From 0fdc09efb6c3b5c6b56f9a0d8b79f9215d3bce3d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>
Date: Wed, 25 Mar 2020 17:25:45 +0100
Subject: [PATCH] Fix 'Dereference of null pointer' from scan-build-10

These are mostly false positives, the clang-analyzer FAQ[1] specifies
why and how to fix it:

> The reason the analyzer often thinks that a pointer can be null is
> because the preceding code checked compared it against null. So if you
> are absolutely sure that it cannot be null, remove the preceding check
> and, preferably, add an assertion as well.

The 4 warnings reported are:

dnssec-cds.c:781:4: warning: Access to field 'base' results in a dereference of a null pointer (loaded from variable 'buf')
                        isc_buffer_availableregion(buf, &r);
                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/builds/isc-projects/bind9/lib/isc/include/isc/buffer.h:996:36: note: expanded from macro 'isc_buffer_availableregion'
                                   ^
/builds/isc-projects/bind9/lib/isc/include/isc/buffer.h:821:16: note: expanded from macro 'ISC__BUFFER_AVAILABLEREGION'
                (_r)->base = isc_buffer_used(_b);              \
                             ^~~~~~~~~~~~~~~~~~~
/builds/isc-projects/bind9/lib/isc/include/isc/buffer.h:152:29: note: expanded from macro 'isc_buffer_used'
        ((void *)((unsigned char *)(b)->base + (b)->used)) /*d*/
                                   ^~~~~~~~~
1 warning generated.

--

byname_test.c:308:34: warning: Access to field 'fwdtable' results in a dereference of a null pointer (loaded from variable 'view')
                RUNTIME_CHECK(dns_fwdtable_add(view->fwdtable, dns_rootname,
                                               ^~~~~~~~~~~~~~
/builds/isc-projects/bind9/lib/isc/include/isc/util.h:318:52: note: expanded from macro 'RUNTIME_CHECK'
                                                   ^~~~
/builds/isc-projects/bind9/lib/isc/include/isc/error.h:50:21: note: expanded from macro 'ISC_ERROR_RUNTIMECHECK'
        ((void)(ISC_LIKELY(cond) ||  \
                           ^~~~
/builds/isc-projects/bind9/lib/isc/include/isc/likely.h:23:43: note: expanded from macro 'ISC_LIKELY'
                                            ^
1 warning generated.

--

./rndc.c:255:6: warning: Dereference of null pointer (loaded from variable 'host')
        if (*host == '/') {
            ^~~~~
1 warning generated.

--

./main.c:1254:9: warning: Access to field 'sctx' results in a dereference of a null pointer (loaded from variable 'named_g_server')
        sctx = named_g_server->sctx;
               ^~~~~~~~~~~~~~~~~~~~
1 warning generated.

References:
1. https://clang-analyzer.llvm.org/faq.html#null_pointer

(cherry picked from commit ddd0d356e5922e6b1958b3050e04a160e106734a)
---
 bin/dnssec/dnssec-cds.c          | 4 ++++
 bin/named/main.c                 | 1 +
 bin/rndc/rndc.c                  | 4 +++-
 bin/tests/optional/byname_test.c | 1 +
 4 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/bin/dnssec/dnssec-cds.c b/bin/dnssec/dnssec-cds.c
index e94235786c..a9ba59d4f2 100644
--- a/bin/dnssec/dnssec-cds.c
+++ b/bin/dnssec/dnssec-cds.c
@@ -754,6 +754,8 @@ ds_from_cds(dns_rdatalist_t *dslist, isc_buffer_t *buf, dns_rdata_t *cds) {
 	dns_rdata_ds_t ds;
 	dns_rdata_t *rdata;
 
+	REQUIRE(buf != NULL);
+
 	rdata = rdata_get();
 
 	result = dns_rdata_tostruct(cds, &ds, NULL);
@@ -772,6 +774,8 @@ ds_from_cdnskey(dns_rdatalist_t *dslist, isc_buffer_t *buf,
 	isc_result_t result;
 	unsigned i, n;
 
+	REQUIRE(buf != NULL);
+
 	n = sizeof(dtype) / sizeof(dtype[0]);
 	for (i = 0; i < n; i++) {
 		if (dtype[i] != 0) {
diff --git a/bin/named/main.c b/bin/named/main.c
index 603e8a1b5e..50345be562 100644
--- a/bin/named/main.c
+++ b/bin/named/main.c
@@ -1291,6 +1291,7 @@ setup(void) {
 #endif /* if CONTRIB_DLZ */
 
 	named_server_create(named_g_mctx, &named_g_server);
+	ENSURE(named_g_server != NULL);
 	sctx = named_g_server->sctx;
 
 	/*
diff --git a/bin/rndc/rndc.c b/bin/rndc/rndc.c
index b6e7a18664..f238b1d584 100644
--- a/bin/rndc/rndc.c
+++ b/bin/rndc/rndc.c
@@ -252,6 +252,8 @@ get_addresses(const char *host, in_port_t port) {
 	isc_result_t result;
 	int found = 0, count;
 
+	REQUIRE(host != NULL);
+
 	if (*host == '/') {
 		result = isc_sockaddr_frompath(&serveraddrs[nserveraddrs],
 					       host);
@@ -1036,7 +1038,7 @@ main(int argc, char **argv) {
 		fatal("'%s' is not implemented", command);
 	}
 
-	if (nserveraddrs == 0) {
+	if (nserveraddrs == 0 && servername != NULL) {
 		get_addresses(servername, (in_port_t)remoteport);
 	}
 
diff --git a/bin/tests/optional/byname_test.c b/bin/tests/optional/byname_test.c
index a80160a690..1d6ab599c1 100644
--- a/bin/tests/optional/byname_test.c
+++ b/bin/tests/optional/byname_test.c
@@ -305,6 +305,7 @@ main(int argc, char *argv[]) {
 		isc_sockaddr_fromin(&sa, &ina, 53);
 		ISC_LIST_APPEND(sal, &sa, link);
 
+		REQUIRE(DNS_VIEW_VALID(view));
 		RUNTIME_CHECK(dns_fwdtable_add(view->fwdtable, dns_rootname,
 					       &sal, dns_fwdpolicy_only) ==
 			      ISC_R_SUCCESS);
-- 
GitLab