Alex
Alex
## Explanation of the bug The function parse_msg may return a null value. ```c++ static rapidjson::Value* parse_msg(const Message *msg, rapidjson::Value::AllocatorType& allocator) { const Descriptor *d = msg->GetDescriptor(); if (!d) return...
## Explanation of the bug The function `parse_msg` may return a null value. ```c++ static rapidjson::Value* parse_msg(const Message *msg, rapidjson::Value::AllocatorType& allocator) { const Descriptor *d = msg->GetDescriptor(); if (!d) return...
In function `field2json`, if `repeated = false`, the NULL value of `json` is returned to the caller. ```c++ static rapidjson::Value* field2json(const Message *msg, const FieldDescriptor *field, rapidjson::Value::AllocatorType& allocator) { ......
The function `syn_id2cterm_bg` has the following code: ```c cCopyEdithl_id = syn_get_final_id(hl_id); sgp = &HL_TABLE()[hl_id - 1]; ``` It assumes `hl_id ≥ 1`. But `syn_get_final_id` can return 0 because: ``` if...
The function handle_content_type allocates memory for boundary using xmalloc(sizeof(struct strbuf)). If (++mi->content_top >= &mi->content[MAX_BOUNDARIES]) is true, the function returns without freeing boundary. cc: "Kristoffer Haugsbakk" cc: Jinyao Guo cc: Lidong...
cc: lidongyan cc: Jeff King
cc: Jinyao Guo
cc: René Scharfe cc: Phillip Wood
The function `SerializeLinkedList` allocates a memory object [here](https://github.com/project-chip/connectedhomeip/blob/2f277fca74d88f4a8a79035ba9e43cba128b117a/src/platform/cc32xx/CC32XXConfig.cpp#L218) and returns it to the caller. Then the function `WriteKVSToNV` stores the object in `list`, which is not freed before the function...
In BL702, the function deviceInterface_getNetif can return NULL. See the code [here](https://github.com/project-chip/connectedhomeip/blob/2f277fca74d88f4a8a79035ba9e43cba128b117a/src/platform/bouffalolab/BL702/wifi_mgmr_portable.c#L97) In function GetNetworkInterfaces, the return value of deviceInterface_getNetif is not checked before dereference, causing a potential null pointer...