Примеры ошибок, обнаруженных с помощью диагностики V713

V713. The pointer was utilized in the logical expression before it was verified against nullptr in the same logical expression.

GeoShell

V713 The pointer pItem->Next was utilized in the logical expression before it was verified against nullptr in the same logical expression. geobar.cpp 1383

HRESULT  CGeoShellUI::RemovePlugin(VOID *pPluginItem)
{
  ....
  while ((pItem->Next->PluginItem != pPluginItem) &&
         (pItem->Next != NULL))
  {
    pItem = pItem->Next;
  }
  ....
}

EchoVNC

V713 The pointer p2 was utilized in the logical expression before it was verified against nullptr in the same logical expression. vncclient.cpp 4045

int vncClient::ZipPossibleDirectory(LPSTR szSrcFileName)
{
  char* p1 = strrchr(szSrcFileName, '\\') + 1;
  char* p2 = strrchr(szSrcFileName, rfbDirSuffix[0]);
  if (
      p1[0] == rfbDirPrefix[0] && p1[1] == rfbDirPrefix[1]
      && p2[1] == rfbDirSuffix[1] && p2 != NULL && p1 < p2
     )
  {
  ....
}

ffdshow

V713 The pointer presetSettings->output was utilized in the logical expression before it was verified against nullptr in the same logical expression. tffdshowdecaudio.cpp 325

TpresetAudio *presetSettings;

CodecID TffdshowDecAudio::getCodecId(const CMediaType &mt)
{
  ....
  if (presetSettings &&
      !presetSettings->output->passthroughPCMConnection &&
      presetSettings->output) {
  ....
}

Miranda IM

V713 The pointer str was utilized in the logical expression before it was verified against nullptr in the same logical expression. modern_skinbutton.cpp 282

static char *_skipblank(char * str) //str will be modified;
{
  char * endstr=str+strlen(str);
  while ((*str==' ' || *str=='\t') && str!='\0') str++;
  while ((*endstr==' ' || *endstr=='\t') && endstr!='\0' &&
         endstr<str)
    endstr--;
  if (*endstr!='\0')
  {
    endstr++;
    *endstr='\0';
  }
  return str;
}

This is what should have been written here: *str!='\0' , *endstr!='\0'.

Similar errors can be found in some other places:

• V713 The pointer endstr was utilized in the logical expression before it was verified against nullptr in the same logical expression. modern_skinbutton.cpp 283

Miranda NG

V713 The pointer ftcd was utilized in the logical expression before it was verified against nullptr in the same logical expression. Sametime files.cpp 423

void CSametimeProto::CancelFileTransfer(HANDLE hFt)
{
  ....
  FileTransferClientData* ftcd = ....;

  if (ftcd) {
    while (mwFileTransfer_isDone(ftcd->ft) && ftcd)
      ftcd = ftcd->next;
  ....
}

Linux Kernel

V713 The pointer param->addr was utilized in the logical expression before it was verified against nullptr in the same logical expression. wpactl.c 333

int wpa_set_keys(struct vnt_private *pDevice, void *ctx,
     bool fcpfkernel) __must_hold(&pDevice->lock)
{
  ....
  if (is_broadcast_ether_addr(¶m->addr[0]) ||
      (param->addr == NULL)) {
  ....
}

Haiku Operation System

V713 The pointer lp was utilized in the logical expression before it was verified against nullptr in the same logical expression. util.c 311

char *
bittok2str(register const struct tok *lp, ....)
{
  ....
  while (lp->s != NULL && lp != NULL) {
    ....
  }
  ....
}

FreeSWITCH

V713 The pointer codec->cur_frame was utilized in the logical expression before it was verified against nullptr in the same logical expression. mod_opus.c 631

static switch_status_t
switch_opus_decode(switch_codec_t *codec, ....)
{
  ....
  if (opus_packet_get_bandwidth(codec->cur_frame->data) !=  // <=
        OPUS_BANDWIDTH_FULLBAND && codec->cur_frame &&      // <=
        (jb = switch_core_session_get_jb(....))) {
    ....
  }
  ....
}

Mozilla Thunderbird

V713 The pointer mHTMLEditor was utilized in the logical expression before it was verified against nullptr in the same logical expression. nshtmleditrules.cpp 6593

nsHTMLEditor* mHTMLEditor;

nsresult
nsHTMLEditRules::SplitParagraph(...)
{
  if (mHTMLEditor->IsTextNode(child) ||
      !mHTMLEditor ||
      mHTMLEditor->IsContainer(child))
  ....
}

Similar errors can be found in some other places:

• V713 The pointer mHTMLEditor was utilized in the logical expression before it was verified against nullptr in the same logical expression. nshtmleditrules.cpp 7392
• V713 The pointer mHTMLEditor was utilized in the logical expression before it was verified against nullptr in the same logical expression. nshtmleditrules.cpp 7413

ChakraCore

V713 The pointer scriptContext was utilized in the logical expression before it was verified against nullptr in the same logical expression. diaghelpermethodwrapper.cpp 214

template <bool doCheckParentInterpreterFrame>
void HandleHelperOrLibraryMethodWrapperException(....)
{
  ....
  if (!exceptionObject->IsDebuggerSkip() ||
    exceptionObject == scriptContext->GetThreadContext()->.... ||
    exceptionObject == scriptContext->GetThreadContext()->.... ||
    !scriptContext)    // <=
  {
    throw exceptionObject->CloneIfStaticExceptionObject(....);
  }
  ....
}

FreeBSD Kernel

V713 The pointer m was utilized in the logical expression before it was verified against nullptr in the same logical expression. ip_fastfwd.c 245

struct mbuf *
ip_tryforward(struct mbuf *m)
{
  ....
  if (pfil_run_hooks(
      &V_inet_pfil_hook, &m, m->m_pkthdr.rcvif, PFIL_IN, NULL) ||
      m == NULL)
    goto drop;
  ....
}

Firebird

V713 The pointer p was utilized in the logical expression before it was verified against nullptr in the same logical expression. cvt.cpp 702

static void string_to_datetime(....)
{
  ....
  const char* p = NULL;
  const char* const end = p + length;
  ....

  while (p < end)
  {
    if (*p != ' ' && *p != '\t' && p != 0)
    {
      CVT_conversion_error(desc, err);
      return;
    }
    ++p;
  }
  ....
}

CryEngine V

V713 The pointer pCollision was utilized in the logical expression before it was verified against nullptr in the same logical expression. actiongame.cpp 4235

int CActionGame::OnCollisionImmediate(const EventPhys* pEvent)
{
  ....
  else if (pMat->GetBreakability() == 2 &&
   pCollision->idmat[0] != pCollision->idmat[1] &&
   (energy = pMat->GetBreakEnergy()) > 0 &&
   pCollision->mass[0] * 2 > energy &&
   ....
   pMat->GetHitpoints() <= FtoI(min(1E6f, hitenergy / energy)) &&
   pCollision) // <=
    return 0;
  ....
}

Notepad++

V713 The pointer _langList[i] was utilized in the logical expression before it was verified against nullptr in the same logical expression. parameters.h 1286

Lang * getLangFromID(LangType langID) const
{
  for (int i = 0 ; i < _nbLang ; ++i)
  {
    if ((_langList[i]->_langID == langID) || (!_langList[i]))
      return _langList[i];
  }
  return nullptr;
}

V8 JavaScript Engine

V713 CWE-476 The pointer object was utilized in the logical expression before it was verified against nullptr in the same logical expression. ic-inl.h 44

bool Object::IsSmi() const { return HAS_SMI_TAG(this); }

bool IC::IsHandler(Object* object) {
  return (object->IsSmi() && (object != nullptr)) ||
         object->IsDataHandler() ||
         object->IsWeakCell() ||
         object->IsCode();
}

The object pointer is dereferenced first and then checked for NULL. Indeed, the expression looks quite suspicious.

Celestia

V713 The pointer 's' was utilized in the logical expression before it was verified against nullptr in the same logical expression. winmain.cpp 3031

static char* skipUntilQuote(char* s)
{
  while (*s != '"' && s != '\0')
    s++;
  return s;
}

Qt

V713 [CWE-476] The pointer 'field' was utilized in the logical expression before it was verified against nullptr in the same logical expression. qformlayout.cpp 405

void QFormLayoutPrivate::updateSizes()
{
  ....
  QFormLayoutItem *field = m_matrix(i, 1);
  ....
  if (userHSpacing < 0 && !wrapAllRows && (label || !field->fullRow) && field)
  ....
}