Fixed findings

List of Findings

Error: COMPILER_WARNING (CWE-704): [#def1]
sed-4.9/lib/dfa.c: scope_hint: In function 'comsubs'
sed-4.9/lib/dfa.c:4028:19: warning[-Wdiscarded-qualifiers]: initialization discards 'const' qualifier from pointer target type
# 4028 |       char *rcp = strchr (right, *lcp);
#      |                   ^~~~~~
# 4026|       {
# 4027|         idx_t len = 0;
# 4028|->       char *rcp = strchr (right, *lcp);
# 4029|         while (rcp != NULL)
# 4030|           {

Error: COMPILER_WARNING (CWE-704): [#def2]
sed-4.9/lib/dfa.c:4028:19: warning[-Wdiscarded-qualifiers]: initialization discards 'const' qualifier from pointer target type
# 4026|       {
# 4027|         idx_t len = 0;
# 4028|->       char *rcp = strchr (right, *lcp);
# 4029|         while (rcp != NULL)
# 4030|           {

Error: CPPCHECK_WARNING (CWE-758): [#def3]
sed-4.9/lib/malloc/dynarray_emplace_enlarge.c:59: error[shiftTooManyBitsSigned]: Shifting signed 64-bit value by 63 bits is undefined behaviour
#   57|   
#   58|     size_t new_size;
#   59|->   if (INT_MULTIPLY_WRAPV (new_allocated, element_size, &new_size))
#   60|       return false;
#   61|     void *new_array;

Error: CPPCHECK_WARNING (CWE-758): [#def4]
sed-4.9/lib/malloc/dynarray_resize.c:45: error[shiftTooManyBitsSigned]: Shifting signed 64-bit value by 63 bits is undefined behaviour
#   43|   
#   44|     size_t new_size_bytes;
#   45|->   if (INT_MULTIPLY_WRAPV (size, element_size, &new_size_bytes))
#   46|       {
#   47|         /* Overflow.  */

Error: CPPCHECK_WARNING (CWE-682): [#def5]
sed-4.9/lib/obstack.c:138: error[nullPointerArithmetic]: Pointer addition with NULL pointer.
#  136|     if (!chunk)
#  137|       (*obstack_alloc_failed_handler) ();
#  138|->   h->next_free = h->object_base = __PTR_ALIGN ((char *) chunk, chunk->contents,
#  139|                                                  alignment - 1);
#  140|     h->chunk_limit = chunk->limit = (char *) chunk + h->chunk_size;

Error: CPPCHECK_WARNING (CWE-682): [#def6]
sed-4.9/lib/obstack.c:208: error[nullPointerArithmetic]: Pointer addition with NULL pointer.
#  206|     /* Compute an aligned object_base in the new chunk */
#  207|     object_base =
#  208|->     __PTR_ALIGN ((char *) new_chunk, new_chunk->contents, h->alignment_mask);
#  209|   
#  210|     /* Move the existing object to the new chunk.  */

Error: CPPCHECK_WARNING (CWE-682): [#def7]
sed-4.9/lib/obstack.c:218: error[nullPointerArithmetic]: Pointer addition with NULL pointer.
#  216|     if (!h->maybe_empty_object
#  217|         && (h->object_base
#  218|->           == __PTR_ALIGN ((char *) old_chunk, old_chunk->contents,
#  219|                             h->alignment_mask)))
#  220|       {

Error: CPPCHECK_WARNING (CWE-682): [#def8]
sed-4.9/sed/compile.c:421: error[nullPointerArithmetic]: Pointer addition with NULL pointer.
#  419|     if (!p)
#  420|       {
#  421|->       p = OB_MALLOC (&obs, 1, struct output);
#  422|         p->name = xstrdup (file_name);
#  423|         p->fp = ck_fopen (p->name, mode, fail);

Error: CPPCHECK_WARNING (CWE-682): [#def9]
sed-4.9/sed/compile.c:691: error[nullPointerArithmetic]: Pointer addition with NULL pointer.
#  689|                const struct error_info *err_info)
#  690|   {
#  691|->   struct sed_label *ret = OB_MALLOC (&obs, 1, struct sed_label);
#  692|     ret->v_index = idx;
#  693|     ret->name = name;

Error: CPPCHECK_WARNING (CWE-682): [#def10]
sed-4.9/sed/compile.c:721: error[nullPointerArithmetic]: Pointer addition with NULL pointer.
#  719|   new_replacement (char *text, size_t length, enum replacement_types type)
#  720|   {
#  721|->   struct replacement *r = OB_MALLOC (&obs, 1, struct replacement);
#  722|   
#  723|     r->prefix = text;

Error: CPPCHECK_WARNING (CWE-682): [#def11]
sed-4.9/sed/compile.c:1238: error[nullPointerArithmetic]: Pointer addition with NULL pointer.
# 1236|                 bad_prog (_(UNTERM_S_CMD));
# 1237|   
# 1238|->             cur_cmd->x.cmd_subst = OB_MALLOC (&obs, 1, struct subst);
# 1239|               setup_replacement (cur_cmd->x.cmd_subst,
# 1240|                                  get_buffer (b2), size_buffer (b2));

Error: CPPCHECK_WARNING (CWE-682): [#def12]
sed-4.9/sed/compile.c:1337: error[nullPointerArithmetic]: Pointer addition with NULL pointer.
# 1335|                 {
# 1336|                   unsigned char *translate =
# 1337|->                   OB_MALLOC (&obs, YMAP_LENGTH, unsigned char);
# 1338|                   unsigned char *ustring = (unsigned char *)src_buf;
# 1339|   

Error: CPPCHECK_WARNING (CWE-457): [#def13]
sed-4.9/sed/utils.c:262: warning[uninitvar]: Uninitialized variable: result
#  260|       panic (_("read error on %s: %s"), utils_fp_name (stream), strerror (errno));
#  261|   
#  262|->   return result;
#  263|   }
#  264|

Scan Properties

analyzer-version-clippy	1.95.0
analyzer-version-cppcheck	2.20.0
analyzer-version-gcc	16.1.1
analyzer-version-gcc-analyzer	16.1.1
analyzer-version-shellcheck	0.11.0
analyzer-version-unicontrol	0.0.2
diffbase-analyzer-version-clippy	1.95.0
diffbase-analyzer-version-cppcheck	2.20.0
diffbase-analyzer-version-gcc	16.1.1
diffbase-analyzer-version-gcc-analyzer	16.1.1
diffbase-analyzer-version-shellcheck	0.11.0
diffbase-analyzer-version-unicontrol	0.0.2
diffbase-enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code	0
diffbase-host	ip-172-16-1-215.us-west-2.compute.internal
diffbase-known-false-positives	/usr/share/csmock/known-false-positives.js
diffbase-known-false-positives-rpm	known-false-positives-0.0.0.20260524.213755.g3c6d0be.main-1.el9.noarch
diffbase-mock-config	fedora-rawhide-x86_64
diffbase-project-name	sed-4.10-1.fc45
diffbase-store-results-to	/tmp/tmpufnj7s8w/sed-4.10-1.fc45.tar.xz
diffbase-time-created	2026-06-01 16:45:18
diffbase-time-finished	2026-06-01 16:47:41
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'shellcheck,cppcheck,clippy,unicontrol,gcc' '-o' '/tmp/tmpufnj7s8w/sed-4.10-1.fc45.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpufnj7s8w/sed-4.10-1.fc45.src.rpm'
diffbase-tool-version	csmock-3.8.5.20260529.133039.g6f3b5c6-1.el9
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-215.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20260524.213755.g3c6d0be.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	sed-4.9-7.fc44
store-results-to	/tmp/tmpjemvu3gc/sed-4.9-7.fc44.tar.xz
time-created	2026-06-01 16:42:55
time-finished	2026-06-01 16:45:01
title	Fixed findings
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'shellcheck,cppcheck,clippy,unicontrol,gcc' '-o' '/tmp/tmpjemvu3gc/sed-4.9-7.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpjemvu3gc/sed-4.9-7.fc44.src.rpm'
tool-version	csmock-3.8.5.20260529.133039.g6f3b5c6-1.el9