Error: CPPCHECK_WARNING (CWE-190): [#def1] pipewire-1.6.6/spa/plugins/alsa/alsa-seq-bridge.c:460: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 458| # 459| if (info == NULL) { # 460|-> spa_log_debug(state->log, "free port %d.%d %p", addr->client, addr->port, port); # 461| if (port) # 462| free_port(state, stream, port); Error: CPPCHECK_WARNING (CWE-190): [#def2] pipewire-1.6.6/spa/plugins/alsa/alsa-seq-bridge.c:472: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 470| } else if (port != NULL) { # 471| if ((caps & stream->caps) != stream->caps) { # 472|-> spa_log_debug(state->log, "free port %d.%d %p", addr->client, addr->port, port); # 473| free_port(state, stream, port); # 474| } Error: CPPCHECK_WARNING (CWE-190): [#def3] pipewire-1.6.6/spa/plugins/alsa/alsa-seq-bridge.c:839: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 837| info.size = size; # 838| # 839|-> spa_log_debug(this->log, "%p: %p: io %d.%d %d %p %zd", this, port, # 840| direction, port_id, id, data, size); # 841| Error: CPPCHECK_WARNING (CWE-190): [#def4] pipewire-1.6.6/spa/plugins/audiomixer/mixer-dsp.c:856: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 854| (suppressed = spa_ratelimit_test(&this->rate_limit, # 855| this->position->clock.nsec)) >= 0) # 856|-> spa_log_warn(this->log, "%p: (%d suppressed) out of buffers (%d)", this, # 857| suppressed, outport->n_buffers); # 858| return -EPIPE; Error: CPPCHECK_WARNING (CWE-190): [#def5] pipewire-1.6.6/spa/plugins/bluez5/bt-latency.h:73: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 71| res = setsockopt(transport->fd, SOL_SOCKET, SO_TIMESTAMPING, &so_timestamping, sizeof(so_timestamping)); # 72| if (res < 0) { # 73|-> spa_log_info(log, "setsockopt(SO_TIMESTAMPING) failed (kernel feature not enabled?): %d (%m)", errno); # 74| return; # 75| } Error: CPPCHECK_WARNING (CWE-190): [#def6] pipewire-1.6.6/spa/plugins/bluez5/bt-latency.h:202: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 200| # 201| if (serr.ee_data % UINT16_MAX != lat->impl.pending[tx_pos].pos) { # 202|-> spa_log_debug(log, "fd:%d latency[%u] bad value %u", fd, tx_pos, serr.ee_data); # 203| continue; # 204| } Error: CPPCHECK_WARNING (CWE-190): [#def7] pipewire-1.6.6/spa/plugins/bluez5/bt-latency.h:229: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 227| spa_bt_latency_clear_pending(lat, tx_pos, false, true); # 228| # 229|-> spa_log_trace(log, "fd:%d latency[%d] nsec:%"PRIu64" range:%d..%d ms", # 230| fd, tx_pos, lat->value, # 231| (int)(spa_bt_ptp_valid(&lat->ptp) ? lat->ptp.min / SPA_NSEC_PER_MSEC : -1), Error: CPPCHECK_WARNING (CWE-190): [#def8] pipewire-1.6.6/spa/plugins/bluez5/bt-latency.h:247: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 245| # 246| if ((suppressed = spa_ratelimit_test(&lat->impl.rate_limit, now)) >= 0) # 247|-> spa_log_warn(log, "Missing completion reports for packet (%d suppressed): " # 248| "Bluetooth adapter firmware bug?", suppressed); # 249| Error: CPPCHECK_WARNING (CWE-190): [#def9] pipewire-1.6.6/spa/plugins/bluez5/bt-latency.h:250: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 248| "Bluetooth adapter firmware bug?", suppressed); # 249| # 250|-> spa_log_trace(log, "fd:%d latency[%u] too late", fd, i); # 251| spa_bt_latency_clear_pending(lat, i, true, true); # 252| } Error: CPPCHECK_WARNING (CWE-190): [#def10] pipewire-1.6.6/spa/plugins/bluez5/decode-buffer.h:515: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 513| # 514| if (getsockopt(fd, SOL_SOCKET, SO_TIMESTAMPING, &flags, &len) < 0) # 515|-> spa_log_info(log, "failed to get SO_TIMESTAMPING"); # 516| # 517| flags |= SOF_TIMESTAMPING_SOFTWARE | SOF_TIMESTAMPING_RX_SOFTWARE; Error: CPPCHECK_WARNING (CWE-190): [#def11] pipewire-1.6.6/spa/plugins/bluez5/decode-buffer.h:519: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 517| flags |= SOF_TIMESTAMPING_SOFTWARE | SOF_TIMESTAMPING_RX_SOFTWARE; # 518| if (setsockopt(fd, SOL_SOCKET, SO_TIMESTAMPING, &flags, sizeof(flags)) < 0) # 519|-> spa_log_info(log, "failed to set SO_TIMESTAMPING"); # 520| # 521| opt = 1; Error: CPPCHECK_WARNING (CWE-190): [#def12] pipewire-1.6.6/spa/plugins/bluez5/decode-buffer.h:523: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 521| opt = 1; # 522| if (setsockopt(fd, SOL_BLUETOOTH, BT_PKT_SEQNUM, &opt, sizeof(opt)) < 0) # 523|-> spa_log_info(log, "failed to set BT_PKT_SEQNUM"); # 524| } # 525| Error: CPPCHECK_WARNING (CWE-190): [#def13] pipewire-1.6.6/spa/plugins/bluez5/iso-io.c:271: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 269| # 270| if (stream->tx_latency.queue) { # 271|-> spa_log_trace(group->log, "%p: ISO group:%d resync pause: flushing", # 272| group, group->id); # 273| return true; Error: CPPCHECK_WARNING (CWE-190): [#def14] pipewire-1.6.6/spa/plugins/bluez5/iso-io.c:278: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 276| # 277| if (--group->flush) { # 278|-> spa_log_trace(group->log, "%p: ISO group:%d resync pause: flushing wait", # 279| group, group->id); # 280| return true; Error: CPPCHECK_WARNING (CWE-190): [#def15] pipewire-1.6.6/spa/plugins/bluez5/iso-io.c:310: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 308| # 309| if (max_min > MAX_LATENCY) { # 310|-> spa_log_info(group->log, "%p: ISO group:%d resync pause: too big latency %d ms", # 311| group, group->id, (int)(max_min / SPA_NSEC_PER_MSEC)); # 312| group->flush = FLUSH_WAIT; Error: CPPCHECK_WARNING (CWE-190): [#def16] pipewire-1.6.6/spa/plugins/bluez5/iso-io.c:316: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 314| # 315| if (group->kernel_imbalance.min >= group->duration_tx/2) { # 316|-> spa_log_info(group->log, "%p: ISO group:%d resync pause: kernel desync %d ms", # 317| group, group->id, (int)(group->kernel_imbalance.min / SPA_NSEC_PER_MSEC)); # 318| group->flush = FLUSH_WAIT; Error: CPPCHECK_WARNING (CWE-190): [#def17] pipewire-1.6.6/spa/plugins/bluez5/iso-io.c:322: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 320| # 321| if (group->stream_imbalance.min >= group->duration_tx*4/5) { # 322|-> spa_log_info(group->log, "%p: ISO group:%d resync pause: stream desync %d ms", # 323| group, group->id, (int)(group->stream_imbalance.min / SPA_NSEC_PER_MSEC)); # 324| group->flush = FLUSH_WAIT; Error: CPPCHECK_WARNING (CWE-190): [#def18] pipewire-1.6.6/spa/plugins/bluez5/iso-io.c:344: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 342| if ((res = spa_system_timerfd_read(group->data_system, group->timerfd, &exp)) < 0) { # 343| if (res != -EAGAIN) # 344|-> spa_log_warn(group->log, "%p: ISO group:%u error reading timerfd: %s", # 345| group, group->id, spa_strerror(res)); # 346| return; Error: CPPCHECK_WARNING (CWE-190): [#def19] pipewire-1.6.6/spa/plugins/control/mixer.c:478: error[integerOverflow]: Signed integer overflow for expression '0-1'. # 476| port->have_format = true; # 477| port->types = types == 0 ? this->control_types : types; # 478|-> spa_log_debug(this->log, "%p: set format on port %d:%d types:%08x %08x", # 479| this, direction, port_id, port->types, this->control_types); # 480| } Error: GCC_ANALYZER_WARNING: [#def20] pipewire-1.6.6/test/test-logger.c:349:14: warning[-Wanalyzer-fd-use-without-check]: ‘dup2’ on possibly invalid file descriptor ‘open(&fname, 524290)’ pipewire-1.6.6/test/test-logger.c:341:12: branch_false: following ‘false’ branch (when ‘oldenv’ is NULL)... pipewire-1.6.6/test/test-logger.c:346:9: branch_false: ...to here pipewire-1.6.6/test/test-logger.c:347:14: acquire_resource: opened here pipewire-1.6.6/test/test-logger.c:348:9: branch_true: following ‘true’ branch... pipewire-1.6.6/test/test-logger.c:348:9: branch_true: ...to here pipewire-1.6.6/test/test-logger.c:349:14: danger: ‘open(&fname, 524290)’ could be invalid: unchecked value from [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2) # 347| fd = open(fname, O_RDWR | O_CLOEXEC); # 348| pwtest_errno_ok(fd); # 349|-> rc = dup2(fd, STDERR_FILENO); # 350| setlinebuf(stderr); # 351| pwtest_errno_ok(rc);
| analyzer-version-clippy | 1.95.0 |
| analyzer-version-cppcheck | 2.20.0 |
| analyzer-version-gcc | 16.1.1 |
| analyzer-version-gcc-analyzer | 16.1.1 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.95.0 |
| diffbase-analyzer-version-cppcheck | 2.20.0 |
| diffbase-analyzer-version-gcc | 16.1.1 |
| diffbase-analyzer-version-gcc-analyzer | 16.1.1 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-250.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20260524.213755.g3c6d0be.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | pipewire-1.6.2-1.fc44 |
| diffbase-store-results-to | /tmp/tmpih5_j3lx/pipewire-1.6.2-1.fc44.tar.xz |
| diffbase-time-created | 2026-06-01 15:40:35 |
| diffbase-time-finished | 2026-06-01 15:54:55 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'shellcheck,cppcheck,clippy,unicontrol,gcc' '-o' '/tmp/tmpih5_j3lx/pipewire-1.6.2-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpih5_j3lx/pipewire-1.6.2-1.fc44.src.rpm' |
| diffbase-tool-version | csmock-3.8.5.20260529.133039.g6f3b5c6-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-250.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20260524.213755.g3c6d0be.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | pipewire-1.6.6-1.fc45 |
| store-results-to | /tmp/tmpk_f61y__/pipewire-1.6.6-1.fc45.tar.xz |
| time-created | 2026-06-01 15:55:21 |
| time-finished | 2026-06-01 16:09:39 |
| title | Newly introduced findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'shellcheck,cppcheck,clippy,unicontrol,gcc' '-o' '/tmp/tmpk_f61y__/pipewire-1.6.6-1.fc45.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpk_f61y__/pipewire-1.6.6-1.fc45.src.rpm' |
| tool-version | csmock-3.8.5.20260529.133039.g6f3b5c6-1.el9 |