| { |
| "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", |
| "runs": [ |
| { |
| "artifacts": [ |
| { |
| "length": 951, |
| "location": { |
| }, |
| "mimeType": "text/plain", |
| "roles": [ |
| "resultFile" |
| ] |
| } |
| ], |
| "results": [ |
| { |
| "codeFlows": [ |
| { |
| "threadFlows": [ |
| { |
| "locations": [ |
| { |
| "importance": "essential", |
| "location": { |
| "message": { |
| "text": "Calling 'f'" |
| }, |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 6, |
| "endLine": 34, |
| "startColumn": 3, |
| "startLine": 34 |
| } |
| } |
| } |
| }, |
| { |
| "importance": "essential", |
| "location": { |
| "message": { |
| "text": "tainted" |
| }, |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 18, |
| "endLine": 11, |
| "startColumn": 11, |
| "startLine": 11 |
| } |
| } |
| } |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "locations": [ |
| { |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 18, |
| "endLine": 11, |
| "startColumn": 11, |
| "startLine": 11 |
| } |
| } |
| } |
| ], |
| "message": { |
| "text": "tainted" |
| }, |
| "ruleId": "debug.TaintTest", |
| "ruleIndex": 0 |
| }, |
| { |
| "codeFlows": [ |
| { |
| "threadFlows": [ |
| { |
| "locations": [ |
| { |
| "importance": "essential", |
| "location": { |
| "message": { |
| "text": "Calling 'g'" |
| }, |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 6, |
| "endLine": 35, |
| "startColumn": 3, |
| "startLine": 35 |
| } |
| } |
| } |
| }, |
| { |
| "importance": "essential", |
| "location": { |
| "message": { |
| "text": "'fp' declared without an initial value" |
| }, |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 11, |
| "endLine": 15, |
| "startColumn": 3, |
| "startLine": 15 |
| } |
| } |
| } |
| }, |
| { |
| "importance": "essential", |
| "location": { |
| "message": { |
| "text": "Called function pointer is an uninitialized pointer value" |
| }, |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 9, |
| "endLine": 16, |
| "startColumn": 3, |
| "startLine": 16 |
| } |
| } |
| } |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "locations": [ |
| { |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 9, |
| "endLine": 16, |
| "startColumn": 3, |
| "startLine": 16 |
| } |
| } |
| } |
| ], |
| "message": { |
| "text": "Called function pointer is an uninitialized pointer value" |
| }, |
| "ruleId": "core.CallAndMessage", |
| "ruleIndex": 1 |
| }, |
| { |
| "codeFlows": [ |
| { |
| "threadFlows": [ |
| { |
| "locations": [ |
| { |
| "importance": "important", |
| "location": { |
| "message": { |
| "text": "Assuming 'i' is equal to 0" |
| }, |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 13, |
| "endLine": 20, |
| "startColumn": 7, |
| "startLine": 20 |
| } |
| } |
| } |
| }, |
| { |
| "importance": "unimportant", |
| "location": { |
| "message": { |
| "text": "Taking true branch" |
| }, |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 3, |
| "startColumn": 3, |
| "startLine": 20 |
| } |
| } |
| } |
| }, |
| { |
| "importance": "essential", |
| "location": { |
| "message": { |
| "text": "Division by zero" |
| }, |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 14, |
| "startColumn": 14, |
| "startLine": 21 |
| } |
| } |
| } |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "locations": [ |
| { |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 14, |
| "startColumn": 14, |
| "startLine": 21 |
| } |
| } |
| } |
| ], |
| "message": { |
| "text": "Division by zero" |
| }, |
| "ruleId": "core.DivideZero", |
| "ruleIndex": 2 |
| }, |
| { |
| "codeFlows": [ |
| { |
| "threadFlows": [ |
| { |
| "locations": [ |
| { |
| "importance": "essential", |
| "location": { |
| "message": { |
| "text": "Memory is allocated" |
| }, |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 24, |
| "endLine": 26, |
| "startColumn": 15, |
| "startLine": 26 |
| } |
| } |
| } |
| }, |
| { |
| "importance": "important", |
| "location": { |
| "message": { |
| "text": "Assuming 'i' is < 4" |
| }, |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 12, |
| "endLine": 27, |
| "startColumn": 7, |
| "startLine": 27 |
| } |
| } |
| } |
| }, |
| { |
| "importance": "unimportant", |
| "location": { |
| "message": { |
| "text": "Taking true branch" |
| }, |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 3, |
| "startColumn": 3, |
| "startLine": 27 |
| } |
| } |
| } |
| }, |
| { |
| "importance": "essential", |
| "location": { |
| "message": { |
| "text": "Potential leak of memory pointed to by 'mem'" |
| }, |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 12, |
| "startColumn": 12, |
| "startLine": 28 |
| } |
| } |
| } |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "locations": [ |
| { |
| "physicalLocation": { |
| "artifactLocation": { |
| "index": 0, |
| }, |
| "region": { |
| "endColumn": 12, |
| "startColumn": 12, |
| "startLine": 28 |
| } |
| } |
| } |
| ], |
| "message": { |
| "text": "Potential leak of memory pointed to by 'mem'" |
| }, |
| "ruleId": "unix.Malloc", |
| "ruleIndex": 3 |
| } |
| ], |
| "tool": { |
| "driver": { |
| "fullName": "clang static analyzer", |
| "language": "en-US", |
| "name": "clang", |
| "rules": [ |
| { |
| "fullDescription": { |
| "text": "Mark tainted symbols as such." |
| }, |
| "id": "debug.TaintTest", |
| "name": "debug.TaintTest" |
| }, |
| { |
| "fullDescription": { |
| "text": "Check for logical errors for function calls and Objective-C message expressions (e.g., uninitialized arguments, null function pointers)" |
| }, |
| "helpUri": "https://clang-analyzer.llvm.org/available_checks.html#core.CallAndMessage", |
| "id": "core.CallAndMessage", |
| "name": "core.CallAndMessage" |
| }, |
| { |
| "fullDescription": { |
| "text": "Check for division by zero" |
| }, |
| "helpUri": "https://clang-analyzer.llvm.org/available_checks.html#core.DivideZero", |
| "id": "core.DivideZero", |
| "name": "core.DivideZero" |
| }, |
| { |
| "fullDescription": { |
| "text": "Check for memory leaks, double free, and use-after-free problems. Traces memory managed by malloc()/free()." |
| }, |
| "helpUri": "https://clang-analyzer.llvm.org/available_checks.html#unix.Malloc", |
| "id": "unix.Malloc", |
| "name": "unix.Malloc" |
| } |
| ], |
| } |
| } |
| } |
| ], |
| } |