OpenScanHub [1] triggered this and flagged it as CWE-688 [2]:
common/flatpak-appdata.c:298:7: warning[-Wanalyzer-null-argument]: use
of NULL ‘parent’ where non-null expected
common/flatpak-appdata.c:282:6: branch_false: following ‘false’
branch...
common/flatpak-appdata.c:285:3: branch_false: ...to here
common/flatpak-appdata.c:285:3: branch_true: following ‘true’
branch...
common/flatpak-appdata.c:287:15: branch_true: ...to here
common/flatpak-appdata.c:289:6: branch_false: following ‘false’
branch...
common/flatpak-appdata.c:297:7: branch_false: ...to here
common/flatpak-appdata.c:297:6: branch_true: following ‘true’ branch
(when the strings are equal)...
common/flatpak-appdata.c:298:7: branch_true: ...to here
common/flatpak-appdata.c:298:7: danger: argument 1 (‘parent’) NULL
where non-null expected
# 296| /* avoid picking up <id> elements from e.g. <provides> */
# 297| if (g_str_equal (element_name, "id") &&
# 298|-> g_str_equal (parent, "component"))
# 299| {
# 300| component->id = g_steal_pointer (&text);
The parsing code doesn't throw any errors from G_MARKUP_ERROR. It
expects the input to be valid, and relies on assertions to express that.
eg., it asserts that a <component> element or tag is encountered before
any other, and particularly <content_attribute>, <content_rating> and
<release>.
In the same vein, an assertion was added to express that an <id> element
or tag always has a parent.
Spotted by Siteshwar Vashisht.
[1] https://openscanhub.dev/
[2] https://cwe.mitre.org/data/definitions/688.html
596ef2fd7a