id	summary	reporter	owner	description	type	status	priority	component	severity	resolution	keywords	cc
165	parser.c can possibly dereference NULL pointer	anonymous	xi	"The following code is called in several locations in parser.c

 if (first) {
        token = PEEK_TOKEN(parser);
        if (!PUSH(parser, parser->marks, token->start_mark))
            return 0;
        SKIP_TOKEN(parser);
    }

PEEK_TOKEN is defined as
((parser->token_available || yaml_parser_fetch_more_tokens(parser)) ?       \
        parser->tokens.head : NULL)
which can return NULL. This suggests that token->start_mark could cause a segfault if token is NULL.

This is hypothetical only and the checks in PEEK_TOKEN may render the situation impossible.

Output from clang --analyze parser.c below giving line numbers. 

parser.c:733:14: warning: Dereference of null pointer
        if (!PUSH(parser, parser->marks, token->start_mark))
             ^
parser.c:733:49: note: instantiated from:
        if (!PUSH(parser, parser->marks, token->start_mark))
                                                ^
parser.c:842:14: warning: Dereference of null pointer
        if (!PUSH(parser, parser->marks, token->start_mark))
             ^
parser.c:842:49: note: instantiated from:
        if (!PUSH(parser, parser->marks, token->start_mark))
                                                ^
parser.c:959:14: warning: Dereference of null pointer
        if (!PUSH(parser, parser->marks, token->start_mark))
             ^
parser.c:959:49: note: instantiated from:
        if (!PUSH(parser, parser->marks, token->start_mark))
                                                ^
parser.c:1111:14: warning: Dereference of null pointer
        if (!PUSH(parser, parser->marks, token->start_mark))
             ^
parser.c:1111:49: note: instantiated from:
        if (!PUSH(parser, parser->marks, token->start_mark))
                                                ^
"	defect	new	low	libyaml	normal