Bug Summary

File:content/fetchers/about/websearch.c
Warning:line 96, column 8
1st function call argument is an uninitialized value

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name websearch.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -pic-is-pie -mframe-pointer=none -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/var/lib/jenkins/workspace/scan-build-netsurf -fcoverage-compilation-dir=/var/lib/jenkins/workspace/scan-build-netsurf -resource-dir /usr/lib/llvm-19/lib/clang/19 -isystem /usr/include/mit-krb5 -I . -I include -I build/Linux-gtk2 -I frontends -I content/handlers -D WITH_JPEG -U WITH_PDF_EXPORT -D LIBICONV_PLUG -I /var/lib/jenkins/artifacts-x86_64-linux-gnu/include -I /var/lib/jenkins/artifacts-x86_64-linux-gnu/include -I /var/lib/jenkins/artifacts-x86_64-linux-gnu/include -I /usr/include/x86_64-linux-gnu -I /usr/include/p11-kit-1 -D WITH_CURL -D WITH_OPENSSL -I /var/lib/jenkins/artifacts-x86_64-linux-gnu/include -D UTF8PROC_EXPORTS -D WITH_UTF8PROC -I /usr/include/webp -D WITH_WEBP -I /usr/include/libpng16 -D WITH_PNG -I /var/lib/jenkins/artifacts-x86_64-linux-gnu/include/ -D WITH_BMP -I /var/lib/jenkins/artifacts-x86_64-linux-gnu/include -D WITH_GIF -I /var/lib/jenkins/artifacts-x86_64-linux-gnu/include -D WITH_NS_SVG -I /var/lib/jenkins/artifacts-x86_64-linux-gnu/include -D WITH_NSSPRITE -I /var/lib/jenkins/artifacts-x86_64-linux-gnu/include -D WITH_NSPSL -I /var/lib/jenkins/artifacts-x86_64-linux-gnu/include -D WITH_NSLOG -D NETSURF_UA_FORMAT_STRING="Mozilla/5.0 (%s) NetSurf/%d.%d" -D NETSURF_HOMEPAGE="about:welcome" -D NETSURF_LOG_LEVEL=VERBOSE -D NETSURF_BUILTIN_LOG_FILTER="(level:WARNING || cat:jserrors)" -D NETSURF_BUILTIN_VERBOSE_FILTER="(level:VERBOSE || cat:jserrors)" -D STMTEXPR=1 -I /usr/include/librsvg-2.0 -I /usr/include/glib-2.0 -I /usr/lib/x86_64-linux-gnu/glib-2.0/include -I /usr/include/sysprof-6 -I /usr/include/libmount -I /usr/include/blkid -I /usr/include/gdk-pixbuf-2.0 -I /usr/include/libpng16 -I /usr/include/x86_64-linux-gnu -I /usr/include/webp -I /usr/include/cairo -I /usr/include/freetype2 -I /usr/include/pixman-1 -I /usr/include/harfbuzz -I /usr/include/libxml2 -I /usr/include/pango-1.0 -I /usr/include/fribidi -D WITH_RSVG -I /usr/include/gtk-2.0 -I /usr/lib/x86_64-linux-gnu/gtk-2.0/include -I /usr/include/pango-1.0 -I /usr/include/glib-2.0 -I /usr/lib/x86_64-linux-gnu/glib-2.0/include -I /usr/include/sysprof-6 -I /usr/include/harfbuzz -I /usr/include/freetype2 -I /usr/include/libpng16 -I /usr/include/libmount -I /usr/include/blkid -I /usr/include/fribidi -I /usr/include/cairo -I /usr/include/pixman-1 -I /usr/include/gdk-pixbuf-2.0 -I /usr/include/x86_64-linux-gnu -I /usr/include/webp -I /usr/include/atk-1.0 -I /usr/include/glib-2.0 -I /usr/lib/x86_64-linux-gnu/glib-2.0/include -I /usr/include/sysprof-6 -I /usr/include/glib-2.0 -I /usr/lib/x86_64-linux-gnu/glib-2.0/include -I /usr/include/sysprof-6 -D gtk -D nsgtk -D G_DISABLE_SINGLE_INCLUDES -D G_DISABLE_DEPRECATED -D GTK_DISABLE_SINGLE_INCLUDES -D GTK_MULTIHEAD_SAFE -D PANGO_DISABLE_DEPRECATED -D GTK_DISABLE_DEPRECATED -D _XOPEN_SOURCE=700 -D _POSIX_C_SOURCE=200809L -D _BSD_SOURCE -D _DEFAULT_SOURCE -D _NETBSD_SOURCE -D GTK_RESPATH="/var/lib/jenkins/artifacts-x86_64-linux-gnu/share/netsurf/:./frontends/gtk/res/" -D WITH_GRESOURCE -D DUK_OPT_HAVE_CUSTOM_H -internal-isystem /usr/lib/llvm-19/lib/clang/19/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O2 -Wwrite-strings -Wno-unused-parameter -Wno-unused-but-set-variable -std=c99 -fconst-strings -ferror-limit 19 -fgnuc-version=4.2.1 -fskip-odr-check-in-gmf -vectorize-loops -vectorize-slp -analyzer-display-progress -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /var/lib/jenkins/workspace/scan-build-netsurf/clangScanBuildReports/2025-11-29-170024-2947387-1 -x c content/fetchers/about/websearch.c
1/*
2 * Copyright 2020 Vincent Sanders <vince@netsurf-browser.org>
3 *
4 * This file is part of NetSurf.
5 *
6 * NetSurf is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; version 2 of the License.
9 *
10 * NetSurf is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 */
18
19/**
20 * \file
21 * content generator for the about scheme web search
22 */
23
24#include <stdbool.h>
25#include <stdint.h>
26#include <sys/types.h>
27#include <stdlib.h>
28#include <string.h>
29
30#include "utils/errors.h"
31#include "utils/nsurl.h"
32#include "utils/url.h"
33
34#include "content/fetch.h"
35#include "desktop/searchweb.h"
36
37#include "private.h"
38#include "websearch.h"
39
40static nserror
41process_query_section(const char *str, size_t len, char **term)
42{
43 if (len < 3) {
44 return NSERROR_BAD_PARAMETER;
45 }
46 if (str[0] != 'q' || str[1] != '=') {
47 return NSERROR_BAD_PARAMETER;
48 }
49 return url_unescape(str + 2, len - 2, NULL((void*)0), term);
50}
51
52static nserror
53searchterm_from_query(struct nsurl *url, char **term)
54{
55 nserror res;
56 char *querystr;
57 size_t querylen;
58 size_t kvstart;/* key value start */
59 size_t kvlen; /* key value end */
60
61 res = nsurl_get(url, NSURL_QUERY, &querystr, &querylen);
62 if (res != NSERROR_OK) {
4
Assuming 'res' is equal to NSERROR_OK
5
Taking false branch
63 return res;
64 }
65
66 for (kvlen = 0, kvstart = 0; kvstart < querylen; kvstart += kvlen) {
6
Assuming 'kvstart' is >= 'querylen'
7
Loop condition is false. Execution continues on line 80
67 /* get query section length */
68 kvlen = 0;
69 while (((kvstart + kvlen) < querylen) &&
70 (querystr[kvstart + kvlen] != '&')) {
71 kvlen++;
72 }
73
74 res = process_query_section(querystr + kvstart, kvlen, term);
75 if (res == NSERROR_OK) {
76 break;
77 }
78 kvlen++; /* account for & separator */
79 }
80 free(querystr);
81
82 return res;
8
Returning without writing to '*term'
83}
84
85bool_Bool fetch_about_websearch_handler(struct fetch_about_context *ctx)
1
[debug] analyzing from fetch_about_websearch_handler
86{
87 nserror res;
88 nsurl *url;
89 char *term;
2
'term' declared without an initial value
90
91 res = searchterm_from_query(fetch_about_get_url(ctx), &term);
3
Calling 'searchterm_from_query'
9
Returning from 'searchterm_from_query'
92 if (res
9.1
'res' is equal to NSERROR_OK
 != NSERROR_OK) {
10
Taking false branch
93 return false0;
94 }
95
96 res = search_web_omni(term, SEARCH_WEB_OMNI_SEARCHONLY, &url);
11
1st function call argument is an uninitialized value
97 free(term);
98 if (res != NSERROR_OK) {
99 return false0;
100 }
101
102 fetch_about_redirect(ctx, nsurl_access(url));
103 nsurl_unref(url);
104
105 return true1;
106}