Potential Security Issues

Question

Potential Security Issues

Closed this issue a month ago · 0 comments

Hi, certain potential security issues are found in this repository. Fixing them will remove certain security threats.
They are listed below for reference:

Analyzing and compiling 0009-palindrome-number.c to 0009-palindrome-number.o
0009-palindrome-number.c:17:22: warning: Division by zero [core.DivideZero]
int left = x / div;
~~^~~~~
1 warning generated.
Compilation and analysis of 0009-palindrome-number.c succeeded

Analyzing and compiling 0010-regular-expression-matching.c to 0010-regular-expression-matching.o
0010-regular-expression-matching.c:15:24: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
dp[0][j] = dp[0][j - 2];
^~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0010-regular-expression-matching.c succeeded

Analyzing and compiling 0019-remove-nth-node-from-end-of-list.c to 0019-remove-nth-node-from-end-of-list.o
0019-remove-nth-node-from-end-of-list.c:36:22: warning: Access to field 'next' results in a dereference of a null pointer (loaded from field 'next') [core.NullDereference]
slow->next = slow->next->next;
^~~~~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0019-remove-nth-node-from-end-of-list.c succeeded

Analyzing and compiling 0022-generate-parentheses.c to 0022-generate-parentheses.o
Compilation and analysis of 0022-generate-parentheses.c failed

Analyzing and compiling 0023-merge-k-sorted-lists.c to 0023-merge-k-sorted-lists.o
0023-merge-k-sorted-lists.c:70:42: warning: This statement is never executed [alpha.deadcode.UnreachableCode]
for(size_t i = 0; i < listsSize; i += 2)
^
0023-merge-k-sorted-lists.c:73:65: warning: This statement is never executed [alpha.deadcode.UnreachableCode]
ListNode* l2 = (i + 1) < listsSize ? lists[i + 1] : NULL;
^~~~

0023-merge-k-sorted-lists.c:75:45: warning: Array access (from variable 'mergedLists') results in an undefined pointer dereference [core.NullDereference]
mergedLists[mergedListsIndex++] = mergeLists(l1, l2);

0023-merge-k-sorted-lists.c:78:17: warning: This statement is never executed [alpha.deadcode.UnreachableCode]
lists = mergedLists;
^~~~~~~~~~~
4 warnings generated.

Analyzing and compiling 0025-reverse-nodes-in-k-group.c to 0025-reverse-nodes-in-k-group.o
0025-reverse-nodes-in-k-group.c:62:5: warning: Address of stack memory associated with local variable 'dummy' returned to caller [core.StackAddressEscape]
return dummy.next;
^~~~~~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0025-reverse-nodes-in-k-group.c succeeded

Analyzing and compiling 0039-combination-sum.c to 0039-combination-sum.o
0039-combination-sum.c:20:51: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
comb_array -> array = (int*)malloc(array_size * sizeof(int));
~~~~~~~~~~~^~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0039-combination-sum.c succeeded

Analyzing and compiling 0040-combination-sum-ii.c to 0040-combination-sum-ii.o
0040-combination-sum-ii.c:5:57: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
result[*resultSize] = (int *)malloc(currentSize * sizeof(int));
~~~~~~~~~~~~^~~~~~~~~~~~~
0040-combination-sum-ii.c:36:49: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int *current = (int *)malloc(candidatesSize * sizeof(int));
~~~~~~~~~~~~~~~^~~~~~~~~~~~~
2 warnings generated.

Analyzing and compiling 0043-multiply-strings.c to 0043-multiply-strings.o
0043-multiply-strings.c:19:41: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
char* res = (char*)malloc((len + 1) * sizeof(char));
~~~~~~~~~~^~~~~~~~~~~~~~
0043-multiply-strings.c:30:16: warning: Potential leak of memory pointed to by 'result' [unix.Malloc]
return "0";
^~~
0043-multiply-strings.c:30:16: warning: Potential leak of memory pointed to by 'res' [unix.Malloc]
return "0";
^~~
3 warnings generated.

Analyzing and compiling 0046-permutations.c to 0046-permutations.o
0046-permutations.c:34:52: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int** result = (int**)malloc(totalPermutations * sizeof(int*));
~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~
0046-permutations.c:35:42: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* current = (int*)malloc(numsSize * sizeof(int));
~~~~~~~~~^~~~~~~~~~~~~
0046-permutations.c:37:57: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
*returnColumnSizes = (int*)malloc(totalPermutations * sizeof(int));
~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~
3 warnings generated.

Analyzing and compiling 0050-powx-n.c to 0050-powx-n.o
0050-powx-n.c:4:10: warning: Value stored to 'exponent' during its initialization is never read [deadcode.DeadStores]
long exponent = abs(n);
^~~~~~~~   ~~~~~~
1 warning generated.
Compilation and analysis of 0050-powx-n.c succeeded

Analyzing and compiling 0051-n-queens.c to 0051-n-queens.o
0051-n-queens.c:33:19: warning: The left operand of '<' is a garbage value [core.UndefinedBinaryOperatorResult]
for (int x; x < 4; x++) {
~ ^
0051-n-queens.c:48:36: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
char** copy = (char**)malloc(n * sizeof(char*));
~~^~~~~~~~~~~~~~~
0051-n-queens.c:50:41: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
copy[i] = (char*)malloc((n + 1) * sizeof(char));
~~~~~~~~^~~~~~~~~~~~~~
0051-n-queens.c:88:42: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
char** chessboard = (char**)malloc(n * sizeof(char*));
~~^~~~~~~~~~~~~~~
0051-n-queens.c:90:41: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
chessboard[i] = (char*)malloc(n * sizeof(char));
~~^~~~~~~~~~~~~~
5 warnings generated.

Analyzing and compiling 0052-n-queens-ii.c to 0052-n-queens-ii.o
0052-n-queens-ii.c:23:13: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
if (board[i-k][j-k])
^~~~~~~~~~~~~~~
0052-n-queens-ii.c:27:13: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
if (board[i-k][j+k])
^~~~~~~~~~~~~~~
0052-n-queens-ii.c:47:38: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int** board = malloc(sizeof(int*)*n);
~~~~~~~~~~~~^~
3 warnings generated.

Analyzing and compiling 0056-merge-intervals.c to 0056-merge-intervals.o
0056-merge-intervals.c:47:47: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int** result = (int**)malloc(sizeof(int*) * mergedCount);
~~~~~~~~~~~~~^~~~~~~~~~~~~
0056-merge-intervals.c:48:51: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
*returnColumnSizes = (int*)malloc(sizeof(int) * mergedCount);
~~~~~~~~~~~~^~~~~~~~~~~~~
2 warnings generated.

Analyzing and compiling 0057-insert-interval.c to 0057-insert-interval.o
0057-insert-interval.c:5:47: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int** result = (int**)malloc(sizeof(int*) * (intervalsSize + 1));
~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~
0057-insert-interval.c:6:51: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
*returnColumnSizes = (int*)malloc(sizeof(int) * (intervalsSize + 1));
~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~
2 warnings generated.

Analyzing and compiling 0066-plus-one.c to 0066-plus-one.o
0066-plus-one.c:27:44: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* result = (int*) malloc(sizeof(int)*(digitsSize+1));
~~~~~~~~~~~^~~~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0066-plus-one.c succeeded

Analyzing and compiling 0067-add-binary.c to 0067-add-binary.o
0067-add-binary.c:6:45: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
char *res = (char *)malloc((maxLen + 2) * sizeof(char));
~~~~~~~~~~~~~^~~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0067-add-binary.c succeeded

Analyzing and compiling 0076-minimum-window-substring.c to 0076-minimum-window-substring.o
0076-minimum-window-substring.c:51:21: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
ans[maxLen] = '\0';
~~~~~~~~~~~ ^
1 warning generated.
Compilation and analysis of 0076-minimum-window-substring.c succeeded

Analyzing and compiling 0078-subsets.c to 0078-subsets.o
0078-subsets.c:18:51: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* factorials = (int*)malloc((numsSize + 1) * sizeof(int));
~~~~~~~~~~~~~~~^~~~~~~~~~~~~
0078-subsets.c:32:47: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int** result = (int**)malloc(combinations * sizeof(int*));
~~~~~~~~~~~~~^~~~~~~~~~~~~~
0078-subsets.c:33:54: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
returnColumnSizes[0] = (int*)malloc(combinations * sizeof(int));
~~~~~~~~~~~~~^~~~~~~~~~~~~
0078-subsets.c:34:29: warning: Out of bound memory access (access exceeds upper limit of memory block) [alpha.security.ArrayBoundV2]
returnColumnSizes[0][0] = 0;
~~~~~~~~~~~~~~~~~~~~~~~~^~~
4 warnings generated.

Analyzing and compiling 0084-largest-rectangle-in-histogram.c to 0084-largest-rectangle-in-histogram.o
0084-largest-rectangle-in-histogram.c:81:9: warning: Potential leak of memory pointed to by 'st' [unix.Malloc]
return ans;
^~~
1 warning generated.
Compilation and analysis of 0084-largest-rectangle-in-histogram.c succeeded

Analyzing and compiling 0090-subsets-ii.c to 0090-subsets-ii.o
0090-subsets-ii.c:9:54: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
(*result)[*resultSize] = (int*)malloc(subsetSize * sizeof(int));
~~~~~~~~~~~^~~~~~~~~~~~~
0090-subsets-ii.c:37:41: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* subset = (int*)malloc(numsSize * sizeof(int));
~~~~~~~~~^~~~~~~~~~~~~
2 warnings generated.

Analyzing and compiling 0091-decode-ways.c to 0091-decode-ways.o
0091-decode-ways.c:31:5: warning: Potential leak of memory pointed to by 'dp' [unix.Malloc]
return dp[0];
^~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0091-decode-ways.c succeeded

Analyzing and compiling 0096-unique-binary-search-trees.c to 0096-unique-binary-search-trees.o
0096-unique-binary-search-trees.c:13:39: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* dp = (int*)malloc(sizeof(int)*(n+1));
~~~~~~~~~~~^~~~~~
0096-unique-binary-search-trees.c:22:5: warning: Potential leak of memory pointed to by 'dp' [unix.Malloc]
return dp[n];
^~~~~~~~~~~~
2 warnings generated.

Analyzing and compiling 0118-pascals-triangle.c to 0118-pascals-triangle.o
0118-pascals-triangle.c:13:28: warning: Result of 'malloc' is converted to a pointer of type 'int', which is incompatible with sizeof operand type 'int *' [unix.MallocSizeof]
(*returnColumnSizes) = malloc(sizeof(int*)*numRows);
^~~~~~ ~~~~~~~~~~~~
0118-pascals-triangle.c:13:47: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
(*returnColumnSizes) = malloc(sizeof(int*)*numRows);
~~~~~~~~~~~~^~~~~~~~
0118-pascals-triangle.c:14:36: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int** ans = malloc(sizeof(int*)*numRows);
~~~~~~~~~~~~^~~~~~~~
0118-pascals-triangle.c:17:36: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
ans[i] = malloc(sizeof(int)*(i+1));
~~~~~~~~~~~^~~~~~
4 warnings generated.

Analyzing and compiling 0133-clone-graph.c to 0133-clone-graph.o
0133-clone-graph.c:18:64: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
node -> neighbors = (struct Node**)malloc(numNeighbors * sizeof(struct Node*));
~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0133-clone-graph.c succeeded

Analyzing and compiling 0135-candy.c to 0135-candy.o
0135-candy.c:5:45: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* candies = (int*)malloc(sizeof(int) * ratingsSize);
~~~~~~~~~~~~^~~~~~~~~~~~~
0135-candy.c:21:55: warning: The left operand of '<=' is a garbage value [core.UndefinedBinaryOperatorResult]
if (ratings[i] > ratings[i + 1] && candies[i] <= candies[i + 1]) {
~~~~~~~~~~ ^
0135-candy.c:22:41: warning: The left operand of '+' is a garbage value [core.UndefinedBinaryOperatorResult]
candies[i] = candies[i + 1] + 1;
~~~~~~~~~~~~~~ ^
3 warnings generated.

Analyzing and compiling 0143-reorder-list.c to 0143-reorder-list.o
0143-reorder-list.c:21:22: warning: Value stored to 'next' during its initialization is never read [deadcode.DeadStores]
struct ListNode* next = curr->next;
^~~~   ~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0143-reorder-list.c succeeded

Analyzing and compiling 0148-sort-list.c to 0148-sort-list.o
0148-sort-list.c:69:16: warning: Access to field 'next' results in a dereference of a null pointer (loaded from variable 'prev') [core.NullDereference]
prev->next = NULL;
~~~~       ^
1 warning generated.
Compilation and analysis of 0148-sort-list.c succeeded

Analyzing and compiling 0150-evaluate-reverse-polish-notation.c to 0150-evaluate-reverse-polish-notation.o
0150-evaluate-reverse-polish-notation.c:13:25: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
int first = stk[stkIndex];
^~~~~~~~~~~~~
0150-evaluate-reverse-polish-notation.c:15:26: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
int second = stk[stkIndex];
^~~~~~~~~~~~~
0150-evaluate-reverse-polish-notation.c:21:25: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
int first = stk[stkIndex];
^~~~~~~~~~~~~
0150-evaluate-reverse-polish-notation.c:23:26: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
int second = stk[stkIndex];
^~~~~~~~~~~~~
0150-evaluate-reverse-polish-notation.c:29:26: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
long first = stk[stkIndex];
^~~~~~~~~~~~~
0150-evaluate-reverse-polish-notation.c:31:26: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
int second = stk[stkIndex];
^~~~~~~~~~~~~
0150-evaluate-reverse-polish-notation.c:38:25: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
int first = stk[stkIndex];
^~~~~~~~~~~~~
0150-evaluate-reverse-polish-notation.c:40:26: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
int second = stk[stkIndex];
^~~~~~~~~~~~~
8 warnings generated.

Analyzing and compiling 0207-course-schedule.c to 0207-course-schedule.o
0207-course-schedule.c:19:17: warning: 1st function call argument is an uninitialized value [core.CallAndMessage]
if (hasLoops(cmap[idx][i], cmap, cpr, visited)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0207-course-schedule.c succeeded

Analyzing and compiling 0212-word-search-ii.c to 0212-word-search-ii.o
0212-word-search-ii.c:73:51: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
char** result = (char**) malloc(sizeof(char*) * wordsSize);
~~~~~~~~~~~~~~^~~~~~~~~~~
0212-word-search-ii.c:77:52: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
bool** visited = (bool**) malloc(sizeof(bool*) * boardSize);
~~~~~~~~~~~~~~^~~~~~~~~~~
0212-word-search-ii.c:91:19: warning: Potential leak of memory pointed to by 'trie' [unix.Malloc]
*returnSize = resultSize;
^~~~~~~~~~
0212-word-search-ii.c:91:19: warning: Potential leak of memory pointed to by 'visited' [unix.Malloc]
*returnSize = resultSize;
^~~~~~~~~~
4 warnings generated.

Analyzing and compiling 0238-product-of-array-except-self.c to 0238-product-of-array-except-self.o
0238-product-of-array-except-self.c:14:44: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int *result = (int *)malloc(sizeof(int)*numsSize);
~~~~~~~~~~~^~~~~~~~~
1 warning generated.
Compilation and analysis of 0238-product-of-array-except-self.c succeeded

Analyzing and compiling 0239-sliding-window-maximum.c to 0239-sliding-window-maximum.o
0239-sliding-window-maximum.c:22:38: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
deque->data = (Pair*)malloc(size * sizeof(Pair));
~~~~~^~~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0239-sliding-window-maximum.c succeeded

Analyzing and compiling 0297-serialize-and-deserialize-binary-tree.c to 0297-serialize-and-deserialize-binary-tree.o
0297-serialize-and-deserialize-binary-tree.c:82:41: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
char* data = (char*)malloc(dataSize * sizeof(char));
~~~~~~~~~^~~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0297-serialize-and-deserialize-binary-tree.c succeeded

Analyzing and compiling 0329-longest-increasing-path-in-a-matrix.c to 0329-longest-increasing-path-in-a-matrix.o
0329-longest-increasing-path-in-a-matrix.c:32:35: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int** dp = malloc(sizeof(int*)*matrixSize);
~~~~~~~~~~~~^~~~~~~~~~~
0329-longest-increasing-path-in-a-matrix.c:42:12: warning: Potential leak of memory pointed to by 'dp' [unix.Malloc]
return ans;
^~~
2 warnings generated.

Analyzing and compiling 0332-reconstruct-itinerary.c to 0332-reconstruct-itinerary.o
0332-reconstruct-itinerary.c:37:46: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
p = (char **)malloc((ticketsRowSize + 1) * sizeof(char *));
~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0332-reconstruct-itinerary.c succeeded

Analyzing and compiling 0347-top-k-frequent-elements.c to 0347-top-k-frequent-elements.o
0347-top-k-frequent-elements.c:45:36: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
res = (int*)malloc(sizeof(int) * k);
~~~~~~~~~~~~^~~
1 warning generated.
Compilation and analysis of 0347-top-k-frequent-elements.c succeeded

Analyzing and compiling 0416-partition-equal-subset-sum.c to 0416-partition-equal-subset-sum.o
0416-partition-equal-subset-sum.c:28:21: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
dp[j] = dp[j] || dp[j - nums[i]];
^~~~~
1 warning generated.
Compilation and analysis of 0416-partition-equal-subset-sum.c succeeded

Analyzing and compiling 0438-find-all-anagrams-in-a-string.c to 0438-find-all-anagrams-in-a-string.o
0438-find-all-anagrams-in-a-string.c:30:9: warning: Undefined or garbage value returned to caller [core.uninitialized.UndefReturn]
return ans;
^~~~~~~~~~
1 warning generated.
Compilation and analysis of 0438-find-all-anagrams-in-a-string.c succeeded

Analyzing and compiling 0448-find-all-numbers-disappeared-in-an-array.c to 0448-find-all-numbers-disappeared-in-an-array.o
0448-find-all-numbers-disappeared-in-an-array.c:8:53: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* disappearedNumbers = (int*)malloc(numsSize * sizeof(int)); // Allocate space for the worst case
~~~~~~~~~^~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0448-find-all-numbers-disappeared-in-an-array.c succeeded

Analyzing and compiling 0682-baseball-game.c to 0682-baseball-game.o
0682-baseball-game.c:50:26: warning: Access to field 'val' results in a dereference of a null pointer (loaded from variable 's') [core.NullDereference]
int to_add = s->val + (s->next)->val;
^~~~~~
0682-baseball-game.c:50:35: warning: Access to field 'val' results in a dereference of a null pointer (loaded from field 'next') [core.NullDereference]
int to_add = s->val + (s->next)->val;
^~~~~~~~~~~~~~
0682-baseball-game.c:53:26: warning: Access to field 'val' results in a dereference of a null pointer (loaded from variable 's') [core.NullDereference]
s = add(s, 2*(s->val));
^~~~~~~~
0682-baseball-game.c:75:5: warning: Potential leak of memory pointed to by 's' [unix.Malloc]
return sum(s);
^~~~~~~~~~~~~
0682-baseball-game.c:75:5: warning: Potential leak of memory pointed to by 's' [unix.Malloc]
return sum(s);
^~~~~~~~~~~~~
0682-baseball-game.c:75:5: warning: Potential leak of memory pointed to by 's' [unix.Malloc]
return sum(s);
^~~~~~~~~~~~~
0682-baseball-game.c:75:5: warning: Potential leak of memory pointed to by 's' [unix.Malloc]
return sum(s);
^~~~~~~~~~~~~
7 warnings generated.

Analyzing and compiling 0684-redundant-connection.c to 0684-redundant-connection.o
0684-redundant-connection.c:23:37: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* parent = malloc(sizeof(int)*(edgesSize+1));
~~~~~~~~~~~^~~~~~~~~~~~~~
0684-redundant-connection.c:36:19: warning: Potential leak of memory pointed to by 'parent' [unix.Malloc]
*returnSize = 2;
^
2 warnings generated.

Analyzing and compiling 0739-daily-temperatures.c to 0739-daily-temperatures.o
0739-daily-temperatures.c:20:44: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* result = (int*) malloc(sizeof(int)*temperaturesSize);
~~~~~~~~~~~^~~~~~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0739-daily-temperatures.c succeeded

Analyzing and compiling 0740-delete-and-earn.c to 0740-delete-and-earn.o
0740-delete-and-earn.c:22:23: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
freq[nums[i]] += nums[i];
~~~~~~~~~~~~~ ^
0740-delete-and-earn.c:27:13: warning: Access out-of-bound array element (buffer overflow) [alpha.security.ArrayBound]
dp[1] = freq[1];
^~~~~~~
2 warnings generated.

Analyzing and compiling 0912-sort-an-array.c to 0912-sort-an-array.o
0912-sort-an-array.c:24:43: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int * left = (int *)malloc(sizeof(int)*n1);
~~~~~~~~~~~^~~
0912-sort-an-array.c:25:42: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int * right=(int *)malloc(sizeof(int)*n2);
~~~~~~~~~~~^~~
0912-sort-an-array.c:57:11: warning: Potential leak of memory pointed to by 'left' [unix.Malloc]
while(j<n2){
^
0912-sort-an-array.c:63:1: warning: Potential leak of memory pointed to by 'right' [unix.Malloc]
};
^
0912-sort-an-array.c:67:44: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int *array = (int *) malloc(sizeof(int)*numsSize);
~~~~~~~~~~~^~~~~~~~~
5 warnings generated.

Analyzing and compiling 0973-k-closest-points-to-origin.c to 0973-k-closest-points-to-origin.o
0973-k-closest-points-to-origin.c:30:49: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
Point* pointArr = (Point*)malloc(pointsSize * sizeof(Point));
~~~~~~~~~~~^~~~~~~~~~~~~~~
0973-k-closest-points-to-origin.c:36:21: warning: Loss of sign in implicit conversion [alpha.core.Conversion]
qsort(pointArr, pointsSize, sizeof(Point), compare);
^~~~~~~~~~
0973-k-closest-points-to-origin.c:38:36: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int** result = (int**)malloc(k * sizeof(int*));
~~^~~~~~~~~~~~~~
0973-k-closest-points-to-origin.c:40:41: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
*returnColumnSizes = (int*)malloc(k * sizeof(int));
~~^~~~~~~~~~~~~
4 warnings generated.

Analyzing and compiling 0980-unique-paths-iii.c to 0980-unique-paths-iii.o
0980-unique-paths-iii.c:51:12: warning: 3rd function call argument is an uninitialized value [core.CallAndMessage]
return solve(R, C, endRow, endCol, visited, toVisit, startRow, startCol);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
0980-unique-paths-iii.c:51:12: warning: 7th function call argument is an uninitialized value [core.CallAndMessage]
return solve(R, C, endRow, endCol, visited, toVisit, startRow, startCol);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2 warnings generated.

Analyzing and compiling 0989-add-to-array-form-of-integer.c to 0989-add-to-array-form-of-integer.o
0989-add-to-array-form-of-integer.c:9:40: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* result = (int*)malloc(maxSize * sizeof(int));
~~~~~~~~^~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 0989-add-to-array-form-of-integer.c succeeded

Analyzing and compiling 1470-shuffle-the-array.c to 1470-shuffle-the-array.o
1470-shuffle-the-array.c:6:41: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* result = (int*)malloc(numsSize * sizeof(int));
~~~~~~~~~^~~~~~~~~~~~~
1470-shuffle-the-array.c:9:9: warning: Although the value stored to 'j' is used in the enclosing expression, the value is never actually read from 'j' [deadcode.DeadStores]
i = j = k = 0;
^   ~~~~~
2 warnings generated.

Analyzing and compiling 1480-running-sum-of-1d-array.c to 1480-running-sum-of-1d-array.o
1480-running-sum-of-1d-array.c:15:32: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int *ret = malloc(numsSize * sizeof(int));
~~~~~~~~~^~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 1480-running-sum-of-1d-array.c succeeded

Analyzing and compiling 1799-maximize-score-after-n-operations.c to 1799-maximize-score-after-n-operations.o
1799-maximize-score-after-n-operations.c:40:23: warning: Value stored to 'n' during its initialization is never read [deadcode.DeadStores]
int m = numsSize, n = numsSize / 2;
^   ~~~~~~~~~~~~
1799-maximize-score-after-n-operations.c:41:39: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int** gcdValues = (int**)malloc(m * sizeof(int*));
~~^~~~~~~~~~~~~~
1799-maximize-score-after-n-operations.c:43:39: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
gcdValues[i] = (int*)malloc(m * sizeof(int));
~~^~~~~~~~~~~~~
3 warnings generated.

Analyzing and compiling 1929-concatenation-of-array.c to 1929-concatenation-of-array.o
1929-concatenation-of-array.c:10:39: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int *ans = (int*)malloc(2*numsSize*sizeof(int));
~~~~~~~~~~^~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 1929-concatenation-of-array.c succeeded

Analyzing and compiling 1930-unique-length-3-palindromic-subsequences.c to 1930-unique-length-3-palindromic-subsequences.o
1930-unique-length-3-palindromic-subsequences.c:14:13: warning: This statement is never executed [alpha.deadcode.UnreachableCode]
c = s[i] - 'a';
^
1930-unique-length-3-palindromic-subsequences.c:26:13: warning: This statement is never executed [alpha.deadcode.UnreachableCode]
if (last[i] != -1) {
^~~~
1930-unique-length-3-palindromic-subsequences.c:29:25: warning: This statement is never executed [alpha.deadcode.UnreachableCode]
int c = s[j] - 'a';
^
3 warnings generated.

Analyzing and compiling 1964-find-the-longest-valid-obstacle-course-at-each-position.c to 1964-find-the-longest-valid-obstacle-course-at-each-position.o
1964-find-the-longest-valid-obstacle-course-at-each-position.c:18:43: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* lis = (int*)malloc(obstaclesSize * sizeof(int));
~~~~~~~~~~~~~~^~~~~~~~~~~~~
1964-find-the-longest-valid-obstacle-course-at-each-position.c:19:46: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* result = (int*)malloc(obstaclesSize * sizeof(int));
~~~~~~~~~~~~~~^~~~~~~~~~~~~
2 warnings generated.

Analyzing and compiling 1968-array-with-elements-not-equal-to-average-of-neighbors.c to 1968-array-with-elements-not-equal-to-average-of-neighbors.o
1968-array-with-elements-not-equal-to-average-of-neighbors.c:16:34: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* ans = malloc(sizeof(int)*numsSize);
~~~~~~~~~~~^~~~~~~~~
1 warning generated.
Compilation and analysis of 1968-array-with-elements-not-equal-to-average-of-neighbors.c succeeded

Analyzing and compiling 2140-solving-questions-with-brainpower.c to 2140-solving-questions-with-brainpower.o
2140-solving-questions-with-brainpower.c:6:48: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
long long* dp = (long long*)malloc((n + 1) * sizeof(long long));
~~~~~~~~^~~~~~~~~~~~~~~~~~~
2140-solving-questions-with-brainpower.c:15:27: warning: Out of bound memory access (accessed memory precedes memory block) [alpha.security.ArrayBoundV2]
dp[i] = (points + dp[(jump + i + 1) < n ? (jump + i + 1) : n]) > dp[i + 1] ? (points + dp[(jump + i + 1) < n ? (jump + i + 1) : n]) : dp[i + 1];
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2140-solving-questions-with-brainpower.c:18:5: warning: Assigned value is garbage or undefined [core.uninitialized.Assign]
long long result = dp[0];
^~~~~~~~~~~~~~~~   ~~~~~
3 warnings generated.

Analyzing and compiling 2466-count-ways-to-build-good-strings.c to 2466-count-ways-to-build-good-strings.o
2466-count-ways-to-build-good-strings.c:6:39: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int* dp = (int*)malloc((high + 1) * sizeof(int));
~~~~~~~~~~~^~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of 2466-count-ways-to-build-good-strings.c succeeded