/usr/src/usr.bin/diff3/diff3prog.c

Bug Summary

File:	src/usr.bin/diff3/diff3prog.c
Warning:	line 287, column 2 Null pointer passed as 1st argument to memory copy function

Annotated Source Code

Press '?' to see keyboard shortcuts

Show analyzer invocation

clang -cc1 -cc1 -triple amd64-unknown-openbsd7.0 -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name diff3prog.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -pic-is-pie -mframe-pointer=all -relaxed-aliasing -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/usr.bin/diff3/obj -resource-dir /usr/local/lib/clang/13.0.0 -internal-isystem /usr/local/lib/clang/13.0.0/include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/usr/src/usr.bin/diff3/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/ben/Projects/vmm/scan-build/2022-01-12-194120-40624-1 -x c /usr/src/usr.bin/diff3/diff3prog.c

1/*	$OpenBSD: diff3prog.c,v 1.21 2021/04/13 14:20:23 stsp Exp $	*/

3/*
* Copyright (C) Caldera International Inc.  2001-2002.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code and documentation must retain the above
*    copyright notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
*    notice, this list of conditions and the following disclaimer in the
*    documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
*    must display the following acknowledgement:
*	This product includes software developed or owned by Caldera
*	International, Inc.
* 4. Neither the name of Caldera International, Inc. nor the names of other
*    contributors may be used to endorse or promote products derived from
*    this software without specific prior written permission.
*
* USE OF THE SOFTWARE PROVIDED FOR UNDER THIS LICENSE BY CALDERA
* INTERNATIONAL, INC. AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL CALDERA INTERNATIONAL, INC. BE LIABLE FOR ANY DIRECT,
* INDIRECT INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
36/*-
* Copyright (c) 1991, 1993
*	The Regents of the University of California.  All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
*    notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
*    notice, this list of conditions and the following disclaimer in the
*    documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
*    may be used to endorse or promote products derived from this software
*    without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*	@(#)diff3.c	8.1 (Berkeley) 6/6/93
*/

67#include <ctype.h>
68#include <err.h>
69#include <stdio.h>
70#include <stdlib.h>
71#include <string.h>
72#include <unistd.h>

74/* diff3 - 3-way differential file comparison */

76/* diff3 [-ex3EX] d13 d23 f1 f2 f3 [m1 m3]
*
* d13 = diff report on f1 vs f3
* d23 = diff report on f2 vs f3
* f1, f2, f3 the 3 files
* if changes in f1 overlap with changes in f3, m1 and m3 are used
* to mark the overlaps; otherwise, the file names f1 and f3 are used
* (only for options E and X).
*/

86/*
* "from" is first in range of changed lines; "to" is last+1
* from=to=line after point of insertion for added lines.
*/
90struct  range {
int from;
int to;
93};
94struct diff {
struct range old;
struct range new;
97};

99size_t szchanges;

101struct diff *d13;
102struct diff *d23;
103/*
* "de" is used to gather editing scripts.  These are later spewed out in
* reverse order.  Its first element must be all zero, the "new" component
* of "de" contains line positions or byte positions depending on when you
* look (!?).  Array overlap indicates which sections in "de" correspond to
* lines that are different in all three files.
*/
110struct diff *de;
111char *overlap;
112int  overlapcnt;
113FILE *fp[3];
114int cline[3];		/* # of the last-read line in each file (0-2) */
115/*
* the latest known correspondence between line numbers of the 3 files
* is stored in last[1-3];
*/
119int last[4];
120int eflag;
121int oflag;		/* indicates whether to mark overlaps (-E or -X)*/
122int debug  = 0;
123char f1mark[40], f3mark[40];	/* markers for -E and -X */

125int duplicate(struct range *, struct range *);
126int edit(struct diff *, int, int);
127char *getchange(FILE *);
128char *get_line(FILE *, size_t *);
129int number(char **);
130int readin(char *, struct diff **);
131int skip(int, int, char *);
132void change(int, struct range *, int);
133void keep(int, struct range *);
134void merge(int, int);
135void prange(struct range *);
136void repos(int);
137void separate(const char *);
138__dead__attribute__((__noreturn__)) void edscript(int);
139__dead__attribute__((__noreturn__)) void trouble(void);
140void increase(void);
141__dead__attribute__((__noreturn__)) void usage(void);

143int
144main(int argc, char **argv)
145{
int ch, i, m, n;

if (pledge("stdio rpath", NULL((void *)0)) == -1)
1
Assuming the condition is false→
2
←
Taking false branch→
err(1, "pledge");

eflag = 0;
oflag = 0;
while ((ch = getopt(argc, argv, "EeXx3")) != -1) {
3
←
Assuming the condition is false→
4
←
Loop condition is false. Execution continues on line 173→
switch (ch) {
case 'E':
	eflag = 3;
	oflag = 1;
	break;
case 'e':
	eflag = 3;
	break;
case 'X':
	oflag = eflag = 1;
	break;
case 'x':
	eflag = 1;
	break;
case '3':
	eflag = 2;
	break;
}
}
argc -= optind;
argv += optind;
/* XXX - argc usage seems wrong here */
if (argc < 5)
5
←
Assuming 'argc' is >= 5→
6
←
Taking false branch→
usage();

if (oflag6.1
'oflag' is 0
) {
7
←
Taking false branch→
(void)snprintf(f1mark, sizeof(f1mark), "<<<<<<< %s",
    argc >= 6 ? argv[5] : argv[2]);
(void)snprintf(f3mark, sizeof(f3mark), ">>>>>>> %s",
    argc >= 7 ? argv[6] : argv[4]);
}

increase();
m = readin(argv[0], &d13);
8
←
Calling 'readin'→
n = readin(argv[1], &d23);
for (i = 0; i <= 2; i++) {
if ((fp[i] = fopen(argv[i + 2], "r")) == NULL((void *)0))
	err(EXIT_FAILURE1, "can't open %s", argv[i + 2]);
}
merge(m, n);
exit(EXIT_SUCCESS0);
195}

197/*
* Pick up the line numbers of all changes from one change file.
* (This puts the numbers in a vector, which is not strictly necessary,
* since the vector is processed in one sequential pass.
* The vector could be optimized out of existence)
*/
203int
204readin(char *name, struct diff **dd)
205{
int a, b, c, d, i;
char kind, *p;

fp[0] = fopen(name, "r");
if (fp[0] == NULL((void *)0))
9
←
Assuming the condition is false→
10
←
Taking false branch→
err(EXIT_FAILURE1, "can't open %s", name);
for (i=0; (p = getchange(fp[0])); i++) {
11
←
Calling 'getchange'→
if (i >= szchanges - 1)
	increase();
a = b = number(&p);
if (*p == ',') {
	p++;
	b = number(&p);
}
kind = *p++;
c = d = number(&p);
if (*p==',') {
	p++;
	d = number(&p);
}
if (kind == 'a')
	a++;
if (kind == 'd')
	c++;
b++;
d++;
(*dd)[i].old.from = a;
(*dd)[i].old.to = b;
(*dd)[i].new.from = c;
(*dd)[i].new.to = d;
}
if (i) {
(*dd)[i].old.from = (*dd)[i-1].old.to;
(*dd)[i].new.from = (*dd)[i-1].new.to;
}
(void)fclose(fp[0]);
return (i);
243}

245int
246number(char **lc)
247{
int nn;
nn = 0;
while (isdigit((unsigned char)(**lc)))
nn = nn*10 + *(*lc)++ - '0';
return (nn);
253}

255char *
256getchange(FILE *b)
257{
char *line;

while ((line = get_line(b, NULL((void *)0)))) {
12
←
Calling 'get_line'→
if (isdigit((unsigned char)line[0]))
	return (line);
}
return (NULL((void *)0));
265}

267char *
268get_line(FILE *b, size_t *n)
269{
char *cp;
size_t len;
static char *buf;
13
←
'buf' initialized to a null pointer value→
static size_t bufsize;

if ((cp = fgetln(b, &len)) == NULL((void *)0))
14
←
Assuming the condition is false→
15
←
Taking false branch→
return (NULL((void *)0));

if (cp[len - 1] != '\n')
16
←
Assuming the condition is false→
17
←
Taking false branch→
len++;
if (len + 1 > bufsize) {
18
←
Assuming the condition is false→
19
←
Taking false branch→
do {
	bufsize += 1024;
} while (len + 1 > bufsize);
if ((buf = realloc(buf, bufsize)) == NULL((void *)0))
	err(EXIT_FAILURE1, NULL((void *)0));
}
memcpy(buf, cp, len - 1);
20
←
Null pointer passed as 1st argument to memory copy function
buf[len - 1] = '\n';
buf[len] = '\0';
if (n != NULL((void *)0))
*n = len;
return (buf);
293}

295void
296merge(int m1, int m2)
297{
struct diff *d1, *d2, *d3;
int dup, j, t1, t2;

d1 = d13;
d2 = d23;
j = 0;
for (;;) {
t1 = (d1 < d13 + m1);
t2 = (d2 < d23 + m2);
if (!t1 && !t2)
	break;

if (debug) {
	printf("%d,%d=%d,%d %d,%d=%d,%d\n",
	d1->old.from,d1->old.to,
	d1->new.from,d1->new.to,
	d2->old.from,d2->old.to,
	d2->new.from,d2->new.to);
}
/* first file is different from others */
if (!t2 || (t1 && d1->new.to < d2->new.from)) {
	/* stuff peculiar to 1st file */
	if (eflag==0) {
		separate("1");
		change(1, &d1->old, 0);
		keep(2, &d1->new);
		change(3, &d1->new, 0);
	}
	d1++;
	continue;
}
/* second file is different from others */
if (!t1 || (t2 && d2->new.to < d1->new.from)) {
	if (eflag==0) {
		separate("2");
		keep(1, &d2->new);
		change(2, &d2->old, 0);
		change(3, &d2->new, 0);
	}
	d2++;
	continue;
}
/*
 * Merge overlapping changes in first file
 * this happens after extension (see below).
 */
if (d1 + 1 < d13 + m1 && d1->new.to >= d1[1].new.from) {
	d1[1].old.from = d1->old.from;
	d1[1].new.from = d1->new.from;
	d1++;
	continue;
}

/* merge overlapping changes in second */
if (d2 + 1 < d23 + m2 && d2->new.to >= d2[1].new.from) {
	d2[1].old.from = d2->old.from;
	d2[1].new.from = d2->new.from;
	d2++;
	continue;
}
/* stuff peculiar to third file or different in all */
if (d1->new.from == d2->new.from && d1->new.to == d2->new.to) {
	dup = duplicate(&d1->old,&d2->old);
	/*
	 * dup = 0 means all files differ
	 * dup = 1 means files 1 and 2 identical
	 */
	if (eflag==0) {
		separate(dup ? "3" : "");
		change(1, &d1->old, dup);
		change(2, &d2->old, 0);
		d3 = d1->old.to > d1->old.from ? d1 : d2;
		change(3, &d3->new, 0);
	} else
		j = edit(d1, dup, j);
	d1++;
	d2++;
	continue;
}
/*
 * Overlapping changes from file 1 and 2; extend changes
 * appropriately to make them coincide.
 */
if (d1->new.from < d2->new.from) {
	d2->old.from -= d2->new.from-d1->new.from;
	d2->new.from = d1->new.from;
} else if (d2->new.from < d1->new.from) {
	d1->old.from -= d1->new.from-d2->new.from;
	d1->new.from = d2->new.from;
}
if (d1->new.to > d2->new.to) {
	d2->old.to += d1->new.to - d2->new.to;
	d2->new.to = d1->new.to;
} else if (d2->new.to > d1->new.to) {
	d1->old.to += d2->new.to - d1->new.to;
	d1->new.to = d2->new.to;
}
}
if (eflag)
edscript(j);
398}

400void
401separate(const char *s)
402{
printf("====%s\n", s);
404}

406/*
* The range of lines rold.from thru rold.to in file i is to be changed.
* It is to be printed only if it does not duplicate something to be
* printed later.
*/
411void
412change(int i, struct range *rold, int dup)
413{
printf("%d:", i);
last[i] = rold->to;
prange(rold);
if (dup || debug)
return;
i--;
(void)skip(i, rold->from, NULL((void *)0));
(void)skip(i, rold->to, "  ");
422}

424/*
* print the range of line numbers, rold.from thru rold.to, as n1,n2 or n1
*/
427void
428prange(struct range *rold)
429{
if (rold->to <= rold->from)
printf("%da\n", rold->from - 1);
else {
printf("%d", rold->from);
if (rold->to > rold->from+1)
	printf(",%d", rold->to - 1);
printf("c\n");
}
438}

440/*
* No difference was reported by diff between file 1 (or 2) and file 3,
* and an artificial dummy difference (trange) must be ginned up to
* correspond to the change reported in the other file.
*/
445void
446keep(int i, struct range *rnew)
447{
int delta;
struct range trange;

delta = last[3] - last[i];
trange.from = rnew->from - delta;
trange.to = rnew->to - delta;
change(i, &trange, 1);
455}

457/*
* skip to just before line number from in file "i".  If "pr" is non-NULL,
* print all skipped stuff with string pr as a prefix.
*/
461int
462skip(int i, int from, char *pr)
463{
size_t j, n;
char *line;

for (n = 0; cline[i] < from - 1; n += j) {
if ((line = get_line(fp[i], &j)) == NULL((void *)0))
	trouble();
if (pr != NULL((void *)0))
	printf("%s%s", pr, line);
cline[i]++;
}
return ((int) n);
475}

477/*
* Return 1 or 0 according as the old range (in file 1) contains exactly
* the same data as the new range (in file 2).
*/
481int
482duplicate(struct range *r1, struct range *r2)
483{
int c,d;
int nchar;
int nline;

if (r1->to-r1->from != r2->to-r2->from)
return (0);
(void)skip(0, r1->from, NULL((void *)0));
(void)skip(1, r2->from, NULL((void *)0));
nchar = 0;
for (nline=0; nline < r1->to - r1->from; nline++) {
do {
	c = getc(fp[0])(!__isthreaded ? (--(fp[0])->_r < 0 ? __srget(fp[0]) : (
int)(*(fp[0])->_p++)) : (getc)(fp[0]));
	d = getc(fp[1])(!__isthreaded ? (--(fp[1])->_r < 0 ? __srget(fp[1]) : (
int)(*(fp[1])->_p++)) : (getc)(fp[1]));
	if (c == -1 && d == -1)
		break;
	if (c == -1 || d== -1)
		trouble();
	nchar++;
	if (c != d) {
		repos(nchar);
		return (0);
	}
} while (c != '\n');
}
repos(nchar);
return (1);
510}

512void
513repos(int nchar)
514{
int i;

for (i = 0; i < 2; i++)
(void)fseek(fp[i], (long)-nchar, SEEK_CUR1);
519}

521__dead__attribute__((__noreturn__)) void
522trouble(void)
523{
errx(EXIT_FAILURE1, "logic error");
525}

527/*
* collect an editing script for later regurgitation
*/
530int
531edit(struct diff *diff, int dup, int j)
532{
if (((dup + 1) & eflag) == 0)
return (j);
j++;
overlap[j] = !dup;
if (!dup)
overlapcnt++;
de[j].old.from = diff->old.from;
de[j].old.to = diff->old.to;
de[j].new.from = de[j-1].new.to + skip(2, diff->new.from, NULL((void *)0));
de[j].new.to = de[j].new.from + skip(2, diff->new.to, NULL((void *)0));
return (j);
544}

546/* regurgitate */
547__dead__attribute__((__noreturn__)) void
548edscript(int n)
549{
int j,k;
char block[BUFSIZ1024];

for (; n > 0; n--) {
if (!oflag || !overlap[n])
	prange(&de[n].old);
else
	printf("%da\n=======\n", de[n].old.to -1);
(void)fseek(fp[2], (long)de[n].new.from, SEEK_SET0);
for (k = de[n].new.to-de[n].new.from; k > 0; k-= j) {
	size_t r;
	j = k > BUFSIZ1024 ? BUFSIZ1024 : k;
	r = fread(block, 1, j, fp[2]);
	if (r == 0) {
		if (feof(fp[2])(!__isthreaded ? (((fp[2])->_flags & 0x0020) != 0) : (
feof)(fp[2])))
			break;
		trouble();
	}
	if (r != j)
		j = r;
	(void)fwrite(block, 1, j, stdout(&__sF[1]));
}
if (!oflag || !overlap[n])
	printf(".\n");
else {
	printf("%s\n.\n", f3mark);
	printf("%da\n%s\n.\n", de[n].old.from - 1, f1mark);
}
}
exit(overlapcnt);
580}

582void
583increase(void)
584{
struct diff *p;
char *q;
size_t newsz, incr;

/* are the memset(3) calls needed? */
newsz = szchanges == 0 ? 64 : 2 * szchanges;
incr = newsz - szchanges;

p = reallocarray(d13, newsz, sizeof(struct diff));
if (p == NULL((void *)0))
err(1, NULL((void *)0));
memset(p + szchanges, 0, incr * sizeof(struct diff));
d13 = p;
p = reallocarray(d23, newsz, sizeof(struct diff));
if (p == NULL((void *)0))
err(1, NULL((void *)0));
memset(p + szchanges, 0, incr * sizeof(struct diff));
d23 = p;
p = reallocarray(de, newsz, sizeof(struct diff));
if (p == NULL((void *)0))
err(1, NULL((void *)0));
memset(p + szchanges, 0, incr * sizeof(struct diff));
de = p;
q = reallocarray(overlap, newsz, sizeof(char));
if (q == NULL((void *)0))
err(1, NULL((void *)0));
memset(q + szchanges, 0, incr * sizeof(char));
overlap = q;
szchanges = newsz;
614}


617__dead__attribute__((__noreturn__)) void
618usage(void)
619{
extern char *__progname;

fprintf(stderr(&__sF[2]), "usage: %s [-exEX3] /tmp/d3a.?????????? "
   "/tmp/d3b.?????????? file1 file2 file3\n", __progname);
exit(EXIT_FAILURE1);
625}