../deps/zlib/adler32.c

Bug Summary

File:	out/../deps/zlib/adler32.c
Warning:	line 92, column 18 Array access (from variable 'buf') results in a null pointer dereference

Annotated Source Code

Press '?' to see keyboard shortcuts

Show analyzer invocation

clang -cc1 -cc1 -triple x86_64-unknown-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name adler32.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -pic-is-pie -mframe-pointer=all -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/home/maurizio/node-v18.6.0/out -resource-dir /usr/local/lib/clang/16.0.0 -D V8_DEPRECATION_WARNINGS -D V8_IMMINENT_DEPRECATION_WARNINGS -D _GLIBCXX_USE_CXX11_ABI=1 -D NODE_OPENSSL_CONF_NAME=nodejs_conf -D NODE_OPENSSL_HAS_QUIC -D __STDC_FORMAT_MACROS -D OPENSSL_NO_PINSHARED -D OPENSSL_THREADS -D HAVE_HIDDEN -D ADLER32_SIMD_SSSE3 -D INFLATE_CHUNK_SIMD_SSE2 -D CRC32_SIMD_SSE42_PCLMUL -D INFLATE_CHUNK_READ_64LE -I ../deps/zlib -internal-isystem /usr/local/lib/clang/16.0.0/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-redhat-linux/8/../../../../x86_64-redhat-linux/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -O3 -Wno-unused-parameter -Wno-implicit-fallthrough -fdebug-compilation-dir=/home/maurizio/node-v18.6.0/out -ferror-limit 19 -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2022-08-22-142216-507842-1 -x c ../deps/zlib/adler32.c

1/* adler32.c -- compute the Adler-32 checksum of a data stream
2 * Copyright (C) 1995-2011, 2016 Mark Adler
3 * For conditions of distribution and use, see copyright notice in zlib.h
4 */
5 
6/* @(#) $Id$ */
7 
8#include "zutil.h"
9 
10localstatic uLong adler32_combine_ OF((uLong adler1, uLong adler2, z_off64_t len2))(uLong adler1, uLong adler2, off_t len2);
11 
12#define BASE65521U 65521U     /* largest prime smaller than 65536 */
13#define NMAX5552 5552
14/* NMAX is the largest n such that 255n(n+1)/2 + (n+1)(BASE-1) <= 2^32-1 */
15 
16#define DO1(buf,i){adler += (buf)[i]; sum2 += adler;}  {adler += (buf)[i]; sum2 += adler;}
17#define DO2(buf,i){adler += (buf)[i]; sum2 += adler;}; {adler += (buf)[i+1]; sum2
 += adler;};  DO1(buf,i){adler += (buf)[i]; sum2 += adler;}; DO1(buf,i+1){adler += (buf)[i+1]; sum2 += adler;};
18#define DO4(buf,i){adler += (buf)[i]; sum2 += adler;}; {adler += (buf)[i+1]; sum2
 += adler;};; {adler += (buf)[i+2]; sum2 += adler;}; {adler +=
 (buf)[i+2 +1]; sum2 += adler;};;  DO2(buf,i){adler += (buf)[i]; sum2 += adler;}; {adler += (buf)[i+1]; sum2
 += adler;};; DO2(buf,i+2){adler += (buf)[i+2]; sum2 += adler;}; {adler += (buf)[i+2 +1
]; sum2 += adler;};;
19#define DO8(buf,i){adler += (buf)[i]; sum2 += adler;}; {adler += (buf)[i+1]; sum2
 += adler;};; {adler += (buf)[i+2]; sum2 += adler;}; {adler +=
 (buf)[i+2 +1]; sum2 += adler;};;; {adler += (buf)[i+4]; sum2
 += adler;}; {adler += (buf)[i+4 +1]; sum2 += adler;};; {adler
 += (buf)[i+4 +2]; sum2 += adler;}; {adler += (buf)[i+4 +2 +1
]; sum2 += adler;};;;  DO4(buf,i){adler += (buf)[i]; sum2 += adler;}; {adler += (buf)[i+1]; sum2
 += adler;};; {adler += (buf)[i+2]; sum2 += adler;}; {adler +=
 (buf)[i+2 +1]; sum2 += adler;};;; DO4(buf,i+4){adler += (buf)[i+4]; sum2 += adler;}; {adler += (buf)[i+4 +1
]; sum2 += adler;};; {adler += (buf)[i+4 +2]; sum2 += adler;}
; {adler += (buf)[i+4 +2 +1]; sum2 += adler;};;;
20#define DO16(buf){adler += (buf)[0]; sum2 += adler;}; {adler += (buf)[0 +1]; sum2
 += adler;};; {adler += (buf)[0 +2]; sum2 += adler;}; {adler +=
 (buf)[0 +2 +1]; sum2 += adler;};;; {adler += (buf)[0 +4]; sum2
 += adler;}; {adler += (buf)[0 +4 +1]; sum2 += adler;};; {adler
 += (buf)[0 +4 +2]; sum2 += adler;}; {adler += (buf)[0 +4 +2 +
1]; sum2 += adler;};;;; {adler += (buf)[8]; sum2 += adler;}; {
adler += (buf)[8 +1]; sum2 += adler;};; {adler += (buf)[8 +2]
; sum2 += adler;}; {adler += (buf)[8 +2 +1]; sum2 += adler;};
;; {adler += (buf)[8 +4]; sum2 += adler;}; {adler += (buf)[8 +
4 +1]; sum2 += adler;};; {adler += (buf)[8 +4 +2]; sum2 += adler
;}; {adler += (buf)[8 +4 +2 +1]; sum2 += adler;};;;;   DO8(buf,0){adler += (buf)[0]; sum2 += adler;}; {adler += (buf)[0 +1]; sum2
 += adler;};; {adler += (buf)[0 +2]; sum2 += adler;}; {adler +=
 (buf)[0 +2 +1]; sum2 += adler;};;; {adler += (buf)[0 +4]; sum2
 += adler;}; {adler += (buf)[0 +4 +1]; sum2 += adler;};; {adler
 += (buf)[0 +4 +2]; sum2 += adler;}; {adler += (buf)[0 +4 +2 +
1]; sum2 += adler;};;;; DO8(buf,8){adler += (buf)[8]; sum2 += adler;}; {adler += (buf)[8 +1]; sum2
 += adler;};; {adler += (buf)[8 +2]; sum2 += adler;}; {adler +=
 (buf)[8 +2 +1]; sum2 += adler;};;; {adler += (buf)[8 +4]; sum2
 += adler;}; {adler += (buf)[8 +4 +1]; sum2 += adler;};; {adler
 += (buf)[8 +4 +2]; sum2 += adler;}; {adler += (buf)[8 +4 +2 +
1]; sum2 += adler;};;;;
21 
22/* use NO_DIVIDE if your processor does not do division in hardware --
23   try it both ways to see which is faster */
24#ifdef NO_DIVIDE
25/* note that this assumes BASE is 65521, where 65536 % 65521 == 15
26   (thank you to John Reiser for pointing this out) */
27#  define CHOP(a) \
28    do { \
29        unsigned long tmp = a >> 16; \
30        a &= 0xffffUL; \
31        a += (tmp << 4) - tmp; \
32    } while (0)
33#  define MOD28(a)a %= 65521U \
34    do { \
35        CHOP(a); \
36        if (a >= BASE65521U) a -= BASE65521U; \
37    } while (0)
38#  define MOD(a)a %= 65521U \
39    do { \
40        CHOP(a); \
41        MOD28(a)a %= 65521U; \
42    } while (0)
43#  define MOD63(a)a %= 65521U \
44    do { /* this assumes a is not negative */ \
45        z_off64_toff_t tmp = a >> 32; \
46        a &= 0xffffffffL; \
47        a += (tmp << 8) - (tmp << 5) + tmp; \
48        tmp = a >> 16; \
49        a &= 0xffffL; \
50        a += (tmp << 4) - tmp; \
51        tmp = a >> 16; \
52        a &= 0xffffL; \
53        a += (tmp << 4) - tmp; \
54        if (a >= BASE65521U) a -= BASE65521U; \
55    } while (0)
56#else
57#  define MOD(a)a %= 65521U a %= BASE65521U
58#  define MOD28(a)a %= 65521U a %= BASE65521U
59#  define MOD63(a)a %= 65521U a %= BASE65521U
60#endif
61 
62#if defined(ADLER32_SIMD_SSSE31)
63#include "adler32_simd.h"
64#include "x86.h"
65#elif defined(ADLER32_SIMD_NEON)
66#include "adler32_simd.h"
67#endif
68 
69/* ========================================================================= */
70uLong ZEXPORT adler32_z(adler, buf, len)
71    uLong adler;
72    const Bytef *buf;
73    z_size_t len;
74{
75    unsigned long sum2;
76    unsigned n;
77 
78#if defined(ADLER32_SIMD_SSSE31)
79    if (x86_cpu_enable_ssse3 && buf && len >= 64)
3
←
Assuming 'x86_cpu_enable_ssse3' is not equal to 0→
4
←
Assuming 'buf' is null→
5
←
Assuming pointer value is null→
80        return adler32_simd_(adler, buf, len);
81#elif defined(ADLER32_SIMD_NEON)
82    if (buf && len >= 64)
83        return adler32_simd_(adler, buf, len);
84#endif
85 
86    /* split Adler-32 into component sums */
87    sum2 = (adler >> 16) & 0xffff;
88    adler &= 0xffff;
89 
90    /* in case user likes doing a byte at a time, keep it fast */
91    if (len == 1) {
6
←
Assuming 'len' is equal to 1→
7
←
Taking true branch→
92        adler += buf[0];
8
←
Array access (from variable 'buf') results in a null pointer dereference
93        if (adler >= BASE65521U)
94            adler -= BASE65521U;
95        sum2 += adler;
96        if (sum2 >= BASE65521U)
97            sum2 -= BASE65521U;
98        return adler | (sum2 << 16);
99    }
100 
101#if defined(ADLER32_SIMD_SSSE31)
102    /*
103     * Use SSSE3 to compute the adler32. Since this routine can be
104     * freely used, check CPU features here. zlib convention is to
105     * call adler32(0, NULL, 0), before making calls to adler32().
106     * So this is a good early (and infrequent) place to cache CPU
107     * features for those later, more interesting adler32() calls.
108     */
109    if (buf == Z_NULL0) {
110        if (!len) /* Assume user is calling adler32(0, NULL, 0); */
111            x86_check_features();
112        return 1L;
113    }
114#else
115    /* initial Adler-32 value (deferred check for len == 1 speed) */
116    if (buf == Z_NULL0)
117        return 1L;
118#endif
119 
120    /* in case short lengths are provided, keep it somewhat fast */
121    if (len < 16) {
122        while (len--) {
123            adler += *buf++;
124            sum2 += adler;
125        }
126        if (adler >= BASE65521U)
127            adler -= BASE65521U;
128        MOD28(sum2)sum2 %= 65521U;            /* only added so many BASE's */
129        return adler | (sum2 << 16);
130    }
131 
132    /* do length NMAX blocks -- requires just one modulo operation */
133    while (len >= NMAX5552) {
134        len -= NMAX5552;
135        n = NMAX5552 / 16;          /* NMAX is divisible by 16 */
136        do {
137            DO16(buf){adler += (buf)[0]; sum2 += adler;}; {adler += (buf)[0 +1]; sum2
 += adler;};; {adler += (buf)[0 +2]; sum2 += adler;}; {adler +=
 (buf)[0 +2 +1]; sum2 += adler;};;; {adler += (buf)[0 +4]; sum2
 += adler;}; {adler += (buf)[0 +4 +1]; sum2 += adler;};; {adler
 += (buf)[0 +4 +2]; sum2 += adler;}; {adler += (buf)[0 +4 +2 +
1]; sum2 += adler;};;;; {adler += (buf)[8]; sum2 += adler;}; {
adler += (buf)[8 +1]; sum2 += adler;};; {adler += (buf)[8 +2]
; sum2 += adler;}; {adler += (buf)[8 +2 +1]; sum2 += adler;};
;; {adler += (buf)[8 +4]; sum2 += adler;}; {adler += (buf)[8 +
4 +1]; sum2 += adler;};; {adler += (buf)[8 +4 +2]; sum2 += adler
;}; {adler += (buf)[8 +4 +2 +1]; sum2 += adler;};;;;;          /* 16 sums unrolled */
138            buf += 16;
139        } while (--n);
140        MOD(adler)adler %= 65521U;
141        MOD(sum2)sum2 %= 65521U;
142    }
143 
144    /* do remaining bytes (less than NMAX, still just one modulo) */
145    if (len) {                  /* avoid modulos if none remaining */
146        while (len >= 16) {
147            len -= 16;
148            DO16(buf){adler += (buf)[0]; sum2 += adler;}; {adler += (buf)[0 +1]; sum2
 += adler;};; {adler += (buf)[0 +2]; sum2 += adler;}; {adler +=
 (buf)[0 +2 +1]; sum2 += adler;};;; {adler += (buf)[0 +4]; sum2
 += adler;}; {adler += (buf)[0 +4 +1]; sum2 += adler;};; {adler
 += (buf)[0 +4 +2]; sum2 += adler;}; {adler += (buf)[0 +4 +2 +
1]; sum2 += adler;};;;; {adler += (buf)[8]; sum2 += adler;}; {
adler += (buf)[8 +1]; sum2 += adler;};; {adler += (buf)[8 +2]
; sum2 += adler;}; {adler += (buf)[8 +2 +1]; sum2 += adler;};
;; {adler += (buf)[8 +4]; sum2 += adler;}; {adler += (buf)[8 +
4 +1]; sum2 += adler;};; {adler += (buf)[8 +4 +2]; sum2 += adler
;}; {adler += (buf)[8 +4 +2 +1]; sum2 += adler;};;;;;
149            buf += 16;
150        }
151        while (len--) {
152            adler += *buf++;
153            sum2 += adler;
154        }
155        MOD(adler)adler %= 65521U;
156        MOD(sum2)sum2 %= 65521U;
157    }
158 
159    /* return recombined sums */
160    return adler | (sum2 << 16);
161}
162 
163/* ========================================================================= */
164uLong ZEXPORT adler32(adler, buf, len)
165    uLong adler;
166    const Bytef *buf;
167    uInt len;
168{
169    return adler32_z(adler, buf, len);
1
Passing value via 2nd parameter 'buf'→
2
←
Calling 'adler32_z'→
170}
171 
172/* ========================================================================= */
173localstatic uLong adler32_combine_(adler1, adler2, len2)
174    uLong adler1;
175    uLong adler2;
176    z_off64_toff_t len2;
177{
178    unsigned long sum1;
179    unsigned long sum2;
180    unsigned rem;
181 
182    /* for negative len, return invalid adler32 as a clue for debugging */
183    if (len2 < 0)
184        return 0xffffffffUL;
185 
186    /* the derivation of this formula is left as an exercise for the reader */
187    MOD63(len2)len2 %= 65521U;                /* assumes len2 >= 0 */
188    rem = (unsigned)len2;
189    sum1 = adler1 & 0xffff;
190    sum2 = rem * sum1;
191    MOD(sum2)sum2 %= 65521U;
192    sum1 += (adler2 & 0xffff) + BASE65521U - 1;
193    sum2 += ((adler1 >> 16) & 0xffff) + ((adler2 >> 16) & 0xffff) + BASE65521U - rem;
194    if (sum1 >= BASE65521U) sum1 -= BASE65521U;
195    if (sum1 >= BASE65521U) sum1 -= BASE65521U;
196    if (sum2 >= ((unsigned long)BASE65521U << 1)) sum2 -= ((unsigned long)BASE65521U << 1);
197    if (sum2 >= BASE65521U) sum2 -= BASE65521U;
198    return sum1 | (sum2 << 16);
199}
200 
201/* ========================================================================= */
202uLong ZEXPORT adler32_combine(adler1, adler2, len2)
203    uLong adler1;
204    uLong adler2;
205    z_off_toff_t len2;
206{
207    return adler32_combine_(adler1, adler2, len2);
208}
209 
210uLong ZEXPORT adler32_combine64(adler1, adler2, len2)
211    uLong adler1;
212    uLong adler2;
213    z_off64_toff_t len2;
214{
215    return adler32_combine_(adler1, adler2, len2);
216}