Fixed findings

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-476): [#def1]
QATzip-1.3.1/src/qatzip.c:2516:9: warning[-Wanalyzer-null-dereference]: dereference of NULL 'qz_sess'
QATzip-1.3.1/src/qatzip.c:4155:5: enter_function: entry to 'qzDecompress2'
QATzip-1.3.1/src/qatzip.c:4160:8: branch_false: following 'false' branch (when 'qzResults' is non-NULL)...
QATzip-1.3.1/src/qatzip.c:4165:8: branch_false: ...to here
QATzip-1.3.1/src/qatzip.c:4165:8: branch_true: following 'true' branch (when 'callback' is NULL)...
QATzip-1.3.1/src/qatzip.c:4167:35: branch_true: ...to here
QATzip-1.3.1/src/qatzip.c:4171:14: call_function: calling 'qzDecompressCrcExt' from 'qzDecompress2'
# 2514|           sess->hw_session_stat == QZ_NO_HW                               ||
# 2515|           !(isQATProcessable(src, src_len, qz_sess))                      ||
# 2516|->         qz_sess->inflate_stat == InflateOK) {
# 2517|           QZ_INFO("decompression src_len=%u, hdr->extra.qz_e.src_sz = %u, "
# 2518|                   "g_process.qz_init_status = %d, sess->hw_session_stat = %ld, "

Error: GCC_ANALYZER_WARNING (CWE-476): [#def2]
QATzip-1.3.1/src/qatzip_utils.c:1566:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL '*m.latency_array + (long unsigned int)i * 8'
QATzip-1.3.1/src/qatzip_utils.c:343:5: enter_function: entry to 'qzSetupSessionInternal'
QATzip-1.3.1/src/qatzip_utils.c:348:5: branch_true: following 'true' branch (when 'sess' is non-NULL)...
QATzip-1.3.1/src/qatzip_utils.c:349:5: branch_true: ...to here
QATzip-1.3.1/src/qatzip_utils.c:349:5: branch_true: following 'true' branch...
QATzip-1.3.1/src/qatzip_utils.c:353:10: branch_true: ...to here
QATzip-1.3.1/src/qatzip_utils.c:353:10: call_function: calling 'qzSetupDcSessionData' from 'qzSetupSessionInternal'
QATzip-1.3.1/src/qatzip_utils.c:353:10: return_function: returning to 'qzSetupSessionInternal' from 'qzSetupDcSessionData'
QATzip-1.3.1/src/qatzip_utils.c:355:8: branch_false: following 'false' branch...
QATzip-1.3.1/src/qatzip_utils.c:360:9: branch_false: ...to here
QATzip-1.3.1/src/qatzip_utils.c:360:8: branch_true: following 'true' branch...
QATzip-1.3.1/src/qatzip_utils.c:361:9: branch_true: ...to here
QATzip-1.3.1/src/qatzip_utils.c:361:9: call_function: calling 'metrixReset' from 'qzSetupSessionInternal'
# 1564|   
# 1565|       for (int i = 0; i < LSM_MET_DEPTH; i++) {
# 1566|->         m->latency_array[i] = 0;
# 1567|       }
# 1568|       m->arr_total = 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def3]
QATzip-1.3.1/src/qatzip_utils.c:1566:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL '*m.latency_array'
QATzip-1.3.1/src/qatzip_utils.c:1556:13: enter_function: entry to 'metrixReset'
QATzip-1.3.1/src/qatzip_utils.c:1558:8: branch_false: following 'false' branch (when 'm' is non-NULL)...
QATzip-1.3.1/src/qatzip_utils.c:1561:9: branch_false: ...to here
QATzip-1.3.1/src/qatzip_utils.c:1561:8: branch_true: following 'true' branch...
QATzip-1.3.1/src/qatzip_utils.c:1562:35: branch_true: ...to here
QATzip-1.3.1/src/qatzip_utils.c:1562:28: acquire_memory: this call could return NULL
 call_function: calling 'metrixReset' from 'metrixReset'
# 1564|   
# 1565|       for (int i = 0; i < LSM_MET_DEPTH; i++) {
# 1566|->         m->latency_array[i] = 0;
# 1567|       }
# 1568|       m->arr_total = 0;

Error: CPPCHECK_WARNING (CWE-476): [#def4]
QATzip-1.3.1/src/qatzip_utils.c:1758: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ring
# 1756|       QzRing_T *ring;
# 1757|       ring = (QzRing_T *)calloc(1, sizeof(QzRing_T));
# 1758|->     ring->elems = (void *)calloc(size, sizeof(void *));
# 1759|       ring->size = size;
# 1760|       ring->mask = size - 1;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def5]
QATzip-1.3.1/src/qatzip_utils.c:1758:5: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'ring'
QATzip-1.3.1/src/qatzip_utils.c:1752:8: branch_false: following 'false' branch (when 'size > 0')...
QATzip-1.3.1/src/qatzip_utils.c:1757:24: branch_false: ...to here
QATzip-1.3.1/src/qatzip_utils.c:1757:24: acquire_memory: this call could return NULL
QATzip-1.3.1/src/qatzip_utils.c:1758:5: danger: 'ring' could be NULL: unchecked value from [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
# 1756|       QzRing_T *ring;
# 1757|       ring = (QzRing_T *)calloc(1, sizeof(QzRing_T));
# 1758|->     ring->elems = (void *)calloc(size, sizeof(void *));
# 1759|       ring->size = size;
# 1760|       ring->mask = size - 1;

Error: CPPCHECK_WARNING (CWE-476): [#def6]
QATzip-1.3.1/src/qatzip_utils.c:1759: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ring
# 1757|       ring = (QzRing_T *)calloc(1, sizeof(QzRing_T));
# 1758|       ring->elems = (void *)calloc(size, sizeof(void *));
# 1759|->     ring->size = size;
# 1760|       ring->mask = size - 1;
# 1761|       ring->capacity = size;

Error: CPPCHECK_WARNING (CWE-476): [#def7]
QATzip-1.3.1/src/qatzip_utils.c:1760: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ring
# 1758|       ring->elems = (void *)calloc(size, sizeof(void *));
# 1759|       ring->size = size;
# 1760|->     ring->mask = size - 1;
# 1761|       ring->capacity = size;
# 1762|       return ring;

Error: CPPCHECK_WARNING (CWE-476): [#def8]
QATzip-1.3.1/src/qatzip_utils.c:1761: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ring
# 1759|       ring->size = size;
# 1760|       ring->mask = size - 1;
# 1761|->     ring->capacity = size;
# 1762|       return ring;
# 1763|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def9]
QATzip-1.3.1/utils/qzip_7z.c:2586:29: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
QATzip-1.3.1/utils/qzip_7z.c:2711:18: enter_function: entry to ‘generateEndHeader’
QATzip-1.3.1/utils/qzip_7z.c:2715:5: branch_false: following ‘false’ branch (when ‘header’ is non-NULL)...
QATzip-1.3.1/utils/qzip_7z.c:2717:28: branch_false: ...to here
QATzip-1.3.1/utils/qzip_7z.c:2718:27: call_function: calling ‘generateStreamsInfo’ from ‘generateEndHeader’
# 2584|       for (int i = 0; i < digests->numDefined; ++i) {
# 2585|           Qz7zFileItem_T *p = (Qz7zFileItem_T *)qzListGet(head, i);
# 2586|->         (digests->crc)[i] = p->crc;
# 2587|       }
# 2588|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def10]
QATzip-1.3.1/utils/qzip_7z.c:2642:59: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
QATzip-1.3.1/utils/qzip_7z.c:2711:18: enter_function: entry to ‘generateEndHeader’
QATzip-1.3.1/utils/qzip_7z.c:2715:5: branch_false: following ‘false’ branch (when ‘header’ is non-NULL)...
QATzip-1.3.1/utils/qzip_7z.c:2717:28: branch_false: ...to here
QATzip-1.3.1/utils/qzip_7z.c:2717:28: call_function: calling ‘generatePropertyInfo’ from ‘generateEndHeader’
QATzip-1.3.1/utils/qzip_7z.c:2717:28: return_function: returning to ‘generateEndHeader’ from ‘generatePropertyInfo’
QATzip-1.3.1/utils/qzip_7z.c:2718:27: call_function: calling ‘generateStreamsInfo’ from ‘generateEndHeader’
# 2640|           for (int j = 0; j < h->total - 1; ++j) {
# 2641|               fi = qzListGet(h, j);
# 2642|->             substreamsInfo->unPackSize[index_of_file++] = fi->size;
# 2643|           }
# 2644|       }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def11]
QATzip-1.3.1/utils/qzip_7z.c:2996:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
QATzip-1.3.1/utils/qzip_7z.c:2981:23: enter_function: entry to ‘genNamesPart’
QATzip-1.3.1/utils/qzip_7z.c:2994:17: branch_true: following ‘true’ branch...
QATzip-1.3.1/utils/qzip_7z.c:2995:31: branch_true: ...to here
QATzip-1.3.1/utils/qzip_7z.c:2995:31: call_function: calling ‘qzListGet’ from ‘genNamesPart’
QATzip-1.3.1/utils/qzip_7z.c:2995:31: return_function: returning to ‘genNamesPart’ from ‘qzListGet’
QATzip-1.3.1/utils/qzip_7z.c:2996:25: danger: dereference of NULL ‘qzListGet(head_dir,  i)’
# 2994|       for (i = 0; i < n_dir; ++i) {
# 2995|           p = (Qz7zFileItem_T *)qzListGet(head_dir, i);
# 2996|->         buf_len += 2 * (p->nameLength - p->baseNameLength);
# 2997|       }
# 2998|       for (i = 0; i < n_file; ++i) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def12]
QATzip-1.3.1/utils/qzip_7z.c:3000:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
QATzip-1.3.1/utils/qzip_7z.c:2981:23: enter_function: entry to ‘genNamesPart’
QATzip-1.3.1/utils/qzip_7z.c:2998:17: branch_true: following ‘true’ branch...
QATzip-1.3.1/utils/qzip_7z.c:2999:31: branch_true: ...to here
QATzip-1.3.1/utils/qzip_7z.c:2999:31: call_function: calling ‘qzListGet’ from ‘genNamesPart’
QATzip-1.3.1/utils/qzip_7z.c:2999:31: return_function: returning to ‘genNamesPart’ from ‘qzListGet’
QATzip-1.3.1/utils/qzip_7z.c:3000:25: danger: dereference of NULL ‘qzListGet(head_file,  i)’
# 2998|       for (i = 0; i < n_file; ++i) {
# 2999|           p = (Qz7zFileItem_T *)qzListGet(head_file, i);
# 3000|->         buf_len += 2 * (p->nameLength - p->baseNameLength);
# 3001|       }
# 3002|       buf = malloc(buf_len + 1);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def13]
QATzip-1.3.1/utils/qzip_7z.c:3009:18: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
QATzip-1.3.1/utils/qzip_7z.c:2981:23: enter_function: entry to ‘genNamesPart’
QATzip-1.3.1/utils/qzip_7z.c:2995:31: call_function: calling ‘qzListGet’ from ‘genNamesPart’
QATzip-1.3.1/utils/qzip_7z.c:2995:31: return_function: returning to ‘genNamesPart’ from ‘qzListGet’
QATzip-1.3.1/utils/qzip_7z.c:3003:5: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
QATzip-1.3.1/utils/qzip_7z.c:3006:5: branch_false: ...to here
QATzip-1.3.1/utils/qzip_7z.c:3007:17: branch_true: following ‘true’ branch...
QATzip-1.3.1/utils/qzip_7z.c:3008:31: branch_true: ...to here
QATzip-1.3.1/utils/qzip_7z.c:3008:31: call_function: calling ‘qzListGet’ from ‘genNamesPart’
QATzip-1.3.1/utils/qzip_7z.c:3008:31: return_function: returning to ‘genNamesPart’ from ‘qzListGet’
QATzip-1.3.1/utils/qzip_7z.c:3009:37: branch_false: following ‘false’ branch...
QATzip-1.3.1/utils/qzip_7z.c:3007:28: branch_false: ...to here
QATzip-1.3.1/utils/qzip_7z.c:3007:17: branch_true: following ‘true’ branch...
QATzip-1.3.1/utils/qzip_7z.c:3008:31: branch_true: ...to here
QATzip-1.3.1/utils/qzip_7z.c:3009:18: danger: dereference of NULL ‘qzListGet(head_dir,  i)’
# 3007|       for (i = 0; i < n_dir; ++i) {
# 3008|           p = (Qz7zFileItem_T *)qzListGet(head_dir, i);
# 3009|->         for (j = p->baseNameLength; j < p->nameLength; ++j) {
# 3010|               buf[k++] = p->fileName[j];
# 3011|               buf[k++] = 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def14]
QATzip-1.3.1/utils/qzip_7z.c:3041:20: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
QATzip-1.3.1/utils/qzip_7z.c:3026:18: enter_function: entry to ‘genAttributes’
QATzip-1.3.1/utils/qzip_7z.c:3036:5: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
QATzip-1.3.1/utils/qzip_7z.c:3036:5: branch_false: ...to here
QATzip-1.3.1/utils/qzip_7z.c:3039:17: branch_true: following ‘true’ branch...
QATzip-1.3.1/utils/qzip_7z.c:3040:31: branch_true: ...to here
QATzip-1.3.1/utils/qzip_7z.c:3040:31: call_function: calling ‘qzListGet’ from ‘genAttributes’
QATzip-1.3.1/utils/qzip_7z.c:3040:31: return_function: returning to ‘genAttributes’ from ‘qzListGet’
QATzip-1.3.1/utils/qzip_7z.c:3041:20: danger: dereference of NULL ‘qzListGet(head_dir,  i)’
# 3039|       for (i = 0; i < n_dir; ++i) {
# 3040|           p = (Qz7zFileItem_T *)qzListGet(head_dir, i);
# 3041|->         buf[k++] = p->attribute;
# 3042|       }
# 3043|       for (i = 0; i < n_file; ++i) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def15]
QATzip-1.3.1/utils/qzip_7z.c:3045:20: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
QATzip-1.3.1/utils/qzip_7z.c:3026:18: enter_function: entry to ‘genAttributes’
QATzip-1.3.1/utils/qzip_7z.c:3036:5: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
QATzip-1.3.1/utils/qzip_7z.c:3036:5: branch_false: ...to here
QATzip-1.3.1/utils/qzip_7z.c:3043:17: branch_true: following ‘true’ branch...
QATzip-1.3.1/utils/qzip_7z.c:3044:31: branch_true: ...to here
QATzip-1.3.1/utils/qzip_7z.c:3044:31: call_function: calling ‘qzListGet’ from ‘genAttributes’
QATzip-1.3.1/utils/qzip_7z.c:3044:31: return_function: returning to ‘genAttributes’ from ‘qzListGet’
QATzip-1.3.1/utils/qzip_7z.c:3045:20: danger: dereference of NULL ‘qzListGet(head_file,  i)’
# 3043|       for (i = 0; i < n_file; ++i) {
# 3044|           p = (Qz7zFileItem_T *)qzListGet(head_file, i);
# 3045|->         buf[k++] = p->attribute;
# 3046|       }
# 3047|

Scan Properties

analyzer-version-clippy	1.95.0
analyzer-version-cppcheck	2.20.0
analyzer-version-gcc	16.1.1
analyzer-version-gcc-analyzer	16.1.1
analyzer-version-shellcheck	0.11.0
analyzer-version-unicontrol	0.0.2
diffbase-analyzer-version-clippy	1.95.0
diffbase-analyzer-version-cppcheck	2.20.0
diffbase-analyzer-version-gcc	16.1.1
diffbase-analyzer-version-gcc-analyzer	16.1.1
diffbase-analyzer-version-shellcheck	0.11.0
diffbase-analyzer-version-unicontrol	0.0.2
diffbase-enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code	0
diffbase-host	ip-172-16-1-251.us-west-2.compute.internal
diffbase-known-false-positives	/usr/share/csmock/known-false-positives.js
diffbase-known-false-positives-rpm	known-false-positives-0.0.0.20260524.213755.g3c6d0be.main-1.el9.noarch
diffbase-mock-config	fedora-rawhide-x86_64
diffbase-project-name	qatzip-1.3.2-1.fc45
diffbase-store-results-to	/tmp/tmpwlurokxp/qatzip-1.3.2-1.fc45.tar.xz
diffbase-time-created	2026-06-01 16:31:04
diffbase-time-finished	2026-06-01 16:32:39
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'shellcheck,cppcheck,clippy,unicontrol,gcc' '-o' '/tmp/tmpwlurokxp/qatzip-1.3.2-1.fc45.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpwlurokxp/qatzip-1.3.2-1.fc45.src.rpm'
diffbase-tool-version	csmock-3.8.5.20260529.133039.g6f3b5c6-1.el9
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-251.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20260524.213755.g3c6d0be.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	qatzip-1.3.1-3.fc44
store-results-to	/tmp/tmp46nlsst2/qatzip-1.3.1-3.fc44.tar.xz
time-created	2026-06-01 16:28:41
time-finished	2026-06-01 16:30:42
title	Fixed findings
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'shellcheck,cppcheck,clippy,unicontrol,gcc' '-o' '/tmp/tmp46nlsst2/qatzip-1.3.1-3.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp46nlsst2/qatzip-1.3.1-3.fc44.src.rpm'
tool-version	csmock-3.8.5.20260529.133039.g6f3b5c6-1.el9