Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

All C warnings in project #377

Open
BaseMax opened this issue Dec 2, 2024 · 2 comments
Open

All C warnings in project #377

BaseMax opened this issue Dec 2, 2024 · 2 comments
Labels
c code style
Milestone
December

Comments

@BaseMax
Copy link
Member

BaseMax commented Dec 2, 2024 

root@maxbasecode:/tmp/Salam# clang-tidy src/*.c -checks='clang-analyzer-deadcode.UnusedFunctions' -p compile_commands.json
Error while trying to load a compilation database:
Could not auto-detect compilation database from directory "compile_commands.json"
No compilation database found in /tmp/Salam/compile_commands.json or any parent directory
fixed-compilation-database: Error while opening fixed database: No such file or directory
json-compilation-database: Error while opening JSON database: No such file or directory
Running without flags.
[1/22] Processing file /tmp/Salam/src/array.c.
[2/22] Processing file /tmp/Salam/src/array_custom.c.
[3/22] Processing file /tmp/Salam/src/ast.c.
1 warning generated.
[4/22] Processing file /tmp/Salam/src/ast_layout.c.
1 warning generated.
[5/22] Processing file /tmp/Salam/src/ast_layout_style.c.
1 warning generated.
[6/22] Processing file /tmp/Salam/src/downloader.c.
9 warnings generated.
[7/22] Processing file /tmp/Salam/src/file.c.
14 warnings generated.
[8/22] Processing file /tmp/Salam/src/generator.c.
18 warnings generated.
[9/22] Processing file /tmp/Salam/src/generator_identifier.c.
20 warnings generated.
[10/22] Processing file /tmp/Salam/src/generator_layout.c.
22 warnings generated.
[11/22] Processing file /tmp/Salam/src/generator_layout_style.c.
22 warnings generated.
[12/22] Processing file /tmp/Salam/src/generator_salam.c.
22 warnings generated.
[13/22] Processing file /tmp/Salam/src/hashmap.c.
22 warnings generated.
[14/22] Processing file /tmp/Salam/src/hashmap_custom.c.
22 warnings generated.
[15/22] Processing file /tmp/Salam/src/lexer.c.
30 warnings generated.
[16/22] Processing file /tmp/Salam/src/log.c.
75 warnings generated.
[17/22] Processing file /tmp/Salam/src/main.c.
75 warnings generated.
[18/22] Processing file /tmp/Salam/src/memory.c.
78 warnings generated.
[19/22] Processing file /tmp/Salam/src/parser.c.
78 warnings generated.
[20/22] Processing file /tmp/Salam/src/parser_layout.c.
78 warnings generated.
[21/22] Processing file /tmp/Salam/src/string_buffer.c.
91 warnings generated.
[22/22] Processing file /tmp/Salam/src/validator.c.
100 warnings generated.
/tmp/Salam/src/ast.c:133:9: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  133 |         memcpy(res->data.string_value, value, value_size);
      |         ^~~~~~
/tmp/Salam/src/ast.c:133:9: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
  133 |         memcpy(res->data.string_value, value, value_size);
      |         ^~~~~~
/tmp/Salam/src/downloader.c:41:9: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
   41 |         fprintf(stderr, "Error: HTTPS protocol is not supported.\n");
      |         ^~~~~~~
/tmp/Salam/src/downloader.c:41:9: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
   41 |         fprintf(stderr, "Error: HTTPS protocol is not supported.\n");
      |         ^~~~~~~
/tmp/Salam/src/downloader.c:53:9: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
   53 |         strncpy(hostname, start, end - start);
      |         ^~~~~~~
/tmp/Salam/src/downloader.c:53:9: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11
   53 |         strncpy(hostname, start, end - start);
      |         ^~~~~~~
/tmp/Salam/src/downloader.c:55:9: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
   55 |         strcpy(path, end);
      |         ^~~~~~
/tmp/Salam/src/downloader.c:55:9: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
   55 |         strcpy(path, end);
      |         ^~~~~~
/tmp/Salam/src/downloader.c:57:9: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
   57 |         strcpy(hostname, start);
      |         ^~~~~~
/tmp/Salam/src/downloader.c:57:9: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
   57 |         strcpy(hostname, start);
      |         ^~~~~~
/tmp/Salam/src/downloader.c:79:5: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
   79 |     snprintf(request, sizeof(request), "GET %s HTTP/1.0\r\nHost: %s\r\n\r\n",
      |     ^~~~~~~~
/tmp/Salam/src/downloader.c:79:5: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
   79 |     snprintf(request, sizeof(request), "GET %s HTTP/1.0\r\nHost: %s\r\n\r\n",
      |     ^~~~~~~~
/tmp/Salam/src/downloader.c:98:5: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
   98 |     memset(&hints, 0, sizeof(hints));
      |     ^~~~~~
/tmp/Salam/src/downloader.c:98:5: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
   98 |     memset(&hints, 0, sizeof(hints));
      |     ^~~~~~
/tmp/Salam/src/downloader.c:103:9: warning: Call to function 'fprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  103 |         fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(rv));
      |         ^~~~~~~
/tmp/Salam/src/downloader.c:103:9: note: Call to function 'fprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  103 |         fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(rv));
      |         ^~~~~~~
/tmp/Salam/src/downloader.c:130:9: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  130 |         fprintf(stderr, "Failed to connect.\n");
      |         ^~~~~~~
/tmp/Salam/src/downloader.c:130:9: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  130 |         fprintf(stderr, "Failed to connect.\n");
      |         ^~~~~~~
/tmp/Salam/src/file.c:317:5: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  317 |     strncpy(directory, path, size);
      |     ^~~~~~~
/tmp/Salam/src/file.c:317:5: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11
  317 |     strncpy(directory, path, size);
      |     ^~~~~~~
/tmp/Salam/src/file.c:388:9: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
  388 |         strcpy(resolved_path, "/");
      |         ^~~~~~
/tmp/Salam/src/file.c:388:9: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
  388 |         strcpy(resolved_path, "/");
      |         ^~~~~~
/tmp/Salam/src/file.c:465:5: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  465 |     memset(mb_str, 0, sizeof(mb_str));
      |     ^~~~~~
/tmp/Salam/src/file.c:465:5: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
  465 |     memset(mb_str, 0, sizeof(mb_str));
      |     ^~~~~~
/tmp/Salam/src/file.c:469:9: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  469 |         fprintf(stderr, "Failed to convert wide character\n");
      |         ^~~~~~~
/tmp/Salam/src/file.c:469:9: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  469 |         fprintf(stderr, "Failed to convert wide character\n");
      |         ^~~~~~~
/tmp/Salam/src/file.c:475:5: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  475 |     snprintf(error_message, sizeof(error_message), "character '%s'\n", mb_str);
      |     ^~~~~~~~
/tmp/Salam/src/file.c:475:5: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
  475 |     snprintf(error_message, sizeof(error_message), "character '%s'\n", mb_str);
      |     ^~~~~~~~
/tmp/Salam/src/generator.c:538:5: warning: Access to field 'destroy' results in a dereference of a null pointer (loaded from variable 'values_code') [clang-analyzer-core.NullDereference]
  538 |     values_code->destroy(values_code);
      |     ^
/tmp/Salam/src/generator.c:754:9: note: Assuming field 'ast' is not equal to NULL
  754 |     if (generator->ast == NULL) {
      |         ^~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:754:5: note: Taking false branch
  754 |     if (generator->ast == NULL) {
      |     ^
/tmp/Salam/src/generator.c:758:9: note: Assuming field 'functions' is not equal to NULL
  758 |     if (generator->ast->functions != NULL) {
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:758:5: note: Taking true branch
  758 |     if (generator->ast->functions != NULL) {
      |     ^
/tmp/Salam/src/generator.c:759:9: note: Calling 'generator_code_functions'
  759 |         generator_code_functions(generator);
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:723:9: note: 'generator' is not equal to NULL
  723 |     if (generator != NULL && generator->ast != NULL &&
      |         ^~~~~~~~~
/tmp/Salam/src/generator.c:723:9: note: Left side of '&&' is true
/tmp/Salam/src/generator.c:723:41: note: Field 'ast' is not equal to NULL
  723 |     if (generator != NULL && generator->ast != NULL &&
      |                                         ^
/tmp/Salam/src/generator.c:723:9: note: Left side of '&&' is true
  723 |     if (generator != NULL && generator->ast != NULL &&
      |         ^
/tmp/Salam/src/generator.c:724:25: note: Field 'functions' is not equal to NULL
  724 |         generator->ast->functions != NULL &&
      |                         ^
/tmp/Salam/src/generator.c:723:9: note: Left side of '&&' is true
  723 |     if (generator != NULL && generator->ast != NULL &&
      |         ^
/tmp/Salam/src/generator.c:725:9: note: Assuming field 'data' is not equal to NULL
  725 |         generator->ast->functions->data != NULL &&
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:723:9: note: Left side of '&&' is true
  723 |     if (generator != NULL && generator->ast != NULL &&
      |         ^
/tmp/Salam/src/generator.c:726:9: note: Assuming field 'length' is > 0
  726 |         generator->ast->functions->length > 0) {
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:723:5: note: Taking true branch
  723 |     if (generator != NULL && generator->ast != NULL &&
      |     ^
/tmp/Salam/src/generator.c:727:28: note: 'i' is < field 'length'
  727 |         for (size_t i = 0; i < generator->ast->functions->length; i++) {
      |                            ^
/tmp/Salam/src/generator.c:727:9: note: Loop condition is true.  Entering loop body
  727 |         for (size_t i = 0; i < generator->ast->functions->length; i++) {
      |         ^
/tmp/Salam/src/generator.c:730:17: note: Assuming 'function' is not equal to NULL
  730 |             if (function != NULL) {
      |                 ^~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:730:13: note: Taking true branch
  730 |             if (function != NULL) {
      |             ^
/tmp/Salam/src/generator.c:732:21: note: Calling 'generator_code_function'
  732 |                     generator_code_function(generator, function);
      |                     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:706:28: note: Calling 'generator_code_block'
  706 |     string_t *code_block = generator_code_block(generator, function->block);
      |                            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:665:9: note: Assuming 'block' is not equal to NULL
  665 |     if (block != NULL) {
      |         ^~~~~~~~~~~~~
/tmp/Salam/src/generator.c:665:5: note: Taking true branch
  665 |     if (block != NULL) {
      |     ^
/tmp/Salam/src/generator.c:666:28: note: Assuming 'i' is < field 'length'
  666 |         for (size_t i = 0; i < block->children->length; i++) {
      |                            ^~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:666:9: note: Loop condition is true.  Entering loop body
  666 |         for (size_t i = 0; i < block->children->length; i++) {
      |         ^
/tmp/Salam/src/generator.c:669:17: note: Assuming 'node' is not equal to NULL
  669 |             if (node != NULL) {
      |                 ^~~~~~~~~~~~
/tmp/Salam/src/generator.c:669:13: note: Taking true branch
  669 |             if (node != NULL) {
      |             ^
/tmp/Salam/src/generator.c:670:39: note: Calling 'generator_code_node'
  670 |                 string_t *node_code = generator_code_node(generator, node);
      |                                       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:213:5: note: Control jumps to 'case AST_TYPE_PRINT:'  at line 268
  213 |     switch (node->type) {
      |     ^
/tmp/Salam/src/generator.c:270:17: note: Calling 'generator_code_print'
  270 |                 generator_code_print(generator, node->data.print);
      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:519:9: note: Assuming field 'values' is not equal to NULL
  519 |     if (print->values == NULL) {
      |         ^~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:519:5: note: Taking false branch
  519 |     if (print->values == NULL) {
      |     ^
/tmp/Salam/src/generator.c:523:5: note: 'values_code' initialized here
  523 |     string_t *values_code = generator_code_values(generator, print->values);
      |     ^~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:525:9: note: Assuming 'values_code' is equal to NULL
  525 |     if (values_code == NULL) {
      |         ^~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:525:9: note: Assuming pointer value is null
  525 |     if (values_code == NULL) {
      |         ^~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:525:5: note: Taking true branch
  525 |     if (values_code == NULL) {
      |     ^
/tmp/Salam/src/generator.c:538:5: note: Access to field 'destroy' results in a dereference of a null pointer (loaded from variable 'values_code')
  538 |     values_code->destroy(values_code);
      |     ^~~~~~~~~~~
/tmp/Salam/src/generator.c:560:9: warning: Access to field 'length' results in a dereference of a null pointer (loaded from field 'values') [clang-analyzer-core.NullDereference]
  560 |     if (returns->values->length == 0) {
      |         ^
/tmp/Salam/src/generator.c:754:9: note: Assuming field 'ast' is not equal to NULL
  754 |     if (generator->ast == NULL) {
      |         ^~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:754:5: note: Taking false branch
  754 |     if (generator->ast == NULL) {
      |     ^
/tmp/Salam/src/generator.c:758:9: note: Assuming field 'functions' is not equal to NULL
  758 |     if (generator->ast->functions != NULL) {
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:758:5: note: Taking true branch
  758 |     if (generator->ast->functions != NULL) {
      |     ^
/tmp/Salam/src/generator.c:759:9: note: Calling 'generator_code_functions'
  759 |         generator_code_functions(generator);
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:723:9: note: 'generator' is not equal to NULL
  723 |     if (generator != NULL && generator->ast != NULL &&
      |         ^~~~~~~~~
/tmp/Salam/src/generator.c:723:9: note: Left side of '&&' is true
/tmp/Salam/src/generator.c:723:41: note: Field 'ast' is not equal to NULL
  723 |     if (generator != NULL && generator->ast != NULL &&
      |                                         ^
/tmp/Salam/src/generator.c:723:9: note: Left side of '&&' is true
  723 |     if (generator != NULL && generator->ast != NULL &&
      |         ^
/tmp/Salam/src/generator.c:724:25: note: Field 'functions' is not equal to NULL
  724 |         generator->ast->functions != NULL &&
      |                         ^
/tmp/Salam/src/generator.c:723:9: note: Left side of '&&' is true
  723 |     if (generator != NULL && generator->ast != NULL &&
      |         ^
/tmp/Salam/src/generator.c:725:9: note: Assuming field 'data' is not equal to NULL
  725 |         generator->ast->functions->data != NULL &&
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:723:9: note: Left side of '&&' is true
  723 |     if (generator != NULL && generator->ast != NULL &&
      |         ^
/tmp/Salam/src/generator.c:726:9: note: Assuming field 'length' is > 0
  726 |         generator->ast->functions->length > 0) {
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:723:5: note: Taking true branch
  723 |     if (generator != NULL && generator->ast != NULL &&
      |     ^
/tmp/Salam/src/generator.c:727:28: note: 'i' is < field 'length'
  727 |         for (size_t i = 0; i < generator->ast->functions->length; i++) {
      |                            ^
/tmp/Salam/src/generator.c:727:9: note: Loop condition is true.  Entering loop body
  727 |         for (size_t i = 0; i < generator->ast->functions->length; i++) {
      |         ^
/tmp/Salam/src/generator.c:730:17: note: Assuming 'function' is not equal to NULL
  730 |             if (function != NULL) {
      |                 ^~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:730:13: note: Taking true branch
  730 |             if (function != NULL) {
      |             ^
/tmp/Salam/src/generator.c:732:21: note: Calling 'generator_code_function'
  732 |                     generator_code_function(generator, function);
      |                     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:706:28: note: Calling 'generator_code_block'
  706 |     string_t *code_block = generator_code_block(generator, function->block);
      |                            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:665:9: note: Assuming 'block' is not equal to NULL
  665 |     if (block != NULL) {
      |         ^~~~~~~~~~~~~
/tmp/Salam/src/generator.c:665:5: note: Taking true branch
  665 |     if (block != NULL) {
      |     ^
/tmp/Salam/src/generator.c:666:28: note: Assuming 'i' is < field 'length'
  666 |         for (size_t i = 0; i < block->children->length; i++) {
      |                            ^~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:666:9: note: Loop condition is true.  Entering loop body
  666 |         for (size_t i = 0; i < block->children->length; i++) {
      |         ^
/tmp/Salam/src/generator.c:669:17: note: Assuming 'node' is not equal to NULL
  669 |             if (node != NULL) {
      |                 ^~~~~~~~~~~~
/tmp/Salam/src/generator.c:669:13: note: Taking true branch
  669 |             if (node != NULL) {
      |             ^
/tmp/Salam/src/generator.c:670:39: note: Calling 'generator_code_node'
  670 |                 string_t *node_code = generator_code_node(generator, node);
      |                                       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:213:5: note: Control jumps to 'case AST_TYPE_RETURN:'  at line 257
  213 |     switch (node->type) {
      |     ^
/tmp/Salam/src/generator.c:259:17: note: Calling 'generator_code_return'
  259 |                 generator_code_return(generator, node->data.returns);
      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:556:9: note: Assuming field 'values' is equal to NULL
  556 |     if (returns->values == NULL) {
      |         ^~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:556:9: note: Assuming pointer value is null
  556 |     if (returns->values == NULL) {
      |         ^~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:556:5: note: Taking true branch
  556 |     if (returns->values == NULL) {
      |     ^
/tmp/Salam/src/generator.c:560:9: note: Access to field 'length' results in a dereference of a null pointer (loaded from field 'values')
  560 |     if (returns->values->length == 0) {
      |         ^        ~~~~~~
/tmp/Salam/src/generator.c:580:9: warning: Access to field 'destroy' results in a dereference of a null pointer (loaded from variable 'values_code') [clang-analyzer-core.NullDereference]
  580 |         values_code->destroy(values_code);
      |         ^
/tmp/Salam/src/generator.c:754:9: note: Assuming field 'ast' is not equal to NULL
  754 |     if (generator->ast == NULL) {
      |         ^~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:754:5: note: Taking false branch
  754 |     if (generator->ast == NULL) {
      |     ^
/tmp/Salam/src/generator.c:758:9: note: Assuming field 'functions' is not equal to NULL
  758 |     if (generator->ast->functions != NULL) {
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:758:5: note: Taking true branch
  758 |     if (generator->ast->functions != NULL) {
      |     ^
/tmp/Salam/src/generator.c:759:9: note: Calling 'generator_code_functions'
  759 |         generator_code_functions(generator);
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:723:9: note: 'generator' is not equal to NULL
  723 |     if (generator != NULL && generator->ast != NULL &&
      |         ^~~~~~~~~
/tmp/Salam/src/generator.c:723:9: note: Left side of '&&' is true
/tmp/Salam/src/generator.c:723:41: note: Field 'ast' is not equal to NULL
  723 |     if (generator != NULL && generator->ast != NULL &&
      |                                         ^
/tmp/Salam/src/generator.c:723:9: note: Left side of '&&' is true
  723 |     if (generator != NULL && generator->ast != NULL &&
      |         ^
/tmp/Salam/src/generator.c:724:25: note: Field 'functions' is not equal to NULL
  724 |         generator->ast->functions != NULL &&
      |                         ^
/tmp/Salam/src/generator.c:723:9: note: Left side of '&&' is true
  723 |     if (generator != NULL && generator->ast != NULL &&
      |         ^
/tmp/Salam/src/generator.c:725:9: note: Assuming field 'data' is not equal to NULL
  725 |         generator->ast->functions->data != NULL &&
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:723:9: note: Left side of '&&' is true
  723 |     if (generator != NULL && generator->ast != NULL &&
      |         ^
/tmp/Salam/src/generator.c:726:9: note: Assuming field 'length' is > 0
  726 |         generator->ast->functions->length > 0) {
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:723:5: note: Taking true branch
  723 |     if (generator != NULL && generator->ast != NULL &&
      |     ^
/tmp/Salam/src/generator.c:727:28: note: 'i' is < field 'length'
  727 |         for (size_t i = 0; i < generator->ast->functions->length; i++) {
      |                            ^
/tmp/Salam/src/generator.c:727:9: note: Loop condition is true.  Entering loop body
  727 |         for (size_t i = 0; i < generator->ast->functions->length; i++) {
      |         ^
/tmp/Salam/src/generator.c:730:17: note: Assuming 'function' is not equal to NULL
  730 |             if (function != NULL) {
      |                 ^~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:730:13: note: Taking true branch
  730 |             if (function != NULL) {
      |             ^
/tmp/Salam/src/generator.c:732:21: note: Calling 'generator_code_function'
  732 |                     generator_code_function(generator, function);
      |                     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:706:28: note: Calling 'generator_code_block'
  706 |     string_t *code_block = generator_code_block(generator, function->block);
      |                            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:665:9: note: Assuming 'block' is not equal to NULL
  665 |     if (block != NULL) {
      |         ^~~~~~~~~~~~~
/tmp/Salam/src/generator.c:665:5: note: Taking true branch
  665 |     if (block != NULL) {
      |     ^
/tmp/Salam/src/generator.c:666:28: note: Assuming 'i' is < field 'length'
  666 |         for (size_t i = 0; i < block->children->length; i++) {
      |                            ^~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:666:9: note: Loop condition is true.  Entering loop body
  666 |         for (size_t i = 0; i < block->children->length; i++) {
      |         ^
/tmp/Salam/src/generator.c:669:17: note: Assuming 'node' is not equal to NULL
  669 |             if (node != NULL) {
      |                 ^~~~~~~~~~~~
/tmp/Salam/src/generator.c:669:13: note: Taking true branch
  669 |             if (node != NULL) {
      |             ^
/tmp/Salam/src/generator.c:670:39: note: Calling 'generator_code_node'
  670 |                 string_t *node_code = generator_code_node(generator, node);
      |                                       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:213:5: note: Control jumps to 'case AST_TYPE_RETURN:'  at line 257
  213 |     switch (node->type) {
      |     ^
/tmp/Salam/src/generator.c:259:17: note: Calling 'generator_code_return'
  259 |                 generator_code_return(generator, node->data.returns);
      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:556:9: note: Assuming field 'values' is not equal to NULL
  556 |     if (returns->values == NULL) {
      |         ^~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:556:5: note: Taking false branch
  556 |     if (returns->values == NULL) {
      |     ^
@BaseMax
Copy link
Member Author

BaseMax commented Dec 2, 2024 

/tmp/Salam/src/generator.c:560:9: note: Assuming field 'length' is not equal to 0
  560 |     if (returns->values->length == 0) {
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:560:5: note: Taking false branch
  560 |     if (returns->values->length == 0) {
      |     ^
/tmp/Salam/src/generator.c:564:9: note: 'values_code' initialized here
  564 |         string_t *values_code =
      |         ^~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:567:13: note: Assuming 'values_code' is equal to NULL
  567 |         if (values_code == NULL) {
      |             ^~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:567:13: note: Assuming pointer value is null
  567 |         if (values_code == NULL) {
      |             ^~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:567:9: note: Taking true branch
  567 |         if (values_code == NULL) {
      |         ^
/tmp/Salam/src/generator.c:580:9: note: Access to field 'destroy' results in a dereference of a null pointer (loaded from variable 'values_code')
  580 |         values_code->destroy(values_code);
      |         ^~~~~~~~~~~
/tmp/Salam/src/generator.c:758:9: warning: Access to field 'functions' results in a dereference of a null pointer (loaded from field 'ast') [clang-analyzer-core.NullDereference]
  758 |     if (generator->ast->functions != NULL) {
      |         ^          ~~~
/tmp/Salam/src/generator.c:754:9: note: Assuming field 'ast' is equal to NULL
  754 |     if (generator->ast == NULL) {
      |         ^~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator.c:754:5: note: Taking true branch
  754 |     if (generator->ast == NULL) {
      |     ^
/tmp/Salam/src/generator.c:758:9: note: Access to field 'functions' results in a dereference of a null pointer (loaded from field 'ast')
  758 |     if (generator->ast->functions != NULL) {
      |         ^          ~~~
/tmp/Salam/src/generator_identifier.c:55:5: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
   55 |     strcpy(identifier, gen->current);
      |     ^~~~~~
/tmp/Salam/src/generator_identifier.c:55:5: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
   55 |     strcpy(identifier, gen->current);
      |     ^~~~~~
/tmp/Salam/src/generator_identifier.c:69:13: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
   69 |             memset(new_current, 'a', length + 1);
      |             ^~~~~~
/tmp/Salam/src/generator_identifier.c:69:13: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
   69 |             memset(new_current, 'a', length + 1);
      |             ^~~~~~
/tmp/Salam/src/generator_layout.c:810:64: warning: Access to field 'states' results in a dereference of a null pointer (loaded from variable 'block') [clang-analyzer-core.NullDereference]
  810 |     if (hashmap_has_any_sub_value_layout_attribute_style_state(block->states) ==
      |                                                                ^~~~~
/tmp/Salam/src/generator_layout.c:714:9: note: Assuming 'block' is equal to NULL
  714 |     if (block != NULL) {
      |         ^~~~~~~~~~~~~
/tmp/Salam/src/generator_layout.c:714:5: note: Taking false branch
  714 |     if (block != NULL) {
      |     ^
/tmp/Salam/src/generator_layout.c:810:64: note: Access to field 'states' results in a dereference of a null pointer (loaded from variable 'block')
  810 |     if (hashmap_has_any_sub_value_layout_attribute_style_state(block->states) ==
      |                                                                ^~~~~
/tmp/Salam/src/generator_layout.c:832:35: warning: Access to field 'length' results in a dereference of a null pointer (loaded from field 'meta_children') [clang-analyzer-core.NullDereference]
  832 |     size_t meta_children_length = block->meta_children->length;
      |                                   ^      ~~~~~~~~~~~~~
/tmp/Salam/src/generator_layout.c:714:9: note: Assuming 'block' is not equal to NULL
  714 |     if (block != NULL) {
      |         ^~~~~~~~~~~~~
/tmp/Salam/src/generator_layout.c:714:5: note: Taking true branch
  714 |     if (block != NULL) {
      |     ^
/tmp/Salam/src/generator_layout.c:715:13: note: Assuming field 'attributes' is equal to NULL
  715 |         if (block->attributes != NULL) {
      |             ^~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator_layout.c:715:9: note: Taking false branch
  715 |         if (block->attributes != NULL) {
      |         ^
/tmp/Salam/src/generator_layout.c:775:32: note: Value assigned to field 'meta_children'
  775 |         string_t *this_style = generator_code_layout_styles(
      |                                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  776 |             block->styles->normal, block, &css_attributes_length);
      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator_layout.c:783:28: note: Assuming 'i' is >= 'styles_new_capacity'
  783 |         for (size_t i = 0; i < styles_new_capacity; i++) {
      |                            ^~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator_layout.c:783:9: note: Loop condition is false. Execution continues on line 808
  783 |         for (size_t i = 0; i < styles_new_capacity; i++) {
      |         ^
/tmp/Salam/src/generator_layout.c:810:9: note: Assuming the condition is false
  810 |     if (hashmap_has_any_sub_value_layout_attribute_style_state(block->states) ==
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  811 |         true) {
      |         ~~~~
/tmp/Salam/src/generator_layout.c:810:5: note: Taking false branch
  810 |     if (hashmap_has_any_sub_value_layout_attribute_style_state(block->states) ==
      |     ^
/tmp/Salam/src/generator_layout.c:817:9: note: Assuming field 'tag' is not equal to NULL
  817 |     if (block->tag != NULL) {
      |         ^~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator_layout.c:817:5: note: Taking true branch
  817 |     if (block->tag != NULL) {
      |     ^
/tmp/Salam/src/generator_layout.c:821:10: note: Assuming field 'meta_children' is equal to NULL
  821 |     if ((block->meta_children != NULL && block->meta_children->length > 0) ||
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator_layout.c:821:39: note: Left side of '&&' is false
  821 |     if ((block->meta_children != NULL && block->meta_children->length > 0) ||
      |                                       ^
/tmp/Salam/src/generator_layout.c:822:9: note: Assuming field 'length' is > 0
  822 |         block->styles->normal->length > 0 || block->styles->new->length > 0 ||
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/generator_layout.c:822:43: note: Left side of '||' is true
  822 |         block->styles->normal->length > 0 || block->styles->new->length > 0 ||
      |                                           ^
/tmp/Salam/src/generator_layout.c:824:20: note: Field 'tag' is not equal to NULL
  824 |         if (block->tag == NULL) {
      |                    ^
/tmp/Salam/src/generator_layout.c:824:9: note: Taking false branch
  824 |         if (block->tag == NULL) {
      |         ^
/tmp/Salam/src/generator_layout.c:832:35: note: Access to field 'length' results in a dereference of a null pointer (loaded from field 'meta_children')
  832 |     size_t meta_children_length = block->meta_children->length;
      |                                   ^      ~~~~~~~~~~~~~
/tmp/Salam/src/lexer.c:568:9: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  568 |         fprintf(stderr, "Memory allocation failed\n");
      |         ^~~~~~~
/tmp/Salam/src/lexer.c:568:9: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  568 |         fprintf(stderr, "Memory allocation failed\n");
      |         ^~~~~~~
/tmp/Salam/src/lexer.c:572:5: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  572 |     snprintf(buffer, size, "%s: %s at %s", type, value, location);
      |     ^~~~~~~~
/tmp/Salam/src/lexer.c:572:5: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
  572 |     snprintf(buffer, size, "%s: %s at %s", type, value, location);
      |     ^~~~~~~~
/tmp/Salam/src/lexer.c:589:1: warning: Potential memory leak [clang-analyzer-unix.Malloc]
  589 | }
      | ^
/tmp/Salam/src/lexer.c:588:20: note: Calling 'token_stringify'
  588 |     printf("%s\n", token_stringify(token));
      |                    ^~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/lexer.c:566:20: note: Memory is allocated
  566 |     char *buffer = malloc(size);
      |                    ^~~~~~~~~~~~
/tmp/Salam/src/lexer.c:567:9: note: Assuming 'buffer' is non-null
  567 |     if (!buffer) {
      |         ^~~~~~~
/tmp/Salam/src/lexer.c:567:5: note: Taking false branch
  567 |     if (!buffer) {
      |     ^
/tmp/Salam/src/lexer.c:588:20: note: Returned allocated memory
  588 |     printf("%s\n", token_stringify(token));
      |                    ^~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/lexer.c:589:1: note: Potential memory leak
  589 | }
      | ^
/tmp/Salam/src/lexer.c:679:13: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  679 |             snprintf(buffer, sizeof(buffer), "%d", token->data.number_int);
      |             ^~~~~~~~
/tmp/Salam/src/lexer.c:679:13: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
  679 |             snprintf(buffer, sizeof(buffer), "%d", token->data.number_int);
      |             ^~~~~~~~
/tmp/Salam/src/lexer.c:684:13: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  684 |             snprintf(buffer, sizeof(buffer), "%f", token->data.number_float);
      |             ^~~~~~~~
/tmp/Salam/src/lexer.c:684:13: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
  684 |             snprintf(buffer, sizeof(buffer), "%f", token->data.number_float);
      |             ^~~~~~~~
/tmp/Salam/src/lexer.c:785:9: warning: Potential memory leak [clang-analyzer-unix.Malloc]
  785 |         file_appends(tokens_output, "\n");
      |         ^
/tmp/Salam/src/lexer.c:764:33: note: Assuming field 'source' is equal to NULL
  764 |     file_appends(tokens_output, lexer->source == NULL ? "REPL" : lexer->source);
      |                                 ^~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/lexer.c:764:33: note: '?' condition is true
/tmp/Salam/src/lexer.c:781:24: note: Assuming 'i' is < field 'length'
  781 |     for (size_t i = 0; i < lexer->tokens->length; i++) {
      |                        ^~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/lexer.c:781:5: note: Loop condition is true.  Entering loop body
  781 |     for (size_t i = 0; i < lexer->tokens->length; i++) {
      |     ^
/tmp/Salam/src/lexer.c:784:37: note: Calling 'token_stringify'
  784 |         file_appends(tokens_output, token_stringify(token));
      |                                     ^~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/lexer.c:566:20: note: Memory is allocated
  566 |     char *buffer = malloc(size);
      |                    ^~~~~~~~~~~~
/tmp/Salam/src/lexer.c:567:9: note: Assuming 'buffer' is non-null
  567 |     if (!buffer) {
      |         ^~~~~~~
/tmp/Salam/src/lexer.c:567:5: note: Taking false branch
  567 |     if (!buffer) {
      |     ^
/tmp/Salam/src/lexer.c:784:37: note: Returned allocated memory
  784 |         file_appends(tokens_output, token_stringify(token));
      |                                     ^~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/lexer.c:785:9: note: Potential memory leak
  785 |         file_appends(tokens_output, "\n");
      |         ^
/tmp/Salam/src/lexer.c:823:5: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  823 |     snprintf(buffer, sizeof(buffer), "%zu:%zu - %zu:%zu", location.start_line,
      |     ^~~~~~~~
/tmp/Salam/src/lexer.c:823:5: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
  823 |     snprintf(buffer, sizeof(buffer), "%zu:%zu - %zu:%zu", location.start_line,
      |     ^~~~~~~~
/tmp/Salam/src/log.c:40:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
   40 |     fprintf(stderr, "Panic error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:40:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
   40 |     fprintf(stderr, "Panic error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:41:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
   41 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:41:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
   41 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:43:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
   43 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:43:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
   43 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:67:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
   67 |     fprintf(stderr, "Error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:67:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
   67 |     fprintf(stderr, "Error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:68:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
   68 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:68:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
   68 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:70:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
   70 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:70:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
   70 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:94:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
   94 |     fprintf(stderr, "Generator Error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:94:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
   94 |     fprintf(stderr, "Generator Error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:95:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
   95 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:95:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
   95 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:97:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
   97 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:97:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
   97 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:121:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  121 |     fprintf(stderr, "Parser Error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:121:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  121 |     fprintf(stderr, "Parser Error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:122:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
  122 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:122:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
  122 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:124:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  124 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:124:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  124 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:148:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  148 |     fprintf(stderr, "Lexer Error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:148:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  148 |     fprintf(stderr, "Lexer Error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:149:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
  149 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:149:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
  149 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:151:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  151 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:151:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  151 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:175:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  175 |     fprintf(stderr, "AST Error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:175:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  175 |     fprintf(stderr, "AST Error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:176:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
  176 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:176:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
  176 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:178:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  178 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:178:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  178 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:202:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  202 |     fprintf(stderr, "Validator Error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:202:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  202 |     fprintf(stderr, "Validator Error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:203:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
  203 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:203:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
  203 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:205:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  205 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:205:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  205 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:229:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  229 |     fprintf(stderr, "Interpreter Error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:229:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  229 |     fprintf(stderr, "Interpreter Error: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:230:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
  230 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:230:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
  230 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:232:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  232 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:232:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  232 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:255:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  255 |     fprintf(stderr, "Warning: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:255:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  255 |     fprintf(stderr, "Warning: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:256:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
  256 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:256:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
  256 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:258:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  258 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:258:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  258 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:275:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  275 |     fprintf(stderr, "Generator Warning: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:275:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  275 |     fprintf(stderr, "Generator Warning: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:276:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
  276 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:276:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
  276 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:278:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  278 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:278:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  278 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:295:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  295 |     fprintf(stderr, "Parser Warning: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:295:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  295 |     fprintf(stderr, "Parser Warning: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:296:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
  296 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:296:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
  296 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:298:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  298 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:298:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  298 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:315:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  315 |     fprintf(stderr, "Lexer Warning: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:315:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  315 |     fprintf(stderr, "Lexer Warning: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:316:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
  316 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:316:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
  316 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:318:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  318 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:318:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  318 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:335:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  335 |     fprintf(stderr, "AST Warning: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:335:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  335 |     fprintf(stderr, "AST Warning: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:336:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
  336 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:336:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
  336 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:338:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  338 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:338:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  338 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:355:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  355 |     fprintf(stderr, "Validator Warning: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:355:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  355 |     fprintf(stderr, "Validator Warning: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:356:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
  356 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:356:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
  356 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:358:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  358 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:358:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  358 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:375:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  375 |     fprintf(stderr, "Interpreter Warning: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:375:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  375 |     fprintf(stderr, "Interpreter Warning: ");
      |     ^~~~~~~
/tmp/Salam/src/log.c:376:5: warning: Function 'vfprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]
  376 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:376:5: note: Function 'vfprintf' is called with an uninitialized va_list argument
  376 |     vfprintf(stderr, message, args);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/Salam/src/log.c:378:5: warning: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  378 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/log.c:378:5: note: Call to function 'fprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'fprintf_s' in case of C11
  378 |     fprintf(stderr, "\n");
      |     ^~~~~~~
/tmp/Salam/src/memory.c:113:5: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  113 |     memset(ptr, 0, size);
      |     ^~~~~~
/tmp/Salam/src/memory.c:113:5: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
  113 |     memset(ptr, 0, size);
      |     ^~~~~~
/tmp/Salam/src/memory.c:128:5: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  128 |     memcpy(dest, src, size);
      |     ^~~~~~
/tmp/Salam/src/memory.c:128:5: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
  128 |     memcpy(dest, src, size);
      |     ^~~~~~
/tmp/Salam/src/memory.c:158:5: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  158 |     memset(ptr, value, size);
      |     ^~~~~~
/tmp/Salam/src/memory.c:158:5: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
  158 |     memset(ptr, value, size);
      |     ^~~~~~
/tmp/Salam/src/string_buffer.c:117:5: warning: Call to function 'memmove' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memmove_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  117 |     memmove(str->data + 1, str->data, str->length + 1);
      |     ^~~~~~~
/tmp/Salam/src/string_buffer.c:117:5: note: Call to function 'memmove' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memmove_s' in case of C11
  117 |     memmove(str->data + 1, str->data, str->length + 1);
      |     ^~~~~~~
/tmp/Salam/src/string_buffer.c:141:5: warning: Call to function 'memmove' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memmove_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  141 |     memmove(str->data + prefix_len, str->data, str->length + 1);
      |     ^~~~~~~
/tmp/Salam/src/string_buffer.c:141:5: note: Call to function 'memmove' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memmove_s' in case of C11
  141 |     memmove(str->data + prefix_len, str->data, str->length + 1);
      |     ^~~~~~~
/tmp/Salam/src/string_buffer.c:143:5: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  143 |     memcpy(str->data, prefix, prefix_len);
      |     ^~~~~~
/tmp/Salam/src/string_buffer.c:143:5: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
  143 |     memcpy(str->data, prefix, prefix_len);
      |     ^~~~~~
/tmp/Salam/src/string_buffer.c:216:5: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
  216 |     strcpy(str->data + str->length, suffix);
      |     ^~~~~~
/tmp/Salam/src/string_buffer.c:216:5: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
  216 |     strcpy(str->data + str->length, suffix);
      |     ^~~~~~
/tmp/Salam/src/string_buffer.c:390:9: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
  390 |         strcpy(result, str);
      |         ^~~~~~
/tmp/Salam/src/string_buffer.c:390:9: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
  390 |         strcpy(result, str);
      |         ^~~~~~
/tmp/Salam/src/string_buffer.c:411:9: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  411 |         strncpy(result_ptr, search_start, bytes_to_copy);
      |         ^~~~~~~
/tmp/Salam/src/string_buffer.c:411:9: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11
  411 |         strncpy(result_ptr, search_start, bytes_to_copy);
      |         ^~~~~~~
/tmp/Salam/src/string_buffer.c:414:9: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
  414 |         strcpy(result_ptr, new_substr);
      |         ^~~~~~
/tmp/Salam/src/string_buffer.c:414:9: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
  414 |         strcpy(result_ptr, new_substr);
      |         ^~~~~~
/tmp/Salam/src/string_buffer.c:420:5: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
  420 |     strcpy(result_ptr, search_start);
      |     ^~~~~~
/tmp/Salam/src/string_buffer.c:420:5: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
  420 |     strcpy(result_ptr, search_start);
      |     ^~~~~~
/tmp/Salam/src/string_buffer.c:854:5: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
  854 |     strcpy(str, temp_str);
      |     ^~~~~~
/tmp/Salam/src/string_buffer.c:854:5: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
  854 |     strcpy(str, temp_str);
      |     ^~~~~~
/tmp/Salam/src/string_buffer.c:870:5: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  870 |     snprintf(buffer, sizeof(buffer), "%d", value);
      |     ^~~~~~~~
/tmp/Salam/src/string_buffer.c:870:5: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
  870 |     snprintf(buffer, sizeof(buffer), "%d", value);
      |     ^~~~~~~~
/tmp/Salam/src/string_buffer.c:886:5: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  886 |     snprintf(buffer, sizeof(buffer), "%f", value);
      |     ^~~~~~~~
/tmp/Salam/src/string_buffer.c:886:5: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
  886 |     snprintf(buffer, sizeof(buffer), "%f", value);
      |     ^~~~~~~~
/tmp/Salam/src/string_buffer.c:902:5: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  902 |     snprintf(buffer, sizeof(buffer), "%f", value);
      |     ^~~~~~~~
/tmp/Salam/src/string_buffer.c:902:5: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
  902 |     snprintf(buffer, sizeof(buffer), "%f", value);
      |     ^~~~~~~~
/tmp/Salam/src/string_buffer.c:981:5: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  981 |     memset(&state, 0, sizeof(state));
      |     ^~~~~~
/tmp/Salam/src/string_buffer.c:981:5: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
  981 |     memset(&state, 0, sizeof(state));
      |     ^~~~~~
/tmp/Salam/src/validator.c:258:5: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
  258 |     snprintf(res, value_length, "%spx", attribute_value);
      |     ^~~~~~~~
/tmp/Salam/src/validator.c:258:5: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
  258 |     snprintf(res, value_length, "%spx", attribute_value);
      |     ^~~~~~~~
/tmp/Salam/src/validator.c:277:5: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
  277 |     strcpy(res, attribute_value);
      |     ^~~~~~
/tmp/Salam/src/validator.c:277:5: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
  277 |     strcpy(res, attribute_value);
      |     ^~~~~~
/tmp/Salam/src/validator.c:280:9: warning: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
  280 |         strcat(res, "px");
      |         ^~~~~~
/tmp/Salam/src/validator.c:280:9: note: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119
  280 |         strcat(res, "px");
      |         ^~~~~~
/tmp/Salam/src/validator.c:1099:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
 1099 |         snprintf(attribute->final_value, 20, "%d", first->data.int_value);
      |         ^~~~~~~~
/tmp/Salam/src/validator.c:1099:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
 1099 |         snprintf(attribute->final_value, 20, "%d", first->data.int_value);
      |         ^~~~~~~~
/tmp/Salam/src/validator.c:1105:13: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
 1105 |             snprintf(attribute->final_value, 20, "%d",
      |             ^~~~~~~~
/tmp/Salam/src/validator.c:1105:13: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
 1105 |             snprintf(attribute->final_value, 20, "%d",
      |             ^~~~~~~~
/tmp/Salam/src/validator.c:1354:13: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
 1354 |             snprintf(attribute->final_value, 20, "%.2f",
      |             ^~~~~~~~
/tmp/Salam/src/validator.c:1354:13: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
 1354 |             snprintf(attribute->final_value, 20, "%.2f",
      |             ^~~~~~~~
/tmp/Salam/src/validator.c:1374:13: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
 1374 |             snprintf(attribute->final_value, 20, "%.2f",
      |             ^~~~~~~~
/tmp/Salam/src/validator.c:1374:13: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
 1374 |             snprintf(attribute->final_value, 20, "%.2f",
      |             ^~~~~~~~
/tmp/Salam/src/validator.c:1453:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
 1453 |         snprintf(attribute->final_value, 20, "%dpx", first->data.int_value);
      |         ^~~~~~~~
/tmp/Salam/src/validator.c:1453:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
 1453 |         snprintf(attribute->final_value, 20, "%dpx", first->data.int_value);
      |         ^~~~~~~~
/tmp/Salam/src/validator.c:1458:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
 1458 |         snprintf(attribute->final_value, 20, "%fpx", first->data.float_value);
      |         ^~~~~~~~
/tmp/Salam/src/validator.c:1458:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
 1458 |         snprintf(attribute->final_value, 20, "%fpx", first->data.float_value);
      |         ^~~~~~~~
Suppressed 1 warnings (1 in non-user code).

@BaseMax
Copy link
Member Author

BaseMax commented Dec 2, 2024

Check warnings by:

clang-tidy src/*.c -checks='clang-analyzer-deadcode.UnusedFunctions' -p compile_commands.json

@BDadmehr0 BDadmehr0 added this to the November milestone Dec 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
c code style
Projects
None yet
Milestone
December
Development

No branches or pull requests
2 participants
@BaseMax @BDadmehr0