Task #1045 - pkcs11-provider-0.5-2.fc41/scan-results.err

back to task #1045
download 
Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/debug.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/decoder.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/digests.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/encoder.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/interface.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/keymgmt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: GCC_ANALYZER_WARNING (CWE-476):
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c: scope_hint: In function ‘match_public_keys’
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c:2238:46: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘key2’
# 2236|   
# 2237|       /* one of the keys or both are private */
# 2238|->     if (key1->class == CKO_PUBLIC_KEY && key2->class == CKO_PRIVATE_KEY) {
# 2239|           pub_key = key1;
# 2240|           priv_key = key2;

Error: GCC_ANALYZER_WARNING (CWE-476):
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c:2242:23: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘key2’
# 2240|           priv_key = key2;
# 2241|       } else if (key1->class == CKO_PRIVATE_KEY
# 2242|->                && key2->class == CKO_PUBLIC_KEY) {
# 2243|           pub_key = key2;
# 2244|           priv_key = key1;

Error: GCC_ANALYZER_WARNING (CWE-126):
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c: scope_hint: In function ‘p11prov_obj_import_key’
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c:2864:23: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c:2864:23: note: read of 8 bytes from after the end of ‘findctx’
#                        └───────────────────────────────────────────────────┘
#                                 ^                             ^
# 2862|       }
# 2863|       for (int i = 0; i < findctx.numattrs; i++) {
# 2864|->         key->attrs[i] = findctx.attrs[i];
# 2865|           findctx.attrs[i].pValue = NULL;
# 2866|       }

Error: GCC_ANALYZER_WARNING (CWE-121):
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c:2865:33: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c:2865:33: note: write of 8 bytes to beyond the end of ‘findctx’
# 2863|       for (int i = 0; i < findctx.numattrs; i++) {
# 2864|           key->attrs[i] = findctx.attrs[i];
# 2865|->         findctx.attrs[i].pValue = NULL;
# 2866|       }
# 2867|       key->numattrs = findctx.numattrs;

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/provider.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING (CWE-457):
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/provider.c:857: warning[uninitvar]: Uninitialized variable: tmplist
#  855|           }
#  856|       }
#  857|->     memcpy(checklist, tmplist, t * sizeof(CK_ULONG));
#  858|       *clsize = t;
#  859|   }

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/session.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/signature.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/slot.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/store.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/util.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/tests/pincache.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/tests/tdigests.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/tests/tfork.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/tests/tgenkey.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/tests/tlsctx.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING:
pkcs11-provider-0.5-build/pkcs11-provider-0.5/tests/tsession.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.