Bug Summary

File:objdir/intl/conftest.c
Warning:line 146, column 12
Potential leak of memory pointed to by 'data'

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-suse-linux -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name conftest.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model pic -pic-level 2 -pic-is-pie -mframe-pointer=none -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/buildworker/marxinbox-gcc-clang-static-analyzer/objdir/intl -resource-dir /usr/lib64/clang/15.0.7 -internal-isystem /usr/lib64/clang/15.0.7/include -internal-isystem /usr/local/include -internal-isystem /usr/bin/../lib64/gcc/x86_64-suse-linux/13/../../../../x86_64-suse-linux/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/buildworker/marxinbox-gcc-clang-static-analyzer/objdir/intl -ferror-limit 19 -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -analyzer-output=plist-html -analyzer-config silence-checkers=core.NullDereference -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /buildworker/marxinbox-gcc-clang-static-analyzer/objdir/clang-static-analyzer/2023-03-27-141847-20772-1/report-0zOjMD.plist -x c conftest.c
1/* confdefs.h */
2#define PACKAGE_NAME"" ""
3#define PACKAGE_TARNAME"" ""
4#define PACKAGE_VERSION"" ""
5#define PACKAGE_STRING"" ""
6#define PACKAGE_BUGREPORT"" ""
7#define PACKAGE_URL"" ""
8#define STDC_HEADERS1 1
9#define HAVE_SYS_TYPES_H1 1
10#define HAVE_SYS_STAT_H1 1
11#define HAVE_STDLIB_H1 1
12#define HAVE_STRING_H1 1
13#define HAVE_MEMORY_H1 1
14#define HAVE_STRINGS_H1 1
15#define HAVE_INTTYPES_H1 1
16#define HAVE_STDINT_H1 1
17#define HAVE_UNISTD_H1 1
18#define __EXTENSIONS__1 1
19#define _ALL_SOURCE1 1
20#define _GNU_SOURCE1 1
21#define _POSIX_PTHREAD_SEMANTICS1 1
22#define _TANDEM_SOURCE1 1
23#define HAVE_ALLOCA_H1 1
24#define HAVE_ALLOCA1 1
25#define HAVE_STDLIB_H1 1
26#define HAVE_UNISTD_H1 1
27#define HAVE_SYS_PARAM_H1 1
28#define HAVE_GETPAGESIZE1 1
29/* end confdefs.h. */
30#include <stdio.h>
31#ifdef HAVE_SYS_TYPES_H1
32# include <sys/types.h>
33#endif
34#ifdef HAVE_SYS_STAT_H1
35# include <sys/stat.h>
36#endif
37#ifdef STDC_HEADERS1
38# include <stdlib.h>
39# include <stddef.h>
40#else
41# ifdef HAVE_STDLIB_H1
42# include <stdlib.h>
43# endif
44#endif
45#ifdef HAVE_STRING_H1
46# if !defined STDC_HEADERS1 && defined HAVE_MEMORY_H1
47# include <memory.h>
48# endif
49# include <string.h>
50#endif
51#ifdef HAVE_STRINGS_H1
52# include <strings.h>
53#endif
54#ifdef HAVE_INTTYPES_H1
55# include <inttypes.h>
56#endif
57#ifdef HAVE_STDINT_H1
58# include <stdint.h>
59#endif
60#ifdef HAVE_UNISTD_H1
61# include <unistd.h>
62#endif
63/* malloc might have been renamed as rpl_malloc. */
64#undef malloc
65
66/* Thanks to Mike Haertel and Jim Avera for this test.
67 Here is a matrix of mmap possibilities:
68 mmap private not fixed
69 mmap private fixed at somewhere currently unmapped
70 mmap private fixed at somewhere already mapped
71 mmap shared not fixed
72 mmap shared fixed at somewhere currently unmapped
73 mmap shared fixed at somewhere already mapped
74 For private mappings, we should verify that changes cannot be read()
75 back from the file, nor mmap's back from the file at a different
76 address. (There have been systems where private was not correctly
77 implemented like the infamous i386 svr4.0, and systems where the
78 VM page cache was not coherent with the file system buffer cache
79 like early versions of FreeBSD and possibly contemporary NetBSD.)
80 For shared mappings, we should conversely verify that changes get
81 propagated back to all the places they're supposed to be.
82
83 Grep wants private fixed already mapped.
84 The main things grep needs to know about mmap are:
85 * does it exist and is it safe to write into the mmap'd area
86 * how to use it (BSD variants) */
87
88#include <fcntl.h>
89#include <sys/mman.h>
90
91#if !defined STDC_HEADERS1 && !defined HAVE_STDLIB_H1
92char *malloc ();
93#endif
94
95/* This mess was copied from the GNU getpagesize.h. */
96#ifndef HAVE_GETPAGESIZE1
97# ifdef _SC_PAGESIZE_SC_PAGESIZE
98# define getpagesize() sysconf(_SC_PAGESIZE_SC_PAGESIZE)
99# else /* no _SC_PAGESIZE */
100# ifdef HAVE_SYS_PARAM_H1
101# include <sys/param.h>
102# ifdef EXEC_PAGESIZE
103# define getpagesize() EXEC_PAGESIZE
104# else /* no EXEC_PAGESIZE */
105# ifdef NBPG
106# define getpagesize() NBPG * CLSIZE
107# ifndef CLSIZE
108# define CLSIZE 1
109# endif /* no CLSIZE */
110# else /* no NBPG */
111# ifdef NBPC
112# define getpagesize() NBPC
113# else /* no NBPC */
114# ifdef PAGESIZE
115# define getpagesize() PAGESIZE
116# endif /* PAGESIZE */
117# endif /* no NBPC */
118# endif /* no NBPG */
119# endif /* no EXEC_PAGESIZE */
120# else /* no HAVE_SYS_PARAM_H */
121# define getpagesize() 8192 /* punt totally */
122# endif /* no HAVE_SYS_PARAM_H */
123# endif /* no _SC_PAGESIZE */
124
125#endif /* no HAVE_GETPAGESIZE */
126
127int
128main ()
129{
130 char *data, *data2, *data3;
131 const char *cdata2;
132 int i, pagesize;
133 int fd, fd2;
134
135 pagesize = getpagesize ();
136
137 /* First, make a file with some known garbage in it. */
138 data = (char *) malloc (pagesize);
1
Memory is allocated
139 if (!data)
2
Assuming 'data' is non-null
3
Taking false branch
140 return 1;
141 for (i = 0; i < pagesize; ++i)
4
Assuming 'i' is >= 'pagesize'
5
Loop condition is false. Execution continues on line 143
142 *(data + i) = rand ();
143 umask (0);
144 fd = creat ("conftest.mmap", 0600);
145 if (fd < 0)
6
Assuming 'fd' is < 0
7
Taking true branch
146 return 2;
8
Potential leak of memory pointed to by 'data'
147 if (write (fd, data, pagesize) != pagesize)
148 return 3;
149 close (fd);
150
151 /* Next, check that the tail of a page is zero-filled. File must have
152 non-zero length, otherwise we risk SIGBUS for entire page. */
153 fd2 = open ("conftest.txt", O_RDWR02 | O_CREAT0100 | O_TRUNC01000, 0600);
154 if (fd2 < 0)
155 return 4;
156 cdata2 = "";
157 if (write (fd2, cdata2, 1) != 1)
158 return 5;
159 data2 = (char *) mmap (0, pagesize, PROT_READ0x1 | PROT_WRITE0x2, MAP_SHARED0x01, fd2, 0L);
160 if (data2 == MAP_FAILED((void *) -1))
161 return 6;
162 for (i = 0; i < pagesize; ++i)
163 if (*(data2 + i))
164 return 7;
165 close (fd2);
166 if (munmap (data2, pagesize))
167 return 8;
168
169 /* Next, try to mmap the file at a fixed address which already has
170 something else allocated at it. If we can, also make sure that
171 we see the same garbage. */
172 fd = open ("conftest.mmap", O_RDWR02);
173 if (fd < 0)
174 return 9;
175 if (data2 != mmap (data2, pagesize, PROT_READ0x1 | PROT_WRITE0x2,
176 MAP_PRIVATE0x02 | MAP_FIXED0x10, fd, 0L))
177 return 10;
178 for (i = 0; i < pagesize; ++i)
179 if (*(data + i) != *(data2 + i))
180 return 11;
181
182 /* Finally, make sure that changes to the mapped area do not
183 percolate back to the file as seen by read(). (This is a bug on
184 some variants of i386 svr4.0.) */
185 for (i = 0; i < pagesize; ++i)
186 *(data2 + i) = *(data2 + i) + 1;
187 data3 = (char *) malloc (pagesize);
188 if (!data3)
189 return 12;
190 if (read (fd, data3, pagesize) != pagesize)
191 return 13;
192 for (i = 0; i < pagesize; ++i)
193 if (*(data + i) != *(data3 + i))
194 return 14;
195 close (fd);
196 return 0;
197}