Bug Summary

File:objdir/libiberty/conftest.c
Warning:line 268, column 12
Potential leak of memory pointed to by 'data'

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-unknown-linux-gnu -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name conftest.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model static -mframe-pointer=none -fmath-errno -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/home/marxin/BIG/buildbot/buildworker/marxinbox-gcc-clang-static-analyzer/objdir/libiberty -resource-dir /usr/lib64/clang/13.0.0 -internal-isystem /usr/lib64/clang/13.0.0/include -internal-isystem /usr/local/include -internal-isystem /usr/bin/../lib64/gcc/x86_64-suse-linux/11/../../../../x86_64-suse-linux/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/home/marxin/BIG/buildbot/buildworker/marxinbox-gcc-clang-static-analyzer/objdir/libiberty -ferror-limit 19 -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -analyzer-output=plist-html -analyzer-config silence-checkers=core.NullDereference -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/marxin/BIG/buildbot/buildworker/marxinbox-gcc-clang-static-analyzer/objdir/clang-static-analyzer/2021-11-20-133755-20252-1/report-avk6cA.plist -x c conftest.c
1/* confdefs.h */
2#define PACKAGE_NAME"" ""
3#define PACKAGE_TARNAME"" ""
4#define PACKAGE_VERSION"" ""
5#define PACKAGE_STRING"" ""
6#define PACKAGE_BUGREPORT"" ""
7#define PACKAGE_URL"" ""
8#define STDC_HEADERS1 1
9#define HAVE_SYS_TYPES_H1 1
10#define HAVE_SYS_STAT_H1 1
11#define HAVE_STDLIB_H1 1
12#define HAVE_STRING_H1 1
13#define HAVE_MEMORY_H1 1
14#define HAVE_STRINGS_H1 1
15#define HAVE_INTTYPES_H1 1
16#define HAVE_STDINT_H1 1
17#define HAVE_UNISTD_H1 1
18#define __EXTENSIONS__1 1
19#define _ALL_SOURCE1 1
20#define _GNU_SOURCE1 1
21#define _POSIX_PTHREAD_SEMANTICS1 1
22#define _TANDEM_SOURCE1 1
23#define HAVE_SYS_FILE_H1 1
24#define HAVE_SYS_PARAM_H1 1
25#define HAVE_LIMITS_H1 1
26#define HAVE_STDLIB_H1 1
27#define HAVE_MALLOC_H1 1
28#define HAVE_STRING_H1 1
29#define HAVE_UNISTD_H1 1
30#define HAVE_STRINGS_H1 1
31#define HAVE_SYS_TIME_H1 1
32#define HAVE_TIME_H1 1
33#define HAVE_SYS_RESOURCE_H1 1
34#define HAVE_SYS_STAT_H1 1
35#define HAVE_SYS_MMAN_H1 1
36#define HAVE_FCNTL_H1 1
37#define HAVE_ALLOCA_H1 1
38#define HAVE_SYS_SYSINFO_H1 1
39#define HAVE_STDINT_H1 1
40#define HAVE_STDIO_EXT_H1 1
41#define HAVE_SYS_PRCTL_H1 1
42#define HAVE_SYS_WAIT_H1 1
43#define TIME_WITH_SYS_TIME1 1
44#define SIZEOF_INT4 4
45#define SIZEOF_LONG8 8
46#define SIZEOF_SIZE_T8 8
47#define HAVE_LONG_LONG1 1
48#define SIZEOF_LONG_LONG8 8
49#define UNSIGNED_64BIT_TYPEuint64_t uint64_t
50#define HAVE_INTPTR_T1 1
51#define HAVE_UINTPTR_T1 1
52#define HAVE_UINTPTR_T1 1
53#define HAVE_ASPRINTF1 1
54#define HAVE_ATEXIT1 1
55#define HAVE_BASENAME1 1
56#define HAVE_BCMP1 1
57#define HAVE_BCOPY1 1
58#define HAVE_BSEARCH1 1
59#define HAVE_BZERO1 1
60#define HAVE_CALLOC1 1
61#define HAVE_CLOCK1 1
62#define HAVE_FFS1 1
63#define HAVE_GETCWD1 1
64#define HAVE_GETPAGESIZE1 1
65#define HAVE_GETTIMEOFDAY1 1
66#define HAVE_INDEX1 1
67#define HAVE_INSQUE1 1
68#define HAVE_MEMCHR1 1
69#define HAVE_MEMCMP1 1
70#define HAVE_MEMCPY1 1
71#define HAVE_MEMMEM1 1
72#define HAVE_MEMMOVE1 1
73#define HAVE_MEMPCPY1 1
74#define HAVE_MEMSET1 1
75#define HAVE_MKSTEMPS1 1
76#define HAVE_PUTENV1 1
77#define HAVE_RANDOM1 1
78#define HAVE_RENAME1 1
79#define HAVE_RINDEX1 1
80#define HAVE_SETENV1 1
81#define HAVE_SNPRINTF1 1
82#define HAVE_SIGSETMASK1 1
83#define HAVE_STPCPY1 1
84#define HAVE_STPNCPY1 1
85#define HAVE_STRCASECMP1 1
86#define HAVE_STRCHR1 1
87#define HAVE_STRDUP1 1
88#define HAVE_STRNCASECMP1 1
89#define HAVE_STRNDUP1 1
90#define HAVE_STRNLEN1 1
91#define HAVE_STRRCHR1 1
92#define HAVE_STRSTR1 1
93#define HAVE_STRTOD1 1
94#define HAVE_STRTOL1 1
95#define HAVE_STRTOUL1 1
96#define HAVE_STRTOLL1 1
97#define HAVE_STRTOULL1 1
98#define HAVE_STRVERSCMP1 1
99#define HAVE_TMPNAM1 1
100#define HAVE_VASPRINTF1 1
101#define HAVE_VFPRINTF1 1
102#define HAVE_VPRINTF1 1
103#define HAVE_VSNPRINTF1 1
104#define HAVE_VSPRINTF1 1
105#define HAVE_WAITPID1 1
106#define STACK_DIRECTION1 1
107#define HAVE_FORK1 1
108#define HAVE_VFORK1 1
109#define HAVE_WORKING_VFORK1 1
110#define HAVE_WORKING_FORK1 1
111#define HAVE___FSETLOCKING1 1
112#define HAVE_CANONICALIZE_FILE_NAME1 1
113#define HAVE_DUP31 1
114#define HAVE_GETRLIMIT1 1
115#define HAVE_GETRUSAGE1 1
116#define HAVE_GETTIMEOFDAY1 1
117#define HAVE_ON_EXIT1 1
118#define HAVE_PIPE21 1
119#define HAVE_PSIGNAL1 1
120#define HAVE_REALPATH1 1
121#define HAVE_SETRLIMIT1 1
122#define HAVE_STRERROR1 1
123#define HAVE_STRSIGNAL1 1
124#define HAVE_SYSCONF1 1
125#define HAVE_TIMES1 1
126#define HAVE_WAIT31 1
127#define HAVE_WAIT41 1
128#define HAVE_SBRK1 1
129#define HAVE_DECL_BASENAME1 1
130#define HAVE_DECL_FFS1 1
131#define HAVE_DECL_ASPRINTF1 1
132#define HAVE_DECL_VASPRINTF1 1
133#define HAVE_DECL_SNPRINTF1 1
134#define HAVE_DECL_VSNPRINTF1 1
135#define HAVE_DECL_CALLOC1 1
136#define HAVE_DECL_GETENV1 1
137#define HAVE_DECL_GETOPT1 1
138#define HAVE_DECL_MALLOC1 1
139#define HAVE_DECL_REALLOC1 1
140#define HAVE_DECL_SBRK1 1
141#define HAVE_DECL_STRTOL1 1
142#define HAVE_DECL_STRTOUL1 1
143#define HAVE_DECL_STRTOLL1 1
144#define HAVE_DECL_STRTOULL1 1
145#define HAVE_DECL_STRVERSCMP1 1
146#define HAVE_DECL_STRNLEN1 1
147#define HAVE_STDLIB_H1 1
148#define HAVE_UNISTD_H1 1
149#define HAVE_SYS_PARAM_H1 1
150#define HAVE_GETPAGESIZE1 1
151/* end confdefs.h. */
152#include <stdio.h>
153#ifdef HAVE_SYS_TYPES_H1
154# include <sys/types.h>
155#endif
156#ifdef HAVE_SYS_STAT_H1
157# include <sys/stat.h>
158#endif
159#ifdef STDC_HEADERS1
160# include <stdlib.h>
161# include <stddef.h>
162#else
163# ifdef HAVE_STDLIB_H1
164# include <stdlib.h>
165# endif
166#endif
167#ifdef HAVE_STRING_H1
168# if !defined STDC_HEADERS1 && defined HAVE_MEMORY_H1
169# include <memory.h>
170# endif
171# include <string.h>
172#endif
173#ifdef HAVE_STRINGS_H1
174# include <strings.h>
175#endif
176#ifdef HAVE_INTTYPES_H1
177# include <inttypes.h>
178#endif
179#ifdef HAVE_STDINT_H1
180# include <stdint.h>
181#endif
182#ifdef HAVE_UNISTD_H1
183# include <unistd.h>
184#endif
185/* malloc might have been renamed as rpl_malloc. */
186#undef malloc
187
188/* Thanks to Mike Haertel and Jim Avera for this test.
189 Here is a matrix of mmap possibilities:
190 mmap private not fixed
191 mmap private fixed at somewhere currently unmapped
192 mmap private fixed at somewhere already mapped
193 mmap shared not fixed
194 mmap shared fixed at somewhere currently unmapped
195 mmap shared fixed at somewhere already mapped
196 For private mappings, we should verify that changes cannot be read()
197 back from the file, nor mmap's back from the file at a different
198 address. (There have been systems where private was not correctly
199 implemented like the infamous i386 svr4.0, and systems where the
200 VM page cache was not coherent with the file system buffer cache
201 like early versions of FreeBSD and possibly contemporary NetBSD.)
202 For shared mappings, we should conversely verify that changes get
203 propagated back to all the places they're supposed to be.
204
205 Grep wants private fixed already mapped.
206 The main things grep needs to know about mmap are:
207 * does it exist and is it safe to write into the mmap'd area
208 * how to use it (BSD variants) */
209
210#include <fcntl.h>
211#include <sys/mman.h>
212
213#if !defined STDC_HEADERS1 && !defined HAVE_STDLIB_H1
214char *malloc ();
215#endif
216
217/* This mess was copied from the GNU getpagesize.h. */
218#ifndef HAVE_GETPAGESIZE1
219# ifdef _SC_PAGESIZE_SC_PAGESIZE
220# define getpagesize() sysconf(_SC_PAGESIZE_SC_PAGESIZE)
221# else /* no _SC_PAGESIZE */
222# ifdef HAVE_SYS_PARAM_H1
223# include <sys/param.h>
224# ifdef EXEC_PAGESIZE
225# define getpagesize() EXEC_PAGESIZE
226# else /* no EXEC_PAGESIZE */
227# ifdef NBPG
228# define getpagesize() NBPG * CLSIZE
229# ifndef CLSIZE
230# define CLSIZE 1
231# endif /* no CLSIZE */
232# else /* no NBPG */
233# ifdef NBPC
234# define getpagesize() NBPC
235# else /* no NBPC */
236# ifdef PAGESIZE
237# define getpagesize() PAGESIZE
238# endif /* PAGESIZE */
239# endif /* no NBPC */
240# endif /* no NBPG */
241# endif /* no EXEC_PAGESIZE */
242# else /* no HAVE_SYS_PARAM_H */
243# define getpagesize() 8192 /* punt totally */
244# endif /* no HAVE_SYS_PARAM_H */
245# endif /* no _SC_PAGESIZE */
246
247#endif /* no HAVE_GETPAGESIZE */
248
249int
250main ()
251{
252 char *data, *data2, *data3;
253 const char *cdata2;
254 int i, pagesize;
255 int fd, fd2;
256
257 pagesize = getpagesize ();
258
259 /* First, make a file with some known garbage in it. */
260 data = (char *) malloc (pagesize);
1
Memory is allocated
261 if (!data)
2
Assuming 'data' is non-null
3
Taking false branch
262 return 1;
263 for (i = 0; i < pagesize; ++i)
4
Assuming 'i' is >= 'pagesize'
5
Loop condition is false. Execution continues on line 265
264 *(data + i) = rand ();
265 umask (0);
266 fd = creat ("conftest.mmap", 0600);
267 if (fd < 0)
6
Assuming 'fd' is < 0
7
Taking true branch
268 return 2;
8
Potential leak of memory pointed to by 'data'
269 if (write (fd, data, pagesize) != pagesize)
270 return 3;
271 close (fd);
272
273 /* Next, check that the tail of a page is zero-filled. File must have
274 non-zero length, otherwise we risk SIGBUS for entire page. */
275 fd2 = open ("conftest.txt", O_RDWR02 | O_CREAT0100 | O_TRUNC01000, 0600);
276 if (fd2 < 0)
277 return 4;
278 cdata2 = "";
279 if (write (fd2, cdata2, 1) != 1)
280 return 5;
281 data2 = (char *) mmap (0, pagesize, PROT_READ0x1 | PROT_WRITE0x2, MAP_SHARED0x01, fd2, 0L);
282 if (data2 == MAP_FAILED((void *) -1))
283 return 6;
284 for (i = 0; i < pagesize; ++i)
285 if (*(data2 + i))
286 return 7;
287 close (fd2);
288 if (munmap (data2, pagesize))
289 return 8;
290
291 /* Next, try to mmap the file at a fixed address which already has
292 something else allocated at it. If we can, also make sure that
293 we see the same garbage. */
294 fd = open ("conftest.mmap", O_RDWR02);
295 if (fd < 0)
296 return 9;
297 if (data2 != mmap (data2, pagesize, PROT_READ0x1 | PROT_WRITE0x2,
298 MAP_PRIVATE0x02 | MAP_FIXED0x10, fd, 0L))
299 return 10;
300 for (i = 0; i < pagesize; ++i)
301 if (*(data + i) != *(data2 + i))
302 return 11;
303
304 /* Finally, make sure that changes to the mapped area do not
305 percolate back to the file as seen by read(). (This is a bug on
306 some variants of i386 svr4.0.) */
307 for (i = 0; i < pagesize; ++i)
308 *(data2 + i) = *(data2 + i) + 1;
309 data3 = (char *) malloc (pagesize);
310 if (!data3)
311 return 12;
312 if (read (fd, data3, pagesize) != pagesize)
313 return 13;
314 for (i = 0; i < pagesize; ++i)
315 if (*(data + i) != *(data3 + i))
316 return 14;
317 close (fd);
318 return 0;
319}