[BUG]

[BugIdentifier]

Description

Hi, certain potential security issues are found in this repository. Fixing them will remove certain security threats.
They are listed below for reference:

Expected behavior

Insertion, deletion should work

Actual behavior

Memory overflow, null pointer dereference might occur

Possible fix

No response

Steps to reproduce

This is a security analysis using Clang.

Context

Analyzing and compiling bfs.c to bfs.o
g->edges = malloc(V * sizeof(int *));
~~^~~~~~~~~~~~~~~
bfs.c:121:12: warning: Potential leak of memory pointed to by 'Q' [unix.Malloc]
return false;
^~~~~
1 warnings generated.

Analyzing and compiling dfs.c to dfs.o
g->edges = malloc(V * sizeof(int *));
~~^~~~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of dfs.c succeeded

Analyzing and compiling graph.c to graph.o
graph.c:29:25: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
g->edges = malloc(V * sizeof(int *));
~~^~~~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of graph.c succeeded

Analyzing and compiling merge_sort.c to merge_sort.o
merge_sort.c:36:30: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int *b = (int )malloc(n * sizeof(int)); / dynamic memory must be freed */
~~^~~~~~~~~~~~~
merge_sort.c:117:16: warning: Untrusted data is used to specify the buffer size (CERT/STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator) [alpha.security.taint.TaintPropagation]
a = (int *)malloc(n * sizeof(int));
^~~~~~~~~~~~~~~~~~~~~~~
merge_sort.c:117:25: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
a = (int *)malloc(n * sizeof(int));
~~^~~~~~~~~~~~~
3 warnings generated.

Analyzing and compiling queue.c to queue.o
queue.c:67:20: warning: Access to field 'next' results in a dereference of a null pointer (loaded from variable 'head') [core.NullDereference]
head->next = NULL;

1 warning generated.
Compilation and analysis of queue.c succeeded

Analyzing and compiling red_black_tree.c to red_black_tree.o
red_black_tree.c:26:1: warning: Potential leak of memory pointed to by 'create' [unix.Malloc]
}
^
1 warning generated.
Compilation and analysis of red_black_tree.c succeeded

Analyzing and compiling stack.c to stack.o
stack.c:37:35: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
array = malloc(sizeof(void *) * max);
~~~~~~~~~~~~~~~^~~~~
stack.c:55:20: warning: Assigned value is garbage or undefined [core.uninitialized.Assign]
*(tmp + i) = *(array + i);
^ ~~~~~~~~~~~~
2 warnings generated.

### Additional information

These security errors are fatal.

[github-actions]

This issue has been automatically marked as abandoned because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[github-actions]

Please ping one of the maintainers once you add more information and updates here. If this is not the case and you need some help, feel free to ask for help in our Gitter channel or our Discord server. Thank you for your contributions!