Task #1582 - libnftnl-1.2.6-5.fc40/scan-results.err
back to task #1582download
Error: GCC_ANALYZER_WARNING (CWE-401): libnftnl-1.2.6-build/libnftnl-1.2.6/include/linux_list.h:83:20: warning[-Wanalyzer-malloc-leak]: leak of ‘nftnl_set_elem_alloc()’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: scope_hint: In function ‘nftnl_set_elems_parse2’ libnftnl-1.2.6-build/libnftnl-1.2.6/include/linux_list.h:67:24: note: in definition of macro ‘INIT_LIST_HEAD’ # 81| new->next = next; # 82| new->prev = prev; # 83|-> prev->next = new; # 84| } # 85| Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c: scope_hint: In function ‘nftnl_chain_set_data’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:235:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:11: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:235:17: note: read of 3 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 233| break; # 234| case NFTNL_CHAIN_HOOKNUM: # 235|-> memcpy(&c->hooknum, data, sizeof(c->hooknum)); # 236| break; # 237| case NFTNL_CHAIN_PRIO: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:238:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:238:17: note: read of 3 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 236| break; # 237| case NFTNL_CHAIN_PRIO: # 238|-> memcpy(&c->prio, data, sizeof(c->prio)); # 239| break; # 240| case NFTNL_CHAIN_POLICY: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:241:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:241:17: note: read of 3 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 239| break; # 240| case NFTNL_CHAIN_POLICY: # 241|-> memcpy(&c->policy, data, sizeof(c->policy)); # 242| break; # 243| case NFTNL_CHAIN_USE: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:244:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:244:17: note: read of 3 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 242| break; # 243| case NFTNL_CHAIN_USE: # 244|-> memcpy(&c->use, data, sizeof(c->use)); # 245| break; # 246| case NFTNL_CHAIN_BYTES: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:247:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:247:17: note: read of 7 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 245| break; # 246| case NFTNL_CHAIN_BYTES: # 247|-> memcpy(&c->bytes, data, sizeof(c->bytes)); # 248| break; # 249| case NFTNL_CHAIN_PACKETS: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:250:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:250:17: note: read of 7 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 248| break; # 249| case NFTNL_CHAIN_PACKETS: # 250|-> memcpy(&c->packets, data, sizeof(c->packets)); # 251| break; # 252| case NFTNL_CHAIN_HANDLE: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:253:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:253:17: note: read of 4 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 251| break; # 252| case NFTNL_CHAIN_HANDLE: # 253|-> memcpy(&c->handle, data, sizeof(c->handle)); # 254| break; # 255| case NFTNL_CHAIN_FAMILY: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:256:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:256:17: note: read of 3 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 254| break; # 255| case NFTNL_CHAIN_FAMILY: # 256|-> memcpy(&c->family, data, sizeof(c->family)); # 257| break; # 258| case NFTNL_CHAIN_TYPE: Error: GCC_ANALYZER_WARNING (CWE-131): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:276:33: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ # 274| case NFTNL_CHAIN_DEVICES: # 275| dev_array = (const char **)data; # 276|-> while (dev_array[len] != NULL) # 277| len++; # 278| Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:276:33: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:276:33: note: read of 7 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 274| case NFTNL_CHAIN_DEVICES: # 275| dev_array = (const char **)data; # 276|-> while (dev_array[len] != NULL) # 277| len++; # 278| Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:290:43: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:290:43: note: read of 4 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 288| # 289| for (i = 0; i < len; i++) # 290|-> c->dev_array[i] = strdup(dev_array[i]); # 291| # 292| c->dev_array_len = len; Error: GCC_ANALYZER_WARNING (CWE-131): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:290:59: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ # 288| # 289| for (i = 0; i < len; i++) # 290|-> c->dev_array[i] = strdup(dev_array[i]); # 291| # 292| c->dev_array_len = len; Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:295:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:295:17: note: read of 3 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 293| break; # 294| case NFTNL_CHAIN_FLAGS: # 295|-> memcpy(&c->chain_flags, data, sizeof(c->chain_flags)); # 296| break; # 297| case NFTNL_CHAIN_ID: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:298:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:298:17: note: read of 3 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 296| break; # 297| case NFTNL_CHAIN_ID: # 298|-> memcpy(&c->chain_id, data, sizeof(c->chain_id)); # 299| break; # 300| case NFTNL_CHAIN_USERDATA: Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/bitwise.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/byteorder.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING (CWE-758): libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/data_reg.c:148: error[overlappingWriteUnion]: Overlapping read/write of union is undefined behavior # 146| if (type) # 147| *type = DATA_VERDICT; # 148|-> data->len = sizeof(data->verdict); # 149| break; # 150| case NFT_JUMP: Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/dynset.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/exthdr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/fib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/fwd.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/hash.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/immediate.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/inner.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/log.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/lookup.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/masq.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/nat.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/numgen.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/payload.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/queue.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: GCC_ANALYZER_WARNING (CWE-131): libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:147:33: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’ # 145| case NFTNL_FLOWTABLE_DEVICES: # 146| dev_array = (const char **)data; # 147|-> while (dev_array[len] != NULL) # 148| len++; # 149| Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c: scope_hint: In function ‘nftnl_flowtable_set_data’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:147:33: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:1: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:147:33: note: read of 4 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 145| case NFTNL_FLOWTABLE_DEVICES: # 146| dev_array = (const char **)data; # 147|-> while (dev_array[len] != NULL) # 148| len++; # 149| Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:161:43: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:161:43: note: read of 4 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 159| # 160| for (i = 0; i < len; i++) # 161|-> c->dev_array[i] = strdup(dev_array[i]); # 162| # 163| c->dev_array_len = len; Error: GCC_ANALYZER_WARNING (CWE-131): libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:161:59: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’ # 159| # 160| for (i = 0; i < len; i++) # 161|-> c->dev_array[i] = strdup(dev_array[i]); # 162| # 163| c->dev_array_len = len; Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:172:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:172:17: note: read of 4 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 170| break; # 171| case NFTNL_FLOWTABLE_HANDLE: # 172|-> memcpy(&c->handle, data, sizeof(c->handle)); # 173| break; # 174| } Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/ct_expect.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/ct_timeout.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/limit.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/tunnel.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c: scope_hint: In function ‘nftnl_obj_set_data’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:95:28: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:9: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:95:28: note: read of 3 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 93| break; # 94| case NFTNL_OBJ_TYPE: # 95|-> obj->ops = nftnl_obj_ops_lookup(*((uint32_t *)data)); # 96| if (!obj->ops) # 97| return; Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:100:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:100:17: note: read of 3 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 98| break; # 99| case NFTNL_OBJ_FAMILY: # 100|-> memcpy(&obj->family, data, sizeof(obj->family)); # 101| break; # 102| case NFTNL_OBJ_USE: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:103:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:103:17: note: read of 2 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 101| break; # 102| case NFTNL_OBJ_USE: # 103|-> memcpy(&obj->use, data, sizeof(obj->use)); # 104| break; # 105| case NFTNL_OBJ_HANDLE: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:106:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:106:17: note: read of 6 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 104| break; # 105| case NFTNL_OBJ_HANDLE: # 106|-> memcpy(&obj->handle, data, sizeof(obj->handle)); # 107| break; # 108| case NFTNL_OBJ_USERDATA: Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c: scope_hint: In function ‘nftnl_rule_set_data’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:134:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:11: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:134:17: note: read of 4 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 132| break; # 133| case NFTNL_RULE_HANDLE: # 134|-> memcpy(&r->handle, data, sizeof(r->handle)); # 135| break; # 136| case NFTNL_RULE_COMPAT_PROTO: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:146:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:146:17: note: read of 4 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 144| break; # 145| case NFTNL_RULE_POSITION: # 146|-> memcpy(&r->position, data, sizeof(r->position)); # 147| break; # 148| case NFTNL_RULE_USERDATA: Error: CLANG_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:600:3: warning[deadcode.DeadStores]: Value stored to 'sep' is never read # 598| r->position_id); # 599| SNPRINTF_BUFFER_SIZE(ret, remain, offset); # 600|-> sep = " "; # 601| } # 602| Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/ruleset.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c: scope_hint: In function ‘nftnl_set_set_data’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:164:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:11: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:144:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:144:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:164:17: note: read of 4 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 162| break; # 163| case NFTNL_SET_HANDLE: # 164|-> memcpy(&s->handle, data, sizeof(s->handle)); # 165| break; # 166| case NFTNL_SET_FLAGS: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:201:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:144:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:144:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:201:17: note: read of 4 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 199| break; # 200| case NFTNL_SET_TIMEOUT: # 201|-> memcpy(&s->timeout, data, sizeof(s->timeout)); # 202| break; # 203| case NFTNL_SET_GC_INTERVAL: Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: GCC_ANALYZER_WARNING (CWE-476): libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: scope_hint: In function ‘nftnl_set_elem_get_u32’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c:265:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ # 263| uint32_t size, val; # 264| # 265|-> memcpy(&val, nftnl_set_elem_get(s, attr, &size), sizeof(val)); # 266| # 267| return val; Error: GCC_ANALYZER_WARNING (CWE-476): libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: scope_hint: In function ‘nftnl_set_elem_get_u64’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c:276:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ # 274| uint64_t val; # 275| # 276|-> memcpy(&val, nftnl_set_elem_get(s, attr, &size), sizeof(val)); # 277| # 278| return val; Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c: scope_hint: In function ‘nftnl_table_set_data’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:110:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:11: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:110:17: note: read of 7 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 108| break; # 109| case NFTNL_TABLE_HANDLE: # 110|-> memcpy(&t->handle, data, sizeof(t->handle)); # 111| break; # 112| case NFTNL_TABLE_FLAGS: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:113:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:113:17: note: read of 3 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 111| break; # 112| case NFTNL_TABLE_FLAGS: # 113|-> memcpy(&t->table_flags, data, sizeof(t->table_flags)); # 114| break; # 115| case NFTNL_TABLE_FAMILY: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:116:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:116:17: note: read of 3 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 114| break; # 115| case NFTNL_TABLE_FAMILY: # 116|-> memcpy(&t->family, data, sizeof(t->family)); # 117| break; # 118| case NFTNL_TABLE_USE: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:119:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:119:17: note: read of 3 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 117| break; # 118| case NFTNL_TABLE_USE: # 119|-> memcpy(&t->use, data, sizeof(t->use)); # 120| break; # 121| case NFTNL_TABLE_USERDATA: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:132:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:132:17: note: read of 3 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 130| break; # 131| case NFTNL_TABLE_OWNER: # 132|-> memcpy(&t->owner, data, sizeof(t->owner)); # 133| break; # 134| } Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/trace.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING (CWE-476): libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c:83: warning[nullPointer]: Possible null pointer dereference: value # 81| attr->len = len; # 82| attr->type = type; # 83|-> memcpy(attr->value, value, len); # 84| # 85| buf->end = (char *)nftnl_udata_next(attr); Error: CLANG_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c:83:2: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull' # 81| attr->len = len; # 82| attr->type = type; # 83|-> memcpy(attr->value, value, len); # 84| # 85| buf->end = (char *)nftnl_udata_next(attr); Error: GCC_ANALYZER_WARNING (CWE-688): libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c: scope_hint: In function ‘nftnl_udata_put’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c:83:9: warning[-Wanalyzer-null-argument]: use of NULL ‘value’ where non-null expected <built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null # 81| attr->len = len; # 82| attr->type = type; # 83|-> memcpy(attr->value, value, len); # 84| # 85| buf->end = (char *)nftnl_udata_next(attr);