/usr/src/usr.bin/make/str.c

Bug Summary

File:	src/usr.bin/make/str.c
Warning:	line 190, column 8 Dereference of null pointer

Annotated Source Code

Press '?' to see keyboard shortcuts

Show analyzer invocation

clang -cc1 -cc1 -triple amd64-unknown-openbsd7.4 -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name str.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -pic-is-pie -mframe-pointer=all -relaxed-aliasing -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/usr.bin/make/obj -resource-dir /usr/local/llvm16/lib/clang/16 -I /usr/src/usr.bin/make/obj -I /usr/src/usr.bin/make -D MAKE_BSIZE=256 -D DEFMAXJOBS=4 -I /usr/src/usr.bin/make/lst.lib -internal-isystem /usr/local/llvm16/lib/clang/16/include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/usr/src/usr.bin/make/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fcf-protection=branch -fno-jump-tables -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/ben/Projects/scan/2024-01-11-140451-98009-1 -x c /usr/src/usr.bin/make/str.c

1/*	$OpenBSD: str.c,v 1.33 2023/09/04 11:35:11 espie Exp $	*/
2/*	$NetBSD: str.c,v 1.13 1996/11/06 17:59:23 christos Exp $	*/

4/*-
* Copyright (c) 1988, 1989, 1990, 1993
*	The Regents of the University of California.  All rights reserved.
* Copyright (c) 1989 by Berkeley Softworks
* All rights reserved.
*
* This code is derived from software contributed to Berkeley by
* Adam de Boor.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
*    notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
*    notice, this list of conditions and the following disclaimer in the
*    documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
*    may be used to endorse or promote products derived from this software
*    without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/

38#include <ctype.h>
39#include <string.h>
40#include "defines.h"
41#include "str.h"
42#include "memory.h"
43#include "buf.h"

45/* helpers for Str_Matchi */
46static bool_Bool range_match(char, const char **, const char *);
47static bool_Bool star_match(const char *, const char *, const char *, const char *);

49char *
50Str_concati(const char *s1, const char *e1, const char *s2, const char *e2,
  int sep)
52{
size_t len1, len2;
char *result;

/* get the length of both strings */
len1 = e1 - s1;
len2 = e2 - s2;

/* space for separator */
if (sep)
len1++;
result = emalloc(len1 + len2 + 1);

/* copy first string into place */
memcpy(result, s1, len1);

/* add separator character */
if (sep)
result[len1-1] = sep;

/* copy second string plus EOS into place */
memcpy(result + len1, s2, len2);
result[len1+len2] = '\0';
return result;
76}

78/*-
* brk_string --
*	Fracture a string into an array of words (as delineated by tabs or
*	spaces) taking quotation marks into account.  Leading tabs/spaces
*	are ignored.
*
* returns --
*	Pointer to the array of pointers to the words.	Fills up
*	store_args with its size.
*	The returned parameters are allocated in a single buffer,
*	return as *buffer, to be freed later.
*/
90char **
91brk_string(const char *str, int *store_argc, char **buffer)
92{
int argc;
char ch;
char inquote;
const char *p;
char *start, *t;
size_t len;
int argmax = 50;	/* start at 50 */
size_t curlen = 0;
char **argv = ereallocarray(NULL((void *)0), argmax + 1, sizeof(char *));

/* skip leading space chars. */
for (; *str == ' ' || *str == '\t'; ++str)
1
Assuming the condition is false→
2
←
Assuming the condition is false→
3
←
Loop condition is false. Execution continues on line 108→
continue;

/* allocate room for a copy of the string */
if ((len = strlen(str) + 1) > curlen)
4
←
Taking true branch→
*buffer = emalloc(curlen = len);

/*
* copy the string; at the same time, parse backslashes,
* quotes and build the argument list.
*/
argc = 0;
inquote = '\0';
for (p = str, start = t = *buffer;; ++p) {
5
←
Value assigned to 't'→
6
←
Loop condition is true.  Entering loop body→
switch (ch = *p) {
case '"':
case '\'':
	if (inquote) {
		if (inquote == ch)
			inquote = '\0';
		else
			break;
	} else {
		inquote = ch;
		/* Don't miss "" or '' */
		if (start == NULL((void *)0) && p[1] == inquote) {
			start = t + 1;
			break;
		}
	}
	continue;
case ' ':
case '\t':
case '\n':
	if (inquote)
		break;
	if (!start)
		continue;
	/* FALLTHROUGH */
case '\0':
	/*
	 * end of a token -- make sure there's enough argv
	 * space and save off a pointer.
	 */
	if (!start)
		goto done;

	*t++ = '\0';
	if (argc == argmax) {
		argmax *= 2;	/* ramp up fast */
		argv = ereallocarray(argv,
		    (argmax + 1), sizeof(char *));
	}
	argv[argc++] = start;
	start = NULL((void *)0);
	if (ch == '\n' || ch == '\0')
		goto done;
	continue;
case '\\':
	switch (ch = *++p) {
	case '\0':
	case '\n':
		/* hmmm; fix it up as best we can */
		ch = '\\';
		--p;
		break;
	case 'b':
		ch = '\b';
		break;
	case 'f':
		ch = '\f';
		break;
	case 'n':
		ch = '\n';
		break;
	case 'r':
		ch = '\r';
		break;
	case 't':
		ch = '\t';
		break;
	}
	    break;
}
if (!start)
7
←
'Default' branch taken. Execution continues on line 188→
8
←
Assuming 'start' is null→
9
←
Taking true branch→
	start = t;
*t++ = ch;
10
←
Dereference of null pointer
}
  done:
   argv[argc] = NULL((void *)0);
   *store_argc = argc;
   return argv;
196}


199const char *
200iterate_words(const char **end)
201{
const char	*start, *p;
char	state = 0;
start = *end;

while (ISSPACE(*start)(isspace((unsigned char)(*start))))
start++;
if (*start == '\0')
return NULL((void *)0);

for (p = start;; p++)
   switch(*p) {
   case '\\':
    if (p[1] != '\0')
	    p++;
    break;
   case '\'':
   case '"':
    if (state == *p)
	    state = 0;
    else if (state == 0)
	    state = *p;
    break;
   case ' ':
   case '\t':
    if (state != 0)
	    break;
    /* FALLTHROUGH */
   case '\0':
    *end = p;
    return start;
   default:
    break;
   }
235}

237static bool_Bool
238star_match(const char *string, const char *estring,
  const char *pattern, const char *epattern)
240{
/* '*' matches any substring.  We handle this by calling ourselves
* recursively for each postfix of string, until either we match or
* we reach the end of the string.  */
pattern++;
/* Skip over contiguous  sequences of `?*', so that
* recursive calls only occur on `real' characters.  */
while (pattern != epattern &&
(*pattern == '?' || *pattern == '*')) {
if (*pattern == '?') {
	if (string == estring)
		return false0;
	else
		string++;
}
pattern++;
}
if (pattern == epattern)
return true1;
for (; string != estring; string++)
if (Str_Matchi(string, estring, pattern,
    epattern))
	return true1;
return false0;
264}

266static bool_Bool
267range_match(char c, const char **ppat, const char *epattern)
268{
if (*ppat == epattern) {
if (c == '[')
	return true1;
else
	return false0;
}
if (**ppat == '!' || **ppat == '^') {
(*ppat)++;
return !range_match(c, ppat, epattern);
}
for (;;) {
if (**ppat == '\\') {
	if (++(*ppat) == epattern)
		return false0;
}
if (**ppat == c)
	break;
if ((*ppat)[1] == '-') {
	if (*ppat + 2 == epattern)
		return false0;
	if (**ppat < c && c <= (*ppat)[2])
		break;
	if ((*ppat)[2] <= c && c < **ppat)
		break;
	*ppat += 3;
} else
	(*ppat)++;
/* The test for ']' is done at the end
 * so that ']' can be used at the
 * start of the range without '\' */
if (*ppat == epattern || **ppat == ']')
	return false0;
}
/* Found matching character, skip over rest
* of class.  */
while (**ppat != ']') {
if (**ppat == '\\')
	(*ppat)++;
/* A non-terminated character class
 * is ok. */
if (*ppat == epattern)
	break;
(*ppat)++;
}
return true1;
314}

316bool_Bool
317Str_Matchi(const char *string, const char *estring,
  const char *pattern, const char *epattern)
319{
while (pattern != epattern) {
/* Check for a "*" as the next pattern character.  */
if (*pattern == '*')
	return star_match(string, estring, pattern, epattern);
else if (string == estring)
	return false0;
/* Check for a "[" as the next pattern character.  It is
 * followed by a list of characters that are acceptable, or
 * by a range (two characters separated by "-").  */
else if (*pattern == '[') {
	pattern++;
	if (!range_match(*string, &pattern, epattern))
		return false0;

}
/* '?' matches any single character, so shunt test.  */
else if (*pattern != '?') {
	/* If the next pattern character is '\', just strip
	 * off the '\' so we do exact matching on the
	 * character that follows.  */
	if (*pattern == '\\') {
		if (++pattern == epattern)
			return false0;
	}
	/* There's no special character.  Just make sure that
	 * the next characters of each string match.  */
	if (*pattern != *string)
		return false0;
}
pattern++;
string++;
}
if (string == estring)
return true1;
else
return false0;
356}


359/*-
*-----------------------------------------------------------------------
* Str_SYSVMatch --
*	Check word against pattern for a match (% is wild),
*
* Results:
*	Returns the beginning position of a match or null. The number
*	of characters matched is returned in len.
*-----------------------------------------------------------------------
*/
369const char *
370Str_SYSVMatch(const char *word, const char *pattern, size_t *len)
371{
const char *p = pattern;
const char *w = word;
const char *m;

if (*p == '\0') {
/* Null pattern is the whole string.  */
*len = strlen(w);
return w;
}

if ((m = strchr(p, '%')) != NULL((void *)0)) {
/* Check that the prefix matches.  */
for (; p != m && *w && *w == *p; w++, p++)
	 continue;

if (p != m)
	return NULL((void *)0);	/* No match.  */

if (*++p == '\0') {
	/* No more pattern, return the rest of the string. */
	*len = strlen(w);
	return w;
}
}

m = w;

/* Find a matching tail.  */
do {
if (strcmp(p, w) == 0) {
	*len = w - m;
	return m;
}
} while (*w++ != '\0');

return NULL((void *)0);
408}


411/*-
*-----------------------------------------------------------------------
* Str_SYSVSubst --
*	Substitute '%' in the pattern with len characters from src.
*	If the pattern does not contain a '%' prepend len characters
*	from src.
*
* Side Effects:
*	Adds result to buf
*-----------------------------------------------------------------------
*/
422void
423Str_SYSVSubst(Buffer buf, const char *pat, const char *src, size_t len)
424{
const char *m;

if ((m = strchr(pat, '%')) != NULL((void *)0)) {
/* Copy the prefix.  */
Buf_Addi(buf, pat, m)Buf_AddChars((buf), (m) - (pat), (pat));
/* Skip the %.	*/
pat = m + 1;
}

/* Copy the pattern.  */
Buf_AddChars(buf, len, src);

/* Append the rest.  */
Buf_AddString(buf, pat)Buf_AddChars((buf), strlen(pat), (pat));
439}

441char *
442Str_dupi(const char *begin, const char *end)
443{
char *s;

s = emalloc(end - begin + 1);
memcpy(s, begin, end - begin);
s[end-begin] = '\0';
return s;
450}

452char *
453escape_dupi(const char *begin, const char *end, const char *set)
454{
char *s, *t;

t = s = emalloc(end - begin + 1);
while (begin != end) {
if (*begin == '\\') {
	begin++;
	if (begin == end) {
		*t++ = '\\';
		break;
	}
	if (strchr(set, *begin) == NULL((void *)0))
		*t++ = '\\';
}
*t++ = *begin++;
}
*t++ = '\0';
return s;
472}

474char *
475Str_rchri(const char *begin, const char *end, int c)
476{
if (begin != end)
do {
	if (*--end == c)
		return (char *)end;
} while (end != begin);
return NULL((void *)0);
483}