Examples of errors detected by the V614 diagnostic
V614. Use of 'Foo' uninitialized variable.
Source Engine SDK
V614 [CERT-EXP53-CPP] Uninitialized buffer 'source' used. Consider checking the third actual argument of the 'LoadCmdLineFromFile' function. vvis.cpp 1095
KeyValues *KeyValues::FindKey(const char *keyName, bool bCreate)
{
// return the current key if a NULL subkey is asked for
if (!keyName || !keyName[0]) // <=
return this;
// look for '/' characters deliminating sub fields
char szBuf[256] = { 0 };
const char *subStr = strchr(keyName, '/');
const char *searchStr = keyName;
// pull out the substring if it exists
if (subStr)
{
int size = Min((int)(subStr - keyName + 1),
(int)V_ARRAYSIZE(szBuf));
V_strncpy(szBuf, keyName, size);
....
}
....
}
void LoadCmdLineFromFile(int &argc, char **&argv,
const char *keyname,
const char *appname)
{
....
if (kv->LoadFromFile(g_pFileSystem, filename))
{
// Load the commandline arguments for this app
KeyValues *appKey = kv->FindKey(keyname);
....
}
....
}
int RunVVis(int argc, char **argv)
{
char portalfile[1024];
char source[1024];
char mapFile[1024];
double start, end;
....
LoadCmdLineFromFile(argc, argv, source, "vvis");
....
}
A 'source` array of type `char[1024]` is declared without initialization. Next, the `source` is passed to the `LoadCmdLineFromFile` function, which in turn passes it to the `FindKey` function. Here the uninitialized buffer will be read.
Xenia
V614 The 'backend' smart pointer is utilized immediately after being declared or reset. It is suspicious that no value was assigned to it. ppc_testing_main.cc 201
bool Setup(TestSuite& suite)
{
// Reset memory.
memory_->Reset();
std::unique_ptr<xe::cpu::backend::Backend> backend;
if (!backend)
{
#if XE_ARCH_AMD64
if (cvars::cpu == "x64")
{
backend.reset(new xe::cpu::backend::x64::X64Backend());
}
#endif // XE_ARCH
if (cvars::cpu == "any")
{
if (!backend)
{
#if XE_ARCH_AMD64
backend.reset(new xe::cpu::backend::x64::X64Backend());
#endif // XE_ARCH
}
}
}
....
}
The std::unique_ptr constructor creates an object and initializes it to null by default. That's why the check after the declaration doesn't matter; the control flow will always proceed to the then branch.
Xenia
V614 Uninitialized variable 'desc.page_count' used. xex_module.cc 594
struct xex2_page_descriptor
{
union
{
xe::be<uint32_t> value; // 0x0
struct
{
xex2_section_type info : 4;
uint32_t page_count : 28;
};
};
char data_digest[0x14]; // 0x4
};
int XexModule::ReadImageBasicCompressed(....)
{
....
for (uint32_t i = 0; i < xex_security_info()->page_descriptor_count; i++)
{
// Byteswap the bitfield manually.
xex2_page_descriptor desc;
desc.value = xe::byte_swap(
xex_security_info()->page_descriptors[i].value);
total_size += desc.page_count * heap->page_size(); // <=
}
....
}
When working with union in C++, we can read only from the active data member that was last written to. Otherwise, the behavior is undefined. This sets C++ apart from C, where we can write to one data member and read from another.
Similar errors can be found in some other places:
- V614 Uninitialized variable 'desc.page_count' used. xex_module.h 89
- V614 Uninitialized variable 'desc.page_count' used. xex_module.cc 995
- V614 Uninitialized variable 'desc.info' used. xex_module.cc 996
- And 4 additional diagnostic messages.
Blender
V614 Uninitialized buffer 'init_co' used. Consider checking the seventh actual argument of the 'gpencil_add_new_points' function. gpencil_curve_legacy.cc 439
static void gpencil_convert_spline(....)
{
....
float init_co[3];
switch (nu->type) {
case CU_POLY:
{
....
}
case CU_BEZIER:
{
....
}
case CU_NURBS:
{
if (nu->pntsv == 1)
{
....
gpencil_add_new_points (gps, coord_array, 1.0f, 1.0f, 0,
gps->totpoints, init_co, false); // <=
....
}
default:
{
break;
}
}
Similar errors can be found in some other places:
- V614 Uninitialized variable 'efd.distance' used. boids.cc 133
- V614 Potentially uninitialized pointer 'g_prev' used. Consider checking the third actual argument of the 'blf_font_width_to_strlen_glyph_process' function. blf_font.cc 784
- V614 Uninitialized variable 'dummy_matrix[0][0]' used. Consider checking the first actual argument of the 'GPU_uniform' function. node_shader_tex_coord.cc 43
Dagor Engine
V614 Uninitialized pointer 'module' used. DagorEngine/prog/1stPartyLibs/daScript/src/builtin/module_builtin_ast_serialize.cpp 1303
void ExprField::serialize ( AstSerializer & ser ) {
....
Module * module; ser << module;
....
}
AstSerializer & AstSerializer::operator << ( Module * & module ) {
bool is_null = module == nullptr;
....
}
GCC
V614 Uninitialized variable 'func_info.ctc_flags' used. gcc/dwarf2ctf.cc 676
static ctf_id_t
gen_ctf_function_type (ctf_container_ref ctfc,
dw_die_ref function,
bool from_global_func)
{
....
ctf_funcinfo_t func_info;
....
{
....
if (....)
{
do
{
....
if (....)
....
else if (....)
{
func_info.ctc_flags |= CTF_FUNC_VARARG;
....
}
}
}
....
}
....
}
CodeLite
V614 Uninitialized buffer 'buf' used. Consider checking the first actual argument of the 'Write' function. wxSerialize.cpp:1039
bool wxSerialize::WriteDouble(wxFloat64 value)
{
if (CanStore())
{
SaveChar(wxSERIALIZE_HDR_DOUBLE);
wxInt8 buf[10];
m_odstr.Write(buf, 10);
}
return IsOk();
}
Similar errors can be found in some other places:
- V614 Potentially uninitialized pointer 'm_item' used. wxc_aui_tool_stickiness.cpp:8
- V614 Potentially uninitialized variable 'err' used. cppcheck.cpp:175
- V614 The 'p' smart pointer is utilized immediately after being declared or reset. It is suspicious that no value was assigned to it. connection_impl.hpp:2200
Captain Blood
V614 [CWE-457, CERT-EXP53-CPP] Uninitialized variable 'color.c' used. Color.h 1268
class DColor
{
public:
union
{
#ifndef _XBOX
struct
{
unsigned char b;
unsigned char g;
unsigned char r;
unsigned char a;
};
#else
struct
{
unsigned char a;
unsigned char r;
unsigned char g;
unsigned char b;
};
#endif
union
{
dword c;
dword color;
};
};
mathinline dword mathcall Color::GetDword() const
{
DColor color;
color.r = (byte)(r * 255.0f);
color.g = (byte)(g * 255.0f);
color.b = (byte)(b * 255.0f);
color.a = (byte)(a * 255.0f);
return color.c;
}
Ogre3D
V614 Uninitialized variable 'lodLevel.reductionValue' used. main.cpp 806
struct _OgreLodExport LodLevel
{
// ....
VertexReductionMethod reductionMethod;
Real reductionValue;
// ....
};
// ....
numLod = opts.numLods;
LodLevel lodLevel; // <=
lodLevel.distance = 0.0;
for (unsigned short iLod = 0; iLod < numLod; ++iLod)
{
lodLevel.reductionMethod = opts.usePercent
? LodLevel::VRM_PROPORTIONAL
: LodLevel::VRM_CONSTANT;
if (opts.usePercent)
{
lodLevel.reductionValue += opts.lodPercent * 0.01f; // <=
}
else
{
lodLevel.reductionValue += (Ogre::Real)opts.lodFixed; // <=
}
lodLevel.distance += opts.lodDist;
lodConfig.levels.push_back(lodLevel);
}
In this code fragment, the LodLevel structure is declared. It does not have a user-defined default constructor and default member initializers for non-static class data members.
DuckStation
V614 The 'host_interface' smart pointer is utilized immediately after being declared or reset. It is suspicious that no value was assigned to it. main.cpp 45
static std::unique_ptr<NoGUIHostInterface> CreateHostInterface()
{
const char* platform = std::getenv("DUCKSTATION_NOGUI_PLATFORM");
std::unique_ptr<NoGUIHostInterface> host_interface;
#ifdef WITH_SDL2
if ( !host_interface && (!platform
|| StringUtil::Strcasecmp(platform, "sdl") == 0)
&& IsSDLHostInterfaceAvailable())
{
host_interface = SDLHostInterface::Create(); }
}
#endif
#ifdef WITH_VTY
if ( !host_interface && (!platform
|| StringUtil::Strcasecmp(platform, "vty") == 0))
{
host_interface = VTYHostInterface::Create();
}
#endif
#ifdef _WIN32
if ( !host_interface && (!platform
|| StringUtil::Strcasecmp(platform, "win32") == 0))
{
host_interface = Win32HostInterface::Create();
}
#endif
return host_interface;
}
Protocol Buffers
V614 [CWE-457] Potentially null smart pointer 'file_generator' used. java_kotlin_generator.cc 100
bool KotlinGenerator::Generate(....)
{
....
std::unique_ptr<FileGenerator> file_generator;
if (file_options.generate_immutable_code) {
file_generator.reset(
new FileGenerator(file, file_options, /* immutable_api = */ true));
}
if (!file_generator->Validate(error)) {
return false;
}
....
}
LLVM/Clang
V614 [CWE-457, CERT-EXP53-CPP] Potentially uninitialized variable 'PointerEdgeKind' used. EHFrameSupport.cpp 704
Expected<std::pair<JITTargetAddress, Edge::Kind>>
EHFrameEdgeFixer::readEncodedPointer(uint8_t PointerEncoding,
JITTargetAddress PointerFieldAddress,
BinaryStreamReader &RecordReader) {
....
Edge::Kind PointerEdgeKind;
switch (EffectiveType) {
case DW_EH_PE_udata4: {
....
PointerEdgeKind = Delta32;
break;
}
case DW_EH_PE_udata8: {
....
PointerEdgeKind = Delta64;
break;
}
case DW_EH_PE_sdata4: {
....
PointerEdgeKind = Delta32;
break;
}
case DW_EH_PE_sdata8: {
....
PointerEdgeKind = Delta64;
break;
}
}
if (PointerEdgeKind == Edge::Invalid)
return make_error<JITLinkError>(
"Unspported edge kind for encoded pointer at " +
formatv("{0:x}", PointerFieldAddress));
return std::make_pair(Addr, Delta64);
}
Similar errors can be found in some other places:
- V614 [CWE-457, CERT-EXP53-CPP] Potentially uninitialized variable 'Result' used. llvm-rtdyld.cpp 998
Darwin-XNU
V614 Uninitialized variable 'best' used. sdt.c 572
void
sdt_early_init( void )
{
....
if (MH_MAGIC_KERNEL != _mh_execute_header.magic) {
....
} else {
....
for (....) {
const char *funcname;
unsigned long best;
....
funcname = "<unknown>";
for (i = 0; i < orig_st->nsyms; i++) {
char *jname = strings + sym[i].n_un.n_strx;
....
if ((unsigned long)sym[i].n_value > best) {
best = (unsigned long)sym[i].n_value;
funcname = jname;
}
}
....
}
}
Espressif IoT Development Framework
V614 Potentially uninitialized buffer 'k' used. Consider checking the second actual argument of the 'sae_derive_keys' function. sae.c 854
int sae_process_commit(struct sae_data *sae)
{
u8 k[SAE_MAX_PRIME_LEN];
if (sae->tmp == NULL ||
(sae->tmp->ec && sae_derive_k_ecc(sae, k) < 0) ||
(sae->tmp->dh && sae_derive_k_ffc(sae, k) < 0) ||
sae_derive_keys(sae, k) < 0)
return ESP_FAIL;
return ESP_OK;
}
Espressif IoT Development Framework
V614 Potentially uninitialized buffer 'seq' used. Consider checking the first actual argument of the 'strlen' function. linenoise.c 435
void refreshShowHints(struct abuf *ab, struct linenoiseState *l, int plen) {
char seq[64];
if (hintsCallback && plen+l->len < l->cols) {
int color = -1, bold = 0;
char *hint = hintsCallback(l->buf,&color,&bold);
if (hint) {
int hintlen = strlen(hint);
int hintmaxlen = l->cols-(plen+l->len);
if (hintlen > hintmaxlen) hintlen = hintmaxlen;
if (bold == 1 && color == -1) color = 37;
if (color != -1 || bold != 0)
snprintf(seq,64,"\033[%d;%d;49m",bold,color);
abAppend(ab,seq,strlen(seq)); // <=
abAppend(ab,hint,hintlen);
if (color != -1 || bold != 0)
abAppend(ab,"\033[0m",4);
/* Call the function to free the hint returned. */
if (freeHintsCallback) freeHintsCallback(hint);
}
}
}
Espressif IoT Development Framework
V614 Uninitialized buffer 'hex' used. Consider checking the second actual argument of the 'memcpy' function. wps_registrar.c 1657
int wps_build_cred(struct wps_data *wps, struct wpabuf *msg)
{
....
} else if (wps->use_psk_key && wps->wps->psk_set) {
char hex[65];
wpa_printf(MSG_DEBUG, "WPS: Use PSK format for Network Key");
os_memcpy(wps->cred.key, hex, 32 * 2);
wps->cred.key_len = 32 * 2;
} else if (wps->wps->network_key) {
....
}
Similar errors can be found in some other places:
- V614 Uninitialized buffer 'hex' used. Consider checking the second actual argument of the 'memcpy' function. wps_registrar.c 1678
CMake
V614 Uninitialized pointer 'str' used. cmVSSetupHelper.h 80
class SmartBSTR
{
public:
SmartBSTR() { str = NULL; }
SmartBSTR(const SmartBSTR& src)
{
if (src.str != NULL) {
str = ::SysAllocStringByteLen((char*)str, ::SysStringByteLen(str));
} else {
str = ::SysAllocStringByteLen(NULL, 0);
}
}
....
};
Haiku Operation System
V614 Uninitialized variable 'rval' used. fetch.c 1727
int
auto_fetch(int argc, char *argv[])
{
volatile int argpos;
int rval;
argpos = 0;
if (sigsetjmp(toplevel, 1)) {
if (connected)
disconnect(0, NULL);
if (rval > 0)
rval = argpos + 1;
return (rval);
}
....
}
Haiku Operation System
V614 Uninitialized pointer 'res' used. commands.c 2873
struct addrinfo {
int ai_flags;
int ai_family;
int ai_socktype;
int ai_protocol;
socklen_t ai_addrlen;
char *ai_canonname;
struct sockaddr *ai_addr;
struct addrinfo *ai_next;
};
static int
sourceroute(struct addrinfo *ai, char *arg, char **cpp,
int *lenp, int *protop, int *optp)
{
static char buf[1024 + ALIGNBYTES];
char *cp, *cp2, *lsrp, *ep;
struct sockaddr_in *_sin;
#ifdef INET6
struct sockaddr_in6 *sin6;
struct ip6_rthdr *rth;
#endif
struct addrinfo hints, *res; // <=
int error;
char c;
if (cpp == NULL || lenp == NULL)
return -1;
if (*cpp != NULL) {
switch (res->ai_family) { // <=
case AF_INET:
if (*lenp < 7)
return -1;
break;
....
}
}
....
}
error = getaddrinfo(cp, NULL, &hints, &res);
NCBI Genome Workbench
V614 Uninitialized variable 'm_BitSet' used. SnpBitAttributes.hpp 187
/// SNP bit attribute container.
class CSnpBitAttributes
{
public:
....
private:
/// Internal storage for bits.
Uint8 m_BitSet;
};
inline CSnpBitAttributes::CSnpBitAttributes(Uint8 bits) : m_BitSet(bits)
{
}
inline CSnpBitAttributes::CSnpBitAttributes(const vector<char>& octet_string)
{
auto count = sizeof(m_BitSet);
auto byte = octet_string.end();
do
m_BitSet = (m_BitSet << 8) | *--byte;
while (--count > 0);
}
System Shock
V614 Uninitialized variable 'err' used. EVENT.C 953
errtype uiInit(uiSlab* slab)
{
....
errtype err;
....
// err = ui_init_cursors();
....
if (err != OK) return err;
....
}
System Shock
V614 Potentially uninitialized pointer 'pc1' used. AI.C 597
typedef enum ObjClass {
CLASS_GUN,
CLASS_AMMO,
CLASS_PHYSICS,
....
CLASS_CRITTER,
....
} ObjClass;
errtype do_random_loot(ObjID corpse)
{
int *pc1, *pc2;
if (....)
{
switch (objs[corpse].obclass)
{
case CLASS_CONTAINER:
....
*pc1 = 0;
*pc2 = 0;
break;
case CLASS_SMALLSTUFF:
....
pc1 = &objSmallstuffs[osid].data1;
pc2 = &objSmallstuffs[osid].data2;
break;
}
if (*pc1 == 0)
{
....
}
if (*pc2 == 0)
{
....
}
}
....
}
Similar errors can be found in some other places:
- V614 Potentially uninitialized pointer 'pc2' used. AI.C 609
Android
V614 CWE-824 Potentially uninitialized pointer 'p_opt' used. Consider checking the second actual argument of the 'memcpy' function. mca_main.cc 252
void mca_set_cfg_by_tbl(....) {
tMCA_DCB* p_dcb;
const tL2CAP_FCR_OPTS* p_opt;
tMCA_FCS_OPT fcs = MCA_FCS_NONE;
if (p_tbl->tcid == MCA_CTRL_TCID) {
p_opt = &mca_l2c_fcr_opts_def;
} else {
p_dcb = mca_dcb_by_hdl(p_tbl->cb_idx);
if (p_dcb) {
p_opt = &p_dcb->p_chnl_cfg->fcr_opt;
fcs = p_dcb->p_chnl_cfg->fcs;
}
}
memset(p_cfg, 0, sizeof(tL2CAP_CFG_INFO));
p_cfg->mtu_present = true;
p_cfg->mtu = p_tbl->my_mtu;
p_cfg->fcr_present = true;
memcpy(&p_cfg->fcr, p_opt, sizeof(tL2CAP_FCR_OPTS)); // <=
....
}
Android
V614 CWE-457 Uninitialized variable 't.tv_nsec' used. clock_ns.h 55
struct timespec
{
__time_t tv_sec; /* Seconds. */
long int tv_nsec; /* Nanoseconds. */
};
static inline timespec NsToTimespec(int64_t ns) {
timespec t;
int32_t remainder;
t.tv_sec = ns / kNanosPerSecond;
remainder = ns % kNanosPerSecond;
if (remainder < 0) {
t.tv_nsec--;
remainder += kNanosPerSecond;
}
t.tv_nsec = remainder;
return t;
}
RT-Thread
V614 CWE-457 Uninitialized variable 'k' used. lpc_lcd.c 510
void LCD_PutPixel (LCD_PANEL panel, uint32_t X_Left,
uint32_t Y_Up, LcdPixel_t color)
{
uint32_t k;
uint32_t * pWordData = NULL;
uint8_t* pByteData = NULL;
uint32_t bitOffset;
uint8_t* pByteSrc = (uint8_t*)&color;
uint8_t bpp = bits_per_pixel[lcd_config.lcd_bpp];
uint8_t bytes_per_pixel = bpp/8;
uint32_t start_bit;
if((X_Left >= lcd_hsize)||(Y_Up >= lcd_vsize))
return;
if(panel == LCD_PANEL_UPPER)
pWordData = (uint32_t*) LPC_LCD->UPBASE +
LCD_GetWordOffset(X_Left,Y_Up);
else
pWordData = (uint32_t*) LPC_LCD->LPBASE +
LCD_GetWordOffset(X_Left,Y_Up);
bitOffset = LCD_GetBitOffset(X_Left,Y_Up);
pByteData = (uint8_t*) pWordData;
pByteData += bitOffset/8;
start_bit = bitOffset%8;
if(bpp < 8)
{
uint8_t bit_pos = start_bit;
uint8_t bit_ofs = 0;
for(bit_ofs = 0;bit_ofs <bpp; bit_ofs++,bit_pos++)
{
*pByteData &= ~ (0x01 << bit_pos);
*pByteData |=
((*pByteSrc >> (k+bit_ofs)) & 0x01) << bit_pos; // <=
}
}
....
}
RT-Thread
V614 CWE-457 Uninitialized variable 'command.result[0]' used. lpc_iap.c 187
typedef struct {
uint32_t cmd; // Command
uint32_t param[4]; // Parameters
uint32_t status; // status code
uint32_t result[4]; // Result
} IAP_COMMAND_Type;
IAP_STATUS_CODE BlankCheckSector(
uint32_t start_sec, uint32_t end_sec,
uint32_t *first_nblank_loc,
uint32_t *first_nblank_val)
{
IAP_COMMAND_Type command;
command.cmd = IAP_BLANK_CHECK;
command.param[0] = start_sec;
command.param[1] = end_sec;
IAP_Call (&command.cmd, &command.status);
if(command.status == SECTOR_NOT_BLANK)
{
// Update out value
if(first_nblank_loc != NULL)
*first_nblank_loc = command.result[0];
if(first_nblank_val != NULL)
*first_nblank_val = command.result[1];
}
return (IAP_STATUS_CODE)command.status;
}
Similar errors can be found in some other places:
- V614 CWE-457 Uninitialized variable 'command.result[1]' used. lpc_iap.c 189
- V614 CWE-457 Uninitialized variable 'command.result[0]' used. lpc_iap.c 236
- V614 CWE-457 Uninitialized variable 'command.result[i]' used. lpc_iap.c 264
Ardour
V614 Uninitialized variable 'req.height' used. Consider checking the second actual argument of the 'set_size_request' function. time_axis_view.cc 159
TimeAxisView::TimeAxisView (....)
{
....
boost::scoped_ptr<Gtk::Entry> an_entry (new FocusEntry);
an_entry->set_name (X_("TrackNameEditor"));
Gtk::Requisition req;
an_entry->size_request (req);
name_label.set_size_request (-1, req.height);
name_label.set_ellipsize (Pango::ELLIPSIZE_MIDDLE);
....
}
void size_request(const Requisition& requisition);
MuseScore
V614 Uninitialized variable 'pageWidth' used. Consider checking the third actual argument of the 'doCredits' function. importmxmlpass1.cpp 944
void MusicXMLParserPass1::scorePartwise()
{
....
int pageWidth;
int pageHeight;
while (_e.readNextStartElement()) {
if (_e.name() == "part")
part();
else if (_e.name() == "part-list") {
doCredits(_score, credits, pageWidth, pageHeight);// <= USE
partList(partGroupList);
}
....
else if (_e.name() == "defaults")
defaults(pageWidth, pageHeight); // <= INIT
....
}
....
}
EFL Core Libraries
V614 Uninitialized variable 'temp' used. Consider checking the first actual argument of the 'gmtime' function. elm_calendar.c 720
extern struct tm *gmtime (const time_t *__timer)
__attribute__ ((__nothrow__ , __leaf__));
static void
_set_headers(Evas_Object *obj)
{
static char part[] = "ch_0.text";
int i;
struct tm *t;
time_t temp;
ELM_CALENDAR_DATA_GET(obj, sd);
elm_layout_freeze(obj);
sd->filling = EINA_TRUE;
t = gmtime(&temp);
....
}
TensorFlow
V614 Potentially uninitialized variable 'sparse_input_start' used. sample_inputs_op.cc 351
void Compute(OpKernelContext* context) override {
....
int64 sparse_input_start; // <=
....
if (sparse_input) {
num_total_features += GetNumSparseFeatures(
sparse_input_indices, *it, &sparse_input_start); // <=
}
if (num_total_features == 0) {
LOG(WARNING) << "num total features is zero.";
break;
}
if (rand_feature < input_spec_.dense_features_size()) {
....
} else {
....
const int32 sparse_index = sparse_input_start + // <=
rand_feature - input_spec_.dense_features_size();
....
}
....
}
FreeBSD Kernel
V614 Uninitialized variable 'status' used. tdioctl.c 3396
osGLOBAL bit32
tdsaSendTMFIoctl(
tiRoot_t *tiRoot,
tiIOCTLPayload_t *agIOCTLPayload,
void *agParam1,
void *agParam2,
unsigned long resetType
)
{
bit32 status;
tmf_pass_through_req_t *tmf_req = ....;
#if !(defined(__FreeBSD__))
status = ostiSendResetDeviceIoctl(tiRoot, agParam2,
tmf_req->pathId, tmf_req->targetId, tmf_req->lun, resetType);
#endif
TI_DBG3((
"Status returned from ostiSendResetDeviceIoctl is %d\n",
status));
if(status != IOCTL_CALL_SUCCESS)
{
agIOCTLPayload->Status = status;
return status;
}
status = IOCTL_CALL_SUCCESS;
return status;
}
CPython
V614 Potentially uninitialized pointer 'sigint_event' used. semaphore.c 120
static PyObject *
semlock_acquire(SemLockObject *self,
PyObject *args,
PyObject *kwds)
{
....
HANDLE handles[2], sigint_event;
....
/* prepare list of handles */
nhandles = 0;
handles[nhandles++] = self->handle;
if (_PyOS_IsMainThread()) {
sigint_event = _PyOS_SigintEvent();
assert(sigint_event != NULL);
handles[nhandles++] = sigint_event;
}
/* do the wait */
Py_BEGIN_ALLOW_THREADS
if (sigint_event != NULL) // <=
ResetEvent(sigint_event);
....
}
ReactOS
V614 Potentially uninitialized pointer 'pptr' used. Consider checking the first actual argument of the 'check_hierarchical' function. uri.c 6838
static HRESULT parse_canonicalize(....)
{
const WCHAR **pptr;
....
if(uri->scheme_start > -1 && uri->path_start > -1) {
ptr = uri->canon_uri+uri->scheme_start+uri->scheme_len+1;
pptr = &ptr;
}
reduce_path = !(flags & URL_DONT_SIMPLIFY) &&
ptr && check_hierarchical(pptr);
}
Similar errors can be found in some other places:
- V614 Potentially uninitialized pointer 'name' used. Consider checking the third actual argument of the 'disp_get_id' function. engine.c 928
- V614 Potentially uninitialized pointer 'name_str' used. Consider checking the first actual argument of the 'jsstr_release' function. engine.c 929
- V614 Potentially uninitialized pointer 'FileHandle' used. Consider checking the first actual argument of the 'CloseHandle' function. dosfiles.c 402
- And 3 additional diagnostic messages.
OpenToonz
V614 Uninitialized iterator 'it1' used. fxcommand.cpp 2096
QString DeleteLinksUndo::getHistoryString()
{
....
std::list<TFxP>::const_iterator it1; // <=
std::list<TFx *>::const_iterator ft;
for (ft = m_terminalFxs.begin(); ft != ....end(); ++ft) {
if (ft != m_terminalFxs.begin())
str += QString(", ");
str += QString("%1- -Xsheet")
.arg(QString::fromStdWString((*it1)->getName()));
}
....
}
OpenToonz
V614 Potentially uninitialized pointer 'socket' used. Consider checking the first actual argument of the 'connect' function. tmsgcore.cpp 36
void TMsgCore::OnNewConnection() //server side
{
QTcpSocket *socket;
if (m_tcpServer)
socket = m_tcpServer->nextPendingConnection();
assert(socket);
bool ret = connect(socket, ....);
ret = ret && connect(socket, ....);
assert(ret);
m_sockets.insert(socket);
}
Mozilla Thunderbird
V614 Potentially uninitialized pointer 'hOldFont' used. progressui_win.cpp 168
static void InitDialog(....)
{
....
HFONT hInfoFont, hOldFont;
hInfoFont = (HFONT)SendMessage(hWndInfo, WM_GETFONT, 0, 0);
if (hInfoFont)
hOldFont = (HFONT)SelectObject(hDCInfo, hInfoFont);
....
if (hOldFont)
SelectObject(hDCInfo, hOldFont);
....
}
Similar errors can be found in some other places:
- V614 Potentially uninitialized pointer 'queryD3DKMTStatistics' used. gfxwindowsplatform.cpp 206
Doxygen
V614 Potentially uninitialized pointer 't' used. vhdlparser.cc 4127
QCString VhdlParser::extended_identifier()
{
Token *t;
if (!hasError)
t = jj_consume_token(EXTENDED_CHARACTER);
return t->image.c_str();
assert(false);
}
Similar errors can be found in some other places:
- V614 Potentially uninitialized pointer 'tmpEntry' used. vhdlparser.cc 4451
- V614 Potentially uninitialized pointer 't' used. vhdlparser.cc 5304
Godot Engine
V614 Potentially uninitialized pointer 'name' used. cp_player_data_control.cpp 244
const char* CPPlayer::get_voice_sample_name(int p_voice)
{
const char *name;
if (!voice[p_voice].sample_ptr)
name=voice[p_voice].sample_ptr->get_name();
return name;
}
Similar errors can be found in some other places:
- V614 Potentially uninitialized pointer 'name' used. cp_player_data_control.cpp 313
Miranda NG
V614 Potentially uninitialized pointer 'url' used. IEView ieview.cpp 1117
BSTR IEView::getHrefFromAnchor(IHTMLElement *element)
{
....
if (SUCCEEDED(....) {
VARIANT variant;
BSTR url;
if (SUCCEEDED(element->getAttribute(L"href", 2, &variant) &&
variant.vt == VT_BSTR))
{
url = mir_tstrdup(variant.bstrVal);
SysFreeString(variant.bstrVal);
}
pAnchor->Release();
return url;
}
....
}
Similar errors can be found in some other places:
- V614 Potentially uninitialized pointer 'hTimeZone' used. Consider checking the second actual argument of the 'Template_MakeRelativeDate' function. TabSRMM msglog.cpp 799
- V614 Potentially uninitialized pointer 'tSet' used. TabSRMM templates.cpp 221
- V614 Potentially uninitialized pointer 'szLast' used. Consider checking the first actual argument of the 'null_strdup' function. ICQ icq_servlist.cpp 1714
- And 17 additional diagnostic messages.
Oracle VM Virtual Box
V614 Potentially uninitialized variable 'rc' used. suplib-win.cpp 367
static int suplibOsStopService(void)
{
/* Assume it didn't exist, so we'll create the service. */
int rc;
SC_HANDLE hSMgr = OpenSCManager(....);
....
if (hSMgr)
{
....
rc = VINF_SUCCESS;
....
}
return rc;
}
Similar errors can be found in some other places:
- V614 Potentially uninitialized variable 'rc' used. suplib-win.cpp 416
Mozilla Firefox
V614 Potentially uninitialized pointer 'device' used. nptest_windows.cpp 164
static ID3D10Device1*
getD3D10Device()
{
ID3D10Device1 *device;
....
if (createDXGIFactory1)
{
....
hr = createD3DDevice(...., &device);
....
}
return device;
}
APR
V614 Potentially uninitialized pointer 'wch' used. libapr start.c 58
static int warrsztoastr(const char * const * *retarr,
const wchar_t * arrsz, int args)
{
const apr_wchar_t *wch;
....
if (args < 0) {
for (args = 1, wch = arrsz; wch[0] || wch[1]; ++wch)
if (!*wch)
++args;
}
wsize = 1 + wch - arrsz;
....
}
OGDF
V614 Potentially uninitialized pointer 'layout' used. ogdf ogmlparser.cpp 2337
bool OgmlParser::buildAttributedClusterGraph(....)
{
....
XmlTagObject* layout;
if (structure->m_pBrother != NULL) {
layout = structure->m_pBrother;
}
if ((layout) &&
(layout->getName() == Ogml::s_tagNames[Ogml::t_layout]))
....
}
Word for Windows 1.1a
V614 Uninitialized pointer 'rgsz0' used. Consider checking the first actual argument of the 'strcpy' function. makeopus.c 961
FPathSpawn( rgsz )
char *rgsz[];
{ /* puts the correct path at the beginning of rgsz[0]
and calls FSpawnRgsz */
char *rgsz0;
strcpy(rgsz0, szToolsDir);
strcat(rgsz0, "\\");
strcat(rgsz0, rgsz[0]);
return FSpawnRgsz(rgsz0, rgsz);
}
Word for Windows 1.1a
V614 Uninitialized pointer 'pfl' used. Consider checking the first actual argument of the 'fclose' function. eldes.c 87
main(argc, argv)
int argc;
char * argv [];
{
FILE * pfl;
....
for (argi = 1; argi < argc; ++argi)
{
if (FWild(argv[argi]))
{
FEnumWild(argv[argi], FEWild, 0);
}
else
{
FEWild(argv[argi], 0);
}
fclose(pfl);
}
....
}
Scilab
V614 Potentially uninitialized pointer 'loc' used. getfunctionbyname.c 61
typedef void (*voidf)();
voidf GetFunctionByName (char *name, int *rep, FTAB *table)
{
void (*loc)();
if (name)
{
....
loc = Emptyfunc;
....
}
else
{
....
}
return(loc);
}
FFmpeg
V614 Potentially uninitialized variable 'info_bits' used. g723_1.c 2335
static int pack_bitstream(G723_1_Context *p,
unsigned char *frame, int size)
{
....
int info_bits;
....
if (p->cur_rate == RATE_6300) {
info_bits = 0;
put_bits(&pb, 2, info_bits);
}
....
return frame_size[info_bits];
}
Firebird
V614 Potentially uninitialized pointer 'fieldNode' used. blb.cpp 1043
void blb::move(....)
{
....
const FieldNode* fieldNode;
if (field)
{
if ((fieldNode = ExprNode::as<FieldNode>(field)))
....
}
....
const USHORT id = fieldNode->fieldId;
....
}
Firebird
V614 Uninitialized variable 'sdl_operator' used. sdl.cpp 404
static const UCHAR* compile(const UCHAR* sdl, sdl_arg* arg)
{
SLONG n, count, variable, value, sdl_operator;
....
switch (op)
{
....
case isc_sdl_add:
sdl_operator = op_add;
case isc_sdl_subtract:
if (!sdl_operator)
sdl_operator = op_subtract;
....
}
GNU C Library
V614 Uninitialized variable 'resplen' used. res_send.c 790
static int send_vc(....)
{
....
int truncating, connreset, resplen, n;
....
#ifdef _STRING_ARCH_unaligned
*anssizp2 = orig_anssizp - resplen;
*ansp2 = *ansp + resplen;
#else
....
}
Geant4 software
V614 Potentially uninitialized iterator 'insert_index' used. g4excitedstring.hh 193
typedef std::vector<G4Parton *> G4PartonVector;
inline
void G4ExcitedString::InsertParton(
G4Parton *aParton, const G4Parton * addafter)
{
G4PartonVector::iterator insert_index;
....
if ( addafter != NULL )
{
insert_index=std::find(thePartons.begin(),
thePartons.end(), addafter);
....
}
thePartons.insert(insert_index+1, aParton);
}
Apache HTTP Server
V614 Potentially uninitialized pointer 'wch' used. apr start.c 58
static int warrsztoastr(const char * const * *retarr,
const wchar_t * arrsz, int args)
{
const apr_wchar_t *wch;
....
if (args < 0) {
for (args = 1, wch = arrsz; wch[0] || wch[1]; ++wch)
if (!*wch)
++args;
}
wsize = 1 + wch - arrsz;
....
}
OpenCOLLADA
V614 Uninitialized variable 'i' used. mayadmtypes.h 1728
void write(FILE* file) const
{
fprintf(file,"%i %i %i %i ",
sDivisionCount, tDivisionCount, uDivisionCount, pointCount);
size_t size = pointCount*3;
for(size_t i; i<size; ++i)
{
fprintf(file, "%f", points[i]);
if(i+1<size) fprintf(file, " ");
}
}
Trans-Proteomic Pipeline
V614 Potentially uninitialized pointer 'pScanIndex' used. sqt2xml.cxx 476
int main(int argc, char** argv) {
....
ramp_fileoffset_t *pScanIndex;
....
if ( (pFI=rampOpenFile(mzXmlPath_.c_str()))==NULL) {
....
} else {
....
pScanIndex = readIndex(pFI, indexOffset,
&iAnalysisLastScan );
....
}
....
if (pScanIndex != NULL)
free(pScanIndex);
return 0;
}
Similar errors can be found in some other places:
- V614 Potentially uninitialized pointer 'fp_' used. Consider checking the second actual argument of the 'PRINT_DATA' function. dta-xml.cpp 307
Embedded SSL Library
V614 Potentially uninitialized variable 'rhSize' used. sniffer.c 2255
static int ProcessMessage(....)
{
int rhSize;
....
notEnough = 0;
....
if (sslBytes >= RECORD_HEADER_SZ) {
if (GetRecordHeader(sslFrame, &rh, &rhSize) != 0) {
....
return -1;
}
}
else
notEnough = 1;
....
if (notEnough || rhSize > (sslBytes - RECORD_HEADER_SZ)) {
....
}
tmp = sslFrame + rhSize; // <=
....
}
Chromium
V614 Potentially uninitialized variable 'skip_dir_check' used. Consider checking the fifth actual argument of the 'Bind' function. save_package.cc 1326
void SavePackage::GetSaveInfo() {
....
bool skip_dir_check;
....
if (....) {
....->GetSaveDir(...., &skip_dir_check);
}
....
BrowserThread::PostTask(BrowserThread::FILE,
FROM_HERE,
base::Bind(..., skip_dir_check, ...));
}
Chromium
V614 Potentially uninitialized variable 'result' used. ie_event_sink.cc 240
HRESULT IEEventSink::Attach(IWebBrowser2* browser) {
DCHECK(browser);
HRESULT result;
if (browser) {
web_browser2_ = browser;
FindIEProcessId();
result = DispEventAdvise(web_browser2_,
&DIID_DWebBrowserEvents2);
}
return result;
}
NetXMS
V614 Potentially uninitialized variable 'nSqlRet' used. odbcsapi.cpp 220
int OdbcDisconnect(void* pvSqlCtx)
{
....
SQLRETURN nSqlRet;
....
if (nRet == SUCCESS)
{
....
nSqlRet = SQLDisconnect(pSqlCtx->hDbc);
....
}
if (SQLRET_FAIL(nSqlRet))
....
}
Similar errors can be found in some other places:
- V614 Potentially uninitialized variable 'dwNumRows' used. session.cpp 2112
- V614 Potentially uninitialized variable 'dwNumRows' used. session.cpp 7525
- V614 Potentially uninitialized variable 'dwNumRows' used. session.cpp 7659
- And 3 additional diagnostic messages.
ReactOS
V614 Uninitialized pointer 'hKey' used. Consider checking the first actual argument of the 'RegCreateKeyExW' function. tcpipconf_notify.c 3138
HRESULT WINAPI
INetCfgComponentControl_fnApplyRegistryChanges(
INetCfgComponentControl * iface)
{
HKEY hKey;
....
if (RegCreateKeyExW(hKey,
L"SYSTEM\\CurrentControlSet....",
....) == ERROR_SUCCESS)
....
}
MPC-HC
V614 Potentially uninitialized variable 'rtRefClockTimeNow' used. syncrenderer.cpp 3604
void CSyncAP::RenderThread()
{
....
REFERENCE_TIME rtRefClockTimeNow;
if (m_pRefClock) {
m_pRefClock->GetTime(&rtRefClockTimeNow);
}
LONG lLastVsyncTime =
(LONG)((m_llEstVBlankTime - rtRefClockTimeNow) / 10000);
....
}
IPP Samples
V614 Potentially uninitialized pointer 'pDirEntry' used. Consider checking the first actual argument of the 'vm_dir_close' function. loadcodec.c 287
Ipp32s GetUSCCodecParamsByFormat(
LoadedCodec *codec, Ipp32s lQuery,FILE *f_log)
{
....
vm_dir *pDirEntry;
....
if(codec->pSOHandle==NULL) {
....
st = vm_dir_open(&pDirEntry,SO_FILE_MASK);
....
}
....
vm_dir_close(pDirEntry);
return -1;
}
Trans-Proteomic Pipeline
V614 Uninitialized variable 'iSeqSize' used. xtandem mscore_c.cpp 552
double mscore_c::dot_hr(unsigned long *_v)
{
....
int iSeqSize;
//perform a single pass through each array.
//check every point in m_pfSeq,
//but don't revisit positions in m_vmiType
for (int a = 0; a < iSeqSize; a++) {
....
}
Similar errors can be found in some other places:
- V614 Uninitialized variable 'separator' used. pwiz sampledatum.hpp 95
- V614 Uninitialized variable 'close' used. pwiz sampledatum.hpp 96
- V614 Uninitialized variable 'threshold' used. pwiz spectrumlistfactory.cpp 497
- And 3 additional diagnostic messages.
Trans-Proteomic Pipeline
V614 Uninitialized variable 'fval' used. tpplib mixturemodel.cxx 834
void MixtureModel::assessPeptideProperties(char* filename,
Boolean icat, Boolean glyc)
{
....
double fval;
....
// fval is not used
....
if(! icat && strstr(pep, "C") != NULL && fval >= min_fval) {
....
}