res;     // <=
  int error;
  char c;

  if (cpp == NULL || lenp == NULL)
    return -1;
  if (*cpp != NULL) {
    switch (res->ai_family) {      // <=
    case AF_INET:
      if (*lenp < 7)
        return -1;
      break;
      ....
    }
  }
  ....
}

error = getaddrinfo(cp, NULL, &hints, &res);


Haiku Operation System

V614 Uninitialized variable 'rval' used. fetch.c 1727


int
auto_fetch(int argc, char *argv[])
{
  volatile int  argpos;
  int    rval;
  argpos = 0;

  if (sigsetjmp(toplevel, 1)) {
    if (connected)
      disconnect(0, NULL);
    if (rval > 0)
      rval = argpos + 1;
    return (rval);
  }
  ....
}

CMake

V614 Uninitialized pointer 'str' used. cmVSSetupHelper.h 80


class SmartBSTR
{
public:
  SmartBSTR() { str = NULL; }
  SmartBSTR(const SmartBSTR& src)
  {
    if (src.str != NULL) {
      str = ::SysAllocStringByteLen((char*)str, ::SysStringByteLen(str));
    } else {
      str = ::SysAllocStringByteLen(NULL, 0);
    }
  }
  ....
};

Espressif IoT Development Framework

V614 Uninitialized buffer 'hex' used. Consider checking the second actual argument of the 'memcpy' function. wps_registrar.c 1657


int wps_build_cred(struct wps_data *wps, struct wpabuf *msg)
{
  ....
  } else if (wps->use_psk_key && wps->wps->psk_set) {
    char hex[65];
    wpa_printf(MSG_DEBUG,  "WPS: Use PSK format for Network Key");
    os_memcpy(wps->cred.key, hex, 32 * 2);
    wps->cred.key_len = 32 * 2;
  } else if (wps->wps->network_key) {
  ....
}

Similar errors can be found in some other places:

  • V614 Uninitialized buffer 'hex' used. Consider checking the second actual argument of the 'memcpy' function. wps_registrar.c 1678

Espressif IoT Development Framework

V614 Potentially uninitialized buffer 'seq' used. Consider checking the first actual argument of the 'strlen' function. linenoise.c 435


void refreshShowHints(struct abuf *ab, struct linenoiseState *l, int plen) {
    char seq[64];
    if (hintsCallback && plen+l->len < l->cols) {
        int color = -1, bold = 0;
        char *hint = hintsCallback(l->buf,&color,&bold);
        if (hint) {
            int hintlen = strlen(hint);
            int hintmaxlen = l->cols-(plen+l->len);
            if (hintlen > hintmaxlen) hintlen = hintmaxlen;
            if (bold == 1 && color == -1) color = 37;
            if (color != -1 || bold != 0)
                snprintf(seq,64,"\033[%d;%d;49m",bold,color);
            abAppend(ab,seq,strlen(seq));                       // <=
            abAppend(ab,hint,hintlen);
            if (color != -1 || bold != 0)
                abAppend(ab,"\033[0m",4);
            /* Call the function to free the hint returned. */
            if (freeHintsCallback) freeHintsCallback(hint);
        }
    }
}

Espressif IoT Development Framework

V614 Potentially uninitialized buffer 'k' used. Consider checking the second actual argument of the 'sae_derive_keys' function. sae.c 854


int sae_process_commit(struct sae_data *sae)
{
  u8 k[SAE_MAX_PRIME_LEN];
  if (sae->tmp == NULL ||
      (sae->tmp->ec && sae_derive_k_ecc(sae, k) < 0) ||
      (sae->tmp->dh && sae_derive_k_ffc(sae, k) < 0) ||
      sae_derive_keys(sae, k) < 0)
    return ESP_FAIL;
  return ESP_OK;
}

Darwin-XNU

V614 Uninitialized variable 'best' used. sdt.c 572


void
sdt_early_init( void )
{
  ....
  if (MH_MAGIC_KERNEL != _mh_execute_header.magic) {
  ....
  } else {
    ....
    for (....) {
    const char *funcname;
    unsigned long best;
    ....
    funcname = "<unknown>";
    for (i = 0; i < orig_st->nsyms; i++) {
      char *jname = strings + sym[i].n_un.n_strx;
      ....
      if ((unsigned long)sym[i].n_value > best) {
        best = (unsigned long)sym[i].n_value;
        funcname = jname;
      }
    }
    ....
  }
}

LLVM/Clang

V614 [CWE-457, CERT-EXP53-CPP] Potentially uninitialized variable 'PointerEdgeKind' used. EHFrameSupport.cpp 704


Expected<std::pair<JITTargetAddress, Edge::Kind>>
EHFrameEdgeFixer::readEncodedPointer(uint8_t PointerEncoding,
                                     JITTargetAddress PointerFieldAddress,
                                     BinaryStreamReader &RecordReader) {
  ....
  Edge::Kind PointerEdgeKind;

  switch (EffectiveType) {
  case DW_EH_PE_udata4: {
    ....
    PointerEdgeKind = Delta32;
    break;
  }
  case DW_EH_PE_udata8: {
    ....
    PointerEdgeKind = Delta64;
    break;
  }
  case DW_EH_PE_sdata4: {
    ....
    PointerEdgeKind = Delta32;
    break;
  }
  case DW_EH_PE_sdata8: {
    ....
    PointerEdgeKind = Delta64;
    break;
  }
  }

  if (PointerEdgeKind == Edge::Invalid)
    return make_error<JITLinkError>(
        "Unspported edge kind for encoded pointer at " +
        formatv("{0:x}", PointerFieldAddress));

  return std::make_pair(Addr, Delta64);
}

Similar errors can be found in some other places:

  • V614 [CWE-457, CERT-EXP53-CPP] Potentially uninitialized variable 'Result' used. llvm-rtdyld.cpp 998

Protocol Buffers

V614 [CWE-457] Potentially null smart pointer 'file_generator' used. java_kotlin_generator.cc 100


bool KotlinGenerator::Generate(....)
{
  ....
  std::unique_ptr<FileGenerator> file_generator;
  if (file_options.generate_immutable_code) {
    file_generator.reset(
        new FileGenerator(file, file_options, /* immutable_api = */ true));
  }

  if (!file_generator->Validate(error)) {
    return false;
  }
  ....
}

DuckStation

V614 The 'host_interface' smart pointer is utilized immediately after being declared or reset. It is suspicious that no value was assigned to it. main.cpp 45


static std::unique_ptr<NoGUIHostInterface> CreateHostInterface()
{
  const char* platform = std::getenv("DUCKSTATION_NOGUI_PLATFORM");
  std::unique_ptr<NoGUIHostInterface> host_interface;

#ifdef WITH_SDL2
  if (   !host_interface && (!platform
      || StringUtil::Strcasecmp(platform, "sdl") == 0)
      && IsSDLHostInterfaceAvailable())
  {
    host_interface = SDLHostInterface::Create();   }
  }
#endif

#ifdef WITH_VTY
  if (  !host_interface && (!platform
      || StringUtil::Strcasecmp(platform, "vty") == 0))
  {
    host_interface = VTYHostInterface::Create();
  }
#endif

#ifdef _WIN32
  if (  !host_interface && (!platform
      || StringUtil::Strcasecmp(platform, "win32") == 0))
  {
    host_interface = Win32HostInterface::Create();
  }

#endif

  return host_interface;
}

Ogre3D

V614 Uninitialized variable 'lodLevel.reductionValue' used. main.cpp 806


struct _OgreLodExport LodLevel
{
  // ....
  VertexReductionMethod reductionMethod;
  Real reductionValue;
  // ....
};
// ....
numLod = opts.numLods;
LodLevel lodLevel;            // <=
lodLevel.distance = 0.0;
for (unsigned short iLod = 0; iLod < numLod; ++iLod)
{

  lodLevel.reductionMethod = opts.usePercent
    ? LodLevel::VRM_PROPORTIONAL
    : LodLevel::VRM_CONSTANT;

  if (opts.usePercent)
  {
    lodLevel.reductionValue += opts.lodPercent * 0.01f;    // <=
  }
  else
  {
    lodLevel.reductionValue += (Ogre::Real)opts.lodFixed;  // <=
  }

  lodLevel.distance += opts.lodDist;
  lodConfig.levels.push_back(lodLevel);
}

In this code fragment, the LodLevel structure is declared. It does not have a user-defined default constructor and default member initializers for non-static class data members.


Captain Blood

V614 [CWE-457, CERT-EXP53-CPP] Uninitialized variable 'color.c' used. Color.h 1268


class DColor
{
public:

  union
  {
#ifndef _XBOX
  struct
  {
    unsigned char b;
    unsigned char g;
    unsigned char r;
    unsigned char a;
  };
#else
  struct
    {
    unsigned char a;
    unsigned char r;
    unsigned char g;
    unsigned char b;
  };
#endif
  union
  {
    dword c;
    dword color;
  };
};

mathinline dword mathcall Color::GetDword() const
{
  DColor color;
  color.r = (byte)(r * 255.0f);
  color.g = (byte)(g * 255.0f);
  color.b = (byte)(b * 255.0f);
  color.a = (byte)(a * 255.0f);

  return color.c;
}

CodeLite

V614 Uninitialized buffer 'buf' used. Consider checking the first actual argument of the 'Write' function. wxSerialize.cpp:1039


bool wxSerialize::WriteDouble(wxFloat64 value)
{
  if (CanStore())
  {
    SaveChar(wxSERIALIZE_HDR_DOUBLE);

    wxInt8 buf[10];
    m_odstr.Write(buf, 10);
  }

  return IsOk();
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'm_item' used. wxc_aui_tool_stickiness.cpp:8
  • V614 Potentially uninitialized variable 'err' used. cppcheck.cpp:175
  • V614 The 'p' smart pointer is utilized immediately after being declared or reset. It is suspicious that no value was assigned to it. connection_impl.hpp:2200

GCC

V614 Uninitialized variable 'func_info.ctc_flags' used. gcc/dwarf2ctf.cc 676


static ctf_id_t
gen_ctf_function_type (ctf_container_ref ctfc,
                       dw_die_ref function,
                       bool from_global_func)
{
  ....
  ctf_funcinfo_t func_info;
  ....
  {
    ....
    if (....)
    {
      do
      {
       ....

        if (....)
          ....
        else if (....)
        {
          func_info.ctc_flags |= CTF_FUNC_VARARG;
          ....
        }
      }
    }
    ....
  }
  ....
}

Dagor Engine

V614 Uninitialized pointer 'module' used. DagorEngine/prog/1stPartyLibs/daScript/src/builtin/module_builtin_ast_serialize.cpp 1303


void ExprField::serialize ( AstSerializer & ser ) {
  ....
  Module * module; ser << module;
  ....
}

AstSerializer & AstSerializer::operator << ( Module * & module ) {
  bool is_null = module == nullptr;
  ....
}

Blender

V614 Uninitialized buffer 'init_co' used. Consider checking the seventh actual argument of the 'gpencil_add_new_points' function. gpencil_curve_legacy.cc 439


static void gpencil_convert_spline(....)
{
  ....
  float init_co[3];

  switch (nu->type) {
    case CU_POLY:
    {
      ....
    }
    case CU_BEZIER:
    {
      ....
    }
    case CU_NURBS:
    {
      if (nu->pntsv == 1)
      {
        ....
        gpencil_add_new_points (gps, coord_array, 1.0f, 1.0f, 0,
                                gps->totpoints, init_co, false);  // <=
        ....
    }
    default:
    {
      break;
    }
}

Similar errors can be found in some other places:

  • V614 Uninitialized variable 'efd.distance' used. boids.cc 133
  • V614 Potentially uninitialized pointer 'g_prev' used. Consider checking the third actual argument of the 'blf_font_width_to_strlen_glyph_process' function. blf_font.cc 784
  • V614 Uninitialized variable 'dummy_matrix[0][0]' used. Consider checking the first actual argument of the 'GPU_uniform' function. node_shader_tex_coord.cc 43