Bug Summary

File:src/lib/libc/stdio/fclose.c
Warning:line 55, column 6
Dereference of null pointer

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple amd64-unknown-openbsd7.0 -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name fclose.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -fhalf-no-semantic-interposition -mframe-pointer=all -relaxed-aliasing -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/lib/libc/obj -resource-dir /usr/local/lib/clang/13.0.0 -include namespace.h -I /usr/src/lib/libc/include -I /usr/src/lib/libc/hidden -D __LIBC__ -D APIWARN -D YP -I /usr/src/lib/libc/yp -I /usr/src/lib/libc -I /usr/src/lib/libc/gdtoa -I /usr/src/lib/libc/arch/amd64/gdtoa -D INFNAN_CHECK -D MULTIPLE_THREADS -D NO_FENV_H -D USE_LOCALE -I /usr/src/lib/libc -I /usr/src/lib/libc/citrus -D RESOLVSORT -D FLOATING_POINT -D PRINTF_WIDE_CHAR -D SCANF_WIDE_CHAR -D FUTEX -D PIC -internal-isystem /usr/local/lib/clang/13.0.0/include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/usr/src/lib/libc/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/ben/Projects/vmm/scan-build/2022-01-12-194120-40624-1 -x c /usr/src/lib/libc/stdio/fclose.c
1/* $OpenBSD: fclose.c,v 1.10 2015/08/31 02:53:57 guenther Exp $ */
2/*-
3 * Copyright (c) 1990, 1993
4 * The Regents of the University of California. All rights reserved.
5 *
6 * This code is derived from software contributed to Berkeley by
7 * Chris Torek.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34#include <errno(*__errno()).h>
35#include <stdio.h>
36#include <stdlib.h>
37#include "local.h"
38
39int
40fclose(FILE *fp)
41{
42 int r;
43
44 if (fp->_flags == 0) { /* not open! */
1
Assuming field '_flags' is not equal to 0
2
Taking false branch
45 errno(*__errno()) = EBADF9;
46 return (EOF(-1));
47 }
48 FLOCKFILE(fp)do { if (_thread_cb.tc_flockfile != ((void *)0)) _thread_cb.tc_flockfile
(fp); } while (0);
3
Assuming field 'tc_flockfile' is equal to null
4
Taking false branch
5
Loop condition is false. Exiting loop
49 WCIO_FREE(fp)do { struct wchar_io_data *_wcio = (((struct __sfileext *)((fp
)->_ext._base)) ? &(((struct __sfileext *)((fp)->_ext
._base))->_wcio) : (struct wchar_io_data *)0); if (_wcio) {
_wcio->wcio_mode = 0; _wcio->wcio_ungetwc_inbuf = 0; }
} while (0);
6
Assuming field '_base' is null
7
'?' condition is false
8
Taking false branch
9
Loop condition is false. Exiting loop
50 r = fp->_flags & __SWR0x0008 ? __sflush(fp) : 0;
10
Assuming the condition is false
11
'?' condition is false
51 if (fp->_close != NULL((void *)0) && (*fp->_close)(fp->_cookie) < 0)
12
Assuming field '_close' is equal to NULL
52 r = EOF(-1);
53 if (fp->_flags & __SMBF0x0080)
13
Assuming the condition is false
14
Taking false branch
54 free((char *)fp->_bf._base);
55 if (HASUB(fp)(((struct __sfileext *)((fp)->_ext._base))->_ub._base !=
((void *)0)))
15
Dereference of null pointer
56 FREEUB(fp){ if (((struct __sfileext *)((fp)->_ext._base))->_ub._base
!= (fp)->_ubuf) free(((struct __sfileext *)((fp)->_ext
._base))->_ub._base); ((struct __sfileext *)((fp)->_ext
._base))->_ub._base = ((void *)0); };
57 if (HASLB(fp)((fp)->_lb._base != ((void *)0)))
58 FREELB(fp){ free((char *)(fp)->_lb._base); (fp)->_lb._base = ((void
*)0); };
59 fp->_r = fp->_w = 0; /* Mess up if reaccessed. */
60 fp->_flags = 0; /* Release this FILE for reuse. */
61 FUNLOCKFILE(fp)do { if (_thread_cb.tc_funlockfile != ((void *)0)) _thread_cb
.tc_funlockfile(fp); } while (0);
62 return (r);
63}
64DEF_STRONG(fclose)__asm__(".global " "fclose" " ; " "fclose" " = " "_libc_fclose"
);