Guided by CodeQL static code analyser.
FileMayNotBeClosed.ql
FileMayNeverBeClosed.ql
The trick with "if(fp != stdout)" is problematic (to analyser) as
technically 'stdout' can be a global pointer that COULD be modified any
time, so it might have changed between the fopen() and fclose() calls so
the close MAY NEVER occurs (which is problem the analyzer can see).
So local state is maintained as a bool which will also clarify to the
compiler see the intention without concern for external stdout
modification.
Some items appear to be out and out leaks when certain commands are use.
The compiler warning concerns the use of 'goto done;' has cleanup
that accesses 'strip' before initialization.
While evaluating this I also notice the other 2 variables 'rtile'
and 'lkstep' are globals, but their pointers are not invalidated
at the time of free.
plotPNM.c:821:6: warning: variable 'strip' is used uninitialized whenever 'if' condition is true
clang18 -Wall warning cleanup [-Wsometimes-uninitialized]
Fix code scanning alert no. 55: Multiplication result converted to larger type (#47)
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
a filename causes an error instead of generating a trash filename
or crashing, while (2) "plot pnm" with a filename that has the ".pnm"
extension does not add another ".pnm" extension to the end of it.
222 from Sean Cross. Corrected a few places where the blanket
conversion "Region"->"ExtRegion" picked up some comment lines
that were unrelated to the structure name.
This commit makes the code (mostly) C99-compatible, enabling to compile
it without the -Wno-error=implicit-function-declaration flag. This
way, Magic becomes usable on arm64 architectures, specifically on Apple
computers with M1/M2 SoC.
Darryl L. Miles
Tim Edwards
Sean Cross
Alessandro De Laurenzis