To get a trial key
fill out the form below
Team License (standard version)
Enterprise License (extended version)
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
GBP
RUB
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Message submitted.

Your message has been sent. We will email you at


If you haven't received our response, please do the following:
check your Spam/Junk folder and click the "Not Spam" button for our message.
This way, you won't miss messages from our team in the future.

>
>
Examples of errors detected by the V614…

Examples of errors detected by the V614 diagnostic

April 5, 2021

V614. Uninitialized variable 'Foo' used.


Trans-Proteomic Pipeline

V614 Uninitialized variable 'fval' used. tpplib mixturemodel.cxx 834


void MixtureModel::assessPeptideProperties(char* filename,
                               Boolean icat, Boolean glyc)
{
  ....
  double fval;
  ....
  // fval is not used
  ....
  if(! icat && strstr(pep, "C") != NULL && fval >= min_fval) {
  ....
}

Trans-Proteomic Pipeline

V614 Uninitialized variable 'iSeqSize' used. xtandem mscore_c.cpp 552


double mscore_c::dot_hr(unsigned long *_v)
{
  ....
  int iSeqSize;
  //perform a single pass through each array.
  //check every point in m_pfSeq,
  //but don't revisit positions in m_vmiType
  for (int a = 0; a < iSeqSize; a++) {
  ....
}

Similar errors can be found in some other places:

  • V614 Uninitialized variable 'separator' used. pwiz sampledatum.hpp 95
  • V614 Uninitialized variable 'close' used. pwiz sampledatum.hpp 96
  • V614 Uninitialized variable 'threshold' used. pwiz spectrumlistfactory.cpp 497
  • And 3 additional diagnostic messages.

IPP Samples

V614 Potentially uninitialized pointer 'pDirEntry' used. Consider checking the first actual argument of the 'vm_dir_close' function. loadcodec.c 287


Ipp32s GetUSCCodecParamsByFormat(
  LoadedCodec *codec, Ipp32s lQuery,FILE *f_log)
{
   ....
   vm_dir *pDirEntry;
   ....
   if(codec->pSOHandle==NULL) {
      ....
      st = vm_dir_open(&pDirEntry,SO_FILE_MASK);
      ....
   }
   ....
   vm_dir_close(pDirEntry);
   return -1;
}

MPC-HC

V614 Potentially uninitialized variable 'rtRefClockTimeNow' used. syncrenderer.cpp 3604


void CSyncAP::RenderThread()
{
  ....
  REFERENCE_TIME rtRefClockTimeNow;
  if (m_pRefClock) {
    m_pRefClock->GetTime(&rtRefClockTimeNow);
  }
  LONG lLastVsyncTime =
    (LONG)((m_llEstVBlankTime - rtRefClockTimeNow) / 10000);
  ....
}

ReactOS

V614 Uninitialized pointer 'hKey' used. Consider checking the first actual argument of the 'RegCreateKeyExW' function. tcpipconf_notify.c 3138


HRESULT WINAPI
INetCfgComponentControl_fnApplyRegistryChanges(
  INetCfgComponentControl * iface)
{
  HKEY hKey;
  ....
  if (RegCreateKeyExW(hKey,
      L"SYSTEM\\CurrentControlSet....",
      ....) == ERROR_SUCCESS)
    ....
}

NetXMS

V614 Potentially uninitialized variable 'nSqlRet' used. odbcsapi.cpp 220


int OdbcDisconnect(void* pvSqlCtx)
{
  ....
  SQLRETURN nSqlRet;
  ....
  if (nRet == SUCCESS)
  {
    ....
    nSqlRet = SQLDisconnect(pSqlCtx->hDbc);
    ....
  }
  if (SQLRET_FAIL(nSqlRet))
  ....
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized variable 'dwNumRows' used. session.cpp 2112
  • V614 Potentially uninitialized variable 'dwNumRows' used. session.cpp 7525
  • V614 Potentially uninitialized variable 'dwNumRows' used. session.cpp 7659
  • And 3 additional diagnostic messages.

Chromium

V614 Potentially uninitialized variable 'result' used. ie_event_sink.cc 240


HRESULT IEEventSink::Attach(IWebBrowser2* browser) {
  DCHECK(browser);
  HRESULT result;
  if (browser) {
    web_browser2_ = browser;
    FindIEProcessId();
    result = DispEventAdvise(web_browser2_,
                             &DIID_DWebBrowserEvents2);
  }
  return result;
}

Chromium

V614 Potentially uninitialized variable 'skip_dir_check' used. Consider checking the fifth actual argument of the 'Bind' function. save_package.cc 1326


void SavePackage::GetSaveInfo() {
  ....
  bool skip_dir_check;
  ....
  if (....) {
    ....->GetSaveDir(...., &skip_dir_check);
  }
  ....
  BrowserThread::PostTask(BrowserThread::FILE,
                          FROM_HERE,
                          base::Bind(..., skip_dir_check, ...));
}

Embedded SSL Library

V614 Potentially uninitialized variable 'rhSize' used. sniffer.c 2255


static int ProcessMessage(....)
{
  int rhSize;
  ....
  notEnough = 0;
  ....
  if (sslBytes >= RECORD_HEADER_SZ) {
    if (GetRecordHeader(sslFrame, &rh, &rhSize) != 0) {
      ....
      return -1;
    }
  }
  else
    notEnough = 1;
  ....
  if (notEnough || rhSize > (sslBytes - RECORD_HEADER_SZ)) {
    ....
  }

  tmp = sslFrame + rhSize;   // <=
  ....
}

Trans-Proteomic Pipeline

V614 Potentially uninitialized pointer 'pScanIndex' used. sqt2xml.cxx 476


int main(int argc, char** argv) {
  ....
  ramp_fileoffset_t *pScanIndex;
  ....
  if ( (pFI=rampOpenFile(mzXmlPath_.c_str()))==NULL) {
    ....
  } else {
    ....
    pScanIndex = readIndex(pFI, indexOffset,
                           &iAnalysisLastScan );
    ....
  }
  ....
  if (pScanIndex != NULL)
    free(pScanIndex);

  return 0;
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'fp_' used. Consider checking the second actual argument of the 'PRINT_DATA' function. dta-xml.cpp 307

OpenCOLLADA

V614 Uninitialized variable 'i' used. mayadmtypes.h 1728


void write(FILE* file) const
{
  fprintf(file,"%i %i %i %i ",
    sDivisionCount, tDivisionCount, uDivisionCount, pointCount);
  size_t size = pointCount*3;
  for(size_t i; i<size; ++i)
  {
    fprintf(file, "%f", points[i]);
    if(i+1<size) fprintf(file, " ");
  }
}

Apache HTTP Server

V614 Potentially uninitialized pointer 'wch' used. apr start.c 58


static int warrsztoastr(const char * const * *retarr,
                        const wchar_t * arrsz, int args)
{
  const apr_wchar_t *wch;
  ....

  if (args < 0) {
    for (args = 1, wch = arrsz; wch[0] || wch[1]; ++wch)
      if (!*wch)
       ++args;
  }
  wsize = 1 + wch - arrsz;
  ....
}

Geant4 software

V614 Potentially uninitialized iterator 'insert_index' used. g4excitedstring.hh 193


typedef std::vector<G4Parton *> G4PartonVector;

inline
void G4ExcitedString::InsertParton(
  G4Parton *aParton, const G4Parton * addafter)
{
  G4PartonVector::iterator insert_index;
  ....
  if ( addafter != NULL )
  {
    insert_index=std::find(thePartons.begin(),
                           thePartons.end(), addafter);
    ....
  }
  thePartons.insert(insert_index+1, aParton);
}

GNU C Library

V614 Uninitialized variable 'resplen' used. res_send.c 790


static int send_vc(....)
{
  ....
  int truncating, connreset, resplen, n;
  ....
  #ifdef _STRING_ARCH_unaligned
    *anssizp2 = orig_anssizp - resplen;
    *ansp2 = *ansp + resplen;
  #else
  ....
}

Firebird

V614 Uninitialized variable 'sdl_operator' used. sdl.cpp 404


static const UCHAR* compile(const UCHAR* sdl, sdl_arg* arg)
{
  SLONG n, count, variable, value, sdl_operator;
  ....
  switch (op)
  {
    ....
    case isc_sdl_add:
      sdl_operator = op_add;
    case isc_sdl_subtract:
      if (!sdl_operator)
        sdl_operator = op_subtract;
  ....
}

Firebird

V614 Potentially uninitialized pointer 'fieldNode' used. blb.cpp 1043


void blb::move(....)
{
  ....
  const FieldNode* fieldNode;
  if (field)
  {
    if ((fieldNode = ExprNode::as<FieldNode>(field)))
    ....
  }
  ....
  const USHORT id = fieldNode->fieldId;
  ....
}

FFmpeg

V614 Potentially uninitialized variable 'info_bits' used. g723_1.c 2335


static int pack_bitstream(G723_1_Context *p,
  unsigned char *frame, int size)
{
  ....
  int info_bits;
  ....
  if (p->cur_rate == RATE_6300) {
    info_bits = 0;
    put_bits(&pb, 2, info_bits);
  }
  ....
  return frame_size[info_bits];
}

Scilab

V614 Potentially uninitialized pointer 'loc' used. getfunctionbyname.c 61


typedef void (*voidf)();

voidf GetFunctionByName (char *name, int *rep, FTAB *table)
{
  void (*loc)();
  if (name)
  {
    ....
    loc = Emptyfunc;
    ....
  }
  else
  {
    ....
  }
  return(loc);
}

Word for Windows 1.1a

V614 Uninitialized pointer 'pfl' used. Consider checking the first actual argument of the 'fclose' function. eldes.c 87


main(argc, argv)
int argc;
char * argv [];
{
  FILE * pfl;
  ....
  for (argi = 1; argi < argc; ++argi)
  {
    if (FWild(argv[argi]))
    {
      FEnumWild(argv[argi], FEWild, 0);
    }
    else
    {
      FEWild(argv[argi], 0);
    }

    fclose(pfl);
  }
  ....
}

Word for Windows 1.1a

V614 Uninitialized pointer 'rgsz0' used. Consider checking the first actual argument of the 'strcpy' function. makeopus.c 961


FPathSpawn( rgsz )
char *rgsz[];
{ /* puts the correct path at the beginning of rgsz[0]
     and calls FSpawnRgsz */
  char *rgsz0;

  strcpy(rgsz0, szToolsDir);
  strcat(rgsz0, "\\");
  strcat(rgsz0, rgsz[0]);
  return FSpawnRgsz(rgsz0, rgsz);
}

OGDF

V614 Potentially uninitialized pointer 'layout' used. ogdf ogmlparser.cpp 2337


bool OgmlParser::buildAttributedClusterGraph(....)
{
  ....
  XmlTagObject* layout;
  if (structure->m_pBrother != NULL) {
    layout = structure->m_pBrother;
  }
  if ((layout) &&
      (layout->getName() == Ogml::s_tagNames[Ogml::t_layout]))
  ....
}

APR

V614 Potentially uninitialized pointer 'wch' used. libapr start.c 58


static int warrsztoastr(const char * const * *retarr,
                        const wchar_t * arrsz, int args)
{
  const apr_wchar_t *wch;
  ....
  if (args < 0) {
    for (args = 1, wch = arrsz; wch[0] || wch[1]; ++wch)
      if (!*wch)
        ++args;
  }
  wsize = 1 + wch - arrsz;
  ....
}

Mozilla Firefox

V614 Potentially uninitialized pointer 'device' used. nptest_windows.cpp 164


static ID3D10Device1*
getD3D10Device()
{
  ID3D10Device1 *device;
  ....
  if (createDXGIFactory1)
  {
    ....
    hr = createD3DDevice(...., &device);
    ....
  }
  return device;
}

Oracle VM Virtual Box

V614 Potentially uninitialized variable 'rc' used. suplib-win.cpp 367


static int suplibOsStopService(void)
{
  /* Assume it didn't exist, so we'll create the service. */
  int  rc;
  SC_HANDLE  hSMgr = OpenSCManager(....);
  ....
  if (hSMgr)
  {
    ....
    rc = VINF_SUCCESS;
    ....
  }
  return rc;
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized variable 'rc' used. suplib-win.cpp 416

Miranda NG

V614 Potentially uninitialized pointer 'url' used. IEView ieview.cpp 1117


BSTR IEView::getHrefFromAnchor(IHTMLElement *element)
{
  ....
  if (SUCCEEDED(....) {
    VARIANT variant;
    BSTR url;
    if (SUCCEEDED(element->getAttribute(L"href", 2, &variant) &&
        variant.vt == VT_BSTR))
    {
      url = mir_tstrdup(variant.bstrVal);
      SysFreeString(variant.bstrVal);
    }
    pAnchor->Release();
    return url;
  }
  ....
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'hTimeZone' used. Consider checking the second actual argument of the 'Template_MakeRelativeDate' function. TabSRMM msglog.cpp 799
  • V614 Potentially uninitialized pointer 'tSet' used. TabSRMM templates.cpp 221
  • V614 Potentially uninitialized pointer 'szLast' used. Consider checking the first actual argument of the 'null_strdup' function. ICQ icq_servlist.cpp 1714
  • And 17 additional diagnostic messages.

Godot Engine

V614 Potentially uninitialized pointer 'name' used. cp_player_data_control.cpp 244


const char* CPPlayer::get_voice_sample_name(int p_voice)
{
  const char *name;
  if (!voice[p_voice].sample_ptr)
    name=voice[p_voice].sample_ptr->get_name();
  return name;
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'name' used. cp_player_data_control.cpp 313

Doxygen

V614 Potentially uninitialized pointer 't' used. vhdlparser.cc 4127


QCString VhdlParser::extended_identifier()
{
  Token *t;
  if (!hasError)
    t = jj_consume_token(EXTENDED_CHARACTER);
  return t->image.c_str();
  assert(false);
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'tmpEntry' used. vhdlparser.cc 4451
  • V614 Potentially uninitialized pointer 't' used. vhdlparser.cc 5304

Mozilla Thunderbird

V614 Potentially uninitialized pointer 'hOldFont' used. progressui_win.cpp 168


static void InitDialog(....)
{
  ....
  HFONT hInfoFont, hOldFont;
  hInfoFont = (HFONT)SendMessage(hWndInfo, WM_GETFONT, 0, 0);

  if (hInfoFont)
    hOldFont = (HFONT)SelectObject(hDCInfo, hInfoFont);
  ....
  if (hOldFont)
    SelectObject(hDCInfo, hOldFont);
  ....
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'queryD3DKMTStatistics' used. gfxwindowsplatform.cpp 206

OpenToonz

V614 Potentially uninitialized pointer 'socket' used. Consider checking the first actual argument of the 'connect' function. tmsgcore.cpp 36


void TMsgCore::OnNewConnection() //server side
{
  QTcpSocket *socket;
  if (m_tcpServer)                                 // <=
    socket = m_tcpServer->nextPendingConnection(); // <=
  assert(socket);

  bool ret = connect(socket, ....);                // <=
  ret = ret && connect(socket, ....);              // <=
  assert(ret);
  m_sockets.insert(socket);
}

OpenToonz

V614 Uninitialized iterator 'it1' used. fxcommand.cpp 2096


QString DeleteLinksUndo::getHistoryString()
{
  ....
  std::list<TFxP>::const_iterator it1; // <=
  std::list<TFx *>::const_iterator ft;
  for (ft = m_terminalFxs.begin(); ft != ....end(); ++ft) {
    if (ft != m_terminalFxs.begin())
      str += QString(",  ");
    str += QString("%1- -Xsheet")
          .arg(QString::fromStdWString((*it1)->getName())); // <=
  }
  ....
}

ReactOS

V614 Potentially uninitialized pointer 'pptr' used. Consider checking the first actual argument of the 'check_hierarchical' function. uri.c 6838


static HRESULT parse_canonicalize(....)
{
  const WCHAR **pptr;
  ....
  if(uri->scheme_start > -1 && uri->path_start > -1) {
    ptr = uri->canon_uri+uri->scheme_start+uri->scheme_len+1;
    pptr = &ptr;
  }
  reduce_path = !(flags & URL_DONT_SIMPLIFY) &&
                  ptr && check_hierarchical(pptr);
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'name' used. Consider checking the third actual argument of the 'disp_get_id' function. engine.c 928
  • V614 Potentially uninitialized pointer 'name_str' used. Consider checking the first actual argument of the 'jsstr_release' function. engine.c 929
  • V614 Potentially uninitialized pointer 'FileHandle' used. Consider checking the first actual argument of the 'CloseHandle' function. dosfiles.c 402
  • And 3 additional diagnostic messages.

CPython

V614 Potentially uninitialized pointer 'sigint_event' used. semaphore.c 120


static PyObject *
semlock_acquire(SemLockObject *self,
                PyObject *args,
                PyObject *kwds)
{
  ....
  HANDLE handles[2], sigint_event;
  ....
  /* prepare list of handles */
  nhandles = 0;
  handles[nhandles++] = self->handle;
  if (_PyOS_IsMainThread()) {
    sigint_event = _PyOS_SigintEvent();
    assert(sigint_event != NULL);
    handles[nhandles++] = sigint_event;
  }

  /* do the wait */
  Py_BEGIN_ALLOW_THREADS
  if (sigint_event != NULL)  // <=
    ResetEvent(sigint_event);
  ....
}

FreeBSD Kernel

V614 Uninitialized variable 'status' used. tdioctl.c 3396


osGLOBAL bit32
tdsaSendTMFIoctl(
      tiRoot_t             *tiRoot,
      tiIOCTLPayload_t     *agIOCTLPayload,
      void                 *agParam1,
      void                 *agParam2,
      unsigned long        resetType
    )
{
  bit32    status;
  tmf_pass_through_req_t  *tmf_req = ....;
#if !(defined(__FreeBSD__))
  status = ostiSendResetDeviceIoctl(tiRoot, agParam2,
    tmf_req->pathId, tmf_req->targetId, tmf_req->lun, resetType);
#endif
  TI_DBG3((
    "Status returned from ostiSendResetDeviceIoctl is %d\n",
    status));
  if(status != IOCTL_CALL_SUCCESS)
  {
    agIOCTLPayload->Status = status;
    return status;
  }
  status = IOCTL_CALL_SUCCESS;
  return status;
}

TensorFlow

V614 Potentially uninitialized variable 'sparse_input_start' used. sample_inputs_op.cc 351


void Compute(OpKernelContext* context) override {
  ....
  int64 sparse_input_start;                               // <=
  ....
  if (sparse_input) {
    num_total_features += GetNumSparseFeatures(
      sparse_input_indices, *it, &sparse_input_start);    // <=
  }
  if (num_total_features == 0) {
    LOG(WARNING) << "num total features is zero.";
    break;
  }
  if (rand_feature < input_spec_.dense_features_size()) {
    ....
  } else {
    ....
    const int32 sparse_index = sparse_input_start +       // <=
      rand_feature - input_spec_.dense_features_size();
    ....
  }
  ....
}

EFL Core Libraries

V614 Uninitialized variable 'temp' used. Consider checking the first actual argument of the 'gmtime' function. elm_calendar.c 720


extern struct tm *gmtime (const time_t *__timer)
  __attribute__ ((__nothrow__ , __leaf__));

static void
_set_headers(Evas_Object *obj)
{
  static char part[] = "ch_0.text";
  int i;
  struct tm *t;
  time_t temp;
  ELM_CALENDAR_DATA_GET(obj, sd);

  elm_layout_freeze(obj);

  sd->filling = EINA_TRUE;

  t = gmtime(&temp);
  ....
}

MuseScore

V614 Uninitialized variable 'pageWidth' used. Consider checking the third actual argument of the 'doCredits' function. importmxmlpass1.cpp 944


void MusicXMLParserPass1::scorePartwise()
{
  ....
  int pageWidth;
  int pageHeight;

  while (_e.readNextStartElement()) {
    if (_e.name() == "part")
      part();
    else if (_e.name() == "part-list") {
      doCredits(_score, credits, pageWidth, pageHeight);// <= USE
      partList(partGroupList);
    }
    ....
    else if (_e.name() == "defaults")
      defaults(pageWidth, pageHeight);                 // <= INIT
    ....
  }
  ....
}

Ardour

V614 Uninitialized variable 'req.height' used. Consider checking the second actual argument of the 'set_size_request' function. time_axis_view.cc 159


TimeAxisView::TimeAxisView (....)
{
  ....
  boost::scoped_ptr<Gtk::Entry> an_entry (new FocusEntry);
  an_entry->set_name (X_("TrackNameEditor"));
  Gtk::Requisition req;
  an_entry->size_request (req);

  name_label.set_size_request (-1, req.height);
  name_label.set_ellipsize (Pango::ELLIPSIZE_MIDDLE);
  ....
}

void size_request(const Requisition& requisition);


RT-Thread

V614 CWE-457 Uninitialized variable 'command.result[0]' used. lpc_iap.c 187


typedef struct {
    uint32_t cmd;   // Command
    uint32_t param[4];      // Parameters
    uint32_t status;        // status code
    uint32_t result[4];     // Result
} IAP_COMMAND_Type;

IAP_STATUS_CODE BlankCheckSector(
  uint32_t start_sec, uint32_t end_sec,
  uint32_t *first_nblank_loc,
  uint32_t *first_nblank_val)
{
  IAP_COMMAND_Type command;

  command.cmd    = IAP_BLANK_CHECK;
  command.param[0] = start_sec;
  command.param[1] = end_sec;
  IAP_Call (&command.cmd, &command.status);

  if(command.status == SECTOR_NOT_BLANK)
  {
    // Update out value
    if(first_nblank_loc != NULL)
      *first_nblank_loc =  command.result[0];
    if(first_nblank_val != NULL)
      *first_nblank_val =  command.result[1];
  }

  return (IAP_STATUS_CODE)command.status;
}

Similar errors can be found in some other places:

  • V614 CWE-457 Uninitialized variable 'command.result[1]' used. lpc_iap.c 189
  • V614 CWE-457 Uninitialized variable 'command.result[0]' used. lpc_iap.c 236
  • V614 CWE-457 Uninitialized variable 'command.result[i]' used. lpc_iap.c 264

RT-Thread

V614 CWE-457 Uninitialized variable 'k' used. lpc_lcd.c 510


void LCD_PutPixel (LCD_PANEL panel, uint32_t X_Left,
                   uint32_t Y_Up, LcdPixel_t color)
{
  uint32_t k;
  uint32_t * pWordData = NULL;
  uint8_t*   pByteData = NULL;
  uint32_t  bitOffset;
  uint8_t*   pByteSrc = (uint8_t*)&color;
  uint8_t  bpp = bits_per_pixel[lcd_config.lcd_bpp];
  uint8_t  bytes_per_pixel = bpp/8;
  uint32_t start_bit;

  if((X_Left >= lcd_hsize)||(Y_Up >= lcd_vsize))
    return;

  if(panel == LCD_PANEL_UPPER)
    pWordData = (uint32_t*) LPC_LCD->UPBASE +
                            LCD_GetWordOffset(X_Left,Y_Up);
  else
    pWordData = (uint32_t*) LPC_LCD->LPBASE +
                            LCD_GetWordOffset(X_Left,Y_Up);

  bitOffset = LCD_GetBitOffset(X_Left,Y_Up);
  pByteData = (uint8_t*) pWordData;
  pByteData += bitOffset/8;

  start_bit =  bitOffset%8;

  if(bpp < 8)
  {
    uint8_t bit_pos = start_bit;
    uint8_t bit_ofs = 0;
    for(bit_ofs = 0;bit_ofs <bpp; bit_ofs++,bit_pos++)
    {
      *pByteData &= ~ (0x01 << bit_pos);
      *pByteData |=
        ((*pByteSrc >> (k+bit_ofs)) & 0x01) << bit_pos;   // <=
    }
  }
  ....
}

Android

V614 CWE-457 Uninitialized variable 't.tv_nsec' used. clock_ns.h 55


struct timespec
{
  __time_t tv_sec;    /* Seconds.  */
  long int tv_nsec;   /* Nanoseconds.  */
};

static inline timespec NsToTimespec(int64_t ns) {
  timespec t;
  int32_t remainder;

  t.tv_sec = ns / kNanosPerSecond;
  remainder = ns % kNanosPerSecond;
  if (remainder < 0) {
    t.tv_nsec--;
    remainder += kNanosPerSecond;
  }
  t.tv_nsec = remainder;

  return t;
}

Android

V614 CWE-824 Potentially uninitialized pointer 'p_opt' used. Consider checking the second actual argument of the 'memcpy' function. mca_main.cc 252


void mca_set_cfg_by_tbl(....) {
  tMCA_DCB* p_dcb;
  const tL2CAP_FCR_OPTS* p_opt;
  tMCA_FCS_OPT fcs = MCA_FCS_NONE;

  if (p_tbl->tcid == MCA_CTRL_TCID) {
    p_opt = &mca_l2c_fcr_opts_def;
  } else {
    p_dcb = mca_dcb_by_hdl(p_tbl->cb_idx);
    if (p_dcb) {
      p_opt = &p_dcb->p_chnl_cfg->fcr_opt;
      fcs = p_dcb->p_chnl_cfg->fcs;
    }
  }
  memset(p_cfg, 0, sizeof(tL2CAP_CFG_INFO));
  p_cfg->mtu_present = true;
  p_cfg->mtu = p_tbl->my_mtu;
  p_cfg->fcr_present = true;
  memcpy(&p_cfg->fcr, p_opt, sizeof(tL2CAP_FCR_OPTS));    // <=
  ....
}

System Shock

V614 Potentially uninitialized pointer 'pc1' used. AI.C 597


typedef enum ObjClass {
  CLASS_GUN,
  CLASS_AMMO,
  CLASS_PHYSICS,
  ....
  CLASS_CRITTER,
  ....
} ObjClass;
errtype do_random_loot(ObjID corpse)
{
 int *pc1, *pc2;
   if (....)
   {
     switch (objs[corpse].obclass)
     {
       case CLASS_CONTAINER:
       ....
       *pc1 = 0;
       *pc2 = 0;
       break;
       case CLASS_SMALLSTUFF:
       ....
        pc1 = &objSmallstuffs[osid].data1;
        pc2 = &objSmallstuffs[osid].data2;
        break;
      }

      if (*pc1 == 0)
      {
        ....
      }
      if (*pc2 == 0)
      {
        ....
      }
   }
....
}

Similar errors can be found in some other places:

  • V614 Potentially uninitialized pointer 'pc2' used. AI.C 609

System Shock

V614 Uninitialized variable 'err' used. EVENT.C 953


errtype uiInit(uiSlab* slab)
{
  ....
  errtype err;
  ....
  // err = ui_init_cursors();
  ....
  if (err != OK) return err;
  ....
}

NCBI Genome Workbench

V614 Uninitialized variable 'm_BitSet' used. SnpBitAttributes.hpp 187


/// SNP bit attribute container.
class CSnpBitAttributes
{
public:
  ....
private:
  /// Internal storage for bits.
  Uint8 m_BitSet;
};

inline CSnpBitAttributes::CSnpBitAttributes(Uint8 bits) : m_BitSet(bits)
{
}

inline CSnpBitAttributes::CSnpBitAttributes(const vector<char>& octet_string)
{
  auto count = sizeof(m_BitSet);
  auto byte = octet_string.end();

  do
    m_BitSet = (m_BitSet << 8) | *--byte;
  while (--count > 0);
}

Haiku Operation System

V614 Uninitialized pointer 'res' used. commands.c 2873


struct addrinfo {
 int ai_flags;
 int ai_family;
 int ai_socktype;
 int ai_protocol;
 socklen_t ai_addrlen;
 char *ai_canonname;
 struct sockaddr *ai_addr;
 struct addrinfo *ai_next;
};

static int
sourceroute(struct addrinfo *ai, char *arg, char **cpp,
            int *lenp, int *protop, int *optp)
{
  static char buf[1024 + ALIGNBYTES];
  char *cp, *cp2, *lsrp, *ep;
  struct sockaddr_in *_sin;
#ifdef INET6
  struct sockaddr_in6 *sin6;
  struct ip6_rthdr *rth;
#endif
  struct addrinfo hints, *res;     // <=
  int error;
  char c;

  if (cpp == NULL || lenp == NULL)
    return -1;
  if (*cpp != NULL) {
    switch (res->ai_family) {      // <=
    case AF_INET:
      if (*lenp < 7)
        return -1;
      break;
      ....
    }
  }
  ....
}

error = getaddrinfo(cp, NULL, &hints, &res);


Haiku Operation System

V614 Uninitialized variable 'rval' used. fetch.c 1727


int
auto_fetch(int argc, char *argv[])
{
  volatile int  argpos;
  int    rval;                  // <=
  argpos = 0;

  if (sigsetjmp(toplevel, 1)) {
    if (connected)
      disconnect(0, NULL);
    if (rval > 0)               // <=
      rval = argpos + 1;
    return (rval);
  }
  ....
}

CMake

V614 Uninitialized pointer 'str' used. cmVSSetupHelper.h 80


class SmartBSTR
{
public:
  SmartBSTR() { str = NULL; }
  SmartBSTR(const SmartBSTR& src)
  {
    if (src.str != NULL) {
      str = ::SysAllocStringByteLen((char*)str, ::SysStringByteLen(str));
    } else {
      str = ::SysAllocStringByteLen(NULL, 0);
    }
  }
  ....
};

Espressif IoT Development Framework

V614 Uninitialized buffer 'hex' used. Consider checking the second actual argument of the 'memcpy' function. wps_registrar.c 1657


int wps_build_cred(struct wps_data *wps, struct wpabuf *msg)
{
  ....
  } else if (wps->use_psk_key && wps->wps->psk_set) {
    char hex[65];
    wpa_printf(MSG_DEBUG,  "WPS: Use PSK format for Network Key");
    os_memcpy(wps->cred.key, hex, 32 * 2);
    wps->cred.key_len = 32 * 2;
  } else if (wps->wps->network_key) {
  ....
}

Similar errors can be found in some other places:

  • V614 Uninitialized buffer 'hex' used. Consider checking the second actual argument of the 'memcpy' function. wps_registrar.c 1678

Espressif IoT Development Framework

V614 Potentially uninitialized buffer 'seq' used. Consider checking the first actual argument of the 'strlen' function. linenoise.c 435


void refreshShowHints(struct abuf *ab, struct linenoiseState *l, int plen) {
    char seq[64];
    if (hintsCallback && plen+l->len < l->cols) {
        int color = -1, bold = 0;
        char *hint = hintsCallback(l->buf,&color,&bold);
        if (hint) {
            int hintlen = strlen(hint);
            int hintmaxlen = l->cols-(plen+l->len);
            if (hintlen > hintmaxlen) hintlen = hintmaxlen;
            if (bold == 1 && color == -1) color = 37;
            if (color != -1 || bold != 0)
                snprintf(seq,64,"\033[%d;%d;49m",bold,color);
            abAppend(ab,seq,strlen(seq));                       // <=
            abAppend(ab,hint,hintlen);
            if (color != -1 || bold != 0)
                abAppend(ab,"\033[0m",4);
            /* Call the function to free the hint returned. */
            if (freeHintsCallback) freeHintsCallback(hint);
        }
    }
}

Espressif IoT Development Framework

V614 Potentially uninitialized buffer 'k' used. Consider checking the second actual argument of the 'sae_derive_keys' function. sae.c 854


int sae_process_commit(struct sae_data *sae)
{
  u8 k[SAE_MAX_PRIME_LEN];
  if (sae->tmp == NULL ||
      (sae->tmp->ec && sae_derive_k_ecc(sae, k) < 0) ||
      (sae->tmp->dh && sae_derive_k_ffc(sae, k) < 0) ||
      sae_derive_keys(sae, k) < 0)
    return ESP_FAIL;
  return ESP_OK;
}

Darwin-XNU

V614 Uninitialized variable 'best' used. sdt.c 572


void
sdt_early_init( void )
{
  ....
  if (MH_MAGIC_KERNEL != _mh_execute_header.magic) {
  ....
  } else {
    ....
    for (....) {
    const char *funcname;
    unsigned long best;                           // <=
    ....
    funcname = "<unknown>";
    for (i = 0; i < orig_st->nsyms; i++) {
      char *jname = strings + sym[i].n_un.n_strx;
      ....
      if ((unsigned long)sym[i].n_value > best) { // <=
        best = (unsigned long)sym[i].n_value;
        funcname = jname;
      }
    }
    ....
  }
}

Popular related articles
How PVS-Studio Proved to Be More Attentive Than Three and a Half Programmers

Date: 10.22.2018

Author: Andrey Karpov

Just like other static analyzers, PVS-Studio often produces false positives. What you are about to read is a short story where I'll tell you how PVS-Studio proved, just one more time, to be more atte…
Characteristics of PVS-Studio Analyzer by the Example of EFL Core Libraries, 10-15% of False Positives

Date: 07.31.2017

Author: Andrey Karpov

After I wrote quite a big article about the analysis of the Tizen OS code, I received a large number of questions concerning the percentage of false positives and the density of errors (how many erro…
The Ultimate Question of Programming, Refactoring, and Everything

Date: 04.14.2016

Author: Andrey Karpov

Yes, you've guessed correctly - the answer is "42". In this article you will find 42 recommendations about coding in C++ that can help a programmer avoid a lot of errors, save time and effort. The au…
The Last Line Effect

Date: 05.31.2014

Author: Andrey Karpov

I have studied many errors caused by the use of the Copy-Paste method, and can assure you that programmers most often tend to make mistakes in the last fragment of a homogeneous code block. I have ne…
PVS-Studio ROI

Date: 01.30.2019

Author: Andrey Karpov

Occasionally, we're asked a question, what monetary value the company will receive from using PVS-Studio. We decided to draw up a response in the form of an article and provide tables, which will sho…
The way static analyzers fight against false positives, and why they do it

Date: 03.20.2017

Author: Andrey Karpov

In my previous article I wrote that I don't like the approach of evaluating the efficiency of static analyzers with the help of synthetic tests. In that article, I give the example of a code fragment…
Free PVS-Studio for those who develops open source projects

Date: 12.22.2018

Author: Andrey Karpov

On the New 2019 year's eve, a PVS-Studio team decided to make a nice gift for all contributors of open-source projects hosted on GitHub, GitLab or Bitbucket. They are given free usage of PVS-Studio s…
Appreciate Static Code Analysis!

Date: 10.16.2017

Author: Andrey Karpov

I am really astonished by the capabilities of static code analysis even though I am one of the developers of PVS-Studio analyzer myself. The tool surprised me the other day as it turned out to be sma…
Technologies used in the PVS-Studio code analyzer for finding bugs and potential vulnerabilities

Date: 11.21.2018

Author: Andrey Karpov

A brief description of technologies used in the PVS-Studio tool, which let us effectively detect a large number of error patterns and potential vulnerabilities. The article describes the implementati…
Static analysis as part of the development process in Unreal Engine

Date: 06.27.2017

Author: Andrey Karpov

Unreal Engine continues to develop as new code is added and previously written code is changed. What is the inevitable consequence of ongoing development in a project? The emergence of new bugs in th…

Comments (0)

Next comments

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
This website uses cookies and other technology to provide you a more personalized experience. By continuing the view of our web-pages you accept the terms of using these files. If you don't want your personal data to be processed, please, leave this site.
Learn More →
Accept