libnftnl-1.2.6-5.fc40
List of Defects
Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
libnftnl-1.2.6-build/libnftnl-1.2.6/include/linux_list.h:83:20: warning[-Wanalyzer-malloc-leak]: leak of ‘nftnl_set_elem_alloc()’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: scope_hint: In function ‘nftnl_set_elems_parse2’
libnftnl-1.2.6-build/libnftnl-1.2.6/include/linux_list.h:67:24: note: in definition of macro ‘INIT_LIST_HEAD’
# 81| new->next = next;
# 82| new->prev = prev;
# 83|-> prev->next = new;
# 84| }
# 85|
Error: CPPCHECK_WARNING: [#def2]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-126): [#def3]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c: scope_hint: In function ‘nftnl_chain_set_data’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:235:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:11: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:235:17: note: read of 3 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 233| break;
# 234| case NFTNL_CHAIN_HOOKNUM:
# 235|-> memcpy(&c->hooknum, data, sizeof(c->hooknum));
# 236| break;
# 237| case NFTNL_CHAIN_PRIO:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def4]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:238:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:238:17: note: read of 3 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 236| break;
# 237| case NFTNL_CHAIN_PRIO:
# 238|-> memcpy(&c->prio, data, sizeof(c->prio));
# 239| break;
# 240| case NFTNL_CHAIN_POLICY:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def5]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:241:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:241:17: note: read of 3 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 239| break;
# 240| case NFTNL_CHAIN_POLICY:
# 241|-> memcpy(&c->policy, data, sizeof(c->policy));
# 242| break;
# 243| case NFTNL_CHAIN_USE:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def6]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:244:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:244:17: note: read of 3 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 242| break;
# 243| case NFTNL_CHAIN_USE:
# 244|-> memcpy(&c->use, data, sizeof(c->use));
# 245| break;
# 246| case NFTNL_CHAIN_BYTES:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def7]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:247:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:247:17: note: read of 7 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 245| break;
# 246| case NFTNL_CHAIN_BYTES:
# 247|-> memcpy(&c->bytes, data, sizeof(c->bytes));
# 248| break;
# 249| case NFTNL_CHAIN_PACKETS:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def8]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:250:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:250:17: note: read of 7 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 248| break;
# 249| case NFTNL_CHAIN_PACKETS:
# 250|-> memcpy(&c->packets, data, sizeof(c->packets));
# 251| break;
# 252| case NFTNL_CHAIN_HANDLE:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def9]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:253:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:253:17: note: read of 4 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 251| break;
# 252| case NFTNL_CHAIN_HANDLE:
# 253|-> memcpy(&c->handle, data, sizeof(c->handle));
# 254| break;
# 255| case NFTNL_CHAIN_FAMILY:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def10]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:256:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:256:17: note: read of 3 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 254| break;
# 255| case NFTNL_CHAIN_FAMILY:
# 256|-> memcpy(&c->family, data, sizeof(c->family));
# 257| break;
# 258| case NFTNL_CHAIN_TYPE:
Error: GCC_ANALYZER_WARNING (CWE-131): [#def11]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:276:33: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
# 274| case NFTNL_CHAIN_DEVICES:
# 275| dev_array = (const char **)data;
# 276|-> while (dev_array[len] != NULL)
# 277| len++;
# 278|
Error: GCC_ANALYZER_WARNING (CWE-126): [#def12]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:276:33: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:276:33: note: read of 7 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 274| case NFTNL_CHAIN_DEVICES:
# 275| dev_array = (const char **)data;
# 276|-> while (dev_array[len] != NULL)
# 277| len++;
# 278|
Error: GCC_ANALYZER_WARNING (CWE-126): [#def13]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:290:43: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:290:43: note: read of 4 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 288|
# 289| for (i = 0; i < len; i++)
# 290|-> c->dev_array[i] = strdup(dev_array[i]);
# 291|
# 292| c->dev_array_len = len;
Error: GCC_ANALYZER_WARNING (CWE-131): [#def14]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:290:59: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
# 288|
# 289| for (i = 0; i < len; i++)
# 290|-> c->dev_array[i] = strdup(dev_array[i]);
# 291|
# 292| c->dev_array_len = len;
Error: GCC_ANALYZER_WARNING (CWE-126): [#def15]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:295:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:295:17: note: read of 3 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 293| break;
# 294| case NFTNL_CHAIN_FLAGS:
# 295|-> memcpy(&c->chain_flags, data, sizeof(c->chain_flags));
# 296| break;
# 297| case NFTNL_CHAIN_ID:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def16]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:298:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:215:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:298:17: note: read of 3 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 296| break;
# 297| case NFTNL_CHAIN_ID:
# 298|-> memcpy(&c->chain_id, data, sizeof(c->chain_id));
# 299| break;
# 300| case NFTNL_CHAIN_USERDATA:
Error: CPPCHECK_WARNING: [#def17]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/bitwise.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def18]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/byteorder.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-758): [#def19]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/data_reg.c:148: error[overlappingWriteUnion]: Overlapping read/write of union is undefined behavior
# 146| if (type)
# 147| *type = DATA_VERDICT;
# 148|-> data->len = sizeof(data->verdict);
# 149| break;
# 150| case NFT_JUMP:
Error: CPPCHECK_WARNING: [#def20]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/dynset.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def21]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/exthdr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def22]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/fib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def23]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/fwd.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def24]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/hash.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def25]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/immediate.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def26]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/inner.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def27]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/log.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def28]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/lookup.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def29]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/masq.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def30]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/nat.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def31]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/numgen.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def32]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/payload.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def33]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/queue.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def34]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-131): [#def35]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:147:33: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’
# 145| case NFTNL_FLOWTABLE_DEVICES:
# 146| dev_array = (const char **)data;
# 147|-> while (dev_array[len] != NULL)
# 148| len++;
# 149|
Error: GCC_ANALYZER_WARNING (CWE-126): [#def36]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c: scope_hint: In function ‘nftnl_flowtable_set_data’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:147:33: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:1: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:147:33: note: read of 4 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 145| case NFTNL_FLOWTABLE_DEVICES:
# 146| dev_array = (const char **)data;
# 147|-> while (dev_array[len] != NULL)
# 148| len++;
# 149|
Error: GCC_ANALYZER_WARNING (CWE-126): [#def37]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:161:43: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:161:43: note: read of 4 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 159|
# 160| for (i = 0; i < len; i++)
# 161|-> c->dev_array[i] = strdup(dev_array[i]);
# 162|
# 163| c->dev_array_len = len;
Error: GCC_ANALYZER_WARNING (CWE-131): [#def38]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:161:59: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’
# 159|
# 160| for (i = 0; i < len; i++)
# 161|-> c->dev_array[i] = strdup(dev_array[i]);
# 162|
# 163| c->dev_array_len = len;
Error: GCC_ANALYZER_WARNING (CWE-126): [#def39]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:172:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:117:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:172:17: note: read of 4 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 170| break;
# 171| case NFTNL_FLOWTABLE_HANDLE:
# 172|-> memcpy(&c->handle, data, sizeof(c->handle));
# 173| break;
# 174| }
Error: CPPCHECK_WARNING: [#def40]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/ct_expect.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def41]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/ct_timeout.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def42]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/limit.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def43]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/tunnel.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def44]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-126): [#def45]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c: scope_hint: In function ‘nftnl_obj_set_data’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:95:28: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:9: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:95:28: note: read of 3 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 93| break;
# 94| case NFTNL_OBJ_TYPE:
# 95|-> obj->ops = nftnl_obj_ops_lookup(*((uint32_t *)data));
# 96| if (!obj->ops)
# 97| return;
Error: GCC_ANALYZER_WARNING (CWE-126): [#def46]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:100:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:100:17: note: read of 3 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 98| break;
# 99| case NFTNL_OBJ_FAMILY:
# 100|-> memcpy(&obj->family, data, sizeof(obj->family));
# 101| break;
# 102| case NFTNL_OBJ_USE:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def47]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:103:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:103:17: note: read of 2 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 101| break;
# 102| case NFTNL_OBJ_USE:
# 103|-> memcpy(&obj->use, data, sizeof(obj->use));
# 104| break;
# 105| case NFTNL_OBJ_HANDLE:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def48]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:106:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:83:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:106:17: note: read of 6 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 104| break;
# 105| case NFTNL_OBJ_HANDLE:
# 106|-> memcpy(&obj->handle, data, sizeof(obj->handle));
# 107| break;
# 108| case NFTNL_OBJ_USERDATA:
Error: CPPCHECK_WARNING: [#def49]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-126): [#def50]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c: scope_hint: In function ‘nftnl_rule_set_data’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:134:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:11: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:134:17: note: read of 4 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 132| break;
# 133| case NFTNL_RULE_HANDLE:
# 134|-> memcpy(&r->handle, data, sizeof(r->handle));
# 135| break;
# 136| case NFTNL_RULE_COMPAT_PROTO:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def51]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:146:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:146:17: note: read of 4 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 144| break;
# 145| case NFTNL_RULE_POSITION:
# 146|-> memcpy(&r->position, data, sizeof(r->position));
# 147| break;
# 148| case NFTNL_RULE_USERDATA:
Error: CLANG_WARNING: [#def52]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:600:3: warning[deadcode.DeadStores]: Value stored to 'sep' is never read
# 598| r->position_id);
# 599| SNPRINTF_BUFFER_SIZE(ret, remain, offset);
# 600|-> sep = " ";
# 601| }
# 602|
Error: CPPCHECK_WARNING: [#def53]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/ruleset.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def54]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-126): [#def55]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c: scope_hint: In function ‘nftnl_set_set_data’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:164:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:11: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:144:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:144:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:164:17: note: read of 4 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 162| break;
# 163| case NFTNL_SET_HANDLE:
# 164|-> memcpy(&s->handle, data, sizeof(s->handle));
# 165| break;
# 166| case NFTNL_SET_FLAGS:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def56]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:201:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:144:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:144:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:201:17: note: read of 4 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 199| break;
# 200| case NFTNL_SET_TIMEOUT:
# 201|-> memcpy(&s->timeout, data, sizeof(s->timeout));
# 202| break;
# 203| case NFTNL_SET_GC_INTERVAL:
Error: CPPCHECK_WARNING: [#def57]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def58]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: scope_hint: In function ‘nftnl_set_elem_get_u32’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c:265:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 263| uint32_t size, val;
# 264|
# 265|-> memcpy(&val, nftnl_set_elem_get(s, attr, &size), sizeof(val));
# 266|
# 267| return val;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def59]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: scope_hint: In function ‘nftnl_set_elem_get_u64’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c:276:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 274| uint64_t val;
# 275|
# 276|-> memcpy(&val, nftnl_set_elem_get(s, attr, &size), sizeof(val));
# 277|
# 278| return val;
Error: CPPCHECK_WARNING: [#def60]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-126): [#def61]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c: scope_hint: In function ‘nftnl_table_set_data’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:110:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:11: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:110:17: note: read of 7 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 108| break;
# 109| case NFTNL_TABLE_HANDLE:
# 110|-> memcpy(&t->handle, data, sizeof(t->handle));
# 111| break;
# 112| case NFTNL_TABLE_FLAGS:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def62]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:113:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:113:17: note: read of 3 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 111| break;
# 112| case NFTNL_TABLE_FLAGS:
# 113|-> memcpy(&t->table_flags, data, sizeof(t->table_flags));
# 114| break;
# 115| case NFTNL_TABLE_FAMILY:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def63]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:116:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:116:17: note: read of 3 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 114| break;
# 115| case NFTNL_TABLE_FAMILY:
# 116|-> memcpy(&t->family, data, sizeof(t->family));
# 117| break;
# 118| case NFTNL_TABLE_USE:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def64]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:119:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:119:17: note: read of 3 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 117| break;
# 118| case NFTNL_TABLE_USE:
# 119|-> memcpy(&t->use, data, sizeof(t->use));
# 120| break;
# 121| case NFTNL_TABLE_USERDATA:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def65]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:132:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:98:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:132:17: note: read of 3 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 130| break;
# 131| case NFTNL_TABLE_OWNER:
# 132|-> memcpy(&t->owner, data, sizeof(t->owner));
# 133| break;
# 134| }
Error: CPPCHECK_WARNING: [#def66]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/trace.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-476): [#def67]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c:83: warning[nullPointer]: Possible null pointer dereference: value
# 81| attr->len = len;
# 82| attr->type = type;
# 83|-> memcpy(attr->value, value, len);
# 84|
# 85| buf->end = (char *)nftnl_udata_next(attr);
Error: CLANG_WARNING: [#def68]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c:83:2: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 81| attr->len = len;
# 82| attr->type = type;
# 83|-> memcpy(attr->value, value, len);
# 84|
# 85| buf->end = (char *)nftnl_udata_next(attr);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def69]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c: scope_hint: In function ‘nftnl_udata_put’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c:83:9: warning[-Wanalyzer-null-argument]: use of NULL ‘value’ where non-null expected
<built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null
# 81| attr->len = len;
# 82| attr->type = type;
# 83|-> memcpy(attr->value, value, len);
# 84|
# 85| buf->end = (char *)nftnl_udata_next(attr);
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-154.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | libnftnl-1.2.6-5.fc40 |
| store-results-to | /tmp/tmps8wsz8z9/libnftnl-1.2.6-5.fc40.tar.xz |
| time-created | 2024-07-03 15:46:09 |
| time-finished | 2024-07-03 15:48:00 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmps8wsz8z9/libnftnl-1.2.6-5.fc40.tar.xz' '--gcc-analyze' '/tmp/tmps8wsz8z9/libnftnl-1.2.6-5.fc40.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |