[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: vasnprintf.c: "out_of_memory", -Wanalyzer-free-of-non-heap, -Wanalyz

From: Bruno Haible
Subject: Re: vasnprintf.c: "out_of_memory", -Wanalyzer-free-of-non-heap, -Wanalyzer-malloc-leak
Date: Sat, 30 Apr 2022 23:11:43 +0200

Bjarni Ingi Gislason wrote:
> In function 'vasnprintf':
> ../lib/vasnprintf.c:5849:7: warning: 'free' of 'result_334' which points
> to memory not on the heap [CWE-590] [-Wanalyzer-free-of-non-heap]
>  5849 |       free (result);
>  ...

This is a false positive. By code inspection, one can see that
  * the value of 'resultbuf' is never changed (in other words, this parameter
    could be marked 'const'),
  * staring with line 1916, the value of result is either == NULL or
    == resultbuf or memory allocated within the vasnprintf function. See the
    comment at line 1928.
Therefore it is safe to do
    if (!(result == resultbuf || result == NULL))
      free (result);

>   and
> ../lib/vasnprintf.c:5855:5: warning: leak of 'result_20' [CWE-401]
> [-Wanalyzer-malloc-leak]
>  5855 |     return NULL;
>  ...

This is a false positive as well:
As mentioned above, of the control flow passes through lines 5848..5849,
'result' has been freed if it was memory allocated. In the other case,
a 'goto out_of_memory_1;' was executed; in this case 'result' did not
have any value.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]