Subject: GSoC 2026 - Working on “Fix known code defects” / static analysis results
Hi everyone,
I’m very interested in the “Fix known code defects” project for GSoC 2026. I’ve been running some static analysis (cppcheck) on the lib/ and vector/ folders to understand the current state of the codebase.
I’ve found several critical issues, mainly null pointer dereferences and missing allocation checks. Here are a few examples:
- Core Library (vector/rtree):
// vector/rtree/rect.c:83
RectReal *boundary = (RectReal *)malloc(t->rectsize); // ‘t’ is dereferenced before null check
// vector/rtree/index.c:72
new_rtree = (struct RTree *)malloc(sizeof(struct RTree)); // malloc result is not checked
n = RTreeAllocNode(new_rtree, 0); // potential NULL passed to function
- Vector Modules (v.out.vtk):
// v.out.vtk/writeVTK.c:883
info = (VTKInfo *)calloc(infonum, sizeof(VTKInfo));
// … later used without checking if info == NULL
info->maxnumvertices + info->maxnumlines…
Questions for the mentors:
- Are these core areas (like rtree or v.out.vtk) open for GSoC students to submit fixes?
- Are there specific high-priority modules or a “Coverity priority list” you would recommend I focus on for my proposal?
I’m looking forward to your guidance.