clang-analyzer believes that an empty string could be passed here, leading to a NULL dereference. Avoid this situation by allocating a len (2 byte) string instead to hold "\n" as value in that case. Signed-off-by: Ahmad Fatoum <a.fatoum@xxxxxxxxxxxxxx> --- common/hush.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/common/hush.c b/common/hush.c index 608c0e4937c1..3a213fc54591 100644 --- a/common/hush.c +++ b/common/hush.c @@ -1885,6 +1885,10 @@ static char * make_string(char ** inp) if (p != inp[n]) free(p); } + + if (!str) + str = xzalloc(len); + len = strlen(str); *(str + len) = '\n'; *(str + len + 1) = '\0'; -- 2.39.5