rbtdb.c: In function ‘previous_closest_nsec’:
rbtdb.c:3714:21: error: dereference of NULL ‘firstp’ [CWE-476] [-Werror=analyzer-null-dereference]
3714 | if (*firstp) {
| ^~~~~~~
‘find_closest_nsec’: events 1-2
|
| 3805 | find_closest_nsec(rbtdb_search_t *search, dns_dbnode_t **nodep,
| | ^~~~~~~~~~~~~~~~~
| | |
| | (1) entry to ‘find_closest_nsec’
|......
| 3842 | if (result != ISC_R_SUCCESS) {
| | ~
| | |
| | (2) following ‘false’ branch (when ‘result == 0’)...
|
‘find_closest_nsec’: event 3
|
|cc1:
| (3): ...to here
|
‘find_closest_nsec’: event 4
|
|../../lib/isc/include/isc/util.h:322:26:
| 322 | #define RUNTIME_CHECK(e) assert(e)
| | ^~~~~~
| | |
| | (4) following ‘true’ branch...
../../lib/isc/include/isc/util.h:162:17: note: in expansion of macro ‘RUNTIME_CHECK’
| 162 | RUNTIME_CHECK(isc_rwlock_lock((lp), (t)) == ISC_R_SUCCESS); \
| | ^~~~~~~~~~~~~
rbtdb.c:167:29: note: in expansion of macro ‘RWLOCK’
| 167 | #define NODE_LOCK(l, t) RWLOCK((l), (t))
| | ^~~~~~
rbtdb.c:3846:17: note: in expansion of macro ‘NODE_LOCK’
| 3846 | NODE_LOCK(&(search->rbtdb->node_locks[node->locknum].lock),
| | ^~~~~~~~~
|
‘find_closest_nsec’: event 5
|
|../../lib/isc/include/isc/util.h:164:71:
| 164 | (lp), (t), __FILE__, __LINE__)); \
| | ^
| | |
| | (5) ...to here
rbtdb.c:167:29: note: in expansion of macro ‘RWLOCK’
| 167 | #define NODE_LOCK(l, t) RWLOCK((l), (t))
| | ^~~~~~
rbtdb.c:3846:17: note: in expansion of macro ‘NODE_LOCK’
| 3846 | NODE_LOCK(&(search->rbtdb->node_locks[node->locknum].lock),
| | ^~~~~~~~~
|
‘find_closest_nsec’: events 6-14
|
| 3851 | for (header = node->data; header != NULL; header = header_next)
| | ^
| | |
| | (6) following ‘true’ branch (when ‘header’ is non-NULL)...
| 3852 | {
| 3853 | header_next = header->next;
| | ~~~~~~~~~~~
| | |
| | (7) ...to here
|......
| 3864 | if (NONEXISTENT(header)) {
| | ~
| | |
| | (8) following ‘false’ branch...
|......
| 3872 | if (header != NULL) {
| | ~~ ~
| | | |
| | | (10) following ‘true’ branch (when ‘header’ is non-NULL)...
| | (9) ...to here
|......
| 3877 | empty_node = false;
| | ~~~~~~~~~~
| | |
| | (11) ...to here
| 3878 | if (header->type == type) {
| | ~
| | |
| | (12) following ‘true’ branch...
| 3879 | found = header;
| | ~~~~~
| | |
| | (13) ...to here
| 3880 | if (foundsig != NULL) {
| | ~
| | |
| | (14) following ‘false’ branch (when ‘foundsig’ is NULL)...
|
‘find_closest_nsec’: event 15
|
|cc1:
| (15): ...to here
|
‘find_closest_nsec’: events 16-20
|
| 3891 | if (!empty_node) {
| | ^
| | |
| | (16) following ‘false’ branch (when ‘empty_node == 0’)...
| 3892 | if (found != NULL && search->rbtversion->havensec3 &&
| | ~~ ~
| | | |
| | | (18) following ‘true’ branch...
| | (17) ...to here
| 3893 | found->type == dns_rdatatype_nsec3 &&
| 3894 | !matchparams(found, search))
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (19) ...to here
| | (20) calling ‘matchparams’ from ‘find_closest_nsec’
|
+--> ‘matchparams’: event 21
|
| 3649 | matchparams(rdatasetheader_t *header, rbtdb_search_t *search) {
| | ^~~~~~~~~~~
| | |
| | (21) entry to ‘matchparams’
|
‘matchparams’: event 22
|
|../../lib/isc/include/isc/util.h:287:20:
| 287 | #define REQUIRE(e) assert(e)
| | ^~~~~~
| | |
| | (22) following ‘true’ branch...
rbtdb.c:3657:9: note: in expansion of macro ‘REQUIRE’
| 3657 | REQUIRE(header->type == dns_rdatatype_nsec3);
| | ^~~~~~~
|
‘matchparams’: event 23
|
| 3659 | raw = (unsigned char *)header + sizeof(*header);
| | ^~~
| | |
| | (23) ...to here
|
<------+
|
‘find_closest_nsec’: events 24-27
|
| 3892 | if (found != NULL && search->rbtversion->havensec3 &&
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| 3893 | found->type == dns_rdatatype_nsec3 &&
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (25) following ‘false’ branch...
| 3894 | !matchparams(found, search))
| | ~^~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (24) returning to ‘find_closest_nsec’ from ‘matchparams’
| 3895 | {
| 3896 | empty_node = true;
| | ~~~~~~~~~~
| | |
| | (26) ...to here
|......
| 3899 | result = previous_closest_nsec(
| | ~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (27) calling ‘previous_closest_nsec’ from ‘find_closest_nsec’
| 3900 | type, search, name, origin, &prevnode,
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| 3901 | NULL, NULL);
| | ~~~~~~~~~~~
|
+--> ‘previous_closest_nsec’: event 28
|
| 3690 | previous_closest_nsec(dns_rdatatype_t type, rbtdb_search_t *search,
| | ^~~~~~~~~~~~~~~~~~~~~
| | |
| | (28) entry to ‘previous_closest_nsec’
|
‘previous_closest_nsec’: event 29
|
|../../lib/isc/include/isc/util.h:287:20:
| 287 | #define REQUIRE(e) assert(e)
| | ^~~~~~
| | |
| | (29) following ‘true’ branch...
rbtdb.c:3699:9: note: in expansion of macro ‘REQUIRE’
| 3699 | REQUIRE(nodep != NULL && *nodep == NULL);
| | ^~~~~~~
|
‘previous_closest_nsec’: events 30-33
|
| 3701 | if (type == dns_rdatatype_nsec3) {
| | ^~ ~
| | | |
| | | (31) following ‘false’ branch (when ‘type != 50’)...
| | (30) ...to here
|......
| 3711 | target = dns_fixedname_initname(&ftarget);
| | ~~~~~~
| | |
| | (32) ...to here
|......
| 3714 | if (*firstp) {
| | ~~~~~~~
| | |
| | (33) dereference of NULL ‘firstp’
|
rbtdb.c: In function ‘update_recordsandxfrsize’:
rbtdb.c:6100:37: error: dereference of NULL ‘rbtversion’ [CWE-476] [-Werror=analyzer-null-dereference]
6100 | rbtversion->records += dns_rdataslab_count(hdr, hdrsize);
| ^~
‘add32’: events 1-5
|
| 6113 | add32(dns_rbtdb_t *rbtdb, dns_rbtnode_t *rbtnode, const dns_name_t *nodename,
| | ^~~~~
| | |
| | (1) entry to ‘add32’
|......
| 6151 | if (rbtversion != NULL && !loading) {
| | ~
| | |
| | (2) following ‘false’ branch...
|......
| 6164 | newheader_nx = NONEXISTENT(newheader) ? true : false;
| | ~~~~~~~~~~~~
| | |
| | (3) ...to here
|......
| 6168 | if (rbtversion == NULL && !newheader_nx) {
| | ~
| | |
| | (4) following ‘true’ branch...
| 6169 | rdtype = RBTDB_RDATATYPE_BASE(newheader->type);
| | ~~~~~~
| | |
| | (5) ...to here
|
‘add32’: events 6-7
|
| 6187 | topheader != NULL;
| | ^
| | |
| | (6) following ‘false’ branch (when ‘topheader’ is NULL)...
|......
| 6192 | goto find_header;
| | ~~~~
| | |
| | (7) ...to here
|
‘add32’: events 8-20
|
| 6275 | while (header != NULL && IGNORE(header)) {
| | ^
| | |
| | (8) following ‘false’ branch (when ‘header’ is NULL)...
|......
| 6278 | if (header != NULL) {
| | ~~ ~
| | | |
| | | (10) following ‘false’ branch (when ‘header’ is NULL)...
| | (9) ...to here
|......
| 6584 | if (newheader_nx) {
| | ~~ ~
| | | |
| | | (12) following ‘false’ branch...
| | (11) ...to here
|......
| 6589 | idx = newheader->node->locknum;
| | ~~~
| | |
| | (13) ...to here
|......
| 6604 | } else if (RESIGN(newheader)) {
| | ~
| | |
| | (14) following ‘false’ branch...
|......
| 6614 | if (topheader != NULL) {
| | ~~ ~
| | | |
| | | (16) following ‘false’ branch (when ‘topheader’ is NULL)...
| | (15) ...to here
|......
| 6642 | newheader->next = rbtnode->data;
| | ~~~~~~~~~
| | |
| | (17) ...to here
|......
| 6648 | if (rbtversion != NULL && !newheader_nx) {
| | ~
| | |
| | (18) following ‘true’ branch...
| 6649 | update_recordsandxfrsize(true, rbtversion, newheader,
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (19) ...to here
| | (20) calling ‘update_recordsandxfrsize’ from ‘add32’
| 6650 | nodename->length);
| | ~~~~~~~~~~~~~~~~~
|
+--> ‘update_recordsandxfrsize’: event 21
|
| 6093 | update_recordsandxfrsize(bool add, rbtdb_version_t *rbtversion,
| | ^~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (21) entry to ‘update_recordsandxfrsize’
|
‘update_recordsandxfrsize’: event 22
|
|../../lib/isc/include/isc/util.h:322:26:
| 322 | #define RUNTIME_CHECK(e) assert(e)
| | ^~~~~~
| | |
| | (22) following ‘true’ branch...
../../lib/isc/include/isc/util.h:162:17: note: in expansion of macro ‘RUNTIME_CHECK’
| 162 | RUNTIME_CHECK(isc_rwlock_lock((lp), (t)) == ISC_R_SUCCESS); \
| | ^~~~~~~~~~~~~
rbtdb.c:6098:9: note: in expansion of macro ‘RWLOCK’
| 6098 | RWLOCK(&rbtversion->rwlock, isc_rwlocktype_write);
| | ^~~~~~
|
‘update_recordsandxfrsize’: event 23
|
|../../lib/isc/include/isc/util.h:164:71:
| 164 | (lp), (t), __FILE__, __LINE__)); \
| | ^
| | |
| | (23) ...to here
rbtdb.c:6098:9: note: in expansion of macro ‘RWLOCK’
| 6098 | RWLOCK(&rbtversion->rwlock, isc_rwlocktype_write);
| | ^~~~~~
|
‘update_recordsandxfrsize’: events 24-26
|
| 6099 | if (add) {
| | ^
| | |
| | (24) following ‘true’ branch (when ‘add != 0’)...
| 6100 | rbtversion->records += dns_rdataslab_count(hdr, hdrsize);
| | ~~~~~~~~~~ ~~
| | | |
| | | (26) dereference of NULL ‘rbtversion’
| | (25) ...to here
|
In file included from ../../lib/isc/include/isc/util.h:14,
from rbtdb.c:40:
rbtdb.c: In function ‘add32’:
rbtdb.c:6321:42: error: dereference of NULL ‘rbtversion’ [CWE-476] [-Werror=analyzer-null-dereference]
6321 | INSIST(rbtversion->serial >= header->serial);
| ~~~~~~~~~~^~~~~~~~
rbtdb.c:6321:25: note: in expansion of macro ‘INSIST’
6321 | INSIST(rbtversion->serial >= header->serial);
| ^~~~~~
‘add32’: events 1-8
|
| 6151 | if (rbtversion != NULL && !loading) {
| | ^
| | |
| | (1) following ‘false’ branch...
|......
| 6164 | newheader_nx = NONEXISTENT(newheader) ? true : false;
| | ~~~~~~~~~~~~
| | |
| | (2) ...to here
|......
| 6168 | if (rbtversion == NULL && !newheader_nx) {
| | ~
| | |
| | (3) following ‘true’ branch...
| 6169 | rdtype = RBTDB_RDATATYPE_BASE(newheader->type);
| | ~~~~~~
| | |
| | (4) ...to here
|......
| 6172 | if (NEGATIVE(newheader)) {
| | ~
| | |
| | (5) following ‘true’ branch...
|......
| 6176 | if (covers == dns_rdatatype_any) {
| | ~~ ~
| | | |
| | | (7) following ‘false’ branch (when ‘covers != 255’)...
| | (6) ...to here
|......
| 6198 | for (topheader = rbtnode->data; topheader != NULL;
| | ~~~
| | |
| | (8) ...to here
|
‘add32’: events 9-10
|
| 6198 | for (topheader = rbtnode->data; topheader != NULL;
| | ^
| | |
| | (9) following ‘true’ branch (when ‘topheader’ is non-NULL)...
| 6199 | topheader = topheader->next) {
| 6200 | if (topheader->type == sigtype) {
| | ~~
| | |
| | (10) ...to here
|
‘add32’: events 11-20
|
| 6275 | while (header != NULL && IGNORE(header)) {
| | ^
| | |
| | (11) following ‘false’ branch...
|......
| 6278 | if (header != NULL) {
| | ~~ ~
| | | |
| | | (13) following ‘true’ branch (when ‘header’ is non-NULL)...
| | (12) ...to here
| 6279 | header_nx = NONEXISTENT(header) ? true : false;
| | ~~~~~~~~~
| | |
| | (14) ...to here
|......
| 6284 | if (header_nx && newheader_nx) {
| | ~
| | |
| | (15) following ‘false’ branch...
|......
| 6296 | if (rbtversion == NULL && trust < header->trust &&
| | ~~ ~ ~~~~~~~~~~~~~
| | | | |
| | | | (18) ...to here
| | | (17) following ‘true’ branch (when ‘rbtversion’ is NULL)...
| | (16) ...to here
|......
| 6319 | if (merge) {
| | ~
| | |
| | (19) following ‘true’ branch (when ‘merge != 0’)...
| 6320 | unsigned int flags = 0;
| | ~~~~~~~~
| | |
| | (20) ...to here
|
‘add32’: event 21
|
| 6321 | INSIST(rbtversion->serial >= header->serial);
| | ~~~~~~~~~~^~~~~~~~
| | |
| | (21) dereference of NULL ‘rbtversion’
rbtdb.c:6321:25: note: in expansion of macro ‘INSIST’
| 6321 | INSIST(rbtversion->serial >= header->serial);
| | ^~~~~~
|
