V522. Dereferencing of the null pointer might take place.
V522 Dereferencing of the null pointer 'plugin_instance' might take place. Check the logical condition. chrome_frame_npapi chrome_frame_npapi.cc 517
Contact Us
bool ChromeFrameNPAPI::Invoke(....)
{
ChromeFrameNPAPI* plugin_instance =
ChromeFrameInstanceFromNPObject(header);
if (!plugin_instance &&
(plugin_instance->automation_client_.get()))
return false;
...
}
V522 Dereferencing of the null pointer 'DI' might take place. llvm-tblgen dagiselmatchergen.cpp 220
void MatcherGen::EmitLeafMatchCode(const TreePatternNode *N) {
...
if (DI == 0) {
errs() << "Unknown leaf kind: " << *DI << "\n";
abort();
}
...
}
V522 Dereferencing of the null pointer 'ptag' might take place. pcsx2 spr.cpp 376
void _SPR1interleave() {
...
u32 *ptag;
...
if (ptag == NULL) { // <=
SysPrintf("SPR1 Tag BUSERR\n");
spr1->chcr = ( spr1->chcr & 0xFFFF ) |
( (*ptag) & 0xFFFF0000 ); // <=
psHu32(DMAC_STAT)|= 1<<15;
done = 1;
spr1finished = done;
return;
}
...
}
V522 Dereferencing of the null pointer 'pRect' might take place. geOLib geolib.cpp 3282
void WINAPI _GetMonitorRectByIndex( int iMonitor, RECT* pRect )
{
int iMonitorCount = ::GetSystemMetrics( SM_CMONITORS );
if ( iMonitor <= iMonitorCount || pRect != NULL ) // <=
{
if ( iMonitorCount == 1 )
{
pRect->left = 0;
pRect->top = 0;
pRect->right = GetSystemMetrics( SM_CXSCREEN );
pRect->bottom = GetSystemMetrics( SM_CYSCREEN );
}
...
}
else
{
pRect->left = -1; // <=
pRect->top = -1;
pRect->right = -1;
pRect->bottom = -1;
}
}
V522 Dereferencing of the null pointer 'tpart' might take place. bf_render convertblender.c 1788
static int render_new_particle_system(....)
{
ParticleSettings *part, *tpart=0;
...
// tpart don't used
...
psys_particle_on_emitter(psmd,tpart->from,tpa->num,
pa->num_dmcache,tpa->fuv,tpa->foffset,
co,nor,0,0,sd.orco,0);
...
}
V522 Dereferencing of the null pointer 'td' might take place. CommonCxxTests testconditionvariable.cxx 96
VTK_THREAD_RETURN_TYPE vtkTestCondVarThread( void* arg )
{
...
if ( td ) // <=
{
...
}
else
{
cout << "No thread data!\n";
cout << " Thread " << ( threadId + 1 )
<< " of " << threadCount << " exiting.\n";
-- td->NumberOfWorkers; // <=
cout.flush();
}
...
}
V522 Dereferencing of the null pointer 'audio' might take place. tffdshowdecaudioinputpin.cpp 468
STDMETHODIMP_(bool) TffdshowDecAudioInputPin::getsf(
TsampleFormat &outsf)
{
if (!audio) // <=
{
.... // audio don't used
} else if (bitstream_codec(audio->codecId)) { // <=
outsf.sf = TsampleFormat::getSampleFormat(codecId);
outsf.alternateSF = filter->insf.alternateSF;
return true;
}
} else {
.....
}
V522 Dereferencing of the null pointer 'v' might take place. interpret.c 1711
Expression *getVarExp(Loc loc, InterState *istate,
Declaration *d, CtfeGoal goal)
{
....
VarDeclaration *v = d->isVarDeclaration();
if (v)
{
....
}
else if (s)
{
if (s->dsym->toInitializer() == s->sym)
....
else
error(loc,
"cannot interpret symbol %s at compile time",
v->toChars());
}
....
}
V522 Dereferencing of the null pointer 'device' might take place. bus.c 762
static void
acpi_bus_notify (....)
{
struct acpi_device *device = NULL;
....
switch (type) {
....
case ACPI_NOTIFY_EJECT_REQUEST:
DPRINT1("Received EJECT REQUEST "
"notification for device [%s]\n",
device->pnp.bus_id);
/* TBD */
break;
....
}
}
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 'tag' might take place. ir_reader.cpp 904
ir_texture *
ir_reader::read_texture(s_expression *expr)
{
s_symbol *tag = NULL;
....
} else if (MATCH(expr, other_pattern)) {
op = ir_texture::get_opcode(tag->value());
if (op == -1)
return NULL;
}
....
}
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 'pSensor' might take place. sensorddi.cpp 903
HRESULT CSensorDDI::OnGetDataFields(....)
{
....
if (nullptr != pSensor)
{
....
}
else
{
hr = E_POINTER;
Trace(TRACE_LEVEL_ERROR,
"pSensor == NULL before getting datafield %!GUID!-%i "
"value from %s, hr = %!HRESULT!",
&Key.fmtid, Key.pid, pSensor->m_SensorName, hr);
}
}
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 'subnet' might take place. session.cpp 10823
void ClientSession::findIpAddress(CSCPMessage *request)
{
....
if (subnet != NULL)
{
debugPrintf(5, _T("findIpAddress(%s): found subnet %s"),
ipAddrText,
subnet->Name());
found = subnet->findMacAddress(ipAddr, macAddr);
}
else
{
debugPrintf(5, _T("findIpAddress(%s): subnet not found"),
ipAddrText,
subnet->Name());
}
....
}
V522 Dereferencing of the null pointer 'pPlayer' might take place. cgame.cpp 1895
void CGame::Packet_PlayerJoinData ( .... )
{
....
// Add the player
CPlayer* pPlayer = m_pPlayerManager->Create (....);
if ( pPlayer )
{
....
}
else
{
// Tell the console
CLogger::LogPrintf(
"CONNECT: %s failed to connect "
"(Player Element Could not be created.)\n",
pPlayer->GetSourceIP() );
}
....
}
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 'szCmdLine' might take place. Check the logical condition. clientcommands.cpp 396
void COMMAND_MessageTarget ( const char* szCmdLine )
{
if ( !(szCmdLine || szCmdLine[0]) )
return;
....
}
V522 Dereferencing of the null pointer 'pepIndx' might take place. asapcgidisplay2main.cxx 534
void ASAPRatio_getDataStrctRatio(dataStrct *data, ....)
{
....
int *outliers, *pepIndx=NULL;
....
//pepIndx don't used
....
if(data->dataCnts[i] == 1 && pepIndx[i] == 0)
data->dataCnts[i] = 0;
....
}
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 'file' might take place. util.h 24
static ACE_FILE_IO *audio_to_text (ACE_FILE_Addr &,
ACE_FILE_Addr &dest)
{
ACE_FILE_Connector connector;
ACE_FILE_IO *file = 0;
if (connector.connect (*file, dest) == -1)
....
}
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 'dataPtr' might take place. scilababstractmemoryallocator.hxx 222
inline static int *alloc(void * pvApiCtx, const int position,
const int rows, const int cols, int * ptr)
{
int * _ptr = 0;
SciErr err = allocMatrixOfInteger32(
pvApiCtx, position, rows, cols, &_ptr);
checkError(err);
return _ptr;
}
inline static void create(void * pvApiCtx, const int position,
const int rows, const int cols, long long * ptr)
{
int * dataPtr = 0;
alloc(pvApiCtx, position, rows, cols, dataPtr);
for (int i = 0; i < rows * cols; i++)
{
dataPtr[i] = static_cast<int>(ptr[i]);
}
}
This is what should have been written here: dataPtr = alloc(pvApiCtx, position, rows, cols, dataPtr);
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 'LevelStreamingObject' might take place. unrealengine.cpp 10768
bool UEngine::CommitMapChange( FWorldContext &Context )
{
....
LevelStreamingObject = Context.World()->StreamingLevels[j];
if (LevelStreamingObject != NULL)
{
....
}
else
{
check(LevelStreamingObject);
UE_LOG(LogStreaming, Log,
TEXT("Unable to handle streaming object %s"),
*LevelStreamingObject->GetName());
}
....
}
V522 Dereferencing of the null pointer 'GStreamingPauseBackground' might take place. streamingpauserendering.cpp 197
void FStreamingPause::Init()
{
....
if( GStreamingPauseBackground == NULL && GUseStreamingPause )
{
// @todo UE4 merge andrew
// GStreamingPauseBackground = new FFrontBufferTexture(....);
GStreamingPauseBackground->InitRHI();
}
}
V522 Dereferencing of the null pointer 'dn' might take place. qdocindexfiles.cpp 539
void QDocIndexFiles::readIndexSection(....)
{
....
DocNode* dn = qdb_->findGroup(groupNames[i]);
if (dn) {
dn->addMember(node);
}
else {
....
qDebug() << "DID NOT FIND GROUP:" << dn->name()
<< "for:" << node->name();
}
....
}
V522 Dereferencing of the null pointer 'm' might take place. qquickcontext2d.cpp 3169
QV4::ReturnedValue QQuickJSContext2DPixelData::getIndexed(
QV4::Managed *m, uint index, bool *hasProperty)
{
....
if (!m)
return m->engine()->currentContext()->throwTypeError();
....
}
V522 Dereferencing of the null pointer 'l_image' might take place. j2k.c 5205
bool j2k_write_rgn(....)
{
OPJ_BYTE * l_current_data = 00;
OPJ_UINT32 l_nb_comp;
OPJ_UINT32 l_rgn_size;
opj_image_t *l_image = 00;
opj_cp_t *l_cp = 00;
opj_tcp_t *l_tcp = 00;
opj_tccp_t *l_tccp = 00;
OPJ_UINT32 l_comp_room;
// preconditions
assert(p_j2k != 00);
assert(p_manager != 00);
assert(p_stream != 00);
l_cp = &(p_j2k->m_cp);
l_tcp = &l_cp->tcps[p_tile_no];
l_tccp = &l_tcp->tccps[p_comp_no];
l_nb_comp = l_image->numcomps;
....
}
V522 Dereferencing of the null pointer 'cont' might take place. EmLanProto mlan.cpp 342
void CMLan::OnRecvPacket(u_char* mes, int len, in_addr from)
{
....
TContact* cont = m_pRootContact;
....
if (!cont)
RequestStatus(true, cont->m_addr.S_un.S_addr);
....
}
V522 Dereferencing of the null pointer 'pLabelData' might take place. Check the logical condition. pivotlayouttreelistdata.cxx 157
void ScPivotLayoutTreeListData::PushDataFieldNames(
vector<ScDPName>& rDataFieldNames)
{
....
ScDPLabelData* pLabelData = mpParent->GetLabelData(nColumn);
if (pLabelData == NULL && pLabelData->maName.isEmpty())
continue;
....
}
V522 Dereferencing of the null pointer 'pWindow' might take place. Check the logical condition. querycontroller.cxx 293
void grabFocusFromLimitBox( OQueryController& _rController )
{
....
vcl::Window* pWindow = VCLUnoHelper::GetWindow( xWindow );
if( pWindow || pWindow->HasChildPathFocus() )
{
pWindow->GrabFocusToDocument();
}
....
}
V522 Dereferencing of the null pointer 'piTmpConnection' might take place. adodatalinks.cxx 84
BSTR PromptNew(long hWnd)
{
....
ADOConnection* piTmpConnection = NULL;
::CoInitialize( NULL );
hr = CoCreateInstance(
CLSID_DataLinks,
NULL,
CLSCTX_INPROC_SERVER,
IID_IDataSourceLocator,
(void**)&dlPrompt
);
if( FAILED( hr ) )
{
piTmpConnection->Release();
dlPrompt->Release( );
return connstr;
}
....
}
V522 Dereferencing of the null pointer 'hp' might take place. cee_wks gc.cpp 4488
heap_segment* gc_heap::get_segment_for_loh (size_t size
#ifdef MULTIPLE_HEAPS
, gc_heap* hp
#endif //MULTIPLE_HEAPS
)
{
#ifndef MULTIPLE_HEAPS
gc_heap* hp = 0;
#endif //MULTIPLE_HEAPS
heap_segment* res = hp->get_segment (size, TRUE);
....
}
When 'MULTIPLE_HEAPS' is not defined, it's no good because the pointer will equal zero.
V522 Dereferencing of the null pointer 'create_trimesh_collision_node()' might take place. mesh_instance.cpp 177
Node* MeshInstance::create_trimesh_collision_node()
{
if (mesh.is_null())
return NULL;
Ref<Shape> shape = mesh->create_trimesh_shape();
if (shape.is_null())
return NULL;
StaticBody * static_body = memnew( StaticBody );
static_body->add_shape( shape );
return static_body;
return NULL;
}
void MeshInstance::create_trimesh_collision()
{
StaticBody* static_body =
create_trimesh_collision_node()->cast_to<StaticBody>();
ERR_FAIL_COND(!static_body);
static_body->set_name( String(get_name()) + "_col" );
....
}
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 'GEngine' might take place. Check the logical condition. gameplaystatics.cpp 988\
void UGameplayStatics::DeactivateReverbEffect(....)
{
if (GEngine || !GEngine->UseSound()) // <=
{
return;
}
UWorld* ThisWorld = GEngine->GetWorldFromContextObject(....);
....
}
V522 Dereferencing of the null pointer 'aStyleValues' might take place. sdnaccessible.cpp 252
STDMETHODIMP sdnAccessible::get_computedStyle(
BSTR __RPC_FAR* aStyleProperties,
BSTR __RPC_FAR* aStyleValues,
unsigned short __RPC_FAR* aNumStyleProperties)
{
if (!aStyleProperties || aStyleValues || !aNumStyleProperties)
return E_INVALIDARG;
....
aStyleValues[realIndex] = ::SysAllocString(value.get());
....
}
V522 Dereferencing of the null pointer 'tempNumberTracker' might take place. backwardpass.cpp 578
void
BackwardPass::MergeSuccBlocksInfo(BasicBlock * block)
{
TempNumberTracker * tempNumberTracker = nullptr; // <= line 346
....
if (!block->isDead)
{
....
if(!IsCollectionPass())
{
....
if (this->DoMarkTempNumbers())
{
tempNumberTracker = JitAnew(....); // <= line 413
}
....
....
if (blockSucc->tempNumberTracker != nullptr)
{
....
tempNumberTracker->MergeData(....); // <= line 578
if (deleteData)
{
blockSucc->tempNumberTracker = nullptr;
}
}
....
}
V522 Dereferencing of the null pointer 'sc' might take place. mrsas.c 4027
void
mrsas_aen_handler(struct mrsas_softc *sc)
{
....
if (!sc) {
device_printf(sc->mrsas_dev, "invalid instance!\n");
return;
}
if (sc->evt_detail_mem) {
....
}
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 'region' might take place. Check the logical condition. palettecmd.cpp 102
bool isStyleUsed(const TVectorImageP vi, int styleId)
{
....
TRegion *region = vi->getRegion(i);
if (region || region->getStyle() != styleId)
return true;
....
}
V522 Dereferencing of the null pointer 'data' might take place. util.c 2424
static jint JNICALL
cbObjectTagInstance(....)
{
ClassInstancesData *data;
/* Check data structure */
data = (ClassInstancesData*)user_data;
if (data == NULL) {
data->error = AGENT_ERROR_ILLEGAL_ARGUMENT;
return JVMTI_VISIT_ABORT;
}
....
}
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 've' might take place. functions1d.cpp 107
int QuantitativeInvisibilityF1D::operator()(....)
{
ViewEdge *ve = dynamic_cast<ViewEdge*>(&inter;);
if (ve) {
result = ve->qi();
return 0;
}
FEdge *fe = dynamic_cast<FEdge*>(&inter;);
if (fe) {
result = ve->qi(); //<=
return 0;
}
....
}
V522 Dereferencing of the null pointer 'ibuf' might take place. tracking_util.c 765
static ImBuf *accessor_get_ibuf(....)
{
ImBuf *ibuf, *orig_ibuf, *final_ibuf;
....
/* First try to get fully processed image from the cache. */
ibuf = accesscache_get(accessor,
clip_index,
frame,
input_mode,
downscale,
transform_key);
if (ibuf != NULL) {
return ibuf;
}
/* And now we do postprocessing of the original frame. */
orig_ibuf = accessor_get_preprocessed_ibuf(accessor,
clip_index,
frame);
if (orig_ibuf == NULL) {
return NULL;
}
....
if (downscale > 0) {
if (final_ibuf == orig_ibuf) {
final_ibuf = IMB_dupImBuf(orig_ibuf);
}
IMB_scaleImBuf(final_ibuf,
ibuf->x / (1 << downscale), //<=
ibuf->y / (1 << downscale)); //<=
}
....
if (input_mode == LIBMV_IMAGE_MODE_RGBA) {
BLI_assert(ibuf->channels == 3 || //<=
ibuf->channels == 4); //<=
}
....
return final_ibuf;
}
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 'item' might take place. action_wait.cc 41
// Returns the item associated with the component |id| or nullptr
// in case of errors.
CrxUpdateItem* FindUpdateItemById(const std::string& id) const;
void ActionWait::Run(UpdateContext* update_context,
Callback callback)
{
....
while (!update_context->queue.empty())
{
auto* item =
FindUpdateItemById(update_context->queue.front());
if (!item) { // <=
item->error_category = // <=
static_cast<int>(ErrorCategory::kServiceError);
item->error_code = // <=
static_cast<int>(ServiceError::ERROR_WAIT);
ChangeItemState(item, CrxUpdateItem::State::kNoUpdate);
} else {
NOTREACHED();
}
update_context->queue.pop();
}
....
}
V522 Dereferencing of the null pointer 'PdbFileBuffer' might take place. PDBFileBuilder.cpp 106
Expected<std::unique_ptr<PDBFile>>
PDBFileBuilder::build(
std::unique_ptr<msf::WritableStream> PdbFileBuffer)
{
....
auto File = llvm::make_unique<PDBFile>(
std::move(PdbFileBuffer), Allocator);
File->ContainerLayout = *ExpectedLayout;
if (Info) {
auto ExpectedInfo = Info->build(*File, *PdbFileBuffer);
....
}
The code is not clear to me, as I have not studied what llvm::make_unique is, and how it works in general. Nevertheless, both myself and the analyzer are confused by the fact that at first glance the possession of an object from a smart pointer PdbFileBuffer goes to File. After that we have dereferencing of a null pointer PdbFileBuffer that already contains nullptr
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 'ccb' might take place. The null pointer is passed into 'iscsi_outstanding_add' function. Inspect the third argument. Check lines: 'iscsi.c:2157'. iscsi.c 2091
static struct iscsi_outstanding *
iscsi_outstanding_add(struct iscsi_session *is,
struct icl_pdu *request,
union ccb *ccb,
uint32_t *initiator_task_tagp)
{
struct iscsi_outstanding *io;
int error;
ISCSI_SESSION_LOCK_ASSERT(is);
io = uma_zalloc(iscsi_outstanding_zone, M_NOWAIT | M_ZERO);
if (io == NULL) {
ISCSI_SESSION_WARN(is, "failed to allocate %zd bytes",
sizeof(*io));
return (NULL);
}
error = icl_conn_task_setup(is->is_conn, request, &ccb->csio,
initiator_task_tagp, &io->io_icl_prv);
....
}
static void
iscsi_action_abort(struct iscsi_session *is, union ccb *ccb)
{
....
io = iscsi_outstanding_add(is, request, NULL,
&initiator_task_tag);
....
}
V522 Dereferencing of the null pointer 'pCEntity' might take place. BreakableManager.cpp 2396
int CBreakableManager::HandlePhysics_UpdateMeshEvent(....)
{
CEntity* pCEntity = 0;
....
if (pmu && pSrcStatObj && GetSurfaceType(pSrcStatObj))
{
....
if (pEffect)
{
....
if (normal.len2() > 0)
pEffect->Spawn(true, pCEntity->GetSlotWorldTM(...); // <=
}
}
....
if (iForeignData == PHYS_FOREIGN_ID_ENTITY)
{
pCEntity = (CEntity*)pForeignData;
if (!pCEntity || !pCEntity->GetPhysicalProxy())
return 1;
}
....
}
V522 Dereferencing of the null pointer 'dataz' might take place. polylinedata_wrap.c 373
BOOL translatePolyline(int uid, double x, double y, double z,
int flagX, int flagY, int flagZ)
{
double *datax = NULL;
double *datay = NULL;
double *dataz = NULL; // <=
int i = 0;
if (x != 0.0)
{
datax = getDataX(uid);
if (datax == NULL) return FALSE;
....
if (z != 0 && isZCoordSet(uid))
{
if (flagZ) {
for (i = 0; i < getDataSize_(uid); ++i)
{
dataz[i] = pow(10.,log10(dataz[i]) + z); // <=
}
} else {
for (i = 0; i < getDataSize_(uid); ++i)
{
dataz[i] += z; // <=
}
}
}
return TRUE;
}
V522 Dereferencing of the null pointer 'stylep' might take place. Check the logical condition. delv.c 500
static isc_result_t
setup_style(dns_master_style_t **stylep) {
isc_result_t result;
dns_master_style_t *style = NULL;
REQUIRE(stylep != NULL || *stylep == NULL);
....
}
V522 There might be dereferencing of a potential null pointer 'first'. objstack.cpp 21
ObjStack::ObjStack(size_t chunk_s, size_t align)
: chunk_size(chunk_s), min_align(align), temp_end(0)
{
first_free = first = (Node *)malloc(chunk_size);
first->next = 0;
reserve = 0;
setup_chunk();
}
Similar errors can be found in some other places:
V522 There might be dereferencing of a potential null pointer 'list'. storage-plugin-sample.c 564
storage_error_code_t sample_get_list(....)
{
....
storage_adaptor_file_info_h *list = NULL;
int len = g_list_length(_file_list);
if (0 < len) {
list = (storage_adaptor_file_info_h *) // <=
calloc(len, sizeof(storage_adaptor_file_info_h));
for (int i = 0; i < len; i++)
list[i] = (storage_adaptor_file_info_h) // <=
g_list_nth_data(_file_list, i);
}
....
}
V522 There might be dereferencing of a potential null pointer 'plugin_task'. storage-plugin-sample.c 1016
static async_job_t *create_job_s(int fd)
{
async_job_t *job =
(async_job_t *) calloc(1, sizeof(async_job_t)); // <=
if (job) {
job->local_path = NULL;
job->cloud_path = NULL;
job->fd = fd;
}
return job; // <=
}
storage_error_code_t sample_upload_async(....)
{
....
async_job_t *plugin_task = create_job_s(src_file_descriptor);
char *path = NULL;
path = g_strconcat(VIRTUAL_ROOT_PATH(context),
dir_path ? dir_path : "", "/", file_name, NULL);
plugin_task->cloud_path = path; // <=
....
}
V522 There might be dereferencing of a potential null pointer 'cb_data'. util.c 37
void back_button_cb_push(....)
{
back_button_cb_data *cb_data = malloc(sizeof(*cb_data));
cb_data->cb = cb;
....
}
V522 There might be dereferencing of a potential null pointer 'info'. navigator.c 2819
static void on_gesture_detected(void *data,
const Eldbus_Message *msg)
{
....
Gesture_Info *info = calloc(sizeof(Gesture_Info), 1); // <=
int g_type;
if (!msg) {
DEBUG("Incoming message is empty");
free(info);
return;
}
if (!eldbus_message_arguments_get(....)) {
DEBUG("Getting message arguments failed");
free(info);
return;
}
info->type = (Gesture)g_type; // <=
....
}
V522 There might be dereferencing of a potential null pointer 'item_type'. list_util.c 72
HAPI void quickpanel_list_util_set_item_type(....)
{
....
if (item_type == NULL) {
item_type = (int*)malloc(sizeof(int));
*item_type = type;
evas_object_data_set(item, E_DATA_ITEM_LABEL_H,
(void*)item_type);
}
}
V522 There might be dereferencing of a potential null pointer 'popup_data'. popup.c 1167
void
popup_cb(void *data, Evas_Object *obj, void *event_info)
{
....
win_data *popup_data = (win_data*)malloc(sizeof(win_data));
elm_theme_extension_add(NULL, ELM_DEMO_EDJ);
/* We convince the top widget is a window */
win = ad->win;
list = elm_list_add(ad->nf);
elm_list_mode_set(list, ELM_LIST_COMPRESS);
popup_data->list = list;
popup_data->win = win;
....
}
V522 There might be dereferencing of a potential null pointer 'inputHandle'. cpp_audio_io.cpp 928
int cpp_audio_in_peek(audio_in_h input, const void **buffer,
unsigned int *length) {
....
CAudioInput* inputHandle =
dynamic_cast<CAudioInput*>(handle->audioIoHandle);
assert(inputHandle);
inputHandle->peek(buffer, &_length);
....
}
V522 There might be dereferencing of a potential null pointer 'preedit_attr'. ise.cpp 392
void ise_update_preedit_string(....)
{
....
ime_preedit_attribute *preedit_attr;
....
preedit_attr = (ime_preedit_attribute *)
calloc(1, sizeof(ime_preedit_attribute));
preedit_attr->start = 0;
....
}
V522 There might be dereferencing of a potential null pointer 'msg'. QuickAccess.cpp 743
void QuickAccess::setButtonColor(Evas_Object* button,
int r, int g, int b, int a)
{
Edje_Message_Int_Set* msg =
(Edje_Message_Int_Set *)malloc(sizeof(*msg) + 3 * sizeof(int));
msg->count = 4;
msg->val[0] = r;
msg->val[1] = g;
msg->val[2] = b;
msg->val[3] = a;
edje_object_message_send(elm_layout_edje_get(button),
EDJE_MESSAGE_INT_SET, 0, msg);
free(msg);
}
V522 There might be dereferencing of a potential null pointer 'selected_device'. setting_item_device_list.c 121
static void device_list_select_cb(void *data, Evas_Object *obj,
void *event_info)
{
do_haptic(50);
device_info_s *info = (device_info_s *) data;
selected_device = (device_info_s *)
calloc(sizeof(device_info_s), 1);
selected_device->index = info->index;
....
}
V522 There might be dereferencing of a potential null pointer 'sql_callback'. download-db-service.cpp 75
void initialize_datacontrol_provider()
{
DM_LOGI("initialize_datacontrol_provider");
int result;
sql_callback = (data_control_provider_sql_cb *)
malloc(sizeof(data_control_provider_sql_cb));
sql_callback->select_cb = select_request_cb;
....
}
V522 There might be dereferencing of a potential null pointer 'msg'. util.c 113
void util_bg_color_rgba_set(Evas_Object *layout,
char r, char g, char b, char a)
{
Edje_Message_Int_Set *msg;
ret_if(!layout);
msg = malloc(sizeof(*msg) + 3 * sizeof(int));
msg->count = 4;
msg->val[0] = r;
msg->val[1] = g;
msg->val[2] = b;
msg->val[3] = a;
edje_object_message_send(elm_layout_edje_get(layout),
EDJE_MESSAGE_INT_SET, 1, msg);
free(msg);
}
Similar errors can be found in some other places:
V522 There might be dereferencing of a potential null pointer 't'. eina_tiler.c 1146
EAPI Eina_Tiler *eina_tiler_new(int w, int h)
{
Eina_Tiler *t;
EINA_SAFETY_ON_TRUE_RETURN_VAL((w <= 0) || (h <= 0), NULL);
t = calloc(1, sizeof(Eina_Tiler));
t->last.add.w = -1;
t->last.add.h = -1;
t->last.del.w = -1;
t->last.del.h = -1;
t->area.w = w;
t->area.h = h;
t->tile.w = 32;
t->tile.h = 32;
t->rounding = EINA_TRUE;
EINA_MAGIC_SET(t, EINA_MAGIC_TILER);
_splitter_new(t);
return t;
}
V522 There might be dereferencing of a potential null pointer 'e'. evas_cserve2_fonts.c 66
static void *
_font_slave_error_send(Error_Type error)
{
Error_Type *e = calloc(1, sizeof(*e));
*e = error;
return e;
}
Similar errors can be found in some other places:
V522 There might be dereferencing of a potential null pointer 'task'. e_fm_ipc.c 489
static void
_e_fm_ipc_mkdir(int id, const char *src, const char *rel,
int rel_to EINA_UNUSED, int x, int y)
{
E_Fm_Task *task;
task = malloc(sizeof(E_Fm_Task));
task->id = id;
task->type = E_FM_OP_MKDIR;
task->slave = NULL;
....
}
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 'cond_col' might take place. FunctionsConditional.h 765
bool executeForNullThenElse(....)
{
....
const ColumnUInt8 * cond_col =
typeid_cast<const ColumnUInt8 *>(arg_cond.column.get());
....
if (cond_col)
{
....
}
else if (cond_const_col)
{
....
}
else
throw Exception(
"Illegal column " + cond_col->getName() + // <=
" of first argument of function " + getName() +
". Must be ColumnUInt8 or ColumnConstUInt8.",
ErrorCodes::ILLEGAL_COLUMN);
....
}
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 'customDrumset' might take place. instrument.cpp 328
bool Instrument::readProperties(XmlReader& e, Part* part,
bool* customDrumset)
{
....
else if (tag == "Drum") {
// if we see on of this tags, a custom drumset will
// be created
if (!_drumset)
_drumset = new Drumset(*smDrumset);
if (!customDrumset) { // <=
const_cast<Drumset*>(_drumset)->clear();
*customDrumset = true; // <=
}
const_cast<Drumset*>(_drumset)->load(e);
}
....
}
V522 Dereferencing of the null pointer 'segment' might take place. measure.cpp 2220
void Measure::read(XmlReader& e, int staffIdx)
{
Segment* segment = 0;
....
while (e.readNextStartElement()) {
const QStringRef& tag(e.name());
if (tag == "move")
e.initTick(e.readFraction().ticks() + tick());
....
else if (tag == "sysInitBarLineType") {
const QString& val(e.readElementText());
BarLine* barLine = new BarLine(score());
barLine->setTrack(e.track());
barLine->setBarLineType(val);
segment = getSegmentR(SegmentType::BeginBarLine, 0); //!!!
segment->add(barLine); // <= OK
}
....
else if (tag == "Segment")
segment->read(e); // <= ERR
....
}
....
}
Similar errors can be found in some other places:
V522 Dereferencing of the null pointer 'mInputStream' might take place. FileIO.cpp 65
std::unique_ptr<wxInputStream> mInputStream;
std::unique_ptr<wxOutputStream> mOutputStream;
wxInputStream & FileIO::Read(void *buf, size_t size)
{
if (mInputStream == NULL) {
return *mInputStream;
}
return mInputStream->Read(buf, size);
}
wxOutputStream & FileIO::Write(const void *buf, size_t size)
{
if (mOutputStream == NULL) {
return *mOutputStream;
}
return mOutputStream->Write(buf, size);
}
