Error: GCC_ANALYZER_WARNING (CWE-775): [#def1] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/containers/storage/pkg/unshare/unshare.c: scope_hint: In function ‘parse_proc_stringlist’ osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/containers/storage/pkg/unshare/unshare.c:120:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’ # 118| if (new_buf == NULL) { # 119| free(buf); # 120|-> fprintf(stderr, "realloc(%ld): out of memory\n", (long)(size + BUFSTEP)); # 121| return NULL; # 122| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def2] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/containers/storage/pkg/unshare/unshare.c:128:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’ # 126| n = read(fd, buf + used, size - used - 1); # 127| if (n < 0) { # 128|-> fprintf(stderr, "read(): %m\n"); # 129| return NULL; # 130| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/containers/storage/pkg/unshare/unshare.c:128:25: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’ # 126| n = read(fd, buf + used, size - used - 1); # 127| if (n < 0) { # 128|-> fprintf(stderr, "read(): %m\n"); # 129| return NULL; # 130| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/containers/storage/pkg/unshare/unshare.c:128:25: warning[-Wanalyzer-malloc-leak]: leak of ‘new_buf’ # 126| n = read(fd, buf + used, size - used - 1); # 127| if (n < 0) { # 128|-> fprintf(stderr, "read(): %m\n"); # 129| return NULL; # 130| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/containers/storage/pkg/unshare/unshare.c:145:17: warning[-Wanalyzer-malloc-leak]: leak of ‘new_buf’ # 143| ret = calloc(n_strings + 1, sizeof(char *)); # 144| if (ret == NULL) { # 145|-> fprintf(stderr, "calloc(): out of memory\n"); # 146| return NULL; # 147| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/containers/storage/pkg/unshare/unshare.c: scope_hint: In function ‘containers_reexec’ osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/containers/storage/pkg/unshare/unshare.c:288:12: warning[-Wanalyzer-malloc-leak]: leak of ‘argv’ # 286| if (fd < 0) # 287| fd = copy_self_proc_exe(argv); # 288|-> if (fd < 0) # 289| return fd; # 290| Error: GCC_ANALYZER_WARNING (CWE-476): [#def7] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/miekg/pkcs11/pkcs11.go: scope_hint: In function 'New' osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/miekg/pkcs11/pkcs11.go:77:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'c' # 75| CK_C_GetFunctionList list; # 76| struct ctx *c = calloc(1, sizeof(struct ctx)); # 77|-> c->handle = dlopen(module, RTLD_LAZY); # 78| if (c->handle == NULL) { # 79| free(c); Error: GCC_ANALYZER_WARNING (CWE-476): [#def8] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/miekg/pkcs11/pkcs11.go: scope_hint: In function ‘New’ osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/miekg/pkcs11/pkcs11.go:77:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘c’ # 75| CK_C_GetFunctionList list; # 76| struct ctx *c = calloc(1, sizeof(struct ctx)); # 77|-> c->handle = dlopen(module, RTLD_LAZY); # 78| if (c->handle == NULL) { # 79| free(c); Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/miekg/pkcs11/pkcs11.go: scope_hint: In function ‘GetAttributeValue.part.0’ osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/miekg/pkcs11/pkcs11.go:316:32: warning[-Wanalyzer-malloc-leak]: leak of ‘*((CK_ATTRIBUTE *)temp).pValue’ # 314| continue; # 315| } # 316|-> temp[i].pValue = calloc(temp[i].ulValueLen, sizeof(CK_BYTE)); # 317| } # 318| return c->sym->C_GetAttributeValue(session, object, temp, templen); Error: GCC_ANALYZER_WARNING (CWE-688): [#def10] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/osbuild/images/pkg/crypt/crypt_impl.go: scope_hint: In function 'gnu_ext_crypt' osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/osbuild/images/pkg/crypt/crypt_impl.go:60:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'ret' where non-null expected <built-in>: note: argument 1 of '__builtin_strcpy' must be non-null # 58| # 59| ret = (char *)malloc((strlen(enc)+1) * sizeof(char)); // for trailing null # 60|-> strcpy(ret, enc); # 61| ret[strlen(enc)]= '\0'; # 62| Error: GCC_ANALYZER_WARNING (CWE-688): [#def11] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/osbuild/images/pkg/crypt/crypt_impl.go: scope_hint: In function ‘gnu_ext_crypt’ osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/osbuild/images/pkg/crypt/crypt_impl.go:60:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘ret’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null # 58| # 59| ret = (char *)malloc((strlen(enc)+1) * sizeof(char)); // for trailing null # 60|-> strcpy(ret, enc); # 61| ret[strlen(enc)]= '\0'; # 62| Error: GCC_ANALYZER_WARNING (CWE-476): [#def12] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/ubccr/kerby/base64.c: scope_hint: In function ‘base64_encode’ osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/ubccr/kerby/base64.c:49:16: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out’ # 47| while (vlen >= 3) # 48| { # 49|-> *out++ = basis_64[value[0] >> 2]; # 50| *out++ = basis_64[((value[0] << 4) & 0x30) | (value[1] >> 4)]; # 51| *out++ = basis_64[((value[1] << 2) & 0x3C) | (value[2] >> 6)]; Error: GCC_ANALYZER_WARNING (CWE-476): [#def13] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/ubccr/kerby/base64.c:58:16: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out’ # 56| if (vlen > 0) # 57| { # 58|-> *out++ = basis_64[value[0] >> 2]; # 59| unsigned char oval = (value[0] << 4) & 0x30; # 60| if (vlen > 1) oval |= value[1] >> 4; Error: GCC_ANALYZER_WARNING (CWE-476): [#def14] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/ubccr/kerby/base64.c:65:10: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out’ # 63| *out++ = '='; # 64| } # 65|-> *out = '\0'; # 66| # 67| return result; Error: GCC_ANALYZER_WARNING (CWE-476): [#def15] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/ubccr/kerby/base64.c: scope_hint: In function ‘base64_decode’ osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/ubccr/kerby/base64.c:106:16: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘out’ # 104| # 105| value += 4; # 106|-> *out++ = (CHAR64(c1) << 2) | (CHAR64(c2) >> 4); # 107| *rlen += 1; # 108| Error: GCC_ANALYZER_WARNING (CWE-476): [#def16] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/ubccr/kerby/base64.c:121:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘result’ # 119| # 120| base64_decode_error: # 121|-> *result = 0; # 122| *rlen = 0; # 123| Error: GCC_ANALYZER_WARNING (CWE-688): [#def17] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/ubccr/kerby/kerberosgss.c: scope_hint: In function ‘authenticate_gss_client_step’ osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/ubccr/kerby/kerberosgss.c:219:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*state.username’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strncpy’ must be non-null # 217| } else { # 218| state->username = (char *)malloc(name_token.length + 1); # 219|-> strncpy(state->username, (char*) name_token.value, name_token.length); # 220| state->username[name_token.length] = 0; # 221| gss_release_buffer(&state->min_stat, &name_token); Error: GCC_ANALYZER_WARNING (CWE-688): [#def18] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/ubccr/kerby/kerberosgss.c: scope_hint: In function ‘authenticate_gss_server_step’ osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/ubccr/kerby/kerberosgss.c:386:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*state.username’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strncpy’ must be non-null # 384| } # 385| state->username = (char *)malloc(output_token.length + 1); # 386|-> strncpy(state->username, (char*) output_token.value, output_token.length); # 387| state->username[output_token.length] = 0; # 388| Error: GCC_ANALYZER_WARNING (CWE-688): [#def19] osbuild-composer-120-build/osbuild-composer-120/vendor/github.com/ubccr/kerby/kerberosgss.c:408:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*state.targetname’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strncpy’ must be non-null # 406| } # 407| state->targetname = (char *)malloc(output_token.length + 1); # 408|-> strncpy( # 409| state->targetname, (char*) output_token.value, output_token.length # 410| );
analyzer-version-clippy | 1.81.0 |
analyzer-version-cppcheck | 2.15.0 |
analyzer-version-gcc | 14.2.1 |
analyzer-version-gcc-analyzer | 14.2.1 |
analyzer-version-shellcheck | 0.10.0 |
analyzer-version-unicontrol | 0.0.2 |
enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
exit-code | 0 |
host | ip-172-16-1-159.us-west-2.compute.internal |
mock-config | fedora-rawhide-x86_64 |
project-name | osbuild-composer-120-1.20240919211711792703.pr4336.4.g388076f7d |
store-results-to | /tmp/tmp0ilkyodl/osbuild-composer-120-1.20240919211711792703.pr4336.4.g388076f7d.tar.xz |
time-created | 2024-09-19 21:54:01 |
time-finished | 2024-09-19 22:03:26 |
tool | csmock |
tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,shellcheck,cppcheck,clippy,unicontrol' '-o' '/tmp/tmp0ilkyodl/osbuild-composer-120-1.20240919211711792703.pr4336.4.g388076f7d.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '/tmp/tmp0ilkyodl/osbuild-composer-120-1.20240919211711792703.pr4336.4.g388076f7d.src.rpm' |
tool-version | csmock-3.7.0-1.el9 |