GL4Dummies icon indicating copy to clipboard operation
GL4Dummies copied to clipboard
verified publisher icon noalien

[CWE-401] gl4du.c newGL4DUMatrix call in gl4duGenMatrix

Open darnuria opened this issue 5 years ago • 3 comments

Reproduction comme dans: #11 merci gcc10 avec -fanalyzer, c'est un malloc-leak.

GL4D/gl4du.c: In function ‘newGL4DUMatrix’:
GL4D/gl4du.c:916:10: warning: leak of ‘<unknown>’ [CWE-401] [-Wanalyzer-malloc-leak]
  916 |   return m;
      |          ^
  ‘gl4duGenMatrix’: events 1-4
    |
    |  979 | GLboolean gl4duGenMatrix(GLenum type, const char * name) {
    |      |           ^~~~~~~~~~~~~~
    |      |           |
    |      |           (1) entry to ‘gl4duGenMatrix’
    |......
    |  984 |   if(pair.compResult) {
    |      |     ~      
    |      |     |
    |      |     (2) following ‘true’ branch...
    |  985 |     p = newGL4DUMatrix(type, name);
    |      |         ~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |         |
    |      |         (3) ...to here
    |      |         (4) calling ‘newGL4DUMatrix’ from ‘gl4duGenMatrix’
    |
    +--> ‘newGL4DUMatrix’: event 5
           |
           |  906 | static inline _GL4DUMatrix * newGL4DUMatrix(GLenum type, const char * name) {
           |      |                              ^~~~~~~~~~~~~~
           |      |                              |
           |      |                              (5) entry to ‘newGL4DUMatrix’
           |
         ‘newGL4DUMatrix’: event 6
           |
           |  908 |   assert(m);
           |      |   ^~~~~~
           |      |   |
           |      |   (6) following ‘true’ branch (when ‘m’ is non-NULL)...
           |
         ‘newGL4DUMatrix’: events 7-8
           |
           |  909 |   m->name  = strdup(name);
           |      |              ^~~~~~~~~~~~
           |      |              |
           |      |              (7) ...to here
           |  910 |   m->type  = type;
           |  911 |   m->size  = 16 * ( (type == GL_FLOAT) ? sizeof (GLfloat) : /* type == GL_DOUBLE */ sizeof (GLdouble) );
           |      |              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
           |      |                 |
           |      |                 (8) following ‘false’ branch (when ‘type != 5126’)...
           |
         ‘newGL4DUMatrix’: event 9
           |
           |cc1:
           | (9): ...to here
           |
         ‘newGL4DUMatrix’: event 10
           |
           |  911 |   m->size  = 16 * ( (type == GL_FLOAT) ? sizeof (GLfloat) : /* type == GL_DOUBLE */ sizeof (GLdouble) );
           |      |   ~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
           |      |            |
           |      |            (10) allocated here
           |
         ‘newGL4DUMatrix’: event 11
           |
           |  915 |   assert(m->data);
           |      |   ^~~~~~
           |      |   |
           |      |   (11) assuming ‘<unknown>’ is non-NULL
           |
         ‘newGL4DUMatrix’: event 12
           |
           |
         ‘newGL4DUMatrix’: events 13-14
           |
           |  916 |   return m;
           |      |          ^
           |      |          |
           |      |          (13) ...to here
           |      |          (14) ‘<unknown>’ leaks here; was allocated at (10)
           |

darnuria avatar Oct 24 '20 11:10 darnuria

C'est un peu bizarre, car d’après -fanalyzerl'allocation a eu lieu sur la ligne 911

fiplox avatar Feb 06 '21 12:02 fiplox

@fiplox probablement le code a bouger faut reposter une nouvelle version du warning.

darnuria avatar Feb 06 '21 14:02 darnuria

@darnuria Je viens de recompiler avec -fanalyzer il dit toujours la même chose

fiplox avatar Feb 06 '21 14:02 fiplox