Our website uses cookies to enhance your browsing experience.
Accept
to the top
close form

Fill out the form in 2 simple steps below:

Your contact information:

Step 1
Congratulations! This is your promo code!

Desired license type:

Step 2
Team license
Enterprise license
** By clicking this button you agree to our Privacy Policy statement
close form
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
* By clicking this button you agree to our Privacy Policy statement

close form
Free PVS‑Studio license for Microsoft MVP specialists
* By clicking this button you agree to our Privacy Policy statement

close form
To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

close form
I am interested to try it on the platforms:
* By clicking this button you agree to our Privacy Policy statement

close form
check circle
Message submitted.

Your message has been sent. We will email you at


If you do not see the email in your inbox, please check if it is filtered to one of the following folders:

  • Promotion
  • Updates
  • Spam

Webinar: C++ semantics - 06.11

>
>
>
Examples of errors detected by the V595…

Examples of errors detected by the V595 diagnostic

V595. Pointer was used before its check for nullptr. Check lines: N1, N2.


Flax Engine

V595 The 'asset' pointer was utilized before it was verified against nullptr. Check lines: 2706, 2709. Variant.cpp 2706, 2709


void Variant::SetAsset(Asset* asset)
{
  if (Type.Type != VariantType::Asset)
    SetType(VariantType(VariantType::Asset));
  if (AsAsset)
  {
    asset->OnUnloaded.Unbind<Variant,                           // <=
     &Variant::OnAssetUnloaded>(this);
    asset->RemoveReference(); // <=
  }
  AsAsset = asset;
  if (asset)
  {
    asset->AddReference();
    asset->OnUnloaded.Bind<Variant, &Variant::OnAssetUnloaded>(this);
  }
}

Flax Engine

V595 The 'prev' pointer was utilized before it was verified against nullptr. Check lines: 'PlatformBase.h: 178', 'DataContainer.h: 339', 'DataContainer.h: 342'. DataContainer.h 339


void Append(const T* data, int32 length)
{
  ....
  auto prev = Base::_data;
  ....
  Base::_data = (T*)Allocator::Allocate(Base::_length * sizeof(T));
  Platform::MemoryCopy(Base::_data, prev, prevLength * sizeof(T)); // <=
  ....
  if (_isAllocated && prev)
  ....
}

Doom 3

V595 The 'node' pointer was utilized before it was verified against nullptr. Check lines: 1421, 1424. DoomDLL brushbsp.cpp 1421


void idBrushBSP::FloodThroughPortals_r(idBrushBSPNode *node, ...)
{
  ....
  if ( node->occupied ) {
    common->Error(
      "FloodThroughPortals_r: node already occupied\n" );
  }
  if ( !node ) {
    common->Error(
      "FloodThroughPortals_r: NULL node\n" );
  }
  ....
}

This is what should have been written here: if ( node && node->occupied ) {


LAME

V595 The 'mp->tail' pointer was utilized before it was verified against nullptr. Check lines: 136, 139. mpglib interface.c 136


static int read_buf_byte(PMPSTR mp)
{
  ....
  pos = mp->tail->pos;
  while(pos >= mp->tail->size) {
    remove_buf(mp);
    if(!mp->tail) {
      fprintf(stderr,
        "Fatal error! tried to read past mp buffer\n");
      exit(1);
    }
    pos = mp->tail->pos;
  }
  ....
}

LAME

V595 The 'buf' pointer was utilized before it was verified against nullptr. Check lines: 226, 227. mpglib interface.c 226


static int
check_vbr_header(PMPSTR mp,int bytes)
{
  ....
  buf  = buf->next;
  pos = buf->pos;
  if(!buf) return -1; /* fatal error */
  ....
}

Similar errors can be found in some other places:

  • V595 The 'buf' pointer was utilized before it was verified against nullptr. Check lines: 285, 286. mpglib interface.c 285

Pixie

V595 The 'dest' pointer was utilized before it was verified against nullptr. Check lines: 86, 88. sdrc expression.cpp 86


inline void getContainer(FILE *out,int type,
          CVariable *&dest,CExpression *src)
{
  ....
  fprintf(out,"%s %s %s\n",
    opcode,nDest->codeName(),dest->codeName());

  if (dest != NULL) {
    sdr->releaseRegister(dest);
  }
  ....
}

Paranoia library

V595 The 'v' pointer was utilized before it was verified against nullptr. Check lines: 532, 535. daoParanoia paranoia.c 532


static long i_stage2_each(root_block *root, v_fragment *v,
  void(*callback)(long,int))
{
  cdrom_paranoia *p=v->p;
  long dynoverlap=p->dynoverlap/2*2;

  if(!v || !v->one)return(0);
  ....
}

Wolfenstein 3D

V595 The 'slot' pointer was utilized before it was verified against nullptr. Check lines: 477, 484. renderer ftglyph.c 477


FT_Error FT_Get_Glyph( FT_GlyphSlot slot,
  FT_Glyph *aglyph )
{
  FT_Library library = slot->library;
  FT_Error error;
  FT_Glyph glyph;

  const FT_Glyph_Class*  clazz = 0;

  if ( !slot ) {
    return FT_Err_Invalid_Slot_Handle;
  }
  ....
}

Pthreads-w32

V595 The 'assoc' pointer was utilized before it was verified against nullptr. Check lines: 88, 90. pthread80 pthread_key_delete.c 88


int
pthread_key_delete (pthread_key_t key)
{
  ....
  while ((assoc = (ThreadKeyAssoc *) key->threads) != NULL)
  {
     ptw32_thread_t * thread = assoc->thread;
     if (assoc == NULL)
     {
       /* Finished */
       break;
     }
     ....
  }
  ....
}

Mozilla Firefox

V595 The '* jitp' pointer was utilized before it was verified against nullptr. Check lines: 547, 549. compiler.cpp 547


CompileStatus
mjit::Compiler::performCompilation(JITScript **jitp)
{
  ....
  JaegerSpew(JSpew_Scripts,
    "successfully compiled (code \"%p\") (size \"%u\")\n",
    (*jitp)->code.m_code.executableAddress(),
      unsigned((*jitp)->code.m_size));

  if (!*jitp)
      return Compile_Abort;
  ....
}

Mozilla Firefox

V595 The 'mShellLink' pointer was utilized before it was verified against nullptr. Check lines: 183, 187. nslocalfilewin.cpp 183


nsresult
ShortcutResolver::Init()
{
    CoInitialize(NULL);  // FIX: we should probably move
                         // somewhere higher up during startup

    HRESULT hres;
    hres = CoCreateInstance(CLSID_ShellLink,
                            NULL,
                            CLSCTX_INPROC_SERVER,
                            IID_IShellLinkW,
                            (void**)&(mShellLink));
    if (SUCCEEDED(hres))
    {
        // Get a pointer to the IPersistFile interface.
        hres = mShellLink->QueryInterface(
          IID_IPersistFile, (void**)&mPersistFile);
    }

    if (mPersistFile == nsnull || mShellLink == nsnull)
        return NS_ERROR_FAILURE;

    return NS_OK;
}

Mozilla Firefox

V595 The 'mShell' pointer was utilized before it was verified against nullptr. Check lines: 1107, 1109. nsselection.cpp 1107


nsresult
nsFrameSelection::MoveCaret(....)
{
  ....
  mShell->FlushPendingNotifications(Flush_Layout);

  if (!mShell) {
    return NS_OK;
  }
  ....
}

Quake-III-Arena

V595 The 'item' pointer was utilized before it was verified against nullptr. Check lines: 3865, 3869. cgame ui_shared.c 3865


void Item_Paint(itemDef_t *item) {
  vec4_t red;
  menuDef_t *parent = (menuDef_t*)item->parent;
  red[0] = red[3] = 1;
  red[1] = red[2] = 0;

  if (item == NULL) {
    return;
  }
  ....
}

Quake-III-Arena

V595 The 'node' pointer was utilized before it was verified against nullptr. Check lines: 769, 770. bspc portals.c 769


void FloodPortals_r (node_t *node, int dist)
{
  ....
  if (node->occupied)
    Error("FloodPortals_r: node already occupied\n");
  if (!node)
  {
    Error("FloodPortals_r: NULL node\n");
  }
  ....
}

Trinity Core

V595 The 'player' pointer was utilized before it was verified against nullptr. Check lines: 310, 312. scripts achievement_scripts.cpp 310


bool OnCheck(Player* player, Unit* /*target*/)
{
  bool checkArea =
    player->GetAreaId() == AREA_ARGENT_TOURNAMENT_FIELDS ||
    player->GetAreaId() == AREA_RING_OF_ASPIRANTS ||
    player->GetAreaId() == AREA_RING_OF_ARGENT_VALIANTS ||
    player->GetAreaId() == AREA_RING_OF_ALLIANCE_VALIANTS ||
    player->GetAreaId() == AREA_RING_OF_HORDE_VALIANTS ||
    player->GetAreaId() == AREA_RING_OF_CHAMPIONS;

  return player && checkArea && player->duel
    && player->duel->isMounted;
}

Trinity Core

V595 The 'player' pointer was utilized before it was verified against nullptr. Check lines: 224, 225. scripts hyjal.cpp 224


CreatureAI* GetAI(Creature* creature) const
{
  ....
  Item* item = player->StoreNewItem(
    dest, ITEM_TEAR_OF_GODDESS, true);
  if (item && player)
    player->SendNewItem(item, 1, true, false, true);
  ....
}

ADAPTIVE Communication Environment (ACE)

V595 The 'this->reactor()' pointer was utilized before it was verified against nullptr. Check lines: 1139, 1145. Gateway acceptor.cpp 1139


ACE_Reactor *
ACE_Event_Handler::reactor (void) const
{
  ACE_TRACE ("ACE_Event_Handler::reactor");
  return this->reactor_;
}

template <class SVC_HANDLER, ACE_PEER_ACCEPTOR_1> int
ACE_Oneshot_Acceptor<SVC_HANDLER, ACE_PEER_ACCEPTOR_2>::
  handle_input (ACE_HANDLE)
{
  ....
  bool const reset_new_handle =
    this->reactor ()->uses_event_associations ();

  if (this->reactor ())
  ....
}

ADAPTIVE Communication Environment (ACE)

V595 The 'mb' pointer was utilized before it was verified against nullptr. Check lines: 455, 463. JAWS3 reactive_io.cpp 455


JAWS_IO_Reactive_Transmit::handle_output_source
  (ACE_HANDLE handle)
{
  ACE_Message_Block *mb = this->source_buf_;
  ....
  if (mb->length () > 0)
    result = this->handle_output_mb (handle, mb);
  if (result < 0) {
    ....
  } else if (mb == 0 && this->source_ == ACE_INVALID_HANDLE)
    this->source_buf_ = 0;
  ....
}

wxWidgets

V595 The 'm_art' pointer was utilized before it was verified against nullptr. Check lines: 2659, 2664. aui auibar.cpp 2659


void wxAuiToolBar::OnRightDown(wxMouseEvent& evt)
{
  ....
  if (m_overflowSizerItem)
  {
    int dropdown_size =
      m_art->GetElementSize(wxAUI_TBART_OVERFLOW_SIZE);
    if (dropdown_size > 0 &&
      evt.m_x > cli_rect.width - dropdown_size &&
      evt.m_y >= 0 &&
      evt.m_y < cli_rect.height &&
      m_art)
    {
       return;
    }
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'm_art' pointer was utilized before it was verified against nullptr. Check lines: 2726, 2731. aui auibar.cpp 2726

WinMerge

V595 The 'm_pOwner' pointer was utilized before it was verified against nullptr. Check lines: 1033, 1035. Merge ccrystaleditview.cpp 1033


BOOL CEditDropTargetImpl::
OnDrop (CWnd * pWnd, COleDataObject * pDataObject,
        DROPEFFECT dropEffect, CPoint point)
{
  bool bDataSupported = false;

  m_pOwner->HideDropIndicator ();

  if ((!m_pOwner) ||
      (!(m_pOwner->QueryEditable ())) ||
      (m_pOwner->GetDisableDragAndDrop ()))
  ....
}

WinMerge

V595 The 'rent' pointer was utilized before it was verified against nullptr. Check lines: 608, 611. Merge dirscan.cpp 608


static DIFFITEM *AddToList(const String &sLeftDir,
 const String &sRightDir,
 const DirItem * lent, const DirItem * rent,
 UINT code, DiffFuncStruct *myStruct, DIFFITEM *parent)
{
  ....
  if (lent)
  {
    ....
  }
  else
  {
    di->left.filename = rent->filename;
  }

  if (rent)
  {
  ....
}

LLVM/Clang

V595 The 'BBLoop' pointer was utilized before it was verified against nullptr. Check lines: 142, 160. LLVMAnalysis profileestimatorpass.cpp 142


void ProfileEstimatorPass::recurseBasicBlock(BasicBlock *BB) {
  ....
  Loop* BBLoop = LI->getLoopFor(BB);
  ....
  if (BBisHeader && BBLoop->contains(*bbi)) {
    ....
  }
  ....
  if (BBLoop) {
    BBLoop->getExitEdges(ExitEdges);
  }
  ....
}

LLVM/Clang

V595 The 'StrippedPtr' pointer was utilized before it was verified against nullptr. Check lines: 918, 920. LLVMInstCombine instructioncombining.cpp 918


Instruction *InstCombiner::visitGetElementPtrInst(
                             GetElementPtrInst &GEP) {
  ....
  Value *StrippedPtr = PtrOp->stripPointerCasts();
  PointerType *StrippedPtrTy =
    dyn_cast<PointerType>(StrippedPtr->getType());

  if (!StrippedPtr)
    return 0;
  ....
}

LLVM/Clang

V595 The 'OtherUse' pointer was utilized before it was verified against nullptr. Check lines: 2522, 2527. LLVMScalarOpts loopstrengthreduce.cpp 2522


void LSRInstance::ChainInstruction(....)
{
  ....
  Instruction *OtherUse = dyn_cast<Instruction>(*UseIter);
  if (SE.isSCEVable(OtherUse->getType())
      && !isa<SCEVUnknown>(SE.getSCEV(OtherUse))
      && IU.isIVUserOrOperand(OtherUse)) {
    continue;
  }
  if (OtherUse && OtherUse != UserInst)
    NearUsers.insert(OtherUse);
  ....
}

EchoVNC

V595 The 'table' pointer was utilized before it was verified against nullptr. Check lines: 47, 49. miniWinVNC tableinittctemplate.cpp 47


static void
rfbInitTrueColourSingleTableOUTVNC (char **table,
  rfbPixelFormat *in, rfbPixelFormat *out)
{
  ....
  if (*table) free(*table);
    *table = (char *)malloc(nEntries * sizeof(OUT_T));
  if (table == NULL) return;
    t = (OUT_T *)*table;
  ....
}

IPP Samples

V595 The 'driver' pointer was utilized before it was verified against nullptr. Check lines: 40, 46. video_renders drv.c 40


VIDEO_DRV_CREATE_BUFFERS_FUNC(umc_vdrv_CreateBuffers,
                              driver, min_b, max_b, bufs,
                              video_mem_type, video_mem_info)
{
  ....
  VideoDrvVideoMemInfo*   drv_vm  = &(driver->m_VideoMemInfo);
  ....
  if ((NULL == driver) || (NULL == bufs))
  {
    ERR_SET(VM_NULL_PTR, "null ptr");
  }
  ....
}

IPP Samples

V595 The 'encoderObj' pointer was utilized before it was verified against nullptr. Check lines: 296, 298. speech encgsmamr.c 296


GSMAMR_CODECFUN(  APIGSMAMR_Status, apiGSMAMREncode,
         (GSMAMREncoder_Obj* encoderObj,const Ipp16s* src,
          GSMAMR_Rate_t rate, Ipp8u* dst, Ipp32s *pVad ))
{
  ....
  Ipp16s *pNewSpeech = encoderObj->stEncState.pSpeechPtrNew;

  if (NULL==encoderObj || NULL==src || NULL ==dst )
    return APIGSMAMR_StsBadArgErr;
  ....
}

IPP Samples

V595 The 'm_pAVSCompressorParams' pointer was utilized before it was verified against nullptr. Check lines: 88, 91. avs_enc umc_avs_enc_fusion_core.cpp 88


Status AVSEncFusionCore::Init(Ipp32u numThreads,
                              BaseCodecParams *pParams)
{
  m_pAVSCompressorParams =
    DynamicCast<AVSVideoEncoderParams> (pParams);
  ....
  m_qp = m_pAVSCompressorParams->m_iConstQuant;


  // check error(s)
  if (NULL == m_pAVSCompressorParams)
    return UMC_ERR_NULL_PTR;
  ....
}

Blender

V595 The 'surface' pointer was utilized before it was verified against nullptr. Check lines: 1585, 1587. bf_blenkernel dynamicpaint.c 1585


static struct DerivedMesh *dynamicPaint_Modifier_apply(....)
{
  ....
  for (; surface; surface=surface->next) {
    PaintSurfaceData *sData = surface->data;
    if (surface &&
        surface->format !=
          MOD_DPAINT_SURFACE_F_IMAGESEQ &&
        sData)
    {
      ....
}

MAME

V595 The 'gfx' pointer was utilized before it was verified against nullptr. Check lines: 2457, 2483. stvvdp2.c 2457


static void stv_vdp2_drawgfxzoom(...,
  const gfx_element *gfx, ...)
{
  ....
  if (gfx->pen_usage &&
      transparency == STV_TRANSPARENCY_PEN)
  {
    ....
  }

  if( gfx )
  {
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'gfx' pointer was utilized before it was verified against nullptr. Check lines: 2605, 2615. taito_f3.c 2605
  • V595 The 'gfx' pointer was utilized before it was verified against nullptr. Check lines: 812, 819. psikyosh.c 812
  • V595 The 'gfx' pointer was utilized before it was verified against nullptr. Check lines: 2756, 2766. taito_f3.c 2756
  • And 1 additional diagnostic messages.

MAME

V595 The 'software_list_ptr' pointer was utilized before it was verified against nullptr. Check lines: 1586, 1591. softlist.c 1586


static void find_software_item(....)
{
  char *software_list_ptr = NULL;
  ....
  *software_list_ptr =
    software_list_open( options, swlist_name, FALSE, NULL );
  if ( software_list_ptr )
  {
    *software_info_ptr =
      software_list_find( *software_list_ptr, swname, NULL );
  ....
}

Most likely this is what should be written here: if ( *software_list_ptr )


MongoDB

V595 The 'lc->cvec' pointer was utilized before it was verified against nullptr. Check lines: 447, 448. linenoise.cpp 447


static void freeCompletions(linenoiseCompletions *lc) {
  size_t i;
  for (i = 0; i < lc->len; i++)
    free(lc->cvec[i]);
  if (lc->cvec != NULL)
    free(lc->cvec);
}

MongoDB

V595 The 'm' pointer was utilized before it was verified against nullptr. Check lines: 402, 404. rs.cpp 402


void ReplSetImpl::setSelfTo(Member *m) {
  // already locked in initFromConfig
  _self = m;
  _id = m->id();
  _config = m->config();
  if( m ) _buildIndexes = m->config().buildIndexes;
  else _buildIndexes = true;
}

MongoDB

V595 The 'd' pointer was utilized before it was verified against nullptr. Check lines: 1446, 1447. dbcommands.cpp 1446


bool run(....)
{
  result.appendNumber( "fileSize" , d->fileSize() / scale );
  if( d )
    result.appendNumber( "nsSizeMB",
      (int) d->namespaceIndex.fileLength() / 1024 / 1024 );
}

ffdshow

V595 The 's' pointer was utilized before it was verified against nullptr. tsubreadermplayer.cpp 151


Tsubtitle* TsubtitleParserSami::parse(....)
{
  ....
  for (; *s != '>' && *s != '\0'; s++) {
    ;    /* skip remains of non-<P> TAG */
  }
  if (s == '\0') {
    break;
  }
  ....
}

This is an example of errors detected indirectly. The programmer actually wanted to check this: if (*s == '\0'). However, this error can be found in a different way through the V528 message.


Samba

V595 The 'ctx' pointer was utilized before it was verified against nullptr. Check lines: 67, 72. cm.c 67


static WERROR libnetapi_open_ipc_connection(
              struct libnetapi_ctx *ctx,
              const char *server_name,
              struct client_ipc_connection **pp)
{
  struct libnetapi_private_ctx *priv_ctx =
    (struct libnetapi_private_ctx *)ctx->private_data;
  struct user_auth_info *auth_info = NULL;
  struct cli_state *cli_ipc = NULL;
  struct client_ipc_connection *p;

  if (!ctx || !pp || !server_name) {
    return WERR_INVALID_PARAM;
  }
  ....
}

Newton Game Dynamics

V595 The 'child' pointer was utilized before it was verified against nullptr. Check lines: 78, 84. dgtree.cpp 78


void dgRedBackNode::RotateLeft(dgRedBackNode** const head)
{
  ....
  me->m_right = child->m_left;
  ....
  if (child != NULL) {
    child->m_parent = me->m_parent;
  }
  ....
}

Newton Game Dynamics

V595 The 'ptr' pointer was utilized before it was verified against nullptr. Check lines: 229, 230. dgtree.cpp 229


void dgRedBackNode::RemoveFixup (....)
{
  ....
  tmp = ptr->m_right;
  if (!ptr || !tmp) {
    return;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'ptr' pointer was utilized before it was verified against nullptr. Check lines: 272, 273. dgtree.cpp 272
  • V595 The 'ptr' pointer was utilized before it was verified against nullptr. Check lines: 234, 238. dgtree.cpp 234
  • V595 The 'ptr' pointer was utilized before it was verified against nullptr. Check lines: 277, 281. dgtree.cpp 277

OpenSSL

V595 The 'buf' pointer was utilized before it was verified against nullptr. Check lines: 448, 461. obj_dat.c 448


int OBJ_obj2txt(char *buf, int buf_len,
  const ASN1_OBJECT *a, int no_name)
{
  ....
  if ((a == NULL) || (a->data == NULL)) {
    buf[0]='\0';
    return(0);
  }
  ....
  if (buf)
  ....
}

OpenCV

V595 The 'fs' pointer was utilized before it was verified against nullptr. Check lines: 617, 619. persistence.cpp 617


CV_IMPL CvStringHashNode*
cvGetHashedKey( CvFileStorage* fs, .... )
{
  ....
  CvStringHash* map = fs->str_hash;
  if( !fs )
    return 0;
  ....
}

OpenCV

V595 The 'pBN' pointer was utilized before it was verified against nullptr. Check lines: 432, 434. blobtrackingauto.cpp 432


void CvBlobTrackerAuto1::Process(IplImage* pImg, IplImage* pMask)
{
  ....
  CvBlob* pBN = NewBlobList.GetBlob(i);
  pBN->ID = m_NextBlobID;

  if(pBN &&
     pBN->w >= CV_BLOB_MINW &&
     pBN->h >= CV_BLOB_MINH)
  ....
}

OpenCV

V595 The 'ConDensation' pointer was utilized before it was verified against nullptr. Check lines: 114, 116. condens.cpp 114


CV_IMPL void
cvReleaseConDensation( CvConDensation ** ConDensation )
{
  ....
  CvConDensation *CD = *ConDensation;

  if( !ConDensation )
      CV_Error( CV_StsNullPtr, "" );
  ....
}

ReactOS

V595 The 'PolicyAccountDomainInfo' pointer was utilized before it was verified against nullptr. Check lines: 254, 257. sidcache.c 254


static BOOL
LookupSidInformation(....)
{
  ....
  DomainName = &PolicyAccountDomainInfo->DomainName;
  SidNameUse = (PolicyAccountDomainInfo != NULL ?
                SidTypeGroup : SidTypeUser);
  ....
}

Similar errors can be found in some other places:

  • V595 The 'oldRelations' pointer was utilized before it was verified against nullptr. Check lines: 216, 246. pnp.c 216
  • V595 The 'Op->Common.Value.Arg' pointer was utilized before it was verified against nullptr. Check lines: 531, 554. dswload.c 531
  • V595 The 'OutOp' pointer was utilized before it was verified against nullptr. Check lines: 325, 346. dswexec.c 325
  • And 207 additional diagnostic messages.

Windows 8 Driver Samples

V595 The 'm_pWdfRequest' pointer was utilized before it was verified against nullptr. Check lines: 266, 267. filecontext.cpp 266


HRESULT
CFileContext::GetNextSubscribedMessage()
{
  ....
  m_pWdfRequest = pWdfRequest;
  m_pWdfRequest->MarkCancelable(pCallbackCancel);
  if (m_pWdfRequest != NULL)
  {
    CompleteOneArrivalEvent();
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'pAdapterCommon' pointer was utilized before it was verified against nullptr. Check lines: 456, 477. adapter.cpp 456
  • V595 The 'PortStream' pointer was utilized before it was verified against nullptr. Check lines: 111, 123. rtstream.cpp 111
  • V595 The 'pncLock' pointer was utilized before it was verified against nullptr. Check lines: 85, 112. netcfgapi.cpp 85
  • And 97 additional diagnostic messages.

NetXMS

V595 The 'securityContext' pointer was utilized before it was verified against nullptr. Check lines: 1159, 1162. pdu.cpp 1159


DWORD SNMP_PDU::encodeV3SecurityParameters(
  BYTE *buffer, DWORD bufferSize,
  SNMP_SecurityContext *securityContext)
{
  BYTE securityParameters[1024], sequence[1040];
  DWORD bytes;
  DWORD engineBoots =
    securityContext->getAuthoritativeEngine().getBoots();
  DWORD engineTime =
    securityContext->getAuthoritativeEngine().getTime();

  if ((securityContext != NULL) &&
      (securityContext->getSecurityModel() ==
       SNMP_SECURITY_MODEL_USM))
  {
  ....
}

Chromium

V595 The 'browser' pointer was utilized before it was verified against nullptr. Check lines: 5489, 5493. testing_automation_provider.cc 5489


void TestingAutomationProvider::IsPageActionVisible(
    base::DictionaryValue* args,
    IPC::Message* reply_message) {
  ....
  Browser* browser = automation_util::GetBrowserForTab(tab);
  const Extension* extension;
  if (!GetEnabledExtensionFromJSONArgs(
          ...., browser->profile(), ....)) {
    reply.SendError(error);
    return;
  }
  if (!browser) {
    reply.SendError("Tab does not belong to an open browser");
    return;
  }
  ....
}

Chromium

V595 The 'extension' pointer was utilized before it was verified against nullptr. Check lines: 277, 280. managed_user_service.cc 277


bool ManagedUserService::UserMayLoad(
  const extensions::Extension* extension,
  string16* error) const
{
  if (extension_service &&
      extension_service->GetInstalledExtension(extension->id()))
    return true;

  if (extension) {
    bool was_installed_by_default =
      extension->was_installed_by_default();
    ....
  }
}

Yasm

V595 The 'shead' pointer was utilized before it was verified against nullptr. Check lines: 672, 674. elf.c 672


unsigned long
elf_secthead_write_to_file(FILE *f, elf_secthead *shead,
                           elf_section_index sindex)
{
    unsigned char buf[SHDR_MAXSIZE], *bufp = buf;
    shead->index = sindex;

    if (shead == NULL)
        yasm_internal_error("shead is null");
  ....
}

Multi Theft Auto

V595 The 'pGame' pointer was utilized before it was verified against nullptr. Check lines: 636, 639. ccrashdumpwriter.cpp 636


void CCrashDumpWriter::GetD3DInfo ( CBuffer& buffer )
{
  ....
  CRenderWare* pRenderWare = pGame->GetRenderWare ();
  stream.Write ( (uchar)( pCore ? 1 : 0 ) );
  stream.Write ( (uchar)( pGame ? 1 : 0 ) );
  ....
}

Similar errors can be found in some other places:

  • V595 The 're' pointer was utilized before it was verified against nullptr. Check lines: 416, 421. study.c 416
  • V595 The 'szComment' pointer was utilized before it was verified against nullptr. Check lines: 1553, 1558. unzip.c 1553
  • V595 The 'pVehicle' pointer was utilized before it was verified against nullptr. Check lines: 5586, 5587. cmultiplayersa.cpp 5586
  • And 4 additional diagnostic messages.

TinyCAD

V595 The 'i' pointer was utilized before it was verified against nullptr. Check lines: 142, 144. drawmetafile.cpp 142


bool CDrawMetaFile::setImageFile(const TCHAR *filename)
{
  CImage *i = NULL;

  ....

  // Read in the buffer
  i->SetCompressedData(buffer, bytes);

  if (i != NULL)
  {
    m_metafile = m_pDesign->GetOptions()->AddMetaFile(i);
  }

  return i != NULL;
}

Apache Xerces Project

V595 The 'doc' pointer was utilized before it was verified against nullptr. Check lines: 106, 114. domcommentimpl.cpp 106


DOMComment *DOMCommentImpl::splitText(XMLSize_t offset)
{
  ....
  DOMDocumentImpl *doc = (DOMDocumentImpl *)getOwnerDocument();

  DOMComment *newText =
    doc->createComment(
      this->substringData(offset, len - offset));
  ....
  if (doc != 0) {
  ....
}

Similar errors can be found in some other places:

  • V595 The 'doc' pointer was utilized before it was verified against nullptr. Check lines: 106, 114. domcdatasectionimpl.cpp 106
  • V595 The 'doc' pointer was utilized before it was verified against nullptr. Check lines: 137, 146. domprocessinginstructionimpl.cpp 137
  • V595 The 'doc' pointer was utilized before it was verified against nullptr. Check lines: 102, 111. domtextimpl.cpp 102
  • And 3 additional diagnostic messages.

VirtualDub

V595 The 'mpData' pointer was utilized before it was verified against nullptr. Check lines: 1422, 1429. Tessa context_d3d9.cpp 1422


void VDTContextD3D9::Shutdown() {
  ....
  mpData->mFenceManager.Shutdown();
  ....
  if (mpData) {
    if (mpData->mhmodD3D9)
      FreeLibrary(mpData->mhmodD3D9);
  ....
}

Similar errors can be found in some other places:

  • V595 The 'lpbiOutput' pointer was utilized before it was verified against nullptr. Check lines: 82, 85. VirtualDub yuvcodec.cpp 82
  • V595 The 'lBytesRead' pointer was utilized before it was verified against nullptr. Check lines: 1351, 1362. VirtualDub mpeg.cpp 1351
  • V595 The 'lSamplesRead' pointer was utilized before it was verified against nullptr. Check lines: 1352, 1361. VirtualDub mpeg.cpp 1352
  • And 8 additional diagnostic messages.

Geant4 software

V595 The 'theDef' pointer was utilized before it was verified against nullptr. Check lines: 123, 125. G4hadronic_deex_photon_evaporation g4neutronradcapture.cc 123


G4HadFinalState* G4NeutronRadCapture::ApplyYourself(
  const G4HadProjectile& aTrack, G4Nucleus& theNucleus)
{
  ....
  if (verboseLevel > 1) {
    G4cout << "Gamma 4-mom: " << lv2 << "   "
     << theDef->GetParticleName() << "   " << lv1 << G4endl;
  }
  if(theDef) {
    theParticleChange.AddSecondary(
      new G4DynamicParticle(theDef, lv1));
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'theDef' pointer was utilized before it was verified against nullptr. Check lines: 164, 167. G4hadronic_deex_photon_evaporation g4neutronradcapture.cc 164
  • V595 The 'theElementVector' pointer was utilized before it was verified against nullptr. Check lines: 521, 522. G4materials g4material.cc 521
  • V595 The 'theFinalStatePhotons[i]' pointer was utilized before it was verified against nullptr. Check lines: 403, 410. G4had_neu_hp g4neutronhpinelasticcompfs.cc 403
  • And 27 additional diagnostic messages.

GNU C Library

V595 The 'h_errnop' pointer was utilized before it was verified against nullptr. Check lines: 146, 172. getnssent_r.c 146


int __nss_getent_r (....)
{
  ....
  if (res && __res_maybe_init (&_res, 0) == -1)
  {
    *h_errnop = NETDB_INTERNAL;
    *result = NULL;
    return errno;
  }
  ....
  if (status == NSS_STATUS_TRYAGAIN
      && (h_errnop == NULL || *h_errnop == NETDB_INTERNAL)
      && errno == ERANGE)
}

GNU C Library

V595 The 'clp' pointer was utilized before it was verified against nullptr. Check lines: 145, 150. clnt_raw.c 145


static enum clnt_stat
clntraw_call (h, proc, xargs, argsp, xresults, resultsp, timeout)
     CLIENT *h;
     u_long proc;
     xdrproc_t xargs;
     caddr_t argsp;
     xdrproc_t xresults;
     caddr_t resultsp;
     struct timeval timeout;
{
  struct clntraw_private_s *clp = clntraw_private;
  XDR *xdrs = &clp->xdr_stream;
  ....
  if (clp == NULL)
    return RPC_FAILED;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'clp' pointer was utilized before it was verified against nullptr. Check lines: 232, 235. clnt_raw.c 232

Coin3D

V595 The 'node' pointer was utilized before it was verified against nullptr. Check lines: 2397, 2407. sobasekit.cpp 2397


SbBool
SoBaseKit::setPart(const int partnum, SoNode * node)
{
  ....
  if (childlist->find(node) >= 0) {
    SoDebugError::postWarning("SoBaseKit::setPart",
      "Node pointer (%p, '%s', '%s') is "
      "already used under the same group node in the catalog "
      "as a child of part '%s' -- this is not allowed",
      node,
      node->getName().getString(),
      node->getTypeId().getName().getString(),
      catalog->getName(parentIdx).getString());
    return FALSE;
  }
  ....
  if (node)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'this->getAttachedField()' pointer was utilized before it was verified against nullptr. Check lines: 141, 145. sofieldsensor.cpp 141

Firebird

V595 The 'bcb' pointer was utilized before it was verified against nullptr. Check lines: 271, 274. cch.cpp 271


int CCH_down_grade_dbb(void* ast_object)
{
  ....
  SyncLockGuard bcbSync(&bcb->bcb_syncObject, SYNC_EXCLUSIVE,
                        "CCH_down_grade_dbb");
  bcb->bcb_flags &= ~BCB_exclusive;

  if (bcb && bcb->bcb_count)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'tdgbl->action->act_file' pointer was utilized before it was verified against nullptr. Check lines: 1396, 1398. mvol.cpp 1396
  • V595 The 'desc' pointer was utilized before it was verified against nullptr. Check lines: 1928, 1933. cvt.cpp 1928
  • V595 The 'eof' pointer was utilized before it was verified against nullptr. Check lines: 239, 241. dsql.cpp 239
  • And 28 additional diagnostic messages.

CryEngine 3 SDK

V595 The 'p' pointer was utilized before it was verified against nullptr. Check lines: 325, 326. scripthelpers.h 325


bool Create( IScriptSystem *pSS,bool bCreateEmpty=false )
{
  if (p) p->Release();
  p = pSS->CreateTable(bCreateEmpty);
  p->AddRef();
  return (p)?true:false;
}

Similar errors can be found in some other places:

  • V595 The 'm_pControlledPlayer' pointer was utilized before it was verified against nullptr. Check lines: 70, 91. mountedguncontroller.cpp 70
  • V595 The 'pRagdollContext' pointer was utilized before it was verified against nullptr. Check lines: 4569, 4596. player.cpp 4569
  • V595 The 'pEquipmentLoadout' pointer was utilized before it was verified against nullptr. Check lines: 9794, 9798. player.cpp 9794
  • And 32 additional diagnostic messages.

Push Framework

V595 The 'pClient' pointer was utilized before it was verified against nullptr. Check lines: 244, 250. dispatcher.cpp 244


void Dispatcher::processFirstPacket(....)
{
  ....
  std::string clientKey = pClient->getKey();
  ....
  if(pClient)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'buf' pointer was utilized before it was verified against nullptr. Check lines: 2251, 2256. xmlparser.cpp 2251
  • V595 The 'pEntry' pointer was utilized before it was verified against nullptr. Check lines: 2282, 2286. xmlparser.cpp 2282
  • V595 The 'outlen' pointer was utilized before it was verified against nullptr. Check lines: 3703, 3707. xmlparser.cpp 3703

Wild Magic 5

V595 The 'compiledShader' pointer was utilized before it was verified against nullptr. Check lines: 44, 48. wm5dx9pixelshader.cpp 44


PdrPixelShader::PdrPixelShader (Renderer* renderer,
    const PixelShader* pshader)
{
  ....
  hr = device->CreatePixelShader(
   (DWORD*)(compiledShader->GetBufferPointer()), &mShader);

  assertion(hr == D3D_OK, "Failed to create pixel shader\n");

  if (compiledShader)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'compiledShader' pointer was utilized before it was verified against nullptr. Check lines: 44, 48. wm5dx9vertexshader.cpp 44
  • V595 The 'indices' pointer was utilized before it was verified against nullptr. Check lines: 93, 111. convexhull2d.cpp 93

V8 JavaScript Engine

V595 The 'collator' pointer was utilized before it was verified against nullptr. Check lines: 1142, 1145. nfrule.cpp 1142


int32_t
NFRule::prefixLength(....) const
{
  ....
  CollationElementIterator* strIter =
    collator->createCollationElementIterator(str);
  ....
  if (collator == NULL || strIter == NULL || prefixIter == NULL)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'collator' pointer was utilized before it was verified against nullptr. Check lines: 1444, 1447. nfrule.cpp 1444
  • V595 The 'firstFinalTZTransition' pointer was utilized before it was verified against nullptr. Check lines: 865, 886. olsontz.cpp 865
  • V595 The 'coll' pointer was utilized before it was verified against nullptr. Check lines: 1104, 1121. ucol_res.cpp 1104
  • And 15 additional diagnostic messages.

Data Distribution Service

V595 The 'topic_servant_' pointer was utilized before it was verified against nullptr. Check lines: 164, 168. datareaderimpl.cpp 164


void
DataReaderImpl::cleanup()
{
  ....
  if (owner_manager_) {
    owner_manager_->unregister_reader(
      topic_servant_->type_name(), this);
  }
  if (topic_servant_) {
  ....
}

Similar errors can be found in some other places:

  • V595 The 'this->current_' pointer was utilized before it was verified against nullptr. Check lines: 522, 524. serializer.inl 522
  • V595 The 'this->reactor()' pointer was utilized before it was verified against nullptr. Check lines: 1131, 1137. acceptor.cpp 1131
  • V595 The 'file' pointer was utilized before it was verified against nullptr. Check lines: 404, 407. filecache.cpp 404
  • And 3 additional diagnostic messages.

FlightGear

V595 The 'prev' pointer was utilized before it was verified against nullptr. Check lines: 858, 868. aiship.cxx 858


bool FGAIShip::initFlightPlan() {
  ....
  prev = fp->getPreviousWaypoint();
  ....
  setHeading(getCourse(prev->getLatitude(),
                       prev->getLongitude(),
                       curr->getLatitude(),
                       curr->getLongitude()));
  ....
  if (prev)
    init = true;
  ....
}

FlightGear

V595 The 'a' pointer was utilized before it was verified against nullptr. Check lines: 478, 479. codegen.c 478


static int tokMatch(struct Token* a, struct Token* b)
{
  int i, l = a->strlen;
  if(!a || !b) return 0;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'apt' pointer was utilized before it was verified against nullptr. Check lines: 1076, 1083. route_mgr.cxx 1076
  • V595 The 'aFilter' pointer was utilized before it was verified against nullptr. Check lines: 66, 76. positionedoctree.cxx 66
  • V595 The 'n' pointer was utilized before it was verified against nullptr. Check lines: 168, 173. props.cxx 168
  • And 12 additional diagnostic messages.

FFmpeg

V595 The 'ts->pids[pid]' pointer was utilized before it was verified against nullptr. Check lines: 1377, 1379. mpegts.c 1377


static void m4sl_cb(....)
{
  ....
  if (ts->pids[pid]->es_id != mp4_descr[i].es_id)
    continue;
  if (!(ts->pids[pid] && ts->pids[pid]->type == MPEGTS_PES)) {
  ....
}

Scilab

V595 The 'sco' pointer was utilized before it was verified against nullptr. Check lines: 305, 311. canimxy3d.c 305


static void appendData(....)
{
  ....
  sco_data *sco = (sco_data *) * (block->work);
  int maxNumberOfPoints = sco->internal.maxNumberOfPoints;
  int numberOfPoints = sco->internal.numberOfPoints;

  if (sco != NULL && numberOfPoints >= maxNumberOfPoints)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'style' pointer was utilized before it was verified against nullptr. Check lines: 115, 124. champ.c 115
  • V595 The 'lenStVarOne' pointer was utilized before it was verified against nullptr. Check lines: 270, 274. sci_toprint.cpp 270
  • V595 The 'root->attr' pointer was utilized before it was verified against nullptr. Check lines: 819, 824. ezxml.c 819
  • And 58 additional diagnostic messages.

Unreal Engine 4

V595 The 'GEngine' pointer was utilized before it was verified against nullptr. Check lines: 9714, 9719. unrealengine.cpp 9714


/**
 * Global engine pointer.
 * Can be 0 so don't use without checking.
 */
ENGINE_API UEngine* GEngine = NULL;

bool UEngine::LoadMap( FWorldContext& WorldContext,
  FURL URL, class UPendingNetGame* Pending, FString& Error )
{
  ....
  if (GEngine->GameViewport != NULL)
  {
    ClearDebugDisplayProperties();
  }

  if( GEngine )
  {
    GEngine->WorldDestroyed( WorldContext.World() );
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'Linker' pointer was utilized before it was verified against nullptr. Check lines: 754, 772. asyncloading.cpp 754
  • V595 The 'InstanceGraph' pointer was utilized before it was verified against nullptr. Check lines: 93, 112. reloadobjectarc.cpp 93
  • V595 The 'Linker' pointer was utilized before it was verified against nullptr. Check lines: 3381, 3384. savepackage.cpp 3381
  • And 80 additional diagnostic messages.

Qt

V595 The 'outline' pointer was utilized before it was verified against nullptr. Check lines: 1746, 1749. qgrayraster.c 1746


static int gray_raster_render(....)
{
  const QT_FT_Outline* outline =
    (const QT_FT_Outline*)params->source;

  ....

  /* return immediately if the outline is empty */
  if ( outline->n_points == 0 || outline->n_contours <= 0 )
    return 0;

  if ( !outline || !outline->contours || !outline->points )
    return ErrRaster_Invalid_Outline;

  ....
}

Optimization too early.

Similar errors can be found in some other places:

  • V595 The 'd' pointer was utilized before it was verified against nullptr. Check lines: 264, 266. qpluginloader.cpp 264
  • V595 The 'lib' pointer was utilized before it was verified against nullptr. Check lines: 309, 317. qlibrary.cpp 309
  • V595 The 'self' pointer was utilized before it was verified against nullptr. Check lines: 1132, 1136. qcoreapplication.cpp 1132
  • And 78 additional diagnostic messages.

ANGLE

V595 The 'textureObject' pointer was utilized before it was verified against nullptr. Check lines: 7088, 7093. libglesv2.cpp 7088


bool __stdcall glBindTexImage(egl::Surface *surface)
{
  ....
  gl::Texture2D *textureObject = context->getTexture2D();

  if (textureObject->isImmutable())
  {
    return false;
  }

  if (textureObject)
  {
    textureObject->bindTexImage(surface);
  }
  ....
}

OpenSSL

V595 The 's' pointer was utilized before it was verified against nullptr. Check lines: 1013, 1019. ssl_lib.c 1013


int SSL_shutdown(SSL *s)
{
  if (s->handshake_func == 0)
  {
    SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
    return -1;
  }

  if ((s != NULL) && !SSL_in_init(s))
    return(s->method->ssl_shutdown(s));
  else
    return(1);
  }
  ....
}

OpenSSL

V595 The 'pub_key' pointer was utilized before it was verified against nullptr. Check lines: 951, 952. e_ubsec.c 951


#define bn_wexpand(a,words) \
  (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))

static int ubsec_dh_generate_key(DH *dh)
{
  ....
  if(bn_wexpand(pub_key, dh->p->top) == NULL) goto err;
  if(pub_key == NULL) goto err;
  ....
}

The 'pub_key' pointer was dereferenced in bn_wexpand macros.


SlimDX

V595 The 'effects' pointer was utilized before it was verified against nullptr. Check lines: 66, 73. secondarysoundbuffer.cpp 66


array<SoundEffectResult>^ SecondarySoundBuffer::SetEffects(
  array<Guid>^ effects )
{
  DWORD count = effects->Length;
  ....
  if( effects != nullptr && count > 0 )
  ....
}

TortoiseGit

V595 The 'n' pointer was utilized before it was verified against nullptr. Check lines: 41, 43. decorate.c 41


void free_decoration(struct decoration *n)
{
  unsigned int i;
  struct object_decoration *hash = n->hash;
  if (n == NULL || n->hash == NULL)
    return;
  ....
}

OpenMW

V595 The 'mPlayer' pointer was utilized before it was verified against nullptr. Check lines: 234, 245. openmw worldimp.cpp 234


void World::clear()
{
  mLocalScripts.clear();
  mPlayer->clear();
  ....
  if (mPlayer)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'mBody' pointer was utilized before it was verified against nullptr. Check lines: 95, 99. openmw physic.cpp 95

Mozilla Firefox

V595 The 'head' pointer was utilized before it was verified against nullptr. Check lines: 1915, 1920. nshttptransaction.cpp 1915


void
nsHttpTransaction::RestartVerifier::Set(int64_t contentLength,
                                        nsHttpResponseHead *head)
{
  if (mSetup)
    return;

  if (head->Status() != 200)
    return;

  mContentLength = contentLength;

  if (head) {
  ....
}

Newton Game Dynamics

V595 The 'sp' pointer was utilized before it was verified against nullptr. Check lines: 77, 85. ptw32_throw.c 77


void
ptw32_throw (DWORD exception)
{
  ....
  ptw32_thread_t * sp =
    (ptw32_thread_t *) pthread_getspecific (ptw32_selfThreadKey);

  sp->state = PThreadStateExiting;

  if (exception != PTW32_EPS_CANCEL &&
      exception != PTW32_EPS_EXIT)
  {
    exit (1);
  }
  ....
  if (NULL == sp || sp->implicit)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'sem' pointer was utilized before it was verified against nullptr. Check lines: 138, 142. sem_timedwait.c 138
  • V595 The 'assoc' pointer was utilized before it was verified against nullptr. Check lines: 89, 91. pthread_key_delete.c 89
  • V595 The 'faceNode' pointer was utilized before it was verified against nullptr. Check lines: 785, 795. dgconvexhull3d.cpp 785
  • And 17 additional diagnostic messages.

Wine Is Not an Emulator

V595 The 'decl' pointer was utilized before it was verified against nullptr. Check lines: 1411, 1417. parser.y 1411


static var_t *declare_var(....)
{
  ....
  var_t *v = decl->var;                                 // <=
  expr_list_t *sizes = get_attrp(attrs, ATTR_SIZEIS);
  expr_list_t *lengs = get_attrp(attrs, ATTR_LENGTHIS);
  int sizeless;
  expr_t *dim;
  type_t **ptype;
  array_dims_t *arr = decl ? decl->array : NULL;        // <=
  type_t *func_type = decl ? decl->func_type : NULL;    // <=
  ....
}

Similar errors can be found in some other places:

  • V595 The 'pcbData' pointer was utilized before it was verified against nullptr. Check lines: 1859, 1862. registry.c 1859
  • V595 The 'token_user' pointer was utilized before it was verified against nullptr. Check lines: 206, 213. lsa.c 206
  • V595 The 'psp' pointer was utilized before it was verified against nullptr. Check lines: 2680, 2689. propsheet.c 2680
  • And 4 additional diagnostic messages.

Cocos2d-x

V595 The 'values' pointer was utilized before it was verified against nullptr. Check lines: 188, 189. ccbundlereader.h 188


template<>
inline bool BundleReader::readArray<std::string>(
  unsigned int *length, std::vector<std::string> *values)
{
  ....
  values->clear();             // <=
  if (*length > 0 && values)   // <=
  {
    for (int i = 0; i < (int)*length; ++i)
    {
      values->push_back(readString());
    }
  }
  return true;
}

Similar errors can be found in some other places:

  • V595 The '_openGLView' pointer was utilized before it was verified against nullptr. Check lines: 410, 417. ccdirector.cpp 410
  • V595 The 'node' pointer was utilized before it was verified against nullptr. Check lines: 365, 374. cctween.cpp 365
  • V595 The 'rootEle' pointer was utilized before it was verified against nullptr. Check lines: 378, 379. ccfileutils.cpp 378
  • And 6 additional diagnostic messages.

Asterisk

V595 The 'object_wizard->wizard' pointer was utilized before it was verified against nullptr. Check lines: 683, 686. sorcery.c 683


static void sorcery_object_wizard_destructor(void *obj)
{
  struct ast_sorcery_object_wizard *object_wizard = obj;

  if (object_wizard->data) {
    object_wizard->wizard->close(object_wizard->data);      // <=
  }

  if (object_wizard->wizard) {                              // <=
    ast_module_unref(object_wizard->wizard->module);
  }

  ao2_cleanup(object_wizard->wizard);                       // <=
}

PHP:Hypertext Preprocessor

V595 The 'function_name' pointer was utilized before it was verified against nullptr. Check lines: 4859, 4860. basic_functions.c 4859


static int user_shutdown_function_call(zval *zv TSRMLS_DC)
{
  ....
  php_error(E_WARNING, "....", function_name->val);  // <=
  if (function_name) {                               // <=
    STR_RELEASE(function_name);
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'callback_name' pointer was utilized before it was verified against nullptr. Check lines: 5007, 5021. basic_functions.c 5007

Grassroots DICOM library (GDCM)

V595 The 'str' pointer was utilized before it was verified against nullptr. Check lines: 26, 27. gdcmprivatetag.cxx 26


bool PrivateTag::ReadFromCommaSeparatedString(const char *str)
{
  unsigned int group = 0, element = 0;
  std::string owner;
  owner.resize( strlen(str) );
  if( !str || sscanf(str, "%04x,%04x,%s", &group ,
                     &element, &owner[0] ) != 3 )
  {
    gdcmDebugMacro( "Problem reading Private Tag: " << str );
    return false;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'Internal' pointer was utilized before it was verified against nullptr. Check lines: 217, 223. gdcmjpegcodec.cxx 217
  • V595 The 'Internal' pointer was utilized before it was verified against nullptr. Check lines: 321, 327. gdcmjpegcodec.cxx 321

K Desktop Environment

V595 The 'priv->slider' pointer was utilized before it was verified against nullptr. Check lines: 786, 792. knuminput.cpp 786


void KDoubleNumInput::spinBoxChanged(double val)
{
  ....
  const double slidemin = priv->slider->minimum();      // <=
  const double slidemax = priv->slider->maximum();      // <=
  ....
  if (priv->slider) {                                   // <=
    priv->slider->blockSignals(true);
    priv->slider->setValue(qRound(slidemin + rel * (....)));
    priv->slider->blockSignals(false);
  }
}

Similar errors can be found in some other places:

  • V595 The 'incBase' pointer was utilized before it was verified against nullptr. Check lines: 2487, 2491. incidenceformatter.cpp 2487
  • V595 The 'm_instance' pointer was utilized before it was verified against nullptr. Check lines: 364, 376. ksystemtimezone.cpp 364
  • V595 The 'job' pointer was utilized before it was verified against nullptr. Check lines: 778, 783. knewfilemenu.cpp 778
  • And 3 additional diagnostic messages.

Miranda NG

V595 The 'dat' pointer was utilized before it was verified against nullptr. Check lines: 428, 430. TabSRMM buttonsbar.cpp 428


void TSAPI BB_InitDlgButtons(TWindowData *dat)
{
  ....
  HWND hdlg = dat->hwnd;
  ....
  if (dat == 0 || hdlg == 0) { return; }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'gce' pointer was utilized before it was verified against nullptr. Check lines: 519, 522. Miranda chat_svc.cpp 519
  • V595 The 'group->cl.items' pointer was utilized before it was verified against nullptr. Check lines: 137, 139. Miranda clcitems.cpp 137
  • V595 The 'text' pointer was utilized before it was verified against nullptr. Check lines: 357, 372. Miranda clcutils.cpp 357
  • And 161 additional diagnostic messages.

Spring Engine

V595 The 'model->GetRootPiece()' pointer was utilized before it was verified against nullptr. Check lines: 236, 238. engine-headless%engine-legacy imodelparser.cpp 236


S3DModel* C3DModelLoader::Load3DModel(std::string modelName)
{
  ....
  model->GetRootPiece()->SetCollisionVolume(                // <=
    new CollisionVolume("box", -UpVector, ZeroVector));

  if (model->GetRootPiece() != NULL) {                      // <=
    CreateLists(model->GetRootPiece());
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'szComment' pointer was utilized before it was verified against nullptr. Check lines: 1559, 1564. assimp unzip.c 1559
  • V595 The 'facCAI' pointer was utilized before it was verified against nullptr. Check lines: 1059, 1064. engineSim commandai.cpp 1059
  • V595 The 'projectileDrawer' pointer was utilized before it was verified against nullptr. Check lines: 170, 176. engineSim shieldprojectile.cpp 170
  • And 1 additional diagnostic messages.

Linux Kernel

V595 The 'podhd' pointer was utilized before it was verified against nullptr. Check lines: 96, 98. podhd.c 96


static int podhd_try_init(struct usb_interface *interface,
        struct usb_line6_podhd *podhd)
{
  int err;
  struct usb_line6 *line6 = &podhd->line6;

  if ((interface == NULL) || (podhd == NULL))
    return -ENODEV;
  ....
}

Discussion: http://www.viva64.com/en/b/0306/


Linux Kernel

V595 The 'skb' pointer was utilized before it was verified against nullptr. Check lines: 949, 951. act_api.c 949


static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n)
{
  struct net *net = sock_net(skb->sk);
  struct nlattr *tca[TCA_ACT_MAX + 1];
  u32 portid = skb ? NETLINK_CB(skb).portid : 0;
  ....
}

Linux Kernel

V595 The 'inode' pointer was utilized before it was verified against nullptr. Check lines: 905, 907. move_extents.c 905


static int ocfs2_move_extents(
  struct ocfs2_move_extents_context *context)
{
  int status;
  handle_t *handle;
  struct inode *inode = context->inode;
  struct ocfs2_dinode *di;
  struct buffer_head *di_bh = NULL;
  struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);

  if (!inode)
    return -ENOENT;
  ....
}

Linux Kernel

V595 The 'i2400m->tx_msg' pointer was utilized before it was verified against nullptr. Check lines: 759, 764. tx.c 759


int i2400m_tx(struct i2400m *i2400m, ....)
{
  ....
  if (i2400m->tx_msg->size + padded_len > I2400M_TX_MSG_SIZE) {
    d_printf(2, dev, "TX: message too big, going new\n");
    i2400m_tx_close(i2400m);
    i2400m_tx_new(i2400m);
  }
  if (i2400m->tx_msg == NULL)
    goto error_tx_new;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'txpeer' pointer was utilized before it was verified against nullptr. Check lines: 1011, 1022. lib-move.c 1011
  • V595 The 'odev' pointer was utilized before it was verified against nullptr. Check lines: 1012, 1017. hso.c 1012
  • V595 The 'skb' pointer was utilized before it was verified against nullptr. Check lines: 1012, 1032. r8192U_core.c 1012
  • And 235 additional diagnostic messages.

LibreOffice

V595 The 'pSysWin' pointer was utilized before it was verified against nullptr. Check lines: 738, 739. updatecheckui.cxx 738


IMPL_LINK( UpdateCheckUI, ApplicationEventHdl,
           VclSimpleEvent *, pEvent)
{
  ....
  SystemWindow *pSysWin = pWindow->GetSystemWindow();
  MenuBar      *pMBar   = pSysWin->GetMenuBar();
  if ( pSysWin && pMBar )
  {
    AddMenuBarIcon( pSysWin, true );
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'm_pData' pointer was utilized before it was verified against nullptr. Check lines: 1716, 1731. owriteablestream.cxx 1716
  • V595 The 'm_pData' pointer was utilized before it was verified against nullptr. Check lines: 1923, 1938. xstorage.cxx 1923
  • V595 The 'pOld0RGB' pointer was utilized before it was verified against nullptr. Check lines: 750, 754. ios2met.cxx 750
  • And 17 additional diagnostic messages.

.NET CoreCLR

V595 The 'tree' pointer was utilized before it was verified against nullptr. Check lines: 6970, 6976. ClrJit gentree.cpp 6970


void Compiler::gtDispNode(GenTreePtr tree, ....)
{
  ....
  if (tree->gtOper >= GT_COUNT)
  {
    printf(" **** ILLEGAL NODE ****");
    return;
  }

  if  (tree && printFlags)
  {
    /* First print the flags associated with the node */
    switch (tree->gtOper)
    {
      ....
    }
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'm_table' pointer was utilized before it was verified against nullptr. Check lines: 422, 437. ClrJit simplerhash.inl 422
  • V595 The 'block' pointer was utilized before it was verified against nullptr. Check lines: 7548, 7550. ClrJit codegencommon.cpp 7548
  • V595 The 'op1' pointer was utilized before it was verified against nullptr. Check lines: 10808, 10831. ClrJit gentree.cpp 10808
  • And 26 additional diagnostic messages.

SETI@home

V595 The 'ChirpSteps' pointer was utilized before it was verified against nullptr. Check lines: 138, 166. chirpfft.cpp 138


size_t GenChirpFftPairs(....)
{
  ....
  double * ChirpSteps;
  ....
  ChirpSteps = (double *)calloc(swi.num_fft_lengths,
    sizeof(double));
  ....
  CRate+=ChirpSteps[j];
  ....
  if (ChirpSteps) free (ChirpSteps);
  ....
}

#info Don't need check ChirpSteps before used 'free' function

Unreal Engine 4

V595 The 'GEngine' pointer was utilized before it was verified against nullptr. Check lines: 629, 647. sgamemenupagewidget.cpp 629


void SGameMenuPageWidget::Tick(....)
{
  //ugly code seeing if the console is open
  UConsole* ViewportConsole = (GEngine->GameViewport != nullptr)
    ? GEngine->GameViewport->ViewportConsole : nullptr;
  ....
  if (GEngine && GEngine->GameViewport )
  {
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'ToRenderBitmapSource' pointer was utilized before it was verified against nullptr. Check lines: 317, 337. windowsplatformsplash.cpp 317
  • V595 The 'PropertyClass' pointer was utilized before it was verified against nullptr. Check lines: 430, 445. propertybaseobject.cpp 430
  • V595 The 'Linker' pointer was utilized before it was verified against nullptr. Check lines: 3610, 3613. savepackage.cpp 3610
  • And 11 additional diagnostic messages.

Unreal Engine 4

V595 The 'GEngine' pointer was utilized before it was verified against nullptr. Check lines: 47, 48. gammauipanel.cpp 47


float SGammaUIPanel::OnGetGamma() const
{
  float DisplayGamma = GEngine->DisplayGamma;
  return GEngine ? DisplayGamma : 2.2f;
}

Unreal Engine 4

V595 The 'Object' pointer was utilized before it was verified against nullptr. Check lines: 814, 815. uobjectbase.cpp 814


const TCHAR* DebugFName(UObject* Object)
{
  static TCHAR TempName[256];
  FName Name = Object->GetFName();
  FCString::Strcpy(TempName,
    Object ? *FName::SafeString(Name.GetDisplayIndex(),
    Name.GetNumber()) : TEXT("NULL"));
  return TempName;
}

Unreal Engine 4

V595 The 'GEditor' pointer was utilized before it was verified against nullptr. Check lines: 1115, 1123. behaviortreedebugger.cpp 1115


void FBehaviorTreeDebugger::OnInstanceSelectedInDropdown(....)
{
  ....
  USelection* SelectedActors =
    GEditor->GetSelectedActors();                       // <=
  if (SelectedActors && OldPawn)
  {
    SelectedActors->Deselect(OldPawn);
  }

  TreeInstance = SelectedInstance;

  if (SelectedActors && GEditor && SelectedInstance &&  // <=
      SelectedInstance->GetOwner())
  {
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'PuppetActor' pointer was utilized before it was verified against nullptr. Check lines: 561, 570. sequenceractorbindingmanager.cpp 561
  • V595 The 'ViewState' pointer was utilized before it was verified against nullptr. Check lines: 3112, 3114. shadowrendering.cpp 3112
  • V595 The 'DuplicatedNode' pointer was utilized before it was verified against nullptr. Check lines: 2954, 2957. kismetcompiler.cpp 2954
  • And 2 additional diagnostic messages.

Unreal Engine 4

V595 The 'Asset' pointer was utilized before it was verified against nullptr. Check lines: 581, 583. assetrenamemanager.cpp 581


void FAssetRenameManager::PerformAssetRename(....) const
{
  ....
  UObject* Asset = RenameData.Asset.Get();
  FString OldAssetPath = Asset->GetPathName();
  if ( !Asset )
  {
    RenameData.bRenameFailed = true;
    continue;
  }
  ....
}

Unreal Engine 4

V595 The 'Rig' pointer was utilized before it was verified against nullptr. Check lines: 1844, 1846. animsequence.cpp 1844


void FillUpTransformBasedOnRig(USkeleton* Skeleton, ....)
{
  ....
  const URig* Rig = Skeleton->GetRig();

  // this one has to collect all Nodes in Rig data
  // since we're comparing two of them together.
  int32 NodeNum = Rig->GetNodeNum();

  if (Rig && NodeNum > 0)
  {
    ....
  }
  ....
}

Unreal Engine 4

V595 The 'InstanceGraph' pointer was utilized before it was verified against nullptr. Check lines: 93, 112. reloadobjectarc.cpp 93


void FReloadObjectArc::SerializeObject( UObject* Obj )
{
  ....
  // set this to prevent recursion in serialization
  if ( IsLoading() )
  {
    ....
    InstanceGraph->EnableSubobjectInstancing(false);
    ....
  }
  ....
  if ( IsLoading() )
  {
    if ( InstanceGraph != NULL )
    {
      InstanceGraph->EnableSubobjectInstancing(true);
      ....
  }
  ....
}

FreeCAD

V595 The 'root' pointer was utilized before it was verified against nullptr. Check lines: 293, 294. view3dinventorexamples.cpp 293


void LightManip(SoSeparator * root)
{

  SoInput in;
  in.setBuffer((void *)scenegraph, std::strlen(scenegraph));
  SoSeparator * _root = SoDB::readAll( &in );
  root->addChild(_root);       // <=
  if ( root == NULL ) return;  // <=
  root->ref();
  ....
}

Similar errors can be found in some other places:

  • V595 The 'cam' pointer was utilized before it was verified against nullptr. Check lines: 1049, 1056. viewprovider.cpp 1049
  • V595 The 'viewProviderRoot' pointer was utilized before it was verified against nullptr. Check lines: 187, 188. taskcheckgeometry.cpp 187
  • V595 The 'node' pointer was utilized before it was verified against nullptr. Check lines: 209, 210. viewproviderrobotobject.cpp 209
  • And 6 additional diagnostic messages.

Apple II emulator

V595 The 'pArg' pointer was utilized before it was verified against nullptr. Check lines: 204, 207. debugger_parser.cpp 204


bool ArgsGetValue (
  Arg_t *pArg, WORD * pAddressValue_, const int nBase )
{
  TCHAR *pSrc = & (pArg->sArg[ 0 ]);
  TCHAR *pEnd = NULL;

  if (pArg && pAddressValue_)
  {
    *pAddressValue_ =
       (WORD)(_tcstoul( pSrc, &pEnd, nBase) & _6502_MEM_END);
    return true;
  }
  return false;
}

Null Pointer Dereferencing Causes Undefined Behavior: http://www.viva64.com/en/b/0306/

Similar errors can be found in some other places:

  • V595 The 'pToken_' pointer was utilized before it was verified against nullptr. Check lines: 811, 823. debugger_parser.cpp 811

Gamer_Z eXtreme Party

V595 The 'ec' pointer was utilized before it was verified against nullptr. Check lines: 859, 860. operations.cpp 859


BOOST_FILESYSTEM_DECL
void copy(...., system::error_code* ec)
{
  file_status s(symlink_status(from, *ec));
  if (ec != 0 && *ec) return;
  ....
}

Git

V595 The 'two' pointer was utilized before it was verified against nullptr. Check lines: 51, 52. diffcore-pickaxe.c 51


static int diff_grep(mmfile_t *one, mmfile_t *two,
                     regex_t *regexp, ....)
{
  ....
  regmatch_t regmatch;
  if (!one)
    return !regexec(regexp, two->ptr, 1, ®match, 0);
  if (!two)
    return !regexec(regexp, one->ptr, 1, ®match, 0);
  ....
}

Git

V595 The 'abbrev_option' pointer was utilized before it was verified against nullptr. Check lines: 305, 312. parse-options.c 305


static int parse_long_opt(struct parse_opt_ctx_t *p,
                          const struct option *options, ....)
{
  const struct option *all_opts = options;
  const struct option *abbrev_option = NULL,
                      *ambiguous_option = NULL;
  ....
  if (ambiguous_option)
    return error(...., abbrev_option->long_name);
  if (abbrev_option)
    return get_value(p, abbrev_option, all_opts, abbrev_flags);
  ....
}

Git

V595 The 'ctx->opt' pointer was utilized before it was verified against nullptr. Check lines: 439, 445. parse-options.c 439


int parse_options_step(struct parse_opt_ctx_t *ctx,
                       const struct option *options,
                       const char * const usagestr[])
{
  int internal_help = !(ctx->flags & PARSE_OPT_NO_INTERNAL_HELP);
  ....
  if (internal_help && *ctx->opt == 'h')
    return parse_options_usage(ctx, usagestr, options, 0);
  ....
  if (ctx->opt)
  ....
}

Git

V595 The 'tree' pointer was utilized before it was verified against nullptr. Check lines: 134, 136. revision.c 134


void mark_tree_uninteresting(struct tree *tree)
{
  struct object *obj = &tree->object;
  if (!tree)
    return;
  ....
}

Git

V595 The 'match' pointer was utilized before it was verified against nullptr. Check lines: 927, 929. sha1_name.c 927


static int grab_nth_branch_switch(const char *message, ....)
{
  const char *match = NULL, *target = NULL;
  ....
  if (skip_prefix(message, "checkout: moving from ", &match))
    target = strstr(match, " to ");
  if (!match || !target)
    return 0;
  ....
}

Git

V595 The 'prefix' pointer was utilized before it was verified against nullptr. Check lines: 395, 411. pathspec.c 395


void parse_pathspec(const char *prefix, ....)
{
  struct pathspec_item *item;
  int prefixlen;
  ....
  item->nowildcard_len = item->len = strlen(prefix);
  ....
  prefixlen = prefix ? strlen(prefix) : 0;
  ....
}

Git

V595 The 'last' pointer was utilized before it was verified against nullptr. Check lines: 1116, 1141. fast-import.c 1116


static int store_object(struct last_object *last, ....)
{
  off_t ofs = e->idx.offset - last->offset;
  ....
  e->depth = last->depth + 1;
  ....
  if (last)
  ....
}

Git

V595 The 'head_commit' pointer was utilized before it was verified against nullptr. Check lines: 1294, 1315. merge.c 1294


static int have_message;

int cmd_merge(int argc, const char **argv, ....)
{
  struct commit *head_commit;
  ....
  if (!have_message && is_old_style_invocation(argc, argv,
                                       head_commit->object.sha1))
  ....
  if (!head_commit || !argc)
  ....
}

Git

V595 The 'shortname' pointer was utilized before it was verified against nullptr. Check lines: 58, 80. branch.c 58


void install_branch_config(int flag, const char *local,
                          const char *origin, const char *remote)
{
  const char *shortname = NULL;
  ....
  if (!strcmp(local, shortname) && ....)
  ....
  if (shortname)
  ....
}

Git

V595 The 'rhs' pointer was utilized before it was verified against nullptr. Check lines: 558, 563. remote.c 558


static struct refspec *parse_refspec_internal(....)
{
  ....
  const char *lhs, *rhs;
  ....
  rhs = strrchr(lhs, ':');
  if (.... && rhs[1] == '\0')
  ....
  if (rhs)
  ....
}

Git

V595 The 'interesting_cache' pointer was utilized before it was verified against nullptr. Check lines: 354, 364. revision.c 354


static int everybody_uninteresting(....,
               struct commit **interesting_cache)
{
  if (*interesting_cache)
  ....
  if (interesting_cache)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'tp' pointer was utilized before it was verified against nullptr. Check lines: 198, 220. tree-diff.c 198
  • V595 The 'mctx->state_log[* pidx]' pointer was utilized before it was verified against nullptr. Check lines: 1328, 1339. regexec.c 1328
  • V595 The 'set->elems' pointer was utilized before it was verified against nullptr. Check lines: 1306, 1316. regex_internal.c 1306

GNU Octave

V595 The 'Pinv' pointer was utilized before it was verified against nullptr. Check lines: 66, 79. colamd.cc 66


static void
symetree(const octave_idx_type *ridx, octave_idx_type *P, ....)
{
  ....
  Pinv[P[k]] = k;
  ....
  octave_idx_type i = (Pinv) ? (Pinv[ridx[p]]) : (ridx[p]);
  ....
}

Doxygen

V595 The 'bfd' pointer was utilized before it was verified against nullptr. Check lines: 3371, 3384. dot.cpp 3371


void DotInclDepGraph::buildGraph(....)
{
  ....
  FileDef *bfd = ii->fileDef;
  QCString url="";
  ....
  url=bfd->getSourceFileBase();
  ....
  if (bfd)
  ....
}

Similar errors can be found in some other places:

  • V595 The 'cd' pointer was utilized before it was verified against nullptr. Check lines: 6123, 6131. doxygen.cpp 6123
  • V595 The 'p' pointer was utilized before it was verified against nullptr. Check lines: 1069, 1070. htmldocvisitor.cpp 1069
  • V595 The 'Doxygen::mainPage' pointer was utilized before it was verified against nullptr. Check lines: 3792, 3798. index.cpp 3792
  • And 5 additional diagnostic messages.

Doxygen

V595 The 'lne' pointer was utilized before it was verified against nullptr. Check lines: 4078, 4089. index.cpp 4078


static void writeIndexHierarchyEntries(OutputList &ol, ....)
{
  QListIterator<LayoutNavEntry> li(entries);
  LayoutNavEntry *lne;
  for (li.toFirst();(lne=li.current());++li)
  {
    LayoutNavEntry::Kind kind = lne->kind();
    ....
    bool addToIndex=lne==0 || lne->visible();
    ....
  }
}

Telegram

V595 The 'dlgList' pointer was utilized before it was verified against nullptr. Check lines: 1620, 1626. Telegram dialogswidget.cpp 1620


void DialogsWidget::dialogsReceived(....)
{
  const QVector<MTPDialog> *dlgList = 0;
  ....
  unreadCountsReceived(*dlgList);
  ....
  if (dlgList)
  ....
}

FreeSWITCH

V595 The 'val' pointer was utilized before it was verified against nullptr. Check lines: 2496, 2499. switch_ivr.c 2496


static int
switch_ivr_set_xml_chan_var(...., const char *val, int off)
{
  char *data;
  switch_size_t dlen = strlen(val) * 3 + 1;            // <=
  switch_xml_t variable;

  if (!val) val = "";                                  // <=
  ....
}

FreeSWITCH

V595 The 'a_engine' pointer was utilized before it was verified against nullptr. Check lines: 6024, 6052. switch_core_media.c 6024


WITCH_DECLARE(switch_status_t)
switch_core_media_activate_rtp(switch_core_session_t *session)
{
  ....
  switch_port_t remote_rtcp_port = a_engine->remote_rtcp_port;
  ....
  if (session && a_engine) {
    check_dtls_reinvite(session, a_engine);
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'session' pointer was utilized before it was verified against nullptr. Check lines: 6027, 6052. switch_core_media.c 6027
  • V595 The 'session' pointer was utilized before it was verified against nullptr. Check lines: 6689, 6696. switch_core_media.c 6689
  • V595 The 'v_engine' pointer was utilized before it was verified against nullptr. Check lines: 6677, 6696. switch_core_media.c 6677
  • And 4 additional diagnostic messages.

Mozilla Thunderbird

V595 The 'aParent' pointer was utilized before it was verified against nullptr. Check lines: 511, 518. nsgenericdomdatanode.cpp 511


nsresult
nsGenericDOMDataNode::BindToTree(nsIContent* aParent, ....)
{
  ....
  ShadowRoot*
  parentContainingShadow = aParent->GetContainingShadow();
  ....
  if (aParent)
  {
  ....
}

Cfront

V595 The 'cl' pointer was utilized before it was verified against nullptr. Check lines: 927, 928. expr.c 927


typedef class classdef * Pclass;

#define PERM(p) p->permanent=1

Pexpr expr::typ(Ptable tbl)
{
  ....
  Pclass cl;
  ....
  cl = (Pclass) nn->tp;
  PERM(cl);
  if (cl == 0) error('i',"%k %s'sT missing",CLASS,s);
  ....
}

Cfront

V595 The 'b' pointer was utilized before it was verified against nullptr. Check lines: 608, 615. norm.c 608


Pname name::normalize(Pbase b, Pblock bl, bit cast)
{
  ....
  Pname n;
  Pname nn;
  TOK stc = b->b_sto;
  bit tpdf = b->b_typedef;
  bit inli = b->b_inline;
  bit virt = b->b_virtual;
  Pfct f;
  Pname nx;

  if (b == 0) error('i',"%d->N.normalize(0)",this);
  ....
}

Unreal Engine 4

V595 The 'frame' pointer was utilized before it was verified against nullptr. Check lines: 301, 302. oculusrifthmd.cpp 301


bool FOculusRiftHMD::DoesSupportPositionalTracking() const
{
  const FGameFrame* frame = GetFrame();
  const FSettings* OculusSettings = frame->GetSettings();
  return (frame && OculusSettings->Flags.bHmdPosTracking &&
          (OculusSettings->SupportedTrackingCaps &
           ovrTrackingCap_Position) != 0);
}

Unreal Engine 4

V595 The 'Enum' pointer was utilized before it was verified against nullptr. Check lines: 146, 147. kismetnodehelperlibrary.cpp 146


FName UKismetNodeHelperLibrary::GetEnumeratorName(
  const UEnum* Enum, uint8 EnumeratorValue)
{
  int32 EnumeratorIndex = Enum->GetIndexByValue(EnumeratorValue);
  return (NULL != Enum) ?
         Enum->GetEnum(EnumeratorIndex) : NAME_None;
}

Similar errors can be found in some other places:

  • V595 The 'Class' pointer was utilized before it was verified against nullptr. Check lines: 278, 282. levelactor.cpp 278
  • V595 The 'Template' pointer was utilized before it was verified against nullptr. Check lines: 380, 386. levelactor.cpp 380
  • V595 The 'UpdatedComponent' pointer was utilized before it was verified against nullptr. Check lines: 100, 116. interptomovementcomponent.cpp 100
  • And 5 additional diagnostic messages.

ChakraCore

V595 The 'instrLd' pointer was utilized before it was verified against nullptr. Check lines: 1823, 1831. flowgraph.cpp 1823


IR::Instr *
FlowGraph::PeepTypedCm(IR::Instr *instr)
{
 ....
 if (instrLd && !instrLd->GetSrc1()->IsEqual(instr->GetDst()))
 {
   return nullptr;
 }

 if(instrLd2 && !instrLd2->GetSrc1()->IsEqual(instrLd->GetDst()))
 {
   return nullptr;
 }
 ....
}

ChakraCore

V595 The 'src2Val' pointer was utilized before it was verified against nullptr. Check lines: 9717, 9725. globopt.cpp 9717


bool GlobOpt::TypeSpecializeIntBinary(....)
{
  ....
  bool isIntConstMissingItem = src2Val->GetValueInfo()->....

  if(isIntConstMissingItem)
  {
      isIntConstMissingItem = Js::SparseArraySegment<int>::....
  }

  if (!src2Val || !(src2Val->GetValueInfo()->IsLikelyInt()) ||
      isIntConstMissingItem)
  {
      return false;
  }
  ....
}

ChakraCore

V595 The 'm_lastInstr' pointer was utilized before it was verified against nullptr. Check lines: 214, 228. irbuilderasmjs.cpp 214


void
IRBuilderAsmJs::AddInstr(IR::Instr * instr, uint32 offset)
{
  m_lastInstr->InsertAfter(instr);                  // <=
  if (offset != Js::Constants::NoByteCodeOffset)
  {
    ....
  }
  else if (m_lastInstr)                             // <=
  {
      instr->SetByteCodeOffset(m_lastInstr->GetByteCodeOffset());
  }
  m_lastInstr = instr;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'arrayData' pointer was utilized before it was verified against nullptr. Check lines: 868, 870. immutablelist.h 868
  • V595 The 'pMembersList' pointer was utilized before it was verified against nullptr. Check lines: 2012, 2015. diagobjectmodel.cpp 2012
  • V595 The 'walkerRef' pointer was utilized before it was verified against nullptr. Check lines: 3191, 3193. diagobjectmodel.cpp 3191
  • And 9 additional diagnostic messages.

Computational Network Toolkit

V595 The 'm_rowIndices' pointer was utilized before it was verified against nullptr. Check lines: 171, 175. libsvmbinaryreader.cpp 171


template <class ElemType>
void SparseBinaryMatrix<ElemType>::ResizeArrays(size_t newNNz)
{
  ....
  if (m_nnz > 0)
  {
    memcpy(rowIndices, m_rowIndices, sizeof(int32_t)....);  // <=
    memcpy(values, this->m_values, sizeof(ElemType)....);   // <=
  }

  if (m_rowIndices != nullptr)
  {
    // free(m_rowIndices);
    CUDAPageLockedMemAllocator::Free(this->m_rowIndices, ....);
  }
  if (this->m_values != nullptr)
  {
    // free(this->m_values);
    CUDAPageLockedMemAllocator::Free(this->m_values, ....);
  }
  ....
}

The GTK+ Project

V595 The 'completion' pointer was utilized before it was verified against nullptr. Check lines: 2231, 2239. gtkentrycompletion.c 2231


static gboolean
gtk_entry_completion_key_press (...., gpointer user_data)
{
  ....
  GtkEntryCompletion *completion =
    GTK_ENTRY_COMPLETION (user_data);

  if (!completion->priv->popup_completion)
    return FALSE;

  ....
  if (completion && completion->priv->completion_timeout) // <=
    {
      ....
    }
  ....
}

The GTK+ Project

V595 The 'dispatch->backend' pointer was utilized before it was verified against nullptr. Check lines: 1570, 1580. gtkprintbackendcups.c 1570


static void
cups_dispatch_watch_finalize (GSource *source)
{
  ....
  if (dispatch->backend->username != NULL)
    username = dispatch->backend->username;
  else
    username = cupsUser ();
  ....
  if (dispatch->backend)
    dispatch->backend->authentication_lock = FALSE;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'impl->toplevel' pointer was utilized before it was verified against nullptr. Check lines: 514, 524. gdkwindow-x11.c 514
  • V595 The 'pointer_info' pointer was utilized before it was verified against nullptr. Check lines: 9610, 9638. gdkwindow.c 9610
  • V595 The 'elt' pointer was utilized before it was verified against nullptr. Check lines: 2218, 2225. gtktreemodelfilter.c 2218
  • And 2 additional diagnostic messages.

Serious Engine 1 v.1.10

V595 The 'pAD' pointer was utilized before it was verified against nullptr. Check lines: 791, 796. anim.cpp 791


void CAnimObject::SetData(CAnimData *pAD) {
  // mark new data as referenced once more
  pAD->AddReference();                      // <=
  // mark old data as referenced once less
  ao_AnimData->RemReference();
  // remember new data
  ao_AnimData = pAD;
  if( pAD != NULL) StartAnim( 0);           // <=
  // mark that something has changed
  MarkChanged();
}

Similar errors can be found in some other places:

  • V595 The '_meshEditOperations' pointer was utilized before it was verified against nullptr. Check lines: 416, 418. modelermeshexporter.cpp 416
  • V595 The '_fpOutput' pointer was utilized before it was verified against nullptr. Check lines: 654, 664. modelermeshexporter.cpp 654
  • V595 The '_appPolPnts' pointer was utilized before it was verified against nullptr. Check lines: 647, 676. modelermeshexporter.cpp 647
  • And 6 additional diagnostic messages.

OpenToonz

V595 The 'batchesTask' pointer was utilized before it was verified against nullptr. Check lines: 1064, 1066. batches.cpp 1064


void BatchesController::update()
{
  ....
  TFarmTask *batchesTask = getTask(batchesTaskId);   // <=
  TFarmTask farmTask = *batchesTask;                 // <=

  if (batchesTask) {                                 // <=
    QString batchesTaskParentId = batchesTask->m_parentId;
    m_controller->queryTaskInfo(farmTaskId, farmTask);
    int chunkSize = batchesTask->m_chunkSize;
    *batchesTask = farmTask;
    batchesTask->m_chunkSize = chunkSize;
    batchesTask->m_id = batchesTaskId;
    batchesTask->m_parentId = batchesTaskParentId;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'column' pointer was utilized before it was verified against nullptr. Check lines: 2106, 2107. cellselection.cpp 2106
  • V595 The 'm_currentRefreshedNode' pointer was utilized before it was verified against nullptr. Check lines: 1275, 1281. dvdirtreeview.cpp 1275
  • V595 The 'childXsh' pointer was utilized before it was verified against nullptr. Check lines: 2082, 2090. iocommand.cpp 2082
  • And 26 additional diagnostic messages.

ReactOS

V595 The 'EnumContext' pointer was utilized before it was verified against nullptr. Check lines: 2557, 2560. user.c 2557


NET_API_STATUS WINAPI NetUserEnum(....)
{
  done:
    if (ApiStatus == NERR_Success &&
        EnumContext->Index < EnumContext->Count) // <=
      ApiStatus = ERROR_MORE_DATA;

    if (EnumContext != NULL)                     // <=
      *totalentries = EnumContext->Count;
}

Firebird

V595 The 'lpName' pointer was utilized before it was verified against nullptr. Check lines: 2814, 2824. isc_sync.cpp 2814


static bool initializeFastMutex(FAST_MUTEX* lpMutex,
  LPSECURITY_ATTRIBUTES lpAttributes, BOOL bInitialState,
  LPCSTR lpName)
{
  if (pid == 0)
    pid = GetCurrentProcessId();

  LPCSTR name = lpName;

  if (strlen(lpName) + strlen(FAST_MUTEX_EVT_NAME) - 2
                                                   >= MAXPATHLEN)
  {
    SetLastError(ERROR_FILENAME_EXCED_RANGE);
    return false;
  }

  setupMutex(lpMutex);

  char sz[MAXPATHLEN];
  if (lpName)
  ....
}

7-Zip

V595 The 'outStreamSpec' pointer was utilized before it was verified against nullptr. Check lines: 753, 755. lzmaalone.cpp 753


static int main2(int numArgs, const char *args[])
{
  ....
  if (!stdOutMode)
    Print_Size("Output size: ",
                outStreamSpec->ProcessedSize);  // <=

  if (outStreamSpec)  // <=
  {
    if (outStreamSpec->Close() != S_OK)
      throw "File closing error";
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The '_file' pointer was utilized before it was verified against nullptr. Check lines: 2099, 2112. bench.cpp 2099
  • V595 The 'ai' pointer was utilized before it was verified against nullptr. Check lines: 204, 214. updatepair.cpp 204
  • V595 The 'options' pointer was utilized before it was verified against nullptr. Check lines: 631, 636. zipupdate.cpp 631
  • And 1 additional diagnostic messages.

Open X-Ray Engine

V595 The 'object' pointer was utilized before it was verified against nullptr. Check lines: 42, 47. level_bullet_manager_firetrace.cpp 42


class IGameObject :
  public virtual IFactoryObject,
  public virtual ISpatial,
  public virtual ISheduled,
  public virtual IRenderable,
  public virtual ICollidable
{
public:
  ....
  virtual u16 ID() const = 0;
  ....
}

BOOL CBulletManager::test_callback(
  const collide::ray_defs& rd,
  IGameObject* object,
  LPVOID params)
{
  bullet_test_callback_data* pData =
             (bullet_test_callback_data*)params;
  SBullet* bullet = pData->pBullet;

  if( (object->ID() == bullet->parent_id) &&
      (bullet->fly_dist<parent_ignore_distance) &&
      (!bullet->flags.ricochet_was)) return FALSE;

  BOOL bRes = TRUE;
  if (object){
    ....
  }

  return bRes;
}

OpenJDK

V595 The 'classes' pointer was utilized before it was verified against nullptr. Check lines: 58, 66. ClassLoaderReferenceImpl.c 58


static jboolean
visibleClasses(PacketInputStream *in, PacketOutputStream *out)
{
  ....
  else {
    (void)outStream_writeInt(out, count);
    for (i = 0; i < count; i++) {
      jbyte tag;
      jclass clazz;

      clazz = classes[i];                     // <=
      tag = referenceTypeTag(clazz);

      (void)outStream_writeByte(out, tag);
      (void)outStream_writeObjectRef(env, out, clazz);
    }
  }

  if ( classes != NULL )                      // <=
    jvmtiDeallocate(classes);
  ....
  return JNI_TRUE;
}

OpenJDK

V595 The '_matrule' pointer was utilized before it was verified against nullptr. Check lines: 3534, 3540. formssel.cpp 3534


int InstructForm::needs_base_oop_edge(FormDict &globals) const {
  if( is_simple_chain_rule(globals) ) {
    const char *src = _matrule->_rChild->_opType;
    OperandForm *src_op = globals[src]->is_operand();
    assert( src_op, "Not operand class of chain rule" );
    return src_op->_matrule ?
           src_op->_matrule->needs_base_oop_edge() : 0;
  }                             // Else check instruction

  return _matrule ? _matrule->needs_base_oop_edge() : 0;
}

Similar errors can be found in some other places:

  • V595 The '_pipeline' pointer was utilized before it was verified against nullptr. Check lines: 3265, 3274. output_c.cpp 3265
  • V595 The 'index_bound' pointer was utilized before it was verified against nullptr. Check lines: 790, 806. c1_RangeCheckElimination.cpp 790
  • V595 The 'g_type_init' pointer was utilized before it was verified against nullptr. Check lines: 94, 108. GioFileTypeDetector.c 94
  • And 15 additional diagnostic messages.

Nana

V595 The 'owner' pointer was utilized before it was verified against nullptr. Check lines: 299, 315. window_manager.cpp 299


window_manager::core_window_t*
window_manager::create_root(core_window_t* owner, ....)
{
  ....
  if (nested)
  {
    wd->owner = nullptr;
    wd->parent = owner;
    wd->index = static_cast<unsigned>(owner->children.size());
    owner->children.push_back(wd);  // <=
  }
  ....
  if (owner
      && owner->other.category
      == category::frame_tag::value)  // <=
    insert_frame(owner, wd);
  ....
}

Similar errors can be found in some other places:

  • V595 The 'wd' pointer was utilized before it was verified against nullptr. Check lines: 1066, 1083. window_manager.cpp 1066

CPython

V595 The 'self->extra' pointer was utilized before it was verified against nullptr. Check lines: 917, 923. _elementtree.c 917


int
_PyState_AddModule(PyObject* module, struct PyModuleDef* def)
{
  PyInterpreterState *state;
  if (def->m_slots) {
    PyErr_SetString(PyExc_SystemError,
        "PyState_AddModule called on module with slots");
    return -1;
  }
  state = GET_INTERP_STATE();
  if (!def)
    return -1;
  ....
}

Ruby MRI

V595 The 'bind' pointer was utilized before it was verified against nullptr. Check lines: 377, 382. vm.c 377


static void
vm_set_main_stack(rb_thread_t *th, const rb_iseq_t *iseq)
{
  VALUE toplevel_binding = rb_const_get(rb_cObject,
              rb_intern("TOPLEVEL_BINDING"));
  rb_binding_t *bind;
  rb_env_t *env;

  GetBindingPtr(toplevel_binding, bind);
  GetEnvPtr(bind->env, env);

  vm_set_eval_stack(th, iseq, 0, &env->block);

  /* save binding */
  if (bind && iseq->body->local_size > 0) {
    bind->env = vm_make_env_object(th, th->cfp);
  }
}

CryEngine V

V595 The 'm_pPartManager' pointer was utilized before it was verified against nullptr. Check lines: 1441, 1442. 3denginerender.cpp 1441


void C3DEngine::RenderInternal(....)
{
  ....
  m_pPartManager->GetLightProfileCounts().ResetFrameTicks();
  if (passInfo.IsGeneralPass() && m_pPartManager)
    m_pPartManager->Update();
  ....
}

CryEngine V

V595 The 'gEnv->p3DEngine' pointer was utilized before it was verified against nullptr. Check lines: 1477, 1480. gameserialize.cpp 1477


bool CGameSerialize::LoadLevel(....)
{
  ....
  // can quick-load
  if (!gEnv->p3DEngine->RestoreTerrainFromDisk())
    return false;

  if (gEnv->p3DEngine)
  {
    gEnv->p3DEngine->ResetPostEffects();
  }
  ....
}

CryEngine V

V595 The 'pSpline' pointer was utilized before it was verified against nullptr. Check lines: 158, 161. facechannelkeycleanup.cpp 158


void FaceChannel::CleanupKeys(....)
{

  CFacialAnimChannelInterpolator backupSpline(*pSpline);

  // Create the key entries array.
  int numKeys = (pSpline ? pSpline->num_keys() : 0);
  ....
}

Inkscape

V595 The 'priv' pointer was utilized before it was verified against nullptr. Check lines: 154, 160. document.cpp 154


SPDocument::~SPDocument()
{
  priv->destroySignal.emit();                      // <=
  ....
  if (oldSignalsConnected) {
    priv->selChangeConnection.disconnect();        // <=
    priv->desktopActivatedConnection.disconnect(); // <=
  } else {
    ....
  }
  if (priv) {                                      // <=
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'parts' pointer was utilized before it was verified against nullptr. Check lines: 624, 641. sp-offset.cpp 624
  • V595 The '_effects_list' pointer was utilized before it was verified against nullptr. Check lines: 103, 113. effect.cpp 103
  • V595 The 'num' pointer was utilized before it was verified against nullptr. Check lines: 1312, 1315. cr-tknzr.c 1312
  • And 10 additional diagnostic messages.

GCC

V595 The 'list' pointer was utilized before it was verified against nullptr. Check lines: 1627, 1629. sched-int.h 1627


#define DEPS_LIST_FIRST(L) ((L)->first)

static inline bool
sd_iterator_cond (sd_iterator_def *it_ptr, dep_t *dep_ptr)
{
  ....
  it_ptr->linkp = &DEPS_LIST_FIRST (list);
  if (list)
    continue;
  ....
}

GCC

V595 The 'odr_types_ptr' pointer was utilized before it was verified against nullptr. Check lines: 2135, 2139. ipa-devirt.c 2135


#define odr_types (*odr_types_ptr)

odr_type
get_odr_type (tree type, bool insert)
{
  ....
  odr_types[val->id] = 0;
  gcc_assert (val->derived_types.length() == 0);
  if (odr_types_ptr)
    val->id = odr_types.length ();
  ....
}

ReOpenLDAP

V595 The 'key' pointer was utilized before it was verified against nullptr. Check lines: 1324, 1327. mdb.c 1324


char *
mdb_dkey(MDB_val *key, char *buf)
{
  ....
  unsigned char *c = key->mv_data; // <=
  ....
  if (!key)                        // <=
    return "";
  ....
}

Similar errors can be found in some other places:

  • V595 The 'key' pointer was utilized before it was verified against nullptr. Check lines: 7282, 7291. mdb.c 7282

ICQ

V595 The 'stream' pointer was utilized before it was verified against nullptr. Check lines: 62, 63. gui contact.cpp 62


QPixmap* UnserializeAvatar(core::coll_helper* helper)
{
  ....
  core::istream* stream = helper->get_value_as_stream("avatar");
  uint32_t size = stream->size();
  if (stream)
  {
    result->loadFromData(stream->read(size), size);
    stream->reset();
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'core_connector_' pointer was utilized before it was verified against nullptr. Check lines: 279, 285. gui core_dispatcher.cpp 279
  • V595 The 'Shadow_' pointer was utilized before it was verified against nullptr. Check lines: 625, 628. gui mainwindow.cpp 625
  • V595 The 'chatMembersModel_' pointer was utilized before it was verified against nullptr. Check lines: 793, 796. gui menupage.cpp 793
  • And 1 additional diagnostic messages.

CodeLite

V595 The 'pResult' pointer was utilized before it was verified against nullptr. Check lines: 522, 526. SqliteDatabaseLayer.cpp 522


bool CodeBlocksImporter::isSupportedWorkspace()
{
  ....
  wxXmlNode* root = codeBlocksProject.GetRoot();
  wxString nodeName = root->GetName();                     // <=

  if(root &&                                               // <=
    (nodeName == wxT("CodeBlocks_workspace_file") ||
     nodeName == wxT("CodeBlocks_project_file")))
      return true;
  }
  return false;
}

Similar errors can be found in some other places:

  • V595 The 'ms_instance' pointer was utilized before it was verified against nullptr. Check lines: 24, 25. php_parser_thread.cpp 24

LLVM/Clang

V595 The 'MMI' pointer was utilized before it was verified against nullptr. Check lines: 1357, 1359. PPCAsmPrinter.cpp 1357


bool PPCDarwinAsmPrinter::doFinalization(Module &M) {
  ....
  MachineModuleInfoMachO &MMIMacho =
      MMI->getObjFileInfo<MachineModuleInfoMachO>();

  if (MAI->doesSupportExceptionHandling() && MMI) {
  ....
}

LLVM/Clang

V595 The 'CodeCompleter' pointer was utilized before it was verified against nullptr. Check lines: 5952, 5955. SemaCodeComplete.cpp 5952


void Sema::CodeCompleteObjCProtocolReferences(
  ArrayRef<IdentifierLocPair> Protocols)
{
  ResultBuilder
    Results(*this, CodeCompleter->getAllocator(),
            CodeCompleter->getCodeCompletionTUInfo(),
            CodeCompletionContext::CCC_ObjCProtocolName);

  if (CodeCompleter && CodeCompleter->includeGlobals()) {
    Results.EnterNewScope();
  ....
}

Similar errors can be found in some other places:

  • V595 The 'CodeCompleter' pointer was utilized before it was verified against nullptr. Check lines: 5980, 5983. SemaCodeComplete.cpp 5980
  • V595 The 'CodeCompleter' pointer was utilized before it was verified against nullptr. Check lines: 7455, 7458. SemaCodeComplete.cpp 7455
  • V595 The 'CodeCompleter' pointer was utilized before it was verified against nullptr. Check lines: 7483, 7486. SemaCodeComplete.cpp 7483

OpenSubdiv

V595 The 'destination' pointer was utilized before it was verified against nullptr. Check lines: 481, 483. hbr_utils.h 481


template <class T> void
createTopology(....)
{
  ....
  OpenSubdiv::HbrVertex<T> * destination =
                        mesh->GetVertex( fv[(j+1)%nv] );
  OpenSubdiv::HbrHalfedge<T> * opposite  =
                        destination->GetEdge(origin);  // <=

  if(origin==NULL || destination==NULL)                // <=
  {
    printf(....);
    valid=false;
    break;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'destination' pointer was utilized before it was verified against nullptr. Check lines: 145, 148. hbr_tutorial_1.cpp 145
  • V595 The 'destination' pointer was utilized before it was verified against nullptr. Check lines: 215, 218. hbr_tutorial_2.cpp 215

CMaNGOS

V595 The 'model' pointer was utilized before it was verified against nullptr. Check lines: 303, 305. MapTree.cpp 303


bool StaticMapTree::InitMap(const std::string& fname,
                            VMapManager2* vm)
{
  ....
  WorldModel* model =
    vm->acquireModelInstance(iBasePath, spawn.name);

  model->setModelFlags(spawn.flags);                   // <=
  ....
  if (model)                                           // <=
  {
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'model' pointer was utilized before it was verified against nullptr. Check lines: 374, 375. MapTree.cpp 374
  • V595 The 'unit' pointer was utilized before it was verified against nullptr. Check lines: 272, 290. Object.cpp 272
  • V595 The 'updateMask' pointer was utilized before it was verified against nullptr. Check lines: 351, 355. Object.cpp 351
  • And 1 additional diagnostic messages.

GCC

V595 The 'm->component' pointer was utilized before it was verified against nullptr. Check lines: 399, 407. genmodes.c 399


static void complete_mode (struct mode_data *m)
{
  ....
  if (   m->cl == MODE_COMPLEX_INT
      || m->cl == MODE_COMPLEX_FLOAT)
    alignment = m->component->bytesize;        // <=
  else
    alignment = m->bytesize;

  m->alignment = alignment & (~alignment + 1);

  if (m->component)                            // <=
  {
    m->next_cont = m->component->contained;
    m->component->contained = m;
  }
}

FreeBSD Kernel

V595 The 'mc' pointer was utilized before it was verified against nullptr. Check lines: 2954, 2955. mly.c 2954


static int
mly_user_command(struct mly_softc *sc,
                 struct mly_user_command *uc)
{
  struct mly_command  *mc;
  ....
  if (mc->mc_data != NULL)           // <=
    free(mc->mc_data, M_DEVBUF);     // <=
  if (mc != NULL) {                  // <=
    MLY_LOCK(sc);
    mly_release_command(mc);
    MLY_UNLOCK(sc);
  }
  return(error);
}

CryEngine V

V595 The 'pTrack' pointer was utilized before it was verified against nullptr. Check lines: 60, 61. AudioNode.cpp 60


void CAudioNode::Animate(SAnimContext& animContext)
{
  ....
  const bool bMuted = gEnv->IsEditor() && (pTrack->GetFlags() &
    IAnimTrack::eAnimTrackFlags_Muted);
  if (!pTrack || pTrack->GetNumKeys() == 0 ||
       pTrack->GetFlags() & IAnimTrack::eAnimTrackFlags_Disabled)
  {
    continue;
  }
  ....
}

LLVM/Clang

V595 The 'DIExpr' pointer was utilized before it was verified against nullptr. Check lines: 949, 950. codeviewdebug.cpp 949


void CodeViewDebug::collectVariableInfo(const DISubprogram *SP) {
  ....
  const DIExpression *DIExpr = DVInst->getDebugExpression();
  bool IsSubfield = false;
  unsigned StructOffset = 0;

  // Handle fragments.
  auto Fragment = DIExpr->getFragmentInfo();   // <=
  if (DIExpr && Fragment) {                    // <=
    IsSubfield = true;
    StructOffset = Fragment->OffsetInBits / 8;
  } else if (DIExpr && DIExpr->getNumElements() > 0) {
    continue; // Ignore unrecognized exprs.
  }
  ....
}

LLVM/Clang

V595 The 'Initializer' pointer was utilized before it was verified against nullptr. Check lines: 335, 338. semaoverload.cpp 335


NarrowingKind
StandardConversionSequence::getNarrowingKind(....) const {
  ....
  const Expr *Initializer = IgnoreNarrowingConversion(Converted);

  if (Initializer->isValueDependent()) // <=
    return NK_Dependent_Narrowing;

  if (Initializer &&                   // <=
      Initializer->isIntegerConstantExpr(IntConstantValue, Ctx)){
  ....
}

FreeBSD Kernel

V595 The 'mac' pointer was utilized before it was verified against nullptr. Check lines: 6757, 6760. if_bwn.c 6757


static void
bwn_txpwr(void *arg, int npending)
{
  struct bwn_mac *mac = arg;
  struct bwn_softc *sc = mac->mac_sc;

  BWN_LOCK(sc);
  if (mac && mac->mac_status >= BWN_MAC_STATUS_STARTED &&
      mac->mac_phy.set_txpwr != NULL)
    mac->mac_phy.set_txpwr(mac);
  BWN_UNLOCK(sc);
}

FreeBSD Kernel

V595 The 'ilt' pointer was utilized before it was verified against nullptr. Check lines: 667, 669. ecore_init_ops.h 667


static int ecore_ilt_client_mem_op(struct bxe_softc *sc,
                                   int cli_num, uint8_t memop)
{
  int i, rc;
  struct ecore_ilt *ilt = SC_ILT(sc);
  struct ilt_client_info *ilt_cli = &ilt->clients[cli_num];

  if (!ilt || !ilt->lines)
    return -1;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'ccb' pointer was utilized before it was verified against nullptr. Check lines: 540, 547. iscsi_subr.c 540

FreeBSD Kernel

V595 The 'ctl3_rewriters' pointer was utilized before it was verified against nullptr. Check lines: 3206, 3210. ip_fw_sockopt.c 3206


struct opcode_obj_rewrite *ctl3_rewriters;

void
ipfw_add_obj_rewriter(struct opcode_obj_rewrite *rw,
                      size_t count)
{
  ....
  memcpy(tmp, ctl3_rewriters, ctl3_rsize * sizeof(*rw));  // <=
  memcpy(&tmp[ctl3_rsize], rw, count * sizeof(*rw));
  qsort(tmp, sz, sizeof(*rw), compare_opcodes);
  /* Switch new and free old */
  if (ctl3_rewriters != NULL)                             // <=
    free(ctl3_rewriters, M_IPFW);
  ctl3_rewriters = tmp;
  ctl3_rsize = sz;

  CTL3_UNLOCK();
}

Similar errors can be found in some other places:

  • V595 The 'ctl3_handlers' pointer was utilized before it was verified against nullptr. Check lines: 3441, 3445. ip_fw_sockopt.c 3441
  • V595 The 'cm' pointer was utilized before it was verified against nullptr. Check lines: 3361, 3381. mfi.c 3361
  • V595 The 'cm' pointer was utilized before it was verified against nullptr. Check lines: 1383, 1394. mpr_sas_lsi.c 1383
  • And 7 additional diagnostic messages.

TensorFlow

V595 The 'e' pointer was utilized before it was verified against nullptr. Check lines: 1044, 1045. function.cc 1044


void ToGraphDef(const Graph* g, GraphDef* gdef, bool pretty) {
  ....
  gtl::InlinedVector<const Edge*, 4> inputs;
  ....
  for (const Edge* e : inputs) {
    const string srcname = NewName(e->src(), pretty);    // <=
    if (e == nullptr) {
      ndef->add_input("unknown");
    } else if (!e->src()->IsOp()) {
    } else if (e->IsControlEdge()) {
      ndef->add_input(strings::StrCat("^", srcname));
    } else if (e->src_output() == 0) {
      ndef->add_input(srcname);
    } else {
      ndef->add_input(strings::StrCat(
        srcname, ":", e->src_output()));
    }
  }
  ....
}

Valgrind

V595 The 'op' pointer was utilized before it was verified against nullptr. Check lines: 350, 360. syswrap-xen.c 350


PRE(xsm_op)
{
   struct vki_xen_flask_op *op = (struct vki_xen_flask_op *)ARG1;

   PRINT("__HYPERVISOR_xsm_op ( %u )", op->cmd);            // <=

   PRE_MEM_READ("__HYPERVISOR_xsm_op", ARG1,
                sizeof(vki_uint32_t) + sizeof(vki_uint32_t));

   if (!op)                                                 // <=
      return;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'sysctl' pointer was utilized before it was verified against nullptr. Check lines: 568, 578. syswrap-xen.c 568
  • V595 The 'domctl' pointer was utilized before it was verified against nullptr. Check lines: 710, 722. syswrap-xen.c 710
  • V595 The 'ent' pointer was utilized before it was verified against nullptr. Check lines: 2131, 2133. syswrap-xen.c 2131
  • And 1 additional diagnostic messages.

Notepad++

V595 The 'pScint' pointer was utilized before it was verified against nullptr. Check lines: 347, 353. scintillaeditview.cpp 347


LRESULT CALLBACK ScintillaEditView::scintillaStatic_Proc(....)
{
  ScintillaEditView *pScint = (ScintillaEditView *)(....);

  if (Message == WM_MOUSEWHEEL || Message == WM_MOUSEHWHEEL)
  {
    ....
    if (isSynpnatic || makeTouchPadCompetible)
      return (pScint->scintillaNew_Proc(....); // <=
    ....
  }
  if (pScint)
    return (pScint->scintillaNew_Proc(....));
  else
    return ::DefWindowProc(hwnd, Message, wParam, lParam);
}

Scilab

V595 The 'Block.inptr' pointer was utilized before it was verified against nullptr. Check lines: 478, 479. sci_model2blk.cpp 478


types::Function::ReturnValue sci_model2blk(....)
{
  ....

  Block.inptr[i] = MALLOC(size);
  if (Block.inptr == nullptr)
  {
      freeBlock(&Block);
      Scierror(888, _("%s : Allocation error.\n"), name.data());
      return types::Function::Error;
  }

  memset(Block.inptr[i], 0x00, size);
  ....
}

Scilab

V595 The 'pwstLines' pointer was utilized before it was verified against nullptr. Check lines: 78, 79. mgetl.cpp 78


int mgetl(int iFileID, int iLineCount, wchar_t ***pwstLines)
{
  *pwstLines = NULL;
  ....
  *pwstLines = (wchar_t**)MALLOC(iLineCount * sizeof(wchar_t*));
  if (pwstLines == NULL)
  {
      return -1;
  }
  ....
}

Scilab

V595 The 'array_size' pointer was utilized before it was verified against nullptr. Check lines: 67, 68. diary_manager.cpp 67


wchar_t **getDiaryFilenames(int *array_size)
{
  *array_size = 0;
  if (SCIDIARY)
  {
    std::list<std::wstring> wstringFilenames = SCIDIARY->get....
    *array_size = (int)wstringFilenames.size();
    if (array_size > 0)
    {
      ....
    }
  ....
}

Scilab

V595 The 'number' pointer was utilized before it was verified against nullptr. Check lines: 410, 425. scilab_sscanf.cpp 410


int scilab_sscanf(....)
{
  ....
  wchar_t* number = NULL;
  ....
  number = (wchar_t*)MALLOC((nbrOfDigit + 1) * sizeof(wchar_t));
  memcpy(number, wcsData, nbrOfDigit * sizeof(wchar_t));
  number[nbrOfDigit] = L'\0';
  iSingleData = wcstoul(number, &number, base);
  if ((iSingleData == 0) && (number[0] == wcsData[0]))
  {
    ....
  }
  if (number == NULL)
  {
      wcsData += nbrOfDigit;
  }
  else
  {
      wcsData += (nbrOfDigit - wcslen(number));
  }
  ....
}

Scilab

V595 The 'OuputStrings' pointer was utilized before it was verified against nullptr. Check lines: 271, 272. spawncommand.c 271


char **CreateOuput(pipeinfo *pipe, BOOL DetachProcess)
{
  char **OuputStrings = NULL;
  ....
  OuputStrings = (char**)MALLOC((pipe->NumberOfLines) * ....);
  memset(OuputStrings, 0x00,sizeof(char*) * pipe->NumberOfLines);
  if (OuputStrings)
  {
    char *line = strtok(buffer, LF_STR);
    int i = 0;

    while (line)
    {
      OuputStrings[i] = convertLine(line, DetachProcess);
  ....
}

Augeas

V595 The 'out' pointer was utilized before it was verified against nullptr. Check lines: 245, 253. internal.c 245


int print_chars(FILE *out, const char *text, int cnt) {
  int total = 0;
  char *esc;

  if (text == NULL) {
    fprintf(out, "nil");                // <=
    return 3;
  }
  if (cnt < 0)
    cnt = strlen(text);

  esc = escape(text, cnt, "\"");
  total = strlen(esc);
  if (out != NULL)                      // <=
    fprintf(out, "%s", esc);
  free(esc);

  return total;
}

Augeas

V595 The 'u' pointer was utilized before it was verified against nullptr. Check lines: 59, 61. lexer.l 59


static char *regexp_literal(const char *s, int len) {
  char *u = unescape(s, len, RX_ESCAPES);
  size_t u_len = strlen(u);                  // <=

  if (u == NULL)                             // <=
    return NULL;

  regexp_c_locale(&u, &u_len);

  return u;
}

Similar errors can be found in some other places:

  • V595 The 'tree' pointer was utilized before it was verified against nullptr. Check lines: 335, 352. internal.c 335
  • V595 The 'eq' pointer was utilized before it was verified against nullptr. Check lines: 1091, 1092. lens.c 1091

Bind

V595 The 'ipkl->addrs' pointer was utilized before it was verified against nullptr. Check lines: 190, 191. ipkeylist.c 190


isc_result_t
dns_ipkeylist_resize(isc_mem_t *mctx, dns_ipkeylist_t *ipkl,
                     unsigned int n)
{
  ....
  memmove(addrs, ipkl->addrs,
          ipkl->allocated * sizeof(isc_sockaddr_t));
  if (ipkl->addrs != NULL)
    isc_mem_put(mctx, ipkl->addrs,
          ipkl->allocated * sizeof(isc_sockaddr_t));
  ....
}

Similar errors can be found in some other places:

  • V595 The 'ipkl->dscps' pointer was utilized before it was verified against nullptr. Check lines: 198, 199. ipkeylist.c 198
  • V595 The 'ipkl->keys' pointer was utilized before it was verified against nullptr. Check lines: 206, 207. ipkeylist.c 206
  • V595 The 'ipkl->labels' pointer was utilized before it was verified against nullptr. Check lines: 214, 215. ipkeylist.c 214
  • And 12 additional diagnostic messages.

EFL Core Libraries

V595 The 'im' pointer was utilized before it was verified against nullptr. Check lines: 217, 221. evas_native_tbm.c 217


static void
_native_bind_cb(void *data EINA_UNUSED, void *image, ....)
{
  RGBA_Image *im = image;
  Native *n = im->native.data;     // <=
  tbm_surface_info_s info;
  tbm_surface_h tbm_surf;

  if (!im || !n) return;           // <=
  ....
}

EFL Core Libraries

V595 The 'buf->priv.fb.fb' pointer was utilized before it was verified against nullptr. Check lines: 379, 392. evas_outbuf.c 379


void
evas_fb_outbuf_fb_reconfigure(....)
{
  ....
  refresh = buf->priv.fb.fb->refresh;                      // <=

   if (rot == 0 || rot == 180)
   {
      fb_w = w;
      fb_h = h;
   }
   else
   {
      fb_w = h;
      fb_h = w;
   }

   if (buf->priv.fb.fb)                                    // <=
     buf->priv.fb.fb = fb_changemode(buf->priv.fb.fb, fb_w, fb_h,
                                        fb_depth, refresh);
   else
     buf->priv.fb.fb = fb_setmode(fb_w, fb_h, fb_depth, refresh);
  ....
}

EFL Core Libraries

V595 The 'w' pointer was utilized before it was verified against nullptr. Check lines: 575, 585. evas_engine.c 575


static void
eng_image_size_get(void *engine EINA_UNUSED, void *image,
                   int *w, int *h)
{
   Evas_GL_Image *im;
   if (!image)
     {
        *w = 0;                                            // <=
        *h = 0;                                            // <=
        return;
     }
   im = image;
   if (im->orient == EVAS_IMAGE_ORIENT_90 ||
       im->orient == EVAS_IMAGE_ORIENT_270 ||
       im->orient == EVAS_IMAGE_FLIP_TRANSPOSE ||
       im->orient == EVAS_IMAGE_FLIP_TRANSVERSE)
     {
        if (w) *w = im->h;
        if (h) *h = im->w;
     }
   else
     {
        if (w) *w = im->w;
        if (h) *h = im->h;
     }
}

Similar errors can be found in some other places:

  • V595 The 'h' pointer was utilized before it was verified against nullptr. Check lines: 576, 586. evas_engine.c 576
  • V595 The '_eo_classes' pointer was utilized before it was verified against nullptr. Check lines: 1332, 1333. eo.c 1332
  • V595 The 'cur->node' pointer was utilized before it was verified against nullptr. Check lines: 9889, 9894. evas_object_textblock.c 9889
  • And 2 additional diagnostic messages.

Tizen

V595 The 'priv' pointer was utilized before it was verified against nullptr. Check lines: 110, 114. view_generic_popup.c 110


static void _show(void *data)
{
  SETTING_TRACE_BEGIN;
  struct _priv *priv = (struct _priv *)data;
  Eina_List *children = elm_box_children_get(priv->box);    // <=
  Evas_Object *first = eina_list_data_get(children);
  Evas_Object *selected =
    eina_list_nth(children, priv->item_selected_on_show);   // <=

  if (!priv) {                                              // <=
    _ERR("Invalid parameter.");
    return;
  }
  ....
}

Tizen

V595 The 'core' pointer was utilized before it was verified against nullptr. Check lines: 2252, 2254. media_codec_port_gst.c 2252


void _mc_gst_handle_input_buffer_used(mc_gst_core_t *core,
                                      media_packet_h packet)
{
  g_atomic_int_dec_and_test(&core->etb_count);

  if (core && core->user_cb[_MEDIACODEC_EVENT_TYPE_EMPTYBUFFER])
  {
    ....
  }
  ....
}

Tizen

V595 The 'ticker.ad' pointer was utilized before it was verified against nullptr. Check lines: 590, 600. ticker.c 590


static Evas_Object *_ticker_window_create(struct appdata *ad)
{
  ....
  // The pointer is dereferenced without checking for NULL.
  evas_object_resize(win, ad->win.w, indicator_height_get());
  ....
}

static int _ticker_view_create(void)
{
  if (!ticker.win)
    ticker.win = _ticker_window_create(ticker.ad);         // <=
  if (!ticker.layout)
    ticker.layout = _ticker_layout_create(ticker.win);
  if (!ticker.scroller)
    ticker.scroller = _ticker_scroller_create(ticker.layout);

  evas_object_show(ticker.layout);
  evas_object_show(ticker.scroller);
  evas_object_show(ticker.win);

  if (ticker.ad)                                           // <=
    util_signal_emit_by_win(&ticker.ad->win,
      "message.show.noeffect", "indicator.prog");
  ....
}

Similar errors can be found in some other places:

  • V595 The 'eyeCondition' pointer was utilized before it was verified against nullptr. Check lines: 162, 168. FaceEyeCondition.cpp 162
  • V595 The 'dev->name' pointer was utilized before it was verified against nullptr. Check lines: 122, 127. e_devicemgr_device.c 122

Enlightenment

V595 The 'cpufreq_config->status' pointer was utilized before it was verified against nullptr. Check lines: 1325, 1326. e_mod_main.c 1325


static void
_cpufreq_cb_frequency_check_notify(....)
{
  ....
  active = cpufreq_config->status->active;
  if ((cpufreq_config->status) && ....
  ....
}

ClickHouse

V595 The 'lambda_type' pointer was utilized before it was verified against nullptr. Check lines: 359, 361. TypeAndConstantInference.cpp 359


void processHigherOrderFunction(....)
{
  ....
  const DataTypeExpression * lambda_type =
    typeid_cast<const DataTypeExpression *>(types[i].get());

  const DataTypes & lambda_argument_types =
    lambda_type->getArgumentTypes();

  if (!lambda_type)
    throw Exception("Logical error: .....",
                    ErrorCodes::LOGICAL_ERROR);
  ....
}

MuseScore

V595 The 'sample' pointer was utilized before it was verified against nullptr. Check lines: 926, 929. voice.cpp 926


void Voice::update_param(int _gen)
{
 ....
 if (gen[GEN_OVERRIDEROOTKEY].val > -1) {
  root_pitch = gen[GEN_OVERRIDEROOTKEY].val * 100.0f - ....
 }
 else {
  root_pitch = sample->origpitch * 100.0f - sample->pitchadj;
 }
 root_pitch = _fluid->ct2hz(root_pitch);
 if (sample != 0)
  root_pitch *= (float) _fluid->sample_rate / sample->samplerate;
 break;
  ....
}

Audacity

V595 The 'clip' pointer was utilized before it was verified against nullptr. Check lines: 4094, 4095. Project.cpp 4094


void AudacityProject::AddImportedTracks(....)
{
  ....
  WaveClip* clip = ((WaveTrack*)newTrack)->GetClipByIndex(0);
  BlockArray &blocks = clip->GetSequence()->GetBlockArray();
  if (clip && blocks.size())
  {
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'outputMeterFloats' pointer was utilized before it was verified against nullptr. Check lines: 5246, 5255. AudioIO.cpp 5246
  • V595 The 'buffer2' pointer was utilized before it was verified against nullptr. Check lines: 404, 409. Compressor.cpp 404
  • V595 The 'p' pointer was utilized before it was verified against nullptr. Check lines: 946, 974. ControlToolBar.cpp 946
  • And 1 additional diagnostic messages.

Rosegarden

V595 The 'm_scene' pointer was utilized before it was verified against nullptr. Check lines: 1001, 1002. NotationWidget.cpp 1001


void
NotationWidget::slotEnsureTimeVisible(timeT t)
{
  m_inMove = true;
  QPointF pos = m_view->mapToScene(0,m_view->height()/2);
  pos.setX(m_scene->getRulerScale()->getXForTime(t));     // <=
  if (m_scene) m_scene->constrainToSegmentArea(pos);      // <=
  m_view->ensureVisible(QRectF(pos, pos));
  m_inMove = false;
}

Rosegarden

V595 The 'm_hideSignatureButton' pointer was utilized before it was verified against nullptr. Check lines: 248, 258. TimeSignatureDialog.cpp 248


TimeSignature
TimeSignatureDialog::getTimeSignature() const
{
  QSettings settings;
  settings.beginGroup( GeneralOptionsConfigGroup );

  settings.setValue("timesigdialogmakehidden",
    m_hideSignatureButton->isChecked());                    // <=
  settings.setValue("timesigdialogmakehiddenbars",
    m_hideBarsButton->isChecked());                         // <=
  settings.setValue("timesigdialogshowcommon",
    m_commonTimeButton->isChecked());                       // <=
  settings.setValue("timesigdialognormalize",
    m_normalizeRestsButton->isChecked());

  TimeSignature ts(m_timeSignature.getNumerator(),
                   m_timeSignature.getDenominator(),
                   (m_commonTimeButton &&
                    m_commonTimeButton->isEnabled() &&
                    m_commonTimeButton->isChecked()),
                   (m_hideSignatureButton &&                // <=
                    m_hideSignatureButton->isEnabled() &&
                    m_hideSignatureButton->isChecked()),
                   (m_hideBarsButton &&
                    m_hideBarsButton->isEnabled() &&
                    m_hideBarsButton->isChecked()));

  settings.endGroup();

  return ts;
}

Similar errors can be found in some other places:

  • V595 The 'm_timeT' pointer was utilized before it was verified against nullptr. Check lines: 690, 696. TimeWidget.cpp 690
  • V595 The 'm_scene' pointer was utilized before it was verified against nullptr. Check lines: 526, 538. NoteRestInserter.cpp 526
  • V595 The 'item' pointer was utilized before it was verified against nullptr. Check lines: 318, 320. TempoView.cpp 318
  • And 9 additional diagnostic messages.

Sphinx (search engine)

V595 The 'pServed' pointer was utilized before it was verified against nullptr. Check lines: 17334, 17337. searchd.cpp 17334


static bool CheckServedEntry(const ServedIndex_c * pEntry,
                             const char * sIndex,
                             CSphString & sError );

static bool RotateIndexMT ( .... )
{
  ....
  ServedIndex_c * pServed =
    g_pLocalIndexes->GetWlockedEntry ( sIndex );
  pServed->m_sNewPath = "";                            // <=
  if ( !CheckServedEntry ( pServed, sIndex.cstr(), sError ) )
  {
    if ( pServed )                                     // <=
      pServed->Unlock();
    return false;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'tCP.m_sWord' pointer was utilized before it was verified against nullptr. Check lines: 5214, 5215. sphinxrt.cpp 5214

Ardour

V595 The '_session' pointer was utilized before it was verified against nullptr. Check lines: 1576, 1579. editor_rulers.cc 1576


void
Editor::set_minsec_ruler_scale (samplepos_t lower,
samplepos_t upper)
{
  samplepos_t fr = _session->sample_rate() * 1000;
  samplepos_t spacer;

  if (_session == 0) {
    return;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'rui' pointer was utilized before it was verified against nullptr. Check lines: 250, 253. analysis_window.cc 250
  • V595 The 'scan_dlg' pointer was utilized before it was verified against nullptr. Check lines: 5089, 5099. ardour_ui.cc 5089
  • V595 The '_session' pointer was utilized before it was verified against nullptr. Check lines: 352, 361. ardour_ui_options.cc 352
  • And 3 additional diagnostic messages.

Steinberg SDKs

V595 The 'inputBitmap' pointer was utilized before it was verified against nullptr. Check lines: 409, 410. cbitmapfilter.cpp 409


bool run (bool replace) override
{
  CBitmap* inputBitmap = getInputBitmap ();
  uint32_t radius = static_cast<uint32_t>(static_cast<double>(
    .... * inputBitmap->getPlatformBitmap()->getScaleFactor());
  if (inputBitmap == nullptr || radius == UINT_MAX)
    return false;
  ....
}

Chromium

V595 CWE-476 The 'reason' pointer was utilized before it was verified against nullptr. Check lines: 167, 174. win_util.cc 167


bool IsKeyboardPresentOnSlate(std::string* reason, HWND hwnd) {
  bool result = false;

  if (GetVersion() < VERSION_WIN8) {
    *reason = "Detection not supported";
    return false;
  }

  // This function is only supported for Windows 8 and up.
  if (CommandLine::ForCurrentProcess()->HasSwitch(
          switches::kDisableUsbKeyboardDetect)) {
    if (reason)
      *reason = "Detection disabled";
    return false;
  }
  ....
}

A check that the reason pointer is not null is not performed in all needed cases.


Chromium

V595 CWE-476 The 'val' pointer was utilized before it was verified against nullptr. Check lines: 124, 126. paint_op_reader.cc 124


template <typename T>
void PaintOpReader::ReadFlattenable(sk_sp<T>* val) {
  // ....
  // Here the argument val is not used and is not checked.
  // ....
  val->reset(static_cast<T*>(SkValidatingDeserializeFlattenable(
      const_cast<const char*>(memory_), bytes,
      T::GetFlattenableType())));
  if (!val)
    SetInvalid();
  ....
}

The val pointer is dereferenced before the check for null equality.


Chromium

V595 CWE-476 The 'factory' pointer was utilized before it was verified against nullptr. Check lines: 122, 124. http_auth_handler_factory.cc 122


void HttpAuthHandlerRegistryFactory::RegisterSchemeFactory(
    const std::string& scheme,
    HttpAuthHandlerFactory* factory)
{
  factory->set_http_auth_preferences(http_auth_preferences());
  std::string lower_scheme = base::ToLowerASCII(scheme);
  if (factory)
    factory_map_[lower_scheme] = base::WrapUnique(factory);
  else
    factory_map_.erase(lower_scheme);
}

A factory pointer is dereferenced before checking for nullptr equality.


Chromium

V595 CWE-476 The 'inline_style' pointer was utilized before it was verified against nullptr. Check lines: 142, 143. css_agent.cc 142


Response CSSAgent::getMatchedStylesForNode(int node_id,
  Maybe<CSS::CSSStyle>* inline_style)
{
  UIElement* ui_element =
    dom_agent_->GetElementFromNodeId(node_id);
  *inline_style = GetStylesForUIElement(ui_element);
  if (!inline_style)
    return NodeNotFoundError(node_id);
  return Response::OK();
}

An inline_style pointer gets dereferenced before checking for nullptr equality.


ANGLE

V595 CWE-476 The 'program' pointer was utilized before it was verified against nullptr. Check lines: 272, 276. vertexarray11.cpp 272


gl::Error VertexArray11::updateDirtyAndDynamicAttribs(....)
{
  ....
  const gl::Program *program  = glState.getProgram();
  const auto &activeLocations =
    program->getActiveAttribLocationsMask();                // <=
  ....
  mAppliedNumViewsToDivisor =
    (program != nullptr && program->usesMultiview()) ?      // <=
       program->getNumViews() : 1;
  ....
}

A program pointer can be equal to nullptr, as evidenced by the check program != nullptr. Besides, earlier the pointer is dereferenced before the preliminary check.


ICU

V595 CWE-476 The 'fData' pointer was utilized before it was verified against nullptr. Check lines: 967, 976. rbbi.cpp 967


int32_t RuleBasedBreakIterator::handlePrevious(
  int32_t fromPosition)
{
  ....
  const RBBIStateTable *stateTable = fData->fSafeRevTable;
  ....
  if (fText == NULL || fData == NULL ||
      UTEXT_GETNATIVEINDEX(fText)==0) {
    return BreakIterator::DONE;
  }
  ....
}

A fData pointer can be equal to nullptr, as evidenced by the check program != nullptr. Besides, earlier the pointer is dereferenced before the preliminary check.


XNU kernel

V595 CWE-476 The 'sym' pointer was utilized before it was verified against nullptr. Check lines: 889, 896. IORegistryEntry.cpp 889


bool
IORegistryEntry::compareName(....) const
{
  const OSSymbol *  sym = copyName();
  bool    isEqual;

  isEqual = sym->isEqualTo( name );

  if( isEqual && matched) {
    name->retain();
    *matched = name;
  }

  if( sym)
    sym->release();
  return( isEqual );
}

XNU kernel

V595 CWE-476 The 'list_ptr' pointer was utilized before it was verified against nullptr. Check lines: 7175, 7176. kern_memorystatus.c 7175


static int
memorystatus_get_priority_list(
  memorystatus_priority_entry_t **list_ptr, size_t *buffer_size,
  size_t *list_size, boolean_t size_only)
{
  ....
  *list_ptr = (memorystatus_priority_entry_t*)kalloc(*list_size);
  if (!list_ptr) {
    return ENOMEM;
  }
  ....
}

Most likely, it is a forgotten dereferencing of a pointer and it should be as follows: if (!*list_ptr) {


XNU kernel

V595 CWE-476 The 'so' pointer was utilized before it was verified against nullptr. Check lines: 3450, 3453. in_pcb.c 3450


inline void
inp_decr_sndbytes_unsent(struct socket *so, int32_t len)
{
  struct inpcb *inp = (struct inpcb *)so->so_pcb;
  struct ifnet *ifp = inp->inp_last_outifp;

  if (so == NULL || !(so->so_snd.sb_flags & SB_SNDBYTE_CNT))
    return;

  if (ifp != NULL) {
    if (ifp->if_sndbyte_unsent >= len)
      OSAddAtomic64(-len, &ifp->if_sndbyte_unsent);
    else
      ifp->if_sndbyte_unsent = 0;
  }
}

In the beginning the so pointer is dereferenced in the expression so->so_pcb. The check below so == NULL tells us that the pointer can be null.

Similar errors can be found in some other places:

  • V595 CWE-476 The 'startDict' pointer was utilized before it was verified against nullptr. Check lines: 3369, 3373. IOService.cpp 3369
  • V595 CWE-476 The 'job' pointer was utilized before it was verified against nullptr. Check lines: 4083, 4085. IOService.cpp 4083
  • V595 CWE-476 The 'typeinst' pointer was utilized before it was verified against nullptr. Check lines: 176, 177. OSMetaClass.cpp 176
  • And 12 additional diagnostic messages.

RT-Thread

V595 CWE-476 The 'handle' pointer was utilized before it was verified against nullptr. Check lines: 449, 458. fsl_lpi2c_edma.c 449


static void LPI2C_MasterEDMACallback(
  edma_handle_t *dmaHandle, void *userData,
  bool isTransferDone, uint32_t tcds)
{
  lpi2c_master_edma_handle_t *handle =
    (lpi2c_master_edma_handle_t *)userData;

  bool hasReceiveData =
         (handle->transfer.direction == kLPI2C_Read) &&
         (handle->transfer.dataSize);
  if (hasReceiveData &&
      !FSL_FEATURE_LPI2C_HAS_SEPARATE_DMA_RX_TX_REQn(base))
  {
    if (EDMA_GetNextTCDAddress(handle->tx) != 0)
    {
      LPI2C_MasterEnableDMA(handle->base, false, true);
    }
  }

  if (!handle)
  {
    return;
  }
  ....
}

RT-Thread

V595 CWE-476 The 'dev' pointer was utilized before it was verified against nullptr. Check lines: 497, 499. sdcard.c 497


static rt_size_t rt_sdcard_read(rt_device_t dev,
                                rt_off_t    pos,
                                void       *buffer,
                                rt_size_t   size)
{
  int i, addr;
  struct dfs_partition *part =
    (struct dfs_partition *)dev->user_data;

  if (dev == RT_NULL)
  {
    rt_set_errno(-EINVAL);
    return 0;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 CWE-476 The 'dev' pointer was utilized before it was verified against nullptr. Check lines: 528, 530. sdcard.c 528

Krita

V595 The 'l' pointer was utilized before it was verified against nullptr. Check lines: 428, 429. kis_node_manager.cpp 428


void KisNodeManager::moveNodeAt(....)
{
    ....
    KisLayer *l = qobject_cast<KisLayer*>(parent.data());
    KisSelectionMaskSP selMask = l->selectionMask(); // <=
    if (m && m->active() && l && l->selectionMask()) // <=
    selMask->setActive(false);
    ....
}

Similar errors can be found in some other places:

  • V595 The 'gradient' pointer was utilized before it was verified against nullptr. Check lines: 164, 166. kis_gradient_chooser.cc 164
  • V595 The 'm_currentShape' pointer was utilized before it was verified against nullptr. Check lines: 316, 325. ArtisticTextTool.cpp 316
  • V595 The 'painter()' pointer was utilized before it was verified against nullptr. Check lines: 87, 89. kis_grid_paintop.cpp 87
  • And 1 additional diagnostic messages.

Android

V595 CWE-476 The 'rsmp' pointer was utilized before it was verified against nullptr. Check lines: 54, 57. resampler.c 54


static void resampler_reset(struct resampler_itfe *resampler)
{
  struct resampler *rsmp = (struct resampler *)resampler;

  rsmp->frames_in = 0;
  rsmp->frames_rq = 0;

  if (rsmp != NULL && rsmp->speex_resampler != NULL) {
    speex_resampler_reset_mem(rsmp->speex_resampler);
  }
}

Android

V595 CWE-476 The 'video' pointer was utilized before it was verified against nullptr. Check lines: 385, 388. rate_control.cpp 385


PV_STATUS RC_UpdateBuffer(VideoEncData *video,
                          Int currLayer, Int num_skip)
{
  rateControl *rc  = video->rc[currLayer];
  MultiPass   *pMP = video->pMP[currLayer];

  if (video == NULL || rc == NULL || pMP == NULL)
    return PV_FAIL;
  ....
}

Android

V595 CWE-476 The 'iwnn' pointer was utilized before it was verified against nullptr. Check lines: 686, 689. ndapi.c 686


NJ_EXTERN NJ_INT16 njx_search_word(NJ_CLASS *iwnn, ....) {
  ....
  NJ_PREVIOUS_SELECTION_INFO *prev_info =
      &(iwnn->previous_selection);

  if (iwnn == NULL) {
    return NJ_SET_ERR_VAL(NJ_FUNC_NJ_SEARCH_WORD,
                          NJ_ERR_PARAM_ENV_NULL);
  }
  ....
}

Similar errors can be found in some other places:

  • V595 CWE-476 The 'outError' pointer was utilized before it was verified against nullptr. Check lines: 437, 450. Command.cpp 437
  • V595 CWE-476 The 'out_last_reference' pointer was utilized before it was verified against nullptr. Check lines: 432, 436. AssetManager2.cpp 432
  • V595 CWE-476 The 'set' pointer was utilized before it was verified against nullptr. Check lines: 4524, 4529. ResourceTypes.cpp 4524
  • And 6 additional diagnostic messages.

System Shock

V595 The 'ch' pointer was utilized before it was verified against nullptr. Check lines: 200, 202. HOTKEY.C 200


static bool shutdown_iter_func(void* elem, void* data)
{
  ....
  hotkey_link *chain = (hotkey_link*)(ch->keychain.vec);
  if (ch == NULL) return FALSE;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'ch' pointer was utilized before it was verified against nullptr. Check lines: 381, 392. EVENT.C 381
  • V595 The 'dp' pointer was utilized before it was verified against nullptr. Check lines: 2508, 2522. INVENT.C 2508
  • V595 The 'mug' pointer was utilized before it was verified against nullptr. Check lines: 702, 704. EMAIL.C 702

Azure Service Fabric

V595 CWE-476 The 'globalDomain' pointer was utilized before it was verified against nullptr. Check lines: 196, 197. PlacementReplica.cpp 196


void PlacementReplica::ForEachWeightedDefragMetric(....) const
{
  ....
  size_t metricIndexInGlobalDomain =
    totalMetricIndexInGloba.... - globalDomain->MetricStartIndex;
  if (globalDomain != nullptr &&
    globalDomain->Metrics[metricIndexInGlobalDomain].Weight > 0)
  {
    if (!processor(totalMetricIndexInGlobalDomain))
    {
      break;
    }
  }
}

0 A.D.

V595 CWE-476 The 'dst' pointer was utilized before it was verified against nullptr. Check lines: 140, 143. test_secure_crt.h 140


static void TEST_CAT2(char* dst, size_t max_dst_chars, const char* src,
    const char* dst_val, int expected_ret, const char* expected_dst)
{
  strcpy(dst, dst_val);                                 // <=
  int ret = strcat_s(dst, max_dst_chars, src);
  TS_ASSERT_EQUALS(ret, expected_ret);
  if(dst != 0)                                          // <=
    TS_ASSERT(!strcmp(dst, expected_dst));
}

Similar errors can be found in some other places:

  • V595 CWE-476 The 'dst' pointer was utilized before it was verified against nullptr. Check lines: 150, 153. test_secure_crt.h 150
  • V595 CWE-476 The 'dst' pointer was utilized before it was verified against nullptr. Check lines: 314, 317. test_secure_crt.h 314

Perl 5

V595 The 'k' pointer was utilized before it was verified against nullptr. Check lines: 15919, 15920. op.c 15919


void
Perl_rpeep(pTHX_ OP *o)
{
  ....
  OP *k = o->op_next;
  U8 want = (k->op_flags & OPf_WANT);   // <=
  if (   k                              // <=
      && k->op_type == OP_KEYS
      && (   want == OPf_WANT_VOID
          || want == OPf_WANT_SCALAR)
      && !(k->op_private & OPpMAYBE_LVSUB)
      && !(k->op_flags & OPf_MOD)
  ) {
  ....
}

Qt

V595 CWE-476 The 'str' pointer was utilized before it was verified against nullptr. Check lines: 2118, 2119. qbytearray.cpp 2118


QByteArray &QByteArray::append(const char *str, int len)
{
  if (len < 0)
    len = qstrlen(str);
  if (str && len) {
    ....
}

Qt

V595 CWE-476 The 'mobj' pointer was utilized before it was verified against nullptr. Check lines: 2671, 2672. qmetaobject.cpp 2671


static inline const QMetaObjectPrivate *priv(const uint* data)
{ return reinterpret_cast<const QMetaObjectPrivate*>(data); }

bool QMetaEnum::isFlag() const
{
  const int offset = priv(mobj->d.data)->revision >= 8 ? 2 : 1;
  return mobj && mobj->d.data[handle + offset] & EnumIsFlag;
}

Qt

V595 CWE-476 The 'mobj' pointer was utilized before it was verified against nullptr. Check lines: 2683, 2684. qmetaobject.cpp 2683


static inline const QMetaObjectPrivate *priv(const uint* data)
{ return reinterpret_cast<const QMetaObjectPrivate*>(data); }

bool QMetaEnum::isScoped() const
{
    const int offset = priv(mobj->d.data)->revision >= 8 ? 2 : 1;
    return mobj && mobj->d.data[handle + offset] & EnumIsScoped;
}

Qt

V595 CWE-476 The 'fragment.d' pointer was utilized before it was verified against nullptr. Check lines: 2238, 2241. qtextcursor.cpp 2238


void QTextCursor::insertFragment(const QTextDocumentFragment &fragment)
{
    if (!d || !d->priv || fragment.isEmpty())
        return;

    d->priv->beginEditBlock();
    d->remove();
    fragment.d->insert(*this);
    d->priv->endEditBlock();

    if (fragment.d && fragment.d->doc)
        d->priv->mergeCachedResources(fragment.d->doc->docHandle());
}

Qt

V595 CWE-476 The 'window' pointer was utilized before it was verified against nullptr. Check lines: 1846, 1848. qapplication.cpp 1846


bool QApplicationPrivate::tryCloseAllWidgetWindows(....)
{
  ....
  QWindow *window = w->windowHandle();
  if (!window->close()) // Qt::WA_DeleteOnClose may cause deletion.
    return false;
  if (window)
    processedWindows->append(window);
  ....
}

Similar errors can be found in some other places:

  • V595 CWE-476 The 'window' pointer was utilized before it was verified against nullptr. Check lines: 1858, 1860. qapplication.cpp 1858
  • V595 CWE-476 The 'reply' pointer was utilized before it was verified against nullptr. Check lines: 492, 502. qhttpnetworkconnectionchannel.cpp 492
  • V595 CWE-476 The 'newHandle' pointer was utilized before it was verified against nullptr. Check lines: 877, 883. qsplitter.cpp 877
  • And 1 additional diagnostic messages.

Libwebsockets

V595 CWE-476 The 'wsi' pointer was utilized before it was verified against nullptr. Check lines: 232, 234. lws-plat-win.c 232


LWS_VISIBLE LWS_EXTERN int
_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi)
{
  struct lws *wsi;
  ....
  wsi = wsi_from_fd(context, pfd->fd);
  if (wsi->listener)                              // <=
    continue;
  if (!wsi || wsi->sock_send_blocking)            // <=
    continue;
  ....
}

WebP codec

V595 CWE-476 The 'orig_histo' pointer was utilized before it was verified against nullptr. Check lines: 991, 993. histogram_enc.c 991


int VP8LGetHistoImageSymbols(....)
{
  ....
  VP8LHistogramSet* const orig_histo =
    VP8LAllocateHistogramSet(image_histo_raw_size, cache_bits);
  ....
  const int entropy_combine =
    (orig_histo->size > entropy_combine_num_bins * 2) && (quality < 100); // <=

  if (orig_histo == NULL) goto Error;                                     // <=
  ....
}

WebP codec

V595 CWE-476 The 'curr_canvas' pointer was utilized before it was verified against nullptr. Check lines: 599, 603. anim_encode.c 599


int WebPAnimEncoderRefineRect(
    const WebPPicture* const prev_canvas, const WebPPicture* const curr_canvas,
    int is_lossless, float quality, int* const x_offset, int* const y_offset,
    int* const width, int* const height) {
  FrameRectangle rect;
  const int right = clip(*x_offset + *width, 0, curr_canvas->width);     // <=
  const int left = clip(*x_offset, 0, curr_canvas->width - 1);
  const int bottom = clip(*y_offset + *height, 0, curr_canvas->height);
  const int top = clip(*y_offset, 0, curr_canvas->height - 1);
  if (prev_canvas == NULL || curr_canvas == NULL ||                      // <=
      prev_canvas->width != curr_canvas->width ||
      prev_canvas->height != curr_canvas->height ||
      !prev_canvas->use_argb || !curr_canvas->use_argb) {
    return 0;
  }
  ....
}

Godot Engine

V595 CWE-476 The 'from_node' pointer was utilized before it was verified against nullptr. Check lines: 565, 567. canvas_item_editor_plugin.cpp 565


bool CanvasItemEditor::_get_bone_shape(....) {
  ....
  Node2D *from_node =
    Object::cast_to<Node2D>(ObjectDB::get_instance(bone->key().from));
  ....
  if (!from_node->is_inside_tree())
    return false; //may have been removed
  if (!from_node)
    return false;
  ....
}

NCBI Genome Workbench

V595 The 'dst_len' pointer was utilized before it was verified against nullptr. Check lines: 309, 315. zlib.cpp 309


bool CZipCompression::CompressBuffer(
  const void* src_buf, size_t  src_len,
  void*       dst_buf, size_t  dst_size,
  /* out */   size_t* dst_len)
{
  *dst_len = 0;

  // Check parameters
  if (!src_len  &&  !F_ISSET(fAllowEmptyData)) {
    src_buf = NULL;
  }
  if (!src_buf || !dst_buf || !dst_len) {
    SetError(Z_STREAM_ERROR, "bad argument");
    ERR_COMPRESS(48, FormatErrorMessage("CZipCompression::CompressBuffer"));
    return false;
  }
  ....
}

LibrePCB

V595 CWE-476 The 'szComment' pointer was utilized before it was verified against nullptr. Check lines: 2068, 2073. unzip.c 2068


extern int ZEXPORT unzGetGlobalComment (
  unzFile file, char * szComment, uLong uSizeBuf)
{
  ....
  if (uReadThis>0)
  {
    *szComment='\0';
    if (ZREAD64(s->z_filefunc,s->filestream,szComment,uReadThis)!=uReadThis)
      return UNZ_ERRNO;
  }

  if ((szComment != NULL) && (uSizeBuf > s->gi.size_comment))
    *(szComment+s->gi.size_comment)='\0';
  ....
}

SpeedCrunch

V595 The 'ioparams' pointer was utilized before it was verified against nullptr. Check lines: 969, 983. floatio.c 969


int cattokens(....)
{
  ....
  if (printexp)
  {
    if (expbase < 2)
      expbase = ioparams->expbase;  // <=
    ....
  }
  dot = '.';
  expbegin = "(";
  expend = ")";
  if (ioparams != NULL)             // <=
  {
    dot = ioparams->dot;
    expbegin = ioparams->expbegin;
    expend = ioparams->expend;
  }
  ....
}

Qalculate!

V595 The 'o_data' pointer was utilized before it was verified against nullptr. Check lines: 1108, 1112. DataSet.cc 1108


string DataObjectArgument::subprintlong() const {
  string str = _("an object from");
  str += " \"";
  str += o_data->title();               // <=
  str += "\"";
  DataPropertyIter it;
  DataProperty *o = NULL;
  if(o_data) {                          // <=
    o = o_data->getFirstProperty(&it);
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'o_assumption' pointer was utilized before it was verified against nullptr. Check lines: 229, 230. Variable.cc 229
  • V595 The 'i_value' pointer was utilized before it was verified against nullptr. Check lines: 3412, 3427. Number.cc 3412

FreeRDP

V595 The 'context' pointer was utilized before it was verified against nullptr. Check lines: 746, 748. gfx.c 746


static UINT gdi_SurfaceCommand(RdpgfxClientContext* context,
                               const RDPGFX_SURFACE_COMMAND* cmd)
{
  ....
  rdpGdi* gdi = (rdpGdi*) context->custom;

  if (!context || !cmd)
    return ERROR_INVALID_PARAMETER;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'ntlm' pointer was utilized before it was verified against nullptr. Check lines: 236, 255. ntlm.c 236
  • V595 The 'context' pointer was utilized before it was verified against nullptr. Check lines: 1003, 1007. rfx.c 1003
  • V595 The 'rdpei' pointer was utilized before it was verified against nullptr. Check lines: 176, 180. rdpei_main.c 176
  • And 1 additional diagnostic messages.

LLVM/Clang

V595 [CWE-476] The 'Callee' pointer was utilized before it was verified against nullptr. Check lines: 172, 174. AMDGPUInline.cpp 172


InlineCost AMDGPUInliner::getInlineCost(CallSite CS) {
  Function *Callee = CS.getCalledFunction();
  Function *Caller = CS.getCaller();
  TargetTransformInfo &TTI = TTIWP->getTTI(*Callee);

  if (!Callee || Callee->isDeclaration())
    return llvm::InlineCost::getNever("undefined callee");
  ....
}

LLVM/Clang

V595 [CWE-476] The 'CalleeFn' pointer was utilized before it was verified against nullptr. Check lines: 1079, 1081. SimplifyLibCalls.cpp 1079


static Value *optimizeDoubleFP(CallInst *CI, IRBuilder<> &B,
                               bool isBinary, bool isPrecise = false) {
  ....
  Function *CalleeFn = CI->getCalledFunction();
  StringRef CalleeNm = CalleeFn->getName();                 // <=
  AttributeList CalleeAt = CalleeFn->getAttributes();
  if (CalleeFn && !CalleeFn->isIntrinsic()) {               // <=
  ....
}

LLVM/Clang

V595 [CWE-476] The 'ND' pointer was utilized before it was verified against nullptr. Check lines: 532, 534. SemaTemplateInstantiateDecl.cpp 532


void Sema::InstantiateAttrs(const MultiLevelTemplateArgumentList &TemplateArgs,
                            const Decl *Tmpl, Decl *New,
                            LateInstantiatedAttrVec *LateAttrs,
                            LocalInstantiationScope *OuterMostScope) {
  ....
  NamedDecl *ND = dyn_cast<NamedDecl>(New);
  CXXRecordDecl *ThisContext =
    dyn_cast_or_null<CXXRecordDecl>(ND->getDeclContext());         // <=
  CXXThisScopeRAII ThisScope(*this, ThisContext, Qualifiers(),
                             ND && ND->isCXXInstanceMember());     // <=
  ....
}

Similar errors can be found in some other places:

  • V595 [CWE-476] The 'U' pointer was utilized before it was verified against nullptr. Check lines: 404, 407. DWARFFormValue.cpp 404
  • V595 [CWE-476] The 'ND' pointer was utilized before it was verified against nullptr. Check lines: 2149, 2151. SemaTemplateInstantiate.cpp 2149

Haiku Operation System

V595 The 'fReply' pointer was utilized before it was verified against nullptr. Check lines: 49, 52. ReplyBuilder.cpp 49


RPC::CallbackReply*
ReplyBuilder::Reply()
{
  fReply->Stream().InsertUInt(fStatusPosition, _HaikuErrorToNFS4(fStatus));
  fReply->Stream().InsertUInt(fOpCountPosition, fOpCount);

  if (fReply == NULL || fReply->Stream().Error() == B_OK)
    return fReply;
  else
    return NULL;
}

Haiku Operation System

V595 The 'mq' pointer was utilized before it was verified against nullptr. Check lines: 782, 786. oce_queue.c 782


static void
oce_mq_free(struct oce_mq *mq)
{
  POCE_SOFTC sc = (POCE_SOFTC) mq->parent;
  struct oce_mbx mbx;
  struct mbx_destroy_common_mq *fwcmd;

  if (!mq)
    return;
  ....
}

CMake

V595 The 'this->BuildFileStream' pointer was utilized before it was verified against nullptr. Check lines: 133, 134. cmMakefileTargetGenerator.cxx 133


void cmMakefileTargetGenerator::CreateRuleFile()
{
  ....
  this->BuildFileStream->SetCopyIfDifferent(true);
  if (!this->BuildFileStream) {
    return;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'this->FlagFileStream' pointer was utilized before it was verified against nullptr. Check lines: 303, 304. cmMakefileTargetGenerator.cxx 303

Mozilla Thunderbird

V595 The 'aValues' pointer was utilized before it was verified against nullptr. Check lines: 553, 555. nsLDAPMessage.cpp 553


NS_IMETHODIMP
nsLDAPMessage::GetBinaryValues(const char *aAttr, uint32_t *aCount,
                               nsILDAPBERValue ***aValues) {
  ....
  *aValues = static_cast<nsILDAPBERValue **>(
      moz_xmalloc(numVals * sizeof(nsILDAPBERValue)));
  if (!aValues) {
    ldap_value_free_len(values);
    return NS_ERROR_OUT_OF_MEMORY;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The '_retval' pointer was utilized before it was verified against nullptr. Check lines: 357, 358. nsLDAPSyncQuery.cpp 357

Celestia

V595 The 'destinations' pointer was utilized before it was verified against nullptr. Check lines: 48, 50. wintourguide.cpp 48


BOOL APIENTRY TourGuideProc(....)
{
  ....
  const DestinationList* destinations = guide->appCore->getDestinations();
  Destination* dest = (*destinations)[0];
  guide->selectedDest = dest;
  if (hwnd != NULL && destinations != NULL)
  {
    ....
  }
  ....
}

ROOT

V595 The 'N' pointer was utilized before it was verified against nullptr. Check lines: 484, 488. Scanner.cxx 484


bool RScanner::shouldVisitDecl(clang::NamedDecl *D)
{
   if (auto M = D->getOwningModule()) {                      // <= 2
      return fInterpreter.getSema().isModuleVisible(M);
   }
   return true;
}

bool RScanner::VisitNamespaceDecl(clang::NamespaceDecl* N)
{
 if (fScanType == EScanType::kOnePCM)
  return true;

 if (!shouldVisitDecl(N))                                    // <= 1
  return true;

 if((N && N->isImplicit()) || !N){                           // <= 3
    return true;
 }
 ....
}

Similar errors can be found in some other places:

  • V595 The 'file' pointer was utilized before it was verified against nullptr. Check lines: 141, 153. TFileCacheRead.cxx 141
  • V595 The 'fFree' pointer was utilized before it was verified against nullptr. Check lines: 2029, 2038. TFile.cxx 2029
  • V595 The 'tbuf' pointer was utilized before it was verified against nullptr. Check lines: 586, 591. TGText.cxx 586
  • And 3 additional diagnostic messages.

Amazon FreeRTOS

V595 [CWE-476] The 'pxMbedSignature' pointer was utilized before it was verified against nullptr. Check lines: 52, 54. iot_pki_utils.c 52


int PKI_mbedTLSSignatureToPkcs11Signature
    (uint8_t * pxSignaturePKCS, uint8_t * pxMbedSignature )
{
  int xReturn = 0;
  uint8_t * pxNextLength;

  /* The 4th byte contains the length of the R component */
  uint8_t ucSigComponentLength = pxMbedSignature[ 3 ]; // <=

  if(  ( pxSignaturePKCS == NULL )
    || ( pxMbedSignature == NULL ) )
  {
      xReturn = FAILURE;
  }

  ....
}

SDCC

V595 [CWE-476] The 'sfr' pointer was utilized before it was verified against nullptr. Check lines: 54, 56. timer2.cc 54


cl_timer2::init(void)
{
  cl_timer0::init();
  cell_rcap2l= sfr->get_cell(RCAP2L);//use_cell(sfr, RCAP2L);
  cell_rcap2h= sfr->get_cell(RCAP2H);//use_cell(sfr, RCAP2H);
  if (sfr)
    bit_t2ex= sfr->read(P1) & bmT2EX;
  return(0);
}

Similar errors can be found in some other places:

  • V595 [CWE-476] The 'value.string.string' pointer was utilized before it was verified against nullptr. Check lines: 244, 246. arg.cc 244
  • V595 [CWE-476] The 'app' pointer was utilized before it was verified against nullptr. Check lines: 668, 675. command.cc 668
  • V595 [CWE-476] The 'param_str' pointer was utilized before it was verified against nullptr. Check lines: 245, 247. command.cc 245
  • And 1 additional diagnostic messages.

Zephyr

V595 [CWE-476] The 'pub' pointer was utilized before it was verified against nullptr. Check lines: 708, 719. access.c 708


int bt_mesh_model_publish(struct bt_mesh_model *model)
{
  ....
  struct bt_mesh_model_pub *pub = model->pub;
  ....
  struct bt_mesh_msg_ctx ctx = {
    .send_rel = pub->send_rel,
  };
  ....
  if (!pub) {
    return -ENOTSUP;
  }
  ....
}

Zephyr

V595 [CWE-476] The 'conn' pointer was utilized before it was verified against nullptr. Check lines: 1071, 1073. tcp2.c 1071


int net_tcp_accept(struct net_context *context, net_tcp_accept_cb_t cb,
       void *user_data)
{
  ....
  struct tcp *conn = context->tcp;
  ....
  conn->accept_cb = cb;

  if (!conn || conn->state != TCP_LISTEN) {
    return -EINVAL;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 [CWE-476] The 'context->tcp' pointer was utilized before it was verified against nullptr. Check lines: 1512, 1518. tcp.c 1512
  • V595 [CWE-476] The 'fsm' pointer was utilized before it was verified against nullptr. Check lines: 365, 382. fsm.c 365

GCC

V595 The 'm->component' pointer was utilized before it was verified against nullptr. Check lines: 407, 415. genmodes.c 407


static void
complete_mode (struct mode_data *m)
{
  ....
  if (m->cl == MODE_COMPLEX_INT || m->cl == MODE_COMPLEX_FLOAT)
    alignment = m->component->bytesize;
  else
    alignment = m->bytesize;

  m->alignment = alignment & (~alignment + 1);

  if (m->component)
  ....
}

Command & Conquer

V595 The 'enemy' pointer was utilized before it was verified against nullptr. Check lines: 3689, 3695. TECHNO.CPP 3689


void TechnoClass::Base_Is_Attacked(TechnoClass const *enemy)
{
  FootClass *defender[6];
  int value[6];
  int count = 0;
  int weakest = 0;
  int desired = enemy->Risk() * 2;
  int risktotal = 0;

  /*
  ** Humans have to deal with their own base is attacked problems.
  */
  if (!enemy || House->Is_Ally(enemy) || House->IsHuman) {
    return;
  }
  ....
}

Minetest

V595 The 'm_client' pointer was utilized before it was verified against nullptr. Check lines: 183, 187. game.cpp 183


void gotText(const StringMap &fields)
{
  ....
  if (m_formname == "MT_DEATH_SCREEN") {
    assert(m_client != 0);
    m_client->sendRespawn();
    return;
  }

  if (m_client && m_client->modsLoaded())
    m_client->getScript()->on_formspec_input(m_formname, fields);
}

Qemu

V595 The 'blen2p' pointer was utilized before it was verified against nullptr. Check lines: 103, 106. dsound_template.h 103


static int glue (
    ....
    DWORD *blen1p,
    DWORD *blen2p,
    int entire,
    dsound *s
    )
{
  ....
  dolog("DirectSound returned misaligned buffer %ld %ld\n",
        *blen1p, *blen2p);
  glue(.... p2p ? *p2p : NULL, *blen1p,
                            blen2p ? *blen2p : 0);
....
}

DeepSpeech

V595 The 'istrm' pointer was utilized before it was verified against nullptr. Check lines: 60, 61. mapped-file.cc 60


MappedFile *MappedFile::Map(std::istream *istrm, bool memorymap,
                            const string &source, size_t size) {
  const auto spos = istrm->tellg();        // <=
  ....
  istrm->seekg(pos + size, std::ios::beg); // <=
  if (istrm) {                             // <=
    VLOG(1) << "mmap'ed region of " << size
            << " at offset " << pos
            << " from " << source
            << " to addr " << map;
  return mmf.release();
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'istrm' pointer was utilized before it was verified against nullptr. Check lines: 39, 61. mapped-file.cc 39

LLVM/Clang

V595 The 'CDecl' pointer was utilized before it was verified against nullptr. Check lines: 5275, 5284. RewriteObjC.cpp 5275


void RewriteObjCFragileABI::RewriteObjCClassMetaData(
  ObjCImplementationDecl *IDecl, std::string &Result)
{
  ObjCInterfaceDecl *CDecl = IDecl->getClassInterface();

  if (CDecl->isImplicitInterfaceDecl()) {
    RewriteObjCInternalStruct(CDecl, Result);
  }

  unsigned NumIvars = !IDecl->ivar_empty()
  ? IDecl->ivar_size()
  : (CDecl ? CDecl->ivar_size() : 0);
  ....
}

LLVM/Clang

V595 The 'ND' pointer was utilized before it was verified against nullptr. Check lines: 2803, 2805. SemaTemplateInstantiate.cpp 2803


bool
Sema::InstantiateClass(....)
{
  ....
  NamedDecl *ND = dyn_cast<NamedDecl>(I->NewDecl);
  CXXRecordDecl *ThisContext =
      dyn_cast_or_null<CXXRecordDecl>(ND->getDeclContext());
  CXXThisScopeRAII ThisScope(*this, ThisContext, Qualifiers(),
                              ND && ND->isCXXInstanceMember());
  ....
}

Espressif IoT Development Framework

V595 The 'outbuf' pointer was utilized before it was verified against nullptr. Check lines: 374, 381. protocomm.c 374


static int protocomm_version_handler(uint32_t session_id,
                                     const uint8_t *inbuf, ssize_t inlen,
                                     uint8_t **outbuf, ssize_t *outlen,
                                     void *priv_data)
{
    protocomm_t *pc = (protocomm_t *) priv_data;
    if (!pc->ver) {
        *outlen = 0;
        *outbuf = NULL;                                  // <=
        return ESP_OK;
    }

    /* Output is a non null terminated string with length specified */
    *outlen = strlen(pc->ver);
    *outbuf = malloc(*outlen);                           // <=
    if (outbuf == NULL) {                                // <=
        ESP_LOGE(TAG, "Failed to allocate memory for version response");
        return ESP_ERR_NO_MEM;
    }

    memcpy(*outbuf, pc->ver, *outlen);
    return ESP_OK;
}

Most likely this is what should be written here: if (*outbuf == NULL)


Espressif IoT Development Framework

V595 The 'hapd->wpa_auth' pointer was utilized before it was verified against nullptr. Check lines: 106, 113. esp_hostap.c 106


bool hostap_deinit(void *data)
{
  struct hostapd_data *hapd = (struct hostapd_data *)data;

  if (hapd == NULL) {
    return true;
  }

  if (hapd->wpa_auth->wpa_ie != NULL) {
    os_free(hapd->wpa_auth->wpa_ie);
  }

  if (hapd->wpa_auth->group != NULL) {
    os_free(hapd->wpa_auth->group);
  }

  if (hapd->wpa_auth != NULL) {
    os_free(hapd->wpa_auth);
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'hapd->conf' pointer was utilized before it was verified against nullptr. Check lines: 118, 125. esp_hostap.c 118
  • V595 The 'sm' pointer was utilized before it was verified against nullptr. Check lines: 1637, 1647. esp_wps.c 1637
  • V595 The 'sm' pointer was utilized before it was verified against nullptr. Check lines: 1693, 1703. esp_wps.c 1693

GTK

V595 [CWE-476] The 'iw' pointer was utilized before it was verified against nullptr. Check lines: 194, 199. inspect-button.c 194


static gboolean
on_flash_timeout (GtkInspectorWindow *iw)
{
  iw->flash_count++;

  gtk_highlight_overlay_set_color (GTK_HIGHLIGHT_OVERLAY (iw->flash_overlay),
                               &(GdkRGBA) {
                                   0.0, 0.0, 1.0,
                                   (iw && iw->flash_count % 2 == 0) ? 0.0 : 0.2
                               });
  ....
}

GTK

V595 [CWE-476] The 'bottom_node' pointer was utilized before it was verified against nullptr. Check lines: 1189, 1190. gtksnapshot.c 1189


static GskRenderNode *
gtk_snapshot_collect_blend_top (GtkSnapshot      *snapshot,
                                GtkSnapshotState *state,
                                GskRenderNode   **nodes,
                                guint             n_nodes)
{
  GskRenderNode *bottom_node, *top_node, *blend_node;
  GdkRGBA transparent = { 0, 0, 0, 0 };

  top_node = gtk_snapshot_collect_default (snapshot, state, nodes, n_nodes);
  bottom_node = state->data.blend.bottom_node != NULL
              ? gsk_render_node_ref (state->data.blend.bottom_node)
              : NULL;

  g_assert (top_node != NULL || bottom_node != NULL);

  if (top_node == NULL)
    top_node = gsk_color_node_new (&transparent, &bottom_node->bounds);
  if (bottom_node == NULL)
    bottom_node = gsk_color_node_new (&transparent, &top_node->bounds);
  ....
}

GTK

V595 [CWE-476] The 'dispatch->backend' pointer was utilized before it was verified against nullptr. Check lines: 1603, 1613. gtkprintbackendcups.c 1603


static void
cups_dispatch_watch_finalize (GSource *source)
{
  ....
  const char *username;
  char         hostname[HTTP_MAX_URI];
  char        *key;

  httpGetHostname (dispatch->request->http, hostname, sizeof (hostname));
  if (is_address_local (hostname))
    strcpy (hostname, "localhost");

  if (dispatch->backend->username != NULL)                     // <=
    username = dispatch->backend->username;                    // <=
  else
    username = cupsUser ();

  key = g_strconcat (username, "@", hostname, NULL);
  GTK_NOTE (PRINTING,
            g_print ("CUPS backend: removing stored password for %s\n", key));
  g_hash_table_remove (dispatch->backend->auth, key);          // <=
  g_free (key);

  if (dispatch->backend)                                       // <=
    dispatch->backend->authentication_lock = FALSE;
  ....
}

Qt

V595 [CWE-476] The 'd_ptr' pointer was utilized before it was verified against nullptr. Check lines: 710, 713. qmetatype.cpp 710


class __attribute__((visibility("default"))) QMetaType {
  ....
  const QtPrivate::QMetaTypeInterface *d_ptr = nullptr;
};

QPartialOrdering QMetaType::compare(const void *lhs, const void *rhs) const
{
    if (!lhs || !rhs)
        return QPartialOrdering::Unordered;
    if (d_ptr->flags & QMetaType::IsPointer)
        return threeWayCompare(*reinterpret_cast<const void * const *>(lhs),
                               *reinterpret_cast<const void * const *>(rhs));
    if (d_ptr && d_ptr->lessThan) {
        if (d_ptr->equals && d_ptr->equals(d_ptr, lhs, rhs))
            return QPartialOrdering::Equivalent;
        if (d_ptr->lessThan(d_ptr, lhs, rhs))
            return QPartialOrdering::Less;
        if (d_ptr->lessThan(d_ptr, rhs, lhs))
            return QPartialOrdering::Greater;
        if (!d_ptr->equals)
            return QPartialOrdering::Equivalent;
    }
    return QPartialOrdering::Unordered;
}

Similar errors can be found in some other places:

  • V595 [CWE-476] The 'self' pointer was utilized before it was verified against nullptr. Check lines: 1346, 1351. qcoreapplication.cpp 1346
  • V595 [CWE-476] The 'currentTimerInfo' pointer was utilized before it was verified against nullptr. Check lines: 636, 641. qtimerinfo_unix.cpp 636
  • V595 [CWE-476] The 'lib' pointer was utilized before it was verified against nullptr. Check lines: 325, 333. qlibrary.cpp 325
  • And 13 additional diagnostic messages.

Free Heroes of Might and Magic II

V595 The '_currentUnit' pointer was utilized before it was verified against nullptr. Check lines: 2336, 2358. battle_interface.cpp 2336


void Battle::Interface::MouseLeftClickBoardAction( .... )
{
  ....
  themes = GetSwordCursorDirection( Board::GetDirection( index,
                                  _currentUnit->GetHeadIndex()));
  ....
  if ( _currentUnit )
  {
    ....
  }
  ....
}

MuseScore

V595 The 'fd' pointer was utilized before it was verified against nullptr. Check lines: 5365, 5366. edit.cpp 5365


void Score::undoAddElement(Element* element)
{
  ....
  FretDiagram* fd = toFretDiagram(ne);
  Harmony* fdHarmony = fd->harmony();
  if (fd) {
    fdHarmony->setScore(score);
    fdHarmony->setSelected(false);
    fdHarmony->setTrack(staffIdx * VOICES + element->voice());
  }
  ....
}

MuseScore

V595 The 'startSegment' pointer was utilized before it was verified against nullptr. Check lines: 129, 131. notationselectionrange.cpp 129


Ms::Segment* NotationSelectionRange::rangeStartSegment() const
{
  Ms::Segment* startSegment = score()->selection().startSegment();

  startSegment->measure()->firstEnabled();  // <=

  if (!startSegment) {                      // <=
    return nullptr;
  }

  if (!startSegment->enabled()) {
    startSegment = startSegment->next1MMenabled();
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'note' pointer was utilized before it was verified against nullptr. Check lines: 5932, 5941. importmxmlpass2.cpp 5932
  • V595 The 'ed' pointer was utilized before it was verified against nullptr. Check lines: 599, 608. textedit.cpp 599
  • V595 The 's' pointer was utilized before it was verified against nullptr. Check lines: 139, 143. elements.cpp 139

Blender

V595 The 'nldrag' pointer was utilized before it was verified against nullptr. Check lines: 1037, 1039. node_relationships.c


static int node_link_invoke(bContext *C, wmOperator *op, const wmEvent *event)
{
  ....
  bNodeLinkDrag *nldrag = node_link_init(bmain, snode, cursor, detach);
  nldrag->last_picked_multi_input_socket_link = NULL;
  if (nldrag) {
    op->customdata = nldrag;
  ....
}

Similar errors can be found in some other places:

  • V595: The 'seq' pointer was utilized before it was verified against nullptr. Check lines: 373, 385. strip_add.c

Snort

V595 The 'ssd' pointer was utilized before it was verified against nullptr. dce2_smb2.c 900


void DCE2_Smb2Process(DCE2_SmbSsnData *ssd)
{
    const SFSnortPacket *p = ssd->sd.wire_pkt;
....
    if (ssd && ssd->pdu_state != DCE2_SMB_PDU_STATE__RAW_DATA)
    {
....
    }
....
}

Snort

V595 The 'it' pointer was utilized before it was verified against nullptr. Check lines: 158, 160. u2spewfoo.c 158


static inline void free_iterator(u2iterator *it) {
    if(it->file) fclose(it->file);
    if(it->filename) free(it->filename);
    if(it) free(it);
}

Storm Engine

V595 The 'rs' pointer was utilized before it was verified against nullptr. Check lines: 163, 164. Fader.cpp 163


uint64_t Fader::ProcessMessage(....)
{
  ....
  textureID = rs->TextureCreate(_name);
  if (rs)
  {
    rs->SetProgressImage(_name);
    ....
}

Similar errors can be found in some other places:

  • V595 The 'pACh' pointer was utilized before it was verified against nullptr. Check lines: 1214, 1215. sail.cpp 1214

LLVM/Clang

V595 [CWE-476, CERT-EXP12-C] The 'OS' pointer was utilized before it was verified against nullptr. Check lines: 791, 793. DWARFDebugLine.cpp 791


Error DWARFDebugLine::LineTable::parse(...., raw_ostream *OS, bool Verbose) {
  ....
  auto EmitRow = [&] {
    if (!TombstonedAddress) {
      if (Verbose) {
        *OS << "\n";
        OS->indent(12);
      }
      if (OS)
        State.Row.dump(*OS);
      State.appendRowToMatrix();
    }
  };
  ....
}

RPCS3

V595 The 'cached_dest' pointer was utilized before it was verified against nullptr. Check lines: 3059, 3064. texture_cache.h 3059


template <typename surface_store_type, typename blitter_type, typename ...Args>
blit_op_result upload_scaled_image(....)
{
  // ....

  if (!use_null_region) [[likely]]
  {
    // Do preliminary analysis
    typeless_info.analyse();

    blitter.scale_image(cmd, vram_texture, dest_texture, src_area, dst_area,
                        interpolate, typeless_info);
  }
  else
  {
    cached_dest->dma_transfer(cmd, vram_texture, src_area,
                              dst_range, dst.pitch);
  }

  blit_op_result result = true;

  if (cached_dest)
  {
    result.real_dst_address = cached_dest->get_section_base();
    result.real_dst_size = cached_dest->get_section_size();
  }
  else
  {
    result.real_dst_address = dst_base_address;
    result.real_dst_size = dst.pitch * dst_dimensions.height;
  }

  return result;
}

Chromium

V595 The 'client_' pointer was utilized before it was verified against nullptr. Check lines: 'password_manager_util.cc:119', 'password_manager.cc:1216', 'password_manager.cc:1218'. password_manager.cc 1216


// File: src\components\password_manager\core\browser\password_manager_util.cc
bool IsLoggingActive(const password_manager::PasswordManagerClient* client)
{
  const autofill::LogManager* log_manager = client->GetLogManager();
  return log_manager && log_manager->IsLoggingActive();
}

// File: src\components\password_manager\core\browser\password_manager.cc
void PasswordManager::RecordProvisionalSaveFailure(
    PasswordManagerMetricsRecorder::ProvisionalSaveFailure failure,
    const GURL& form_origin)
  {
  std::unique_ptr<BrowserSavePasswordProgressLogger> logger;
  if (password_manager_util::IsLoggingActive(client_)) {            // <=
    logger = std::make_unique<BrowserSavePasswordProgressLogger>(
        client_->GetLogManager());
  }
  if (client_ && client_->GetMetricsRecorder()) {                   // <=
    ....
  }
}

Intermodular analysis


Chromium

V595 The 'parent' pointer was utilized before it was verified against nullptr. Check lines: 'visibility_controller.cc:95', 'native_web_contents_modal_dialog_manager_views.cc:72', 'native_web_contents_modal_dialog_manager_views.cc:75'. native_web_contents_modal_dialog_manager_views.cc 72


// File: src\ui\wm\core\visibility_controller.cc
void SetChildWindowVisibilityChangesAnimated(aura::Window* window)
{
  window->SetProperty(kChildWindowVisibilityChangesAnimatedKey, true);
}

// File: src\components\constrained_window
//       \native_web_contents_modal_dialog_manager_views.cc
void NativeWebContentsModalDialogManagerViews::ManageDialog()
{
  views::Widget* widget = GetWidget(dialog());
  ....
#if defined(USE_AURA)
  ....
  gfx::NativeView parent = widget->GetNativeView()->parent();
  wm::SetChildWindowVisibilityChangesAnimated(parent);
  ....
  if (parent && parent->parent())
  {
    parent->parent()->SetProperty(aura::client::kAnimationsDisabledKey, true);
  }
  ....
#endif
}

Intermodular analysis


Blend2D

V595 The '_threadPool' pointer was utilized before it was verified against nullptr. Check lines: 158, 164. rasterworkermanager.cpp 158


class BLRasterWorkerManager {
public:
  BLThreadPool* _threadPool;
  uint32_t _workerCount;
  // ....
}
// ....
void BLRasterWorkerManager::reset() noexcept {
  // ....
  if (_workerCount) {
    // ....
    _threadPool->releaseThreads(_workerThreads, _workerCount);
    _workerCount = 0;
    // ....
  }
  if (_threadPool) {
    _threadPool->release();
    _threadPool = nullptr;
  }
  // ....
}

FlipperZero

V595 [CWE-476, CERT-EXP12-C] The 'subghz->txrx->protocol_result' pointer was utilized before it was verified against nullptr. Check lines: 70, 78. subghz_scene_receiver_info.c 70


void subghz_scene_receiver_info_on_enter(void* context) {
  ....
  subghz->txrx->protocol_result->to_string(subghz->txrx->protocol_result, text);
  widget_add_string_multiline_element(....);

  string_clear(frequency_str);
  string_clear(modulation_str);
  string_clear(text);

  if(subghz->txrx->protocol_result &&
     subghz->txrx->protocol_result->to_save_file &&
     strcmp(subghz->txrx->protocol_result->name, "KeeLoq")) {
  ....
}

MuditaOS

V595 [CERT-EXP12-C] The 'result' pointer was utilized before it was verified against nullptr. Check lines: 81, 82. AudioModel.cpp 81


void AudioModel::play(....)
{
  ....
  auto cb = [_callback = callback, this](auto response)
            {
              auto result = dynamic_cast
                            <service::AudioStartPlaybackResponse *>(response);
              lastPlayedToken = result->token;
              if (result == nullptr)
              {
                ....
              }
              ....
            };
  ....
}

Ogre3D

V595 The 'params' pointer was utilized before it was verified against nullptr. Check lines: 95, 101. OgreGpuProgramManager.cpp 95


Resource* GpuProgramManager::createImpl(....,
                                        const NameValuePairList* params)
{
  auto langIt = params->find("language");
  auto typeIt = params->find("type");

  if (langIt == params->end())
    langIt = params->find("syntax");

  if (!params || langIt == params->end() || typeIt == params->end())
  {
    OGRE_EXCEPT(Exception::ERR_INVALIDPARAMS,
      "You must supply 'language' or 'syntax' and 'type' parameters");
  }
}

In this code fragment, the passed params pointer had been dereferenced before it was checked against null. A classic error. The code works until someone passes nullptr into the function.


GPCS4

V595 The 'm_moduleData' pointer was utilized before it was verified against nullptr. Check lines: 49, 53. ELFMapper.cpp 49


bool ELFMapper::validateHeader()
{
  bool retVal      = false;
  auto &fileMemory = m_moduleData->m_fileMemory;
  do
  {
    if (m_moduleData == nullptr)
    {
      LOG_ERR("file has not been loaded");
      break;
    }
    ....
  } while (false);

  return retVal;
}

Overgrowth

V595 [CERT-EXP12-C] The 'ctx' pointer was utilized before it was verified against nullptr. Check lines: 130, 131. ascontext.cpp 130


class ASContext
{
public:
  asIScriptContext *ctx;
}

ASContext::ASContext(....)
{
  ctx = ....;
  ctx->SetUserData(this, 0);
  if( ctx == 0 )
  {
    FatalError("Error","Failed to create the context.");
    return;
  }
  ....
}

LLVM/Clang

V595 [CWE-476, CERT-EXP12-C] The 'CI' pointer was utilized before it was verified against nullptr. Check lines: 2515, 2517. SimplifyLibCalls.cpp 2515


void LibCallSimplifier::classifyArgUse(....) {
  CallInst *CI = dyn_cast<CallInst>(Val);
  Module *M = CI->getModule();

  if (!CI || CI->use_empty())
    return;
  ....
}

LLVM/Clang

V595 [CWE-476, CERT-EXP12-C] The 'sc.symbol' pointer was utilized before it was verified against nullptr. Check lines: 877, 878. Module.cpp 877


void Module::FindFunctions(....) {
  ....
  for (size_t i = 0; i < num_matches; ++i) {
    sc.symbol = symtab->SymbolAtIndex(symbol_indexes[i]);
    SymbolType sym_type = sc.symbol->GetType();
    if (sc.symbol && (sym_type == eSymbolTypeCode ||
                      sym_type == eSymbolTypeResolver))
      sc_list.Append(sc);
  }
  ....
}

Similar errors can be found in some other places:

  • V595 [CWE-476, CERT-EXP12-C] The 'sc.symbol' pointer was utilized before it was verified against nullptr. Check lines: 899, 900. Module.cpp 899
  • V595 [CWE-476, CERT-EXP12-C] The 'process' pointer was utilized before it was verified against nullptr. Check lines: 159, 184. IRExecutionUnit.cpp 159
  • V595 [CWE-476, CERT-EXP12-C] The 'localVarCst' pointer was utilized before it was verified against nullptr. Check lines: 77, 96. AffineStructures.cpp 77
  • And 2 additional diagnostic messages.

RPCS3

V595 The 'm_finfo' pointer was utilized before it was verified against nullptr. Check lines: 5316, 5344. SPURecompiler.cpp 5316


class spu_llvm_recompiler : public spu_recompiler_base
                          , public cpu_translator
{
  // ....
  function_info* m_finfo;
  // ....
  virtual spu_function_t compile(spu_program&& _func) override
  {
    // ....
    const u32 src = m_finfo->fn ? bb.reg_origin_abs[i]
                                : bb.reg_origin[i];
    // ....
    value = m_finfo && m_finfo->load[i] ? m_finfo->load[i]
                                        : m_ir->CreateLoad(regptr);
    // ....
  }
}

VCMI

V595 The 'hero' pointer was utilized before it was verified against nullptr. Check lines: 182, 184. NetPacksServer.cpp 182


void ApplyGhNetPackVisitor::visitTradeOnMarketplace(....)
{
  ....
  bool allyTownSkillTrade = (....
                          && gh.getPlayerRelations(player, hero->tempOwner)
                          && ....);
  if (hero && ....)
    gh.throwAndComplain(&pack, "This hero can't use this marketplace!");
  ....
}

CodeLite

V595 The 'dbgr' pointer was utilized before it was verified against nullptr. Check lines: 349, 351. simpletable.cpp:349, simpletable.cpp:351


void WatchesTable::OnCreateVariableObject(....)
{
  ....
  if (dbgr->GetDebuggerInformation().defaultHexDisplay == true)
    dbgr->SetVariableObbjectDisplayFormat(DoGetGdbId(item),
                                        DBG_DF_HEXADECIMAL);

  if (dbgr)
    DoRefreshItem(dbgr, item, true);
  ....
}

Similar errors can be found in some other places:

  • V595 The 'win' pointer was utilized before it was verified against nullptr. Check lines: 1115, 1127. DiffSideBySidePanel.cpp:1115, DiffSideBySidePanel.cpp:1127
  • V595 The 'm_vsb' pointer was utilized before it was verified against nullptr. Check lines: 212, 224. clScrolledPanel.cpp:212, clScrolledPanel.cpp:224
  • V595 The 'ms_instance' pointer was utilized before it was verified against nullptr. Check lines: 24, 25. php_parser_thread.cpp:24, php_parser_thread.cpp:25
  • And 4 additional diagnostic messages.

FreeCAD

V595 [CWE-476, CERT-EXP12-C] The 'detail' pointer was utilized before it was verified against nullptr. Check lines: 842, 843. QGIViewPart.cpp 842


void QGIViewPart::highlightMoved(QGIHighlight* highlight, QPointF newPos)
{
  std::string highlightName = highlight->getFeatureName();
  App::Document* doc = getViewObject()->getDocument();
  App::DocumentObject* docObj = doc->getObject(highlightName.c_str());
  auto detail = dynamic_cast<DrawViewDetail*>(docObj);
  auto oldAnchor = detail->AnchorPoint.getValue();
  if (detail) {
    Base::Vector3d delta = Rez::appX(DrawUtil::toVector3d(newPos)) /
                           getViewObject()->getScale();
    delta = DrawUtil::invertY(delta);
    detail->AnchorPoint.setValue(oldAnchor + delta);
  }
}

FreeCAD

V595 [CWE-476, CERT-EXP12-C] The 'CutCompoundBF' pointer was utilized before it was verified against nullptr. Check lines: 690, 691. SectionCutting.cpp 690


void SectionCut::startCutting(bool isInitial)
{
  ....
  App::PropertyLinkList* CutLinkList =
    dynamic_cast<App::PropertyLinkList*>(
      CutCompoundBF->getPropertyByName("Objects"));

  if (!CutCompoundBF) {
    Base::Console().Error((std::string("SectionCut error: ")
                           + std::string(CompoundName)
                           + std::string(" could not be added\n")).c_str());
    return;
  }
  CutLinkList->setValue(ObjectsListLinks);
  ....
}

GTK

V595 [CWE-476, CERT-EXP12-C] The 'top' pointer was utilized before it was verified against nullptr. Check lines: 1024, 1051. gdkscreen-x11.c 1024


void
_gdk_x11_screen_get_edge_monitors (GdkX11Screen *x11_screen,
                                   int       *top,
                                   int       *bottom,
                                   int       *left,
                                   int       *right)
{
  ....
  *top = *bottom = *left = *right = -1;
  ....
  if (left && left_most_pos > x_monitors[i].x_org)
  ....
  if (right && right_most_pos < x_monitors[i].x_org + x_monitors[i].width)
  ....
  if (top && top_most_pos > x_monitors[i].y_org)
  ....
  if (bottom && bottom_most_pos < x_monitors[i].y_org + x_monitors[i].height)
  ....
}

GTK

V595 [CWE-476, CERT-EXP12-C] The 'action' pointer was utilized before it was verified against nullptr. Check lines: 449, 452. gtkactionmuxer.c 449


static void
notify_observers_added (GtkActionMuxer *muxer,
                        GtkActionMuxer *parent)
{
  ....
  Action *action;
  ....
  while (....)
  {
    ....
    if (!action->watchers)
      continue;

    for (node = action ? action->watchers : NULL; node; node = node->next)
      gtk_action_observer_primary_accel_changed (node->data,
                                                 GTK_ACTION_OBSERVABLE (muxer),
                                                 action_name, NULL);
  ....
}

Similar errors can be found in some other places:

  • V595 [CWE-476, CERT-EXP12-C] The 'icon' pointer was utilized before it was verified against nullptr. Check lines: 2225, 2231. gtkicontheme.c 2225
  • V595 [CWE-476, CERT-EXP12-C] The 'iw' pointer was utilized before it was verified against nullptr. Check lines: 194, 199. inspect-button.c 194
  • V595 [CWE-476, CERT-EXP12-C] The 'contents' pointer was utilized before it was verified against nullptr. Check lines: 493, 501. file.cpp 493
  • And 2 additional diagnostic messages.

GZDoom

V595 The 'node' pointer was utilized before it was verified against nullptr. Check lines: 231, 234. ParseContextBase.cpp 231


void TParseContextBase::rValueErrorCheck(const TSourceLoc& loc,
                                         const char* op,
                                         TIntermTyped* node)
{
  TIntermBinary* binaryNode = node->getAsBinaryNode();
  const TIntermSymbol* symNode = node->getAsSymbolNode();

  if (!node) return;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'linker' pointer was utilized before it was verified against nullptr. Check lines: 1550, 1552. ShaderLang.cpp 1550
  • V595 The 'mo' pointer was utilized before it was verified against nullptr. Check lines: 6358, 6359. p_mobj.cpp 6358

iSulad

V595 [CWE-476, CERT-EXP12-C] The 'response' pointer was utilized before it was verified against nullptr. Check lines: 2334, 2335. image.c 2334


int im_search_images(im_search_request *request, im_search_response **response)
{
  ....
  *response = (im_search_response *)
     util_common_calloc_s(sizeof(im_search_response));
  if (response == NULL) {
    ERROR("Out of memory");
    return -1;
  }
  ....
}

qdEngine

V595 [CWE-476, CERT-EXP12-C] The 'ddobj_' pointer was utilized before it was verified against nullptr. Check lines: 211, 212. ddraw_gr_dispatcher.cpp 211


bool DDraw_grDispatcher::Finit()
{
  ....
  ddobj_ -> SetCooperativeLevel((HWND)Get_hWnd(),DDSCL_NORMAL);
  if(fullscreen_ && ddobj_) ddobj_ -> RestoreDisplayMode();
  ....
}

OpenVINO

V595 The 'devices->devices' pointer was utilized before it was verified against nullptr. Check lines: 271, 274. ov_core.cpp 271


void ov_available_devices_free(ov_available_devices_t* devices)
{
  if (!devices)
  {
    return;
  }
  for (size_t i = 0; i < devices->size; i++)
  {
    if (devices->devices[i])
    {
      delete[] devices->devices[i];
    }
  }
  if (devices->devices)
    delete[] devices->devices;
  devices->devices = nullptr;
  devices->size = 0;
}

Similar errors can be found in some other places:

  • V595 The 'versions->versions' pointer was utilized before it was verified against nullptr. Check lines: 339, 342. ov_core.cpp 339
  • V595 The 'profiling_infos->profiling_infos' pointer was utilized before it was verified against nullptr. Check lines: 354, 356. ov_infer_request.cpp 354

Godot Engine

V595 The 'node' pointer was utilized before it was verified against nullptr. Check lines: 246, 251. grid_map_editor_plugin.cpp 246


void GridMapEditor::_update_cursor_transform()
{
  cursor_transform = Transform3D();
  cursor_transform.origin = cursor_origin;
  cursor_transform.basis =
    node->get_basis_with_orthogonal_index(cursor_rot);                // <=
  cursor_transform.basis *= node->get_cell_scale();
  cursor_transform = node->get_global_transform() * cursor_transform;

  if (selected_palette >= 0)
  {
    if (node && !node->get_mesh_library().is_null())  // <=
    {
      cursor_transform *= node->get_mesh_library()
                              ->get_item_mesh_transform(selected_palette);
    }
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'p_ternary_op->true_expr' pointer was utilized before it was verified against nullptr. Check lines: 4518, 4525. gdscript_analyzer.cpp 4518
  • V595 The 'p_parent' pointer was utilized before it was verified against nullptr. Check lines: 4100, 4104. node_3d_editor_plugin.cpp 4100
  • V595 The 'item' pointer was utilized before it was verified against nullptr. Check lines: 950, 951. project_export.cpp 950
  • And 4 additional diagnostic messages.

DPDK

V595 The 'r' pointer was utilized before it was verified against nullptr. Check lines: 211, 213. qbman_debug.c 211


int qbman_fq_query(struct qbman_swp *s, uint32_t fqid,
       struct qbman_fq_query_rslt *r)
{
  struct qbman_fq_query_desc *p;

  p = (struct qbman_fq_query_desc *)qbman_swp_mc_start(s);
  if (!p)
    return -EBUSY;

  p->fqid = fqid;
  *r = *(struct qbman_fq_query_rslt *)qbman_swp_mc_complete(s, p,
            QBMAN_FQ_QUERY);
  if (!r) {
    pr_err("qbman: Query FQID %d failed, no response\n",
      fqid);
    return -EIO;
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'r' pointer was utilized before it was verified against nullptr. Check lines: 407, 409. qbman_debug.c 407
  • V595 The 'r' pointer was utilized before it was verified against nullptr. Check lines: 482, 484. qbman_debug.c 482
  • V595 The 'r' pointer was utilized before it was verified against nullptr. Check lines: 50, 52. qbman_debug.c 50
  • And 1 additional diagnostic messages.

DPDK

V595 The 'mode' pointer was utilized before it was verified against nullptr. Check lines: 373, 383. roc_bphy_cgx.c 373


int
roc_bphy_cgx_set_link_mode(struct roc_bphy_cgx *roc_cgx, unsigned int lmac,
         struct roc_bphy_cgx_link_mode *mode)
{
  uint64_t scr1, scr0;

  if (roc_model_is_cn9k() &&
      (mode->use_portm_idx || mode->portm_idx || mode->mode_group_idx)) {  // <=
    return -ENOTSUP;
  }

  if (!roc_cgx)
    return -EINVAL;

  if (!roc_bphy_cgx_lmac_exists(roc_cgx, lmac))
    return -ENODEV;

  if (!mode)                                                               // <=
    return -EINVAL;
  ....
}

DPDK

V595 The 'otx_epvf->ism_buffer_mz' pointer was utilized before it was verified against nullptr. Check lines: 299, 300. otx_ep_ethdev.c 299


static int
otx_ep_ism_setup(struct otx_ep_device *otx_epvf)
{
  otx_epvf->ism_buffer_mz =
    rte_eth_dma_zone_reserve(otx_epvf->eth_dev, "ism",
           0, OTX_EP_ISM_BUFFER_SIZE,
           OTX_EP_PCI_RING_ALIGN, 0);

  /* Same DMA buffer is shared by OQ and IQ, clear it at start */
  memset(otx_epvf->ism_buffer_mz->addr, 0, OTX_EP_ISM_BUFFER_SIZE);
  if (otx_epvf->ism_buffer_mz == NULL) {
    otx_ep_err("Failed to allocate ISM buffer\n");
    return(-1);
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'client->pfe' pointer was utilized before it was verified against nullptr. Check lines: 268, 269. pfe_hif_lib.c 268

DPDK

V595 The 'roc_nix' pointer was utilized before it was verified against nullptr. Check lines: 'roc_nix_priv.h:274', 'roc_nix_debug.c:309', 'roc_nix_debug.c:314'. roc_nix_debug.c 309


static inline struct nix *
roc_nix_to_nix_priv(struct roc_nix *roc_nix)
{
  return (struct nix *)&roc_nix->reserved[0];
}

int
roc_nix_lf_reg_dump(struct roc_nix *roc_nix, uint64_t *data)
{
  struct nix *nix = roc_nix_to_nix_priv(roc_nix);
  bool dump_stdout = data ? 0 : 1;
  uintptr_t nix_base;
  uint32_t i;

  if (roc_nix == NULL)
    return NIX_ERR_PARAM;
  ....
}

DPDK

V595 The 'p_fpga_mgr' pointer was utilized before it was verified against nullptr. Check lines: 'nthw_fpga_model.c:217', 'nthw_fpga_model.c:238', 'nthw_fpga.c:220', 'nthw_fpga.c:232'. nthw_fpga_model.c 238


nthw_fpga_mgr_t *nthw_fpga_mgr_new(void)
{
  nthw_fpga_mgr_t *p = malloc(sizeof(nthw_fpga_mgr_t));
  return p;
}

static nthw_fpga_t *nthw_fpga_mgr_lookup_fpga(nthw_fpga_mgr_t *p,
  uint64_t n_fpga_id, struct fpga_info_s *p_fpga_info)
{
  const int n_fpga_prod_id = nthw_fpga_extract_prod_id(n_fpga_id);
  const int n_fpga_ver = nthw_fpga_extract_ver_id(n_fpga_id);
  const int n_fpga_rev = nthw_fpga_extract_rev_id(n_fpga_id);
  int i;

  for (i = 0; i < p->mn_fpgas; i++) {
  ....
}

nthw_fpga_t *nthw_fpga_mgr_query_fpga(nthw_fpga_mgr_t *p_fpga_mgr,
  uint64_t n_fpga_id, struct fpga_info_s *p_fpga_info)
{
  const int n_fpga_prod_id = nthw_fpga_extract_prod_id(n_fpga_id);
  const int n_fpga_ver = nthw_fpga_extract_ver_id(n_fpga_id);
  const int n_fpga_rev = nthw_fpga_extract_rev_id(n_fpga_id);

  nthw_fpga_t *p_fpga =
    nthw_fpga_mgr_lookup_fpga(p_fpga_mgr, n_fpga_id, p_fpga_info);
  ....
}

int nthw_fpga_init(struct fpga_info_s *p_fpga_info)
{
  ....
  nthw_fpga_mgr_t *p_fpga_mgr = NULL;
  ....
  p_fpga_mgr = nthw_fpga_mgr_new();
  ....
  p_fpga = nthw_fpga_mgr_query_fpga(p_fpga_mgr, n_fpga_ident, p_fpga_info);
  ....
  if (p_fpga_mgr) {
    nthw_fpga_mgr_delete(p_fpga_mgr);
    p_fpga_mgr = NULL;
  }
  ....
}

DPDK

V595 The 'p->mp_owner' pointer was utilized before it was verified against nullptr. Check lines: 535, 683, 691. nthw_fpga_model.c 683


int nthw_module_get_bus(const nthw_module_t *p)
{
  return p->mn_bus;
}

static int nthw_register_read_data(const nthw_register_t *p)
{
  int rc = -1;

  const int n_bus_type_id = nthw_module_get_bus(p->mp_owner);
  const uint32_t addr = p->mn_addr;
  const uint32_t len = p->mn_len;
  uint32_t *const p_data = p->mp_shadow;
  const bool trc = (p->mn_debug_mode & NTHW_REG_TRACE_ON_READ);

  struct fpga_info_s *p_fpga_info = NULL;

  if (p && p->mp_owner && p->mp_owner->mp_owner)
    p_fpga_info = p->mp_owner->mp_owner->p_fpga_info;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'p->mp_owner' pointer was utilized before it was verified against nullptr. Check lines: 535, 705, 713. nthw_fpga_model.c 705

DPDK

V595 The 'p_drv' pointer was utilized before it was verified against nullptr. Check lines: 389, 395. ntnic_ethdev.c 389


static int
eth_dev_close(struct rte_eth_dev *eth_dev)
{
  ....
  struct drv_s *p_drv = internals->p_drv;

  internals->p_drv = NULL;
  ....
  if (.... && p_drv)
    drv_deinit(p_drv);

  return 0;
}

PPSSPP

V595 The 'vfb' pointer was utilized before it was verified against nullptr. Check lines: 3155, 3157. FramebufferManagerCommon.cpp 3155


void FramebufferManagerCommon::ReadFramebufferToMemory(VirtualFramebuffer *vfb,
                                                       ....)
{
  // Clamp to bufferWidth
  // Sometimes block transfers can cause this to hit.
  if (x + w >= vfb->bufferWidth)
  {
    ....
  }

  if (vfb && vfb->fbo)
  {
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V595 The 'dst' pointer was utilized before it was verified against nullptr. Check lines: 1331, 1346. VulkanRenderManager.cpp 1331

LLVM/Clang

V595 The 'Parent' pointer was utilized before it was verified against nullptr. Check lines: 543, 545. ompt-tsan.cpp 543


TaskData *Parent{nullptr};

TaskData *Init(TaskData *parent, int taskType) {
  TaskType = taskType;
  Parent = parent;
  Team = Parent->Team;
  BarrierIndex = Parent->BarrierIndex;
  if (Parent != nullptr) {
    Parent->RefCount++;
  ....
}

Similar errors can be found in some other places:

  • V595 The 'archer_flags' pointer was utilized before it was verified against nullptr. Check lines: 1225, 1233. ompt-tsan.cpp 1225
  • V595 The 'N' pointer was utilized before it was verified against nullptr. Check lines: 814, 824. ValueMapper.cpp 814
  • V595 The 'BPI' pointer was utilized before it was verified against nullptr. Check lines: 2284, 2296. JumpThreading.cpp 2284
  • And 1 additional diagnostic messages.

LLVM/Clang

V595 The 'target' pointer was utilized before it was verified against nullptr. Check lines: 2214, 2215. LinalgTransformOps.cpp 2214


DiagnosedSilenceableFailure
transform::ConvertToLoopsOp::apply(transform::TransformRewriter &rewriter,
                                   transform::TransformResults &results,
                                   transform::TransformState &state) {
  SmallVector<Operation *> loops;
  for (Operation *target : state.getPayloadOps(getTarget())) {
    auto tilingOp = dyn_cast<TilingInterface>(*target);
    if (!target) {
      DiagnosedSilenceableFailure diag =
          emitSilenceableError()
          << "expected the payload to implement TilingInterface";
      diag.attachNote(target->getLoc()) << "payload op";
      return diag;
    }
  ....
}