search

chrislim2888 / IP2Location-C-Library

IP2Location C library enables the user to find the country, region, city, coordinates, zip code, time zone, ISP, domain name, connection type, area code, weather station code, weather station name, mobile, usage types, etc that any IP address or hostname originates from.
https://www.ip2location.com
MIT License
61 stars 30 forks source link

cppcheck #33

Closed denji closed 4 years ago

denji commented 4 years ago 
$ sh ./bootstrap; autoreconf -fi; ./configure --disable-static
$ make clean
$ bear make
$ cat compile_commands.json
$ cppcheck --project=compile_commands.json --enable=warning,performance,portability -f -j4 libIP2Location 2> err.txt
$ cat err.txt
libIP2Location/IP2Loc_DBInterface.c:326:19: error: Memory leak: str [memleak]
 if (temp == 0) { return ""; };
                  ^
IP2Location-C-Library/test/test-IP2Location.c:40:9: warning: fscanf() without field width limits can crash with huge input data. [invalidscanf]
 while (fscanf(f, "%s", ipAddress) != EOF) {
        ^
IP2Location-C-Library/test/test-IP2Location.c:41:7: warning: fscanf() without field width limits can crash with huge input data. [invalidscanf]
  if (fscanf(f, "%s", expectedCountry) == EOF) {
      ^
IP2Location-C-Library/test/test-IP2Location.c:91:9: warning: fscanf() without field width limits can crash with huge input data. [invalidscanf]
 while (fscanf(f, "%s", ipAddress) != EOF) {
        ^
IP2Location-C-Library/test/test-IP2Location.c:92:7: warning: fscanf() without field width limits can crash with huge input data. [invalidscanf]
  if (fscanf(f, "%s", expectedCountry) == EOF) {
      ^
libIP2Location/IP2Location.c:846:27: error: The address of local variable 'ip' is accessed at non-zero index. [objectIndex]
        a =  (uint8_t)(ptr[3]);
                          ^
libIP2Location/IP2Location.c:841:32: note: Address of variable taken here.
    uint8_t *ptr = (uint8_t *) &ip;
                               ^
libIP2Location/IP2Location.c:846:27: note: The address of local variable 'ip' is accessed at non-zero index.
        a =  (uint8_t)(ptr[3]);
                          ^
libIP2Location/IP2Location.c:847:27: error: The address of local variable 'ip' is accessed at non-zero index. [objectIndex]
        a += (uint8_t)(ptr[2]) * 256;
                          ^
libIP2Location/IP2Location.c:841:32: note: Address of variable taken here.
    uint8_t *ptr = (uint8_t *) &ip;
                               ^
libIP2Location/IP2Location.c:847:27: note: The address of local variable 'ip' is accessed at non-zero index.
        a += (uint8_t)(ptr[2]) * 256;
                          ^
libIP2Location/IP2Location.c:848:27: error: The address of local variable 'ip' is accessed at non-zero index. [objectIndex]
        a += (uint8_t)(ptr[1]) * 256 * 256;
                          ^
libIP2Location/IP2Location.c:841:32: note: Address of variable taken here.
    uint8_t *ptr = (uint8_t *) &ip;
                               ^
libIP2Location/IP2Location.c:848:27: note: The address of local variable 'ip' is accessed at non-zero index.
        a += (uint8_t)(ptr[1]) * 256 * 256;
                          ^
IP2Location-C-Library/libIP2Location/IP2Loc_DBInterface.c:326:19: error: Memory leak: str [memleak]
 if (temp == 0) { return ""; };
                  ^
IP2Location-C-Library/libIP2Location/IP2Location.c:846:27: error: The address of local variable 'ip' is accessed at non-zero index. [objectIndex]
        a =  (uint8_t)(ptr[3]);
                          ^
IP2Location-C-Library/libIP2Location/IP2Location.c:841:32: note: Address of variable taken here.
    uint8_t *ptr = (uint8_t *) &ip;
                               ^
IP2Location-C-Library/libIP2Location/IP2Location.c:846:27: note: The address of local variable 'ip' is accessed at non-zero index.
        a =  (uint8_t)(ptr[3]);
                          ^
IP2Location-C-Library/libIP2Location/IP2Location.c:847:27: error: The address of local variable 'ip' is accessed at non-zero index. [objectIndex]
        a += (uint8_t)(ptr[2]) * 256;
                          ^
IP2Location-C-Library/libIP2Location/IP2Location.c:841:32: note: Address of variable taken here.
    uint8_t *ptr = (uint8_t *) &ip;
                               ^
IP2Location-C-Library/libIP2Location/IP2Location.c:847:27: note: The address of local variable 'ip' is accessed at non-zero index.
        a += (uint8_t)(ptr[2]) * 256;
                          ^
IP2Location-C-Library/libIP2Location/IP2Location.c:848:27: error: The address of local variable 'ip' is accessed at non-zero index. [objectIndex]
        a += (uint8_t)(ptr[1]) * 256 * 256;
                          ^
IP2Location-C-Library/libIP2Location/IP2Location.c:841:32: note: Address of variable taken here.
    uint8_t *ptr = (uint8_t *) &ip;
                               ^
IP2Location-C-Library/libIP2Location/IP2Location.c:848:27: note: The address of local variable 'ip' is accessed at non-zero index.
        a += (uint8_t)(ptr[1]) * 256 * 256;
                          ^
^