False positive static analyser?

Question

I am running MSVC's static analyzer on my code, and I'm receiving a warning that I cannot solve. I'm not sure whether this is a false positive or not and hopefully, you can help me figure out this issue. I'm using MSVC17.

void GetParam_MEASLIST(Message* pMsgReturn)
{
   pMsgReturn->u8MessageType = MESSAGE_FAILED;

   uint32_t u32ChannelCount = 0;
   u32ChannelCount = ChannelHandler_getChannelCount();
   if (u32ChannelCount == 0)
   {
      return;
   }

   char** szStringList = (char**)malloc(u32ChannelCount * sizeof(char*));
   if (NULL == szStringList)
   {
      return;
   }

   for (uint32_t i = 0; i < u32ChannelCount; ++i)
   {
      ChannelInfo_t tmp = { 0 };
      if (!ChannelHandler_getChannelInfo(i, &tmp))
      {
         LOG_ERROR("Failed to get channel info for channel %i", mg_strLogCat, 10);
      }
      else
      {
         size_t nSize = strlen(tmp.ChannelDeviceInfo.szMeasType) + 1;
         if (nSize > 1)
         {
            szStringList[i] = (char*)malloc(nSize);
            if (szStringList[i] != NULL)
            {
               memset(szStringList[i], 0, nSize);
               memcpy(szStringList[i], tmp.ChannelDeviceInfo.szMeasType, nSize);
            }
         }
         else
         {
            szStringList[i] = NULL;
         }
      }
   }
   size_t nSizeOfList = sizeofStringList((const char**)szStringList, u32ChannelCount);
   pMsgReturn->pData = malloc(nSizeOfList);
   if (pMsgReturn->pData != NULL)
   {
      pMsgReturn->nDataSize = serializeStringList(pMsgReturn->pData, (const char**)szStringList, u32ChannelCount);
      pMsgReturn->bFreeDataAfterSend = true;
      pMsgReturn->u8MessageType = MESSAGE_SUCCESS;
   }
   for (uint32_t i = 0; i < u32ChannelCount; i++)
   {
      if (NULL != szStringList[i]) //< error szStringList is uninitialised
      {
         free(szStringList[i]);
      }
   }
   free(szStringList);
}

I receive an uninitialized error on the szStringList variable, but I cannot figure out why. Could you help me solve this issue?

Edit:

As requested the full error

warning C6001: uninitialized memory "*szStringList" is used.: Lines: 219, 221, 222, 223, 228, 229, 234, 236, 237, 243, 244, 246, 247, 249, 250, 234, 236, 237, 243, 244, 255, 234, 259, 260, 261, 267, 271, 273, 267, 271

for some reason i'm getting an error when trying to edit my post. The compiler error occurs in the last for loop in line `if (NULL != szStringList[i])` — JHeni, Jun 16 '23 at 12:12
You haven't explicitly initialised all the elements of `szStringList` to `NULL` and not all paths in this `for (uint32_t i = 0; i < u32ChannelCount; ++i)` do so either. Aside: you can safely `free(NULL)` – the problem is the pointer might not be initialised at all. — Weather Vane, Jun 16 '23 at 12:24
... I suggest `char** szStringList = calloc(u32ChannelCount, sizeof(char*));` — Weather Vane, Jun 16 '23 at 12:31
Please show which line number is which line in the code you posted. — Jabberwocky, Jun 16 '23 at 12:34

score 5 · Accepted Answer · answered Jun 16 '23 at 12:38

If this code is executed:

  if (!ChannelHandler_getChannelInfo(i, &tmp))
  {
     LOG_ERROR("Failed to get channel info for channel %i", mg_strLogCat, 10);
  }

szStringList[i] is never set.

All later uses of szStringList[i] might very well refer to an uninitialized value.

False positive static analyser?

1 Answers1