1{ 2 "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", 3 "runs": [ 4 { 5 "artifacts": [ 6 { 7 "length": 1077, 8 "location": { 9 }, 10 "mimeType": "text/plain", 11 "roles": [ 12 "resultFile" 13 ] 14 } 15 ], 16 "columnKind": "unicodeCodePoints", 17 "results": [ 18 { 19 "codeFlows": [ 20 { 21 "threadFlows": [ 22 { 23 "locations": [ 24 { 25 "importance": "essential", 26 "location": { 27 "message": { 28 "text": "Calling 'f'" 29 }, 30 "physicalLocation": { 31 "artifactLocation": { 32 "index": 0, 33 }, 34 "region": { 35 "endColumn": 6, 36 "endLine": 39, 37 "startColumn": 3, 38 "startLine": 39 39 } 40 } 41 } 42 }, 43 { 44 "importance": "essential", 45 "location": { 46 "message": { 47 "text": "tainted" 48 }, 49 "physicalLocation": { 50 "artifactLocation": { 51 "index": 0, 52 }, 53 "region": { 54 "endColumn": 18, 55 "endLine": 11, 56 "startColumn": 11, 57 "startLine": 11 58 } 59 } 60 } 61 } 62 ] 63 } 64 ] 65 } 66 ], 67 "locations": [ 68 { 69 "physicalLocation": { 70 "artifactLocation": { 71 "index": 0, 72 }, 73 "region": { 74 "endColumn": 18, 75 "endLine": 11, 76 "startColumn": 11, 77 "startLine": 11 78 } 79 } 80 } 81 ], 82 "message": { 83 "text": "tainted" 84 }, 85 "ruleId": "debug.TaintTest", 86 "ruleIndex": 0 87 }, 88 { 89 "codeFlows": [ 90 { 91 "threadFlows": [ 92 { 93 "locations": [ 94 { 95 "importance": "essential", 96 "location": { 97 "message": { 98 "text": "Calling 'g'" 99 }, 100 "physicalLocation": { 101 "artifactLocation": { 102 "index": 0, 103 }, 104 "region": { 105 "endColumn": 6, 106 "endLine": 40, 107 "startColumn": 3, 108 "startLine": 40 109 } 110 } 111 } 112 }, 113 { 114 "importance": "essential", 115 "location": { 116 "message": { 117 "text": "'fp' declared without an initial value" 118 }, 119 "physicalLocation": { 120 "artifactLocation": { 121 "index": 0, 122 }, 123 "region": { 124 "endColumn": 12, 125 "endLine": 15, 126 "startColumn": 3, 127 "startLine": 15 128 } 129 } 130 } 131 }, 132 { 133 "importance": "essential", 134 "location": { 135 "message": { 136 "text": "Called function pointer is an uninitialized pointer value" 137 }, 138 "physicalLocation": { 139 "artifactLocation": { 140 "index": 0, 141 }, 142 "region": { 143 "endColumn": 9, 144 "endLine": 16, 145 "startColumn": 3, 146 "startLine": 16 147 } 148 } 149 } 150 } 151 ] 152 } 153 ] 154 } 155 ], 156 "locations": [ 157 { 158 "physicalLocation": { 159 "artifactLocation": { 160 "index": 0, 161 }, 162 "region": { 163 "endColumn": 9, 164 "endLine": 16, 165 "startColumn": 3, 166 "startLine": 16 167 } 168 } 169 } 170 ], 171 "message": { 172 "text": "Called function pointer is an uninitialized pointer value" 173 }, 174 "ruleId": "core.CallAndMessage", 175 "ruleIndex": 1 176 }, 177 { 178 "codeFlows": [ 179 { 180 "threadFlows": [ 181 { 182 "locations": [ 183 { 184 "importance": "important", 185 "location": { 186 "message": { 187 "text": "Assuming 'i' is equal to 0" 188 }, 189 "physicalLocation": { 190 "artifactLocation": { 191 "index": 0, 192 }, 193 "region": { 194 "endColumn": 13, 195 "endLine": 20, 196 "startColumn": 7, 197 "startLine": 20 198 } 199 } 200 } 201 }, 202 { 203 "importance": "unimportant", 204 "location": { 205 "message": { 206 "text": "Taking true branch" 207 }, 208 "physicalLocation": { 209 "artifactLocation": { 210 "index": 0, 211 }, 212 "region": { 213 "endColumn": 3, 214 "startColumn": 3, 215 "startLine": 20 216 } 217 } 218 } 219 }, 220 { 221 "importance": "essential", 222 "location": { 223 "message": { 224 "text": "Division by zero" 225 }, 226 "physicalLocation": { 227 "artifactLocation": { 228 "index": 0, 229 }, 230 "region": { 231 "endColumn": 14, 232 "startColumn": 14, 233 "startLine": 21 234 } 235 } 236 } 237 } 238 ] 239 } 240 ] 241 } 242 ], 243 "locations": [ 244 { 245 "physicalLocation": { 246 "artifactLocation": { 247 "index": 0, 248 }, 249 "region": { 250 "endColumn": 14, 251 "startColumn": 14, 252 "startLine": 21 253 } 254 } 255 } 256 ], 257 "message": { 258 "text": "Division by zero" 259 }, 260 "ruleId": "core.DivideZero", 261 "ruleIndex": 2 262 }, 263 { 264 "codeFlows": [ 265 { 266 "threadFlows": [ 267 { 268 "locations": [ 269 { 270 "importance": "essential", 271 "location": { 272 "message": { 273 "text": "Memory is allocated" 274 }, 275 "physicalLocation": { 276 "artifactLocation": { 277 "index": 0, 278 }, 279 "region": { 280 "endColumn": 24, 281 "endLine": 26, 282 "startColumn": 15, 283 "startLine": 26 284 } 285 } 286 } 287 }, 288 { 289 "importance": "important", 290 "location": { 291 "message": { 292 "text": "Assuming 'i' is < 4" 293 }, 294 "physicalLocation": { 295 "artifactLocation": { 296 "index": 0, 297 }, 298 "region": { 299 "endColumn": 12, 300 "endLine": 27, 301 "startColumn": 7, 302 "startLine": 27 303 } 304 } 305 } 306 }, 307 { 308 "importance": "unimportant", 309 "location": { 310 "message": { 311 "text": "Taking true branch" 312 }, 313 "physicalLocation": { 314 "artifactLocation": { 315 "index": 0, 316 }, 317 "region": { 318 "endColumn": 3, 319 "startColumn": 3, 320 "startLine": 27 321 } 322 } 323 } 324 }, 325 { 326 "importance": "essential", 327 "location": { 328 "message": { 329 "text": "Potential leak of memory pointed to by 'mem'" 330 }, 331 "physicalLocation": { 332 "artifactLocation": { 333 "index": 0, 334 }, 335 "region": { 336 "endColumn": 12, 337 "startColumn": 12, 338 "startLine": 28 339 } 340 } 341 } 342 } 343 ] 344 } 345 ] 346 } 347 ], 348 "locations": [ 349 { 350 "physicalLocation": { 351 "artifactLocation": { 352 "index": 0, 353 }, 354 "region": { 355 "endColumn": 12, 356 "startColumn": 12, 357 "startLine": 28 358 } 359 } 360 } 361 ], 362 "message": { 363 "text": "Potential leak of memory pointed to by 'mem'" 364 }, 365 "ruleId": "unix.Malloc", 366 "ruleIndex": 3 367 }, 368 { 369 "codeFlows": [ 370 { 371 "threadFlows": [ 372 { 373 "locations": [ 374 { 375 "importance": "essential", 376 "location": { 377 "message": { 378 "text": "'løçål' initialized to 0" 379 }, 380 "physicalLocation": { 381 "artifactLocation": { 382 "index": 0, 383 }, 384 "region": { 385 "endColumn": 12, 386 "endLine": 34, 387 "startColumn": 3, 388 "startLine": 34 389 } 390 } 391 } 392 }, 393 { 394 "importance": "essential", 395 "location": { 396 "message": { 397 "text": "Division by zero" 398 }, 399 "physicalLocation": { 400 "artifactLocation": { 401 "index": 0, 402 }, 403 "region": { 404 "endColumn": 20, 405 "startColumn": 20, 406 "startLine": 35 407 } 408 } 409 } 410 } 411 ] 412 } 413 ] 414 } 415 ], 416 "locations": [ 417 { 418 "physicalLocation": { 419 "artifactLocation": { 420 "index": 0, 421 }, 422 "region": { 423 "endColumn": 20, 424 "startColumn": 20, 425 "startLine": 35 426 } 427 } 428 } 429 ], 430 "message": { 431 "text": "Division by zero" 432 }, 433 "ruleId": "core.DivideZero", 434 "ruleIndex": 2 435 } 436 ], 437 "tool": { 438 "driver": { 439 "fullName": "clang static analyzer", 440 "language": "en-US", 441 "name": "clang", 442 "rules": [ 443 { 444 "fullDescription": { 445 "text": "Mark tainted symbols as such." 446 }, 447 "id": "debug.TaintTest", 448 "name": "debug.TaintTest" 449 }, 450 { 451 "fullDescription": { 452 "text": "Check for logical errors for function calls and Objective-C message expressions (e.g., uninitialized arguments, null function pointers)" 453 }, 454 "helpUri": "https://clang-analyzer.llvm.org/available_checks.html#core.CallAndMessage", 455 "id": "core.CallAndMessage", 456 "name": "core.CallAndMessage" 457 }, 458 { 459 "fullDescription": { 460 "text": "Check for division by zero" 461 }, 462 "helpUri": "https://clang-analyzer.llvm.org/available_checks.html#core.DivideZero", 463 "id": "core.DivideZero", 464 "name": "core.DivideZero" 465 }, 466 { 467 "fullDescription": { 468 "text": "Check for memory leaks, double free, and use-after-free problems. Traces memory managed by malloc()/free()." 469 }, 470 "helpUri": "https://clang-analyzer.llvm.org/available_checks.html#unix.Malloc", 471 "id": "unix.Malloc", 472 "name": "unix.Malloc" 473 } 474 ], 475 } 476 } 477 } 478 ], 479} 480