[Bug analyzer/108251] New: false positive: null dereference

chipitsine at gmail dot com via Gcc-bugs Thu, 29 Dec 2022 05:26:15 -0800

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108251


            Bug ID: 108251
           Summary: false positive: null dereference
           Product: gcc
           Version: 13.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: analyzer
          Assignee: dmalcolm at gcc dot gnu.org
          Reporter: chipitsine at gmail dot com
  Target Milestone: ---

repro steps:

git clone https://github.com/haproxy/haproxy
cd haproxy
export CC=/home/ilia/gcc/gcc-home/bin/gcc 
make TARGET=linux-glibc USE_OPENSSL=1 DEBUG_CFLAGS="-fanalyzer"

this finding is wrong

```
src/ssl_sample.c:502:34: warning: dereference of NULL '0' [CWE-476]
[-Wanalyzer-null-dereference]
  502 |         smp->data.u.sint = ((conn->flags & CO_FL_EARLY_DATA)  &&
      |                              ~~~~^~~~~~~
  'smp_fetch_ssl_fc_has_early': events 1-3
    |
    |  491 |         if (!ssl)
    |      |            ^
    |      |            |
    |      |            (1) following 'false' branch (when 'ssl' is
non-NULL)...
    |......
    |  494 |         smp->flags = 0;
    |      |         ~~~~~~~~~~~~~~
    |      |                    |
    |      |                    (2) ...to here
    |......
    |  502 |         smp->data.u.sint = ((conn->flags & CO_FL_EARLY_DATA)  &&
    |      |                              ~~~~~~~~~~~
    |      |                                  |
    |      |                                  (3) dereference of NULL
'<unknown>'
    |
```

if conn is null, we'll return here (two lines above):

```
        ssl = ssl_sock_get_ssl_object(conn);
        if (!ssl)
                return 0;
```

detailed review:
https://github.com/haproxy/haproxy/issues/1745#issuecomment-1367200781

[Bug analyzer/108251] New: false positive: null dereference

Reply via email to