nettle-3.9.1-6.fc40
List of Defects
Error: CPPCHECK_WARNING: [#def1]
nettle-3.9.1-build/nettle-3.9.1/arctwo.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def2]
nettle-3.9.1-build/nettle-3.9.1/blowfish-bcrypt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def3]
nettle-3.9.1-build/nettle-3.9.1/blowfish.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING: [#def4]
nettle-3.9.1-build/nettle-3.9.1/conftest.s: scope_hint: Assembler messages
nettle-3.9.1-build/nettle-3.9.1/conftest.s:2: Error: alignment not a power of 2
Error: COMPILER_WARNING: [#def5]
nettle-3.9.1-build/nettle-3.9.1/conftest.s: scope_hint: Assembler messages
nettle-3.9.1-build/nettle-3.9.1/conftest.s:4: Error: unknown pseudo-op: `.def'
Error: COMPILER_WARNING: [#def6]
nettle-3.9.1-build/nettle-3.9.1/conftest.s: scope_hint: Assembler messages
nettle-3.9.1-build/nettle-3.9.1/conftest.s:4: Error: unrecognized symbol type ""
Error: COMPILER_WARNING: [#def7]
nettle-3.9.1-build/nettle-3.9.1/conftest.s:5: Error: unknown pseudo-op: `.scl'
Error: COMPILER_WARNING: [#def8]
nettle-3.9.1-build/nettle-3.9.1/conftest.s:6: Error: Missing symbol name in directive
Error: COMPILER_WARNING: [#def9]
nettle-3.9.1-build/nettle-3.9.1/conftest.s:6: Error: unrecognized symbol type "32"
Error: COMPILER_WARNING: [#def10]
nettle-3.9.1-build/nettle-3.9.1/conftest.s:7: Error: unknown pseudo-op: `.endef'
Error: CPPCHECK_WARNING: [#def11]
nettle-3.9.1-build/nettle-3.9.1/der-iterator.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def12]
nettle-3.9.1-build/nettle-3.9.1/dsa-gen-params.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def13]
nettle-3.9.1-build/nettle-3.9.1/eccdata.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
nettle-3.9.1-build/nettle-3.9.1/examples/hogweed-benchmark.c: scope_hint: In function ‘bench_eddsa_init’
nettle-3.9.1-build/nettle-3.9.1/examples/hogweed-benchmark.c:534:3: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(248)’
# 532|
# 533| ctx = xalloc (sizeof(*ctx));
# 534|-> switch (size) {
# 535| case 255:
# 536| ctx->sign = ed25519_sha512_sign;
Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
nettle-3.9.1-build/nettle-3.9.1/examples/hogweed-benchmark.c: scope_hint: In function ‘bench_curve_init’
nettle-3.9.1-build/nettle-3.9.1/examples/hogweed-benchmark.c:854:3: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(128)’
# 852| struct curve_ctx *ctx = xalloc (sizeof (*ctx));
# 853| knuth_lfib_init (&lfib, 17);
# 854|-> switch (size)
# 855| {
# 856| case 255:
Error: CPPCHECK_WARNING: [#def16]
nettle-3.9.1-build/nettle-3.9.1/examples/io.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def17]
nettle-3.9.1-build/nettle-3.9.1/examples/nettle-benchmark.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def18]
nettle-3.9.1-build/nettle-3.9.1/examples/rsa-decrypt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def19]
nettle-3.9.1-build/nettle-3.9.1/examples/rsa-decrypt.c:246: error[uninitvar]: Uninitialized variable: &session
# 244| mpz_clear(x);
# 245|
# 246|-> rsa_session_set_decrypt_key(&ctx, &session);
# 247|
# 248| if (!process_file(&ctx,
Error: CPPCHECK_WARNING: [#def20]
nettle-3.9.1-build/nettle-3.9.1/examples/rsa-encrypt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def21]
nettle-3.9.1-build/nettle-3.9.1/examples/rsa-keygen.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def22]
nettle-3.9.1-build/nettle-3.9.1/fat-x86_64.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def23]
nettle-3.9.1-build/nettle-3.9.1/getopt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def24]
nettle-3.9.1-build/nettle-3.9.1/knuth-lfib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-122): [#def25]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:10: included_from: Included from here.
nettle-3.9.1-build/nettle-3.9.1/macros.h:162:8: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:662:5: note: in expansion of macro ‘INCREMENT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:647:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:650:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:651:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:655:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/macros.h:161:29: note: in definition of macro ‘INCREMENT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:662:5: note: in expansion of macro ‘INCREMENT’
# 160| do { \
# 161| unsigned increment_i = (size) - 1; \
# 162|-> if (++(ctr)[increment_i] == 0) \
# 163| while (increment_i > 0 \
# 164| && ++(ctr)[--increment_i] == 0 ) \
Error: GCC_ANALYZER_WARNING (CWE-122): [#def26]
nettle-3.9.1-build/nettle-3.9.1/macros.h:162:16: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:662:5: note: in expansion of macro ‘INCREMENT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:647:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:650:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:651:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:655:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/macros.h:161:29: note: in definition of macro ‘INCREMENT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:662:5: note: in expansion of macro ‘INCREMENT’
# └─────────────────┘
# ^
# 160| do { \
# 161| unsigned increment_i = (size) - 1; \
# 162|-> if (++(ctr)[increment_i] == 0) \
# 163| while (increment_i > 0 \
# 164| && ++(ctr)[--increment_i] == 0 ) \
Error: GCC_ANALYZER_WARNING (CWE-122): [#def27]
nettle-3.9.1-build/nettle-3.9.1/macros.h:164:14: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:662:5: note: in expansion of macro ‘INCREMENT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:647:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:650:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:651:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:655:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/macros.h:161:29: note: in definition of macro ‘INCREMENT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:662:5: note: in expansion of macro ‘INCREMENT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:662:5: note: in expansion of macro ‘INCREMENT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:662:5: note: in expansion of macro ‘INCREMENT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:662:5: note: in expansion of macro ‘INCREMENT’
# 162| if (++(ctr)[increment_i] == 0) \
# 163| while (increment_i > 0 \
# 164|-> && ++(ctr)[--increment_i] == 0 ) \
# 165| ; \
# 166| } while (0)
Error: GCC_ANALYZER_WARNING (CWE-122): [#def28]
nettle-3.9.1-build/nettle-3.9.1/macros.h:164:24: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:662:5: note: in expansion of macro ‘INCREMENT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:647:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:650:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:651:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:655:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/macros.h:161:29: note: in definition of macro ‘INCREMENT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:662:5: note: in expansion of macro ‘INCREMENT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:662:5: note: in expansion of macro ‘INCREMENT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:662:5: note: in expansion of macro ‘INCREMENT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:662:5: note: in expansion of macro ‘INCREMENT’
# └─────────────────┘
# ^
# 162| if (++(ctr)[increment_i] == 0) \
# 163| while (increment_i > 0 \
# 164|-> && ++(ctr)[--increment_i] == 0 ) \
# 165| ; \
# 166| } while (0)
Error: GCC_ANALYZER_WARNING (CWE-471): [#def29]
nettle-3.9.1-build/nettle-3.9.1/eccdata.c:43: included_from: Included from here.
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c: scope_hint: In function ‘mpn_set_str_bits’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:1328:20: warning[-Wanalyzer-write-to-const]: write to ‘const’ object ‘dummy_limb’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:44: included_from: Included from here.
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:45: included_from: Included from here.
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:1412:26: note: declared here
# 1326| if (shift == 0)
# 1327| {
# 1328|-> rp[rn++] = sp[j];
# 1329| shift += bits;
# 1330| }
Error: GCC_ANALYZER_WARNING (CWE-471): [#def30]
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:1333:20: warning[-Wanalyzer-write-to-const]: write to ‘const’ object ‘dummy_limb’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:1412:26: note: declared here
# 1331| else
# 1332| {
# 1333|-> rp[rn-1] |= (mp_limb_t) sp[j] << shift;
# 1334| shift += bits;
# 1335| if (shift >= GMP_LIMB_BITS)
Error: GCC_ANALYZER_WARNING (CWE-471): [#def31]
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:1339:26: warning[-Wanalyzer-write-to-const]: write to ‘const’ object ‘dummy_limb’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:1412:26: note: declared here
# 1337| shift -= GMP_LIMB_BITS;
# 1338| if (shift > 0)
# 1339|-> rp[rn++] = (mp_limb_t) sp[j] >> (bits - shift);
# 1340| }
# 1341| }
Error: CPPCHECK_WARNING (CWE-758): [#def32]
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:1492: error[shiftTooManyBits]: Shifting 64-bit value by 64 bits is undefined behaviour
# 1490| {
# 1491| int LOCAL_GMP_LIMB_BITS = GMP_LIMB_BITS;
# 1492|-> while (x >>= LOCAL_GMP_LIMB_BITS)
# 1493| {
# 1494| ++ r->_mp_size;
Error: CPPCHECK_WARNING (CWE-758): [#def33]
nettle-3.9.1-build/nettle-3.9.1/mini-gmp.c:1614: error[shiftTooManyBits]: Shifting 64-bit value by 64 bits is undefined behaviour
# 1612| n = GMP_MIN (n, 1 + (mp_size_t) (GMP_ULONG_BITS - 1) / GMP_LIMB_BITS);
# 1613| while (--n >= 0)
# 1614|-> r = (r << LOCAL_GMP_LIMB_BITS) + u->_mp_d[n];
# 1615| return r;
# 1616| }
Error: CPPCHECK_WARNING: [#def34]
nettle-3.9.1-build/nettle-3.9.1/pgp-encode.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def35]
nettle-3.9.1-build/nettle-3.9.1/rsa-keygen.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def36]
nettle-3.9.1-build/nettle-3.9.1/sexp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def37]
nettle-3.9.1-build/nettle-3.9.1/sexp2dsa.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def38]
nettle-3.9.1-build/nettle-3.9.1/sexp2rsa.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def39]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-401): [#def40]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_aead’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*aead.context_size)’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def41]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_aead’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*aead.digest_size)’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:805:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:806:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:807:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:13: included_from: Included from here.
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*armor.decode_context_size)’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def43]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*armor.encode_context_size)’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def44]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cfb8’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*cipher.block_size)’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def45]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cbc’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*cipher.context_size)’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def46]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_hash’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*hash.context_size)’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def47]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*hash.digest_size)’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def48]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_mac’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*mac.context_size)’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def49]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*mac.digest_size)’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def50]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*armor.decode_length(ascii_length) + 1)’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def51]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_aead_message’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cipher.length + 1)’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def52]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cipher.length)’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def53]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_aead’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length + (long unsigned int)*aead.block_size + 18446744073709551615)’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:805:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:806:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:807:3: note: in expansion of macro ‘ASSERT’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def54]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cfb8’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length + 1)’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:441:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:444:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:445:3: note: in expansion of macro ‘ASSERT’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def55]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_cipher’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length)’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def56]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*digest.length)’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def57]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_armor’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(ascii_length + 1)’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def58]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:33:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(length)’
# 31| {
# 32| void *p = malloc(size);
# 33|-> if (size && !p)
# 34| {
# 35| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-476): [#def59]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘tstring_alloc’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:48:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘xalloc(length + 24)’
# 46| {
# 47| struct tstring *s = xalloc(sizeof(struct tstring) + length);
# 48|-> s->length = length;
# 49| s->next = tstring_first;
# 50| /* NUL-terminate, for convenience. */
Error: GCC_ANALYZER_WARNING (CWE-401): [#def60]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘print_hex’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:118:1: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:805:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:806:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:807:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:330:49: note: in definition of macro ‘MEMEQ’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘print_hex’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘print_hex’
# 116| }
# 117| printf("\n");
# 118|-> }
# 119|
# 120| int verbose = 0;
Error: GCC_ANALYZER_WARNING (CWE-688): [#def61]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cbc’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:209:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:201:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:204:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:205:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 207| data = xalloc(length);
# 208| cipher->set_encrypt_key(ctx, key->data);
# 209|-> memcpy(iv, iiv->data, cipher->block_size);
# 210|
# 211| cbc_encrypt(ctx, cipher->encrypt,
Error: GCC_ANALYZER_WARNING (CWE-688): [#def62]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cfb’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:272:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:262:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:265:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:266:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 270|
# 271| cipher->set_encrypt_key(ctx, key->data);
# 272|-> memcpy(iv, iiv->data, cipher->block_size);
# 273|
# 274| cfb_encrypt(ctx, cipher->encrypt,
Error: GCC_ANALYZER_WARNING (CWE-688): [#def63]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cfb8’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:455:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:441:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:444:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:445:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 453|
# 454| cipher->set_encrypt_key(ctx, key->data);
# 455|-> memcpy(iv, iiv->data, cipher->block_size);
# 456|
# 457| memset(data, 0x17, length + 1);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def64]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:457:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length + 1)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:441:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:444:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:445:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 455| memcpy(iv, iiv->data, cipher->block_size);
# 456|
# 457|-> memset(data, 0x17, length + 1);
# 458| for (i = 0; i + block <= length; i += block)
# 459| {
Error: GCC_ANALYZER_WARNING (CWE-688): [#def65]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:485:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length + 1)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:441:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:444:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:445:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:480:7: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 483| memcpy(iv, iiv->data, cipher->block_size);
# 484|
# 485|-> memset(data2, 0x17, length + 1);
# 486| for (i = 0; i + block <= length; i += block)
# 487| {
Error: GCC_ANALYZER_WARNING (CWE-688): [#def66]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:512:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:441:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:444:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:445:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 510|
# 511| cipher->set_encrypt_key(ctx, key->data);
# 512|-> memcpy(iv, iiv->data, cipher->block_size);
# 513| memcpy(data, cleartext->data, length);
# 514|
Error: GCC_ANALYZER_WARNING (CWE-688): [#def67]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:513:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length + 1)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:441:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:444:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:445:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 511| cipher->set_encrypt_key(ctx, key->data);
# 512| memcpy(iv, iiv->data, cipher->block_size);
# 513|-> memcpy(data, cleartext->data, length);
# 514|
# 515| cfb8_encrypt(ctx, cipher->encrypt,
Error: GCC_ANALYZER_WARNING (CWE-688): [#def68]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_cipher_ctr’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:657:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:647:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:650:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:651:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:655:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 655| ASSERT (nblocks < 0x100);
# 656|
# 657|-> memcpy (octr, ictr->data, cipher->block_size - 1);
# 658| low = ictr->data[cipher->block_size - 1] + nblocks;
# 659| octr[cipher->block_size - 1] = low;
Error: GCC_ANALYZER_WARNING (CWE-122): [#def69]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:659:32: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:647:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:650:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:651:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:655:3: note: in expansion of macro ‘ASSERT’
# 657| memcpy (octr, ictr->data, cipher->block_size - 1);
# 658| low = ictr->data[cipher->block_size - 1] + nblocks;
# 659|-> octr[cipher->block_size - 1] = low;
# 660|
# 661| if (low >= 0x100)
Error: GCC_ANALYZER_WARNING (CWE-688): [#def70]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:670:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:647:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:650:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:651:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:655:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 668| for (i = 0; i <= length; i++)
# 669| {
# 670|-> memcpy(ctr, ictr->data, cipher->block_size);
# 671| memset(data, 17, length);
# 672|
Error: GCC_ANALYZER_WARNING (CWE-688): [#def71]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:671:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:647:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:650:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:651:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:655:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 669| {
# 670| memcpy(ctr, ictr->data, cipher->block_size);
# 671|-> memset(data, 17, length);
# 672|
# 673| ctr_crypt(ctx, cipher->encrypt,
Error: GCC_ANALYZER_WARNING (CWE-688): [#def72]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_aead’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:818:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length + (long unsigned int)*aead.block_size + 18446744073709551615) + (sizetype)in_align’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:805:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:806:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:807:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 816| unsigned out_align = 3*in_align % aead->block_size;
# 817| size_t offset;
# 818|-> memcpy (in + in_align, cleartext->data, cleartext->length);
# 819| for (offset = 0; offset <= cleartext->length; offset += aead->block_size)
# 820| {
Error: GCC_ANALYZER_WARNING (CWE-688): [#def73]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:818:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length + (long unsigned int)*aead.block_size + 18446744073709551615)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:805:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:806:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:807:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 816| unsigned out_align = 3*in_align % aead->block_size;
# 817| size_t offset;
# 818|-> memcpy (in + in_align, cleartext->data, cleartext->length);
# 819| for (offset = 0; offset <= cleartext->length; offset += aead->block_size)
# 820| {
Error: GCC_ANALYZER_WARNING (CWE-401): [#def74]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:841:14: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length + (long unsigned int)*aead.block_size + 18446744073709551615) + (sizetype)in_align’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:805:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:806:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:807:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:330:49: note: in definition of macro ‘MEMEQ’
# 839| out + out_align + offset, in + in_align + offset);
# 840|
# 841|-> if (!MEMEQ(cleartext->length, out + out_align, ciphertext->data))
# 842| {
# 843| fprintf(stderr, "aead->encrypt failed (offset = %u):\nclear: ",
Error: GCC_ANALYZER_WARNING (CWE-688): [#def75]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:855:15: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*aead.digest_size)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:805:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:806:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:807:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:330:49: note: in definition of macro ‘MEMEQ’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:854:15: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 853| {
# 854| ASSERT (digest->length <= aead->digest_size);
# 855|-> memset(buffer, 0, aead->digest_size);
# 856| aead->digest(ctx, digest->length, buffer);
# 857| if (!MEMEQ(digest->length, buffer, digest->data))
Error: GCC_ANALYZER_WARNING (CWE-401): [#def76]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:857:18: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length + (long unsigned int)*aead.block_size + 18446744073709551615) + (sizetype)in_align’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:805:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:806:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:807:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:330:49: note: in definition of macro ‘MEMEQ’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:854:15: note: in expansion of macro ‘ASSERT’
# 855| memset(buffer, 0, aead->digest_size);
# 856| aead->digest(ctx, digest->length, buffer);
# 857|-> if (!MEMEQ(digest->length, buffer, digest->data))
# 858| {
# 859| fprintf(stderr, "aead->digest failed (offset = %u):\n got: ",
Error: GCC_ANALYZER_WARNING (CWE-688): [#def77]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_aead_message’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:980:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cipher.length)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:925:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:926:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:927:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 978| FAIL();
# 979| }
# 980|-> memcpy (copy, cipher->data, cipher->length);
# 981| copy[0] ^= 4;
# 982| if (aead->decrypt (ctx,
Error: GCC_ANALYZER_WARNING (CWE-688): [#def78]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_hash’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:1100:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*msg.length + 16)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:1090:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:1093:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:1095:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 1098| for (offset = 0; offset < 16; offset++)
# 1099| {
# 1100|-> memset (input, 0, msg->length + 16);
# 1101| memcpy (input + offset, msg->data, msg->length);
# 1102| hash->update (ctx, msg->length, input + offset);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def79]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_hash_large’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:1131:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(length)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:1129:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 1129| ASSERT (digest->length == hash->digest_size);
# 1130|
# 1131|-> memset(data, c, length);
# 1132|
# 1133| hash->init(ctx);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def80]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘test_armor’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:1233:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(ascii_length + 1)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:1229:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:1231:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 1231| ASSERT(data_length <= armor->decode_length(ascii_length));
# 1232|
# 1233|-> memset(buffer, 0x33, 1 + ascii_length);
# 1234| memset(check, 0x55, 1 + data_length);
# 1235|
Error: GCC_ANALYZER_WARNING (CWE-688): [#def81]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:1234:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*armor.decode_length(ascii_length) + 1)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:1229:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:1231:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 1232|
# 1233| memset(buffer, 0x33, 1 + ascii_length);
# 1234|-> memset(check, 0x55, 1 + data_length);
# 1235|
# 1236| armor->encode_init(encode);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def82]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:330:31: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:692:11: note: in expansion of macro ‘MEMEQ’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:647:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:650:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:651:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:655:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:692:11: note: in expansion of macro ‘MEMEQ’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:692:11: note: in expansion of macro ‘MEMEQ’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:13: included_from: Included from here.
/usr/include/string.h:64:12: note: argument 1 of ‘memcmp’ must be non-null
# 328| #define H(x) (SHEX(x)->data)
# 329|
# 330|-> #define MEMEQ(length, a, b) (!memcmp((a), (b), (length)))
# 331|
# 332| #define FAIL() abort()
Error: GCC_ANALYZER_WARNING (CWE-401): [#def83]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:8: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length + (long unsigned int)*aead.block_size + 18446744073709551615) + (sizetype)in_align’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:854:15: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:805:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:806:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:807:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:330:49: note: in definition of macro ‘MEMEQ’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:854:15: note: in expansion of macro ‘ASSERT’
# 334|
# 335| #define ASSERT(x) do { \
# 336|-> if (!(x)) \
# 337| { \
# 338| fprintf(stderr, "Assert failed: %s:%d: %s\n", \
Error: CPPCHECK_WARNING: [#def84]
nettle-3.9.1-build/nettle-3.9.1/tools/nettle-hash.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-775): [#def85]
nettle-3.9.1-build/nettle-3.9.1/tools/nettle-hash.c: scope_hint: In function ‘main’
nettle-3.9.1-build/nettle-3.9.1/tools/nettle-hash.c:226:11: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*<unknown>, "rb")’
# 224| if (!f)
# 225| die ("Cannot open `%s': %s\n", argv[i], STRERROR(errno));
# 226|-> printf("%s: ", argv[i]);
# 227| if (!digest_file (alg, length, raw, f))
# 228| die("Reading `%s' failed: %s\n", argv[i], STRERROR(errno));
Error: GCC_ANALYZER_WARNING (CWE-401): [#def86]
nettle-3.9.1-build/nettle-3.9.1/tools/nettle-hash.c:226:11: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*<unknown>, "rb")’
# 224| if (!f)
# 225| die ("Cannot open `%s': %s\n", argv[i], STRERROR(errno));
# 226|-> printf("%s: ", argv[i]);
# 227| if (!digest_file (alg, length, raw, f))
# 228| die("Reading `%s' failed: %s\n", argv[i], STRERROR(errno));
Error: CPPCHECK_WARNING: [#def87]
nettle-3.9.1-build/nettle-3.9.1/tools/nettle-pbkdf2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def88]
nettle-3.9.1-build/nettle-3.9.1/tools/output.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def89]
nettle-3.9.1-build/nettle-3.9.1/twofish.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def90]
nettle-3.9.1-build/nettle-3.9.1/umac-l2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def91]
nettle-3.9.1-build/nettle-3.9.1/umac-l2.c:149:19: warning[deadcode.DeadStores]: Although the value stored to 'yl' is used in the enclosing expression, the value is never actually read from 'yl'
# 147| {
# 148| state[0] = 0;
# 149|-> state[1] = yl -= UMAC_P128_LO;
# 150| }
# 151| }
Error: GCC_ANALYZER_WARNING (CWE-457): [#def92]
nettle-3.9.1-build/nettle-3.9.1/umac64.c: scope_hint: In function ‘nettle_umac64_digest’
nettle-3.9.1-build/nettle-3.9.1/umac64.c:139:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘&tag’
nettle-3.9.1-build/nettle-3.9.1/umac64.c:36: included_from: Included from here.
# 137| tag[1] = pad[1] ^ ctx->l3_key2[1] ^ _nettle_umac_l3 (ctx->l3_key1 + 8,
# 138| ctx->l2_state + 2);
# 139|-> memcpy (digest, tag, length);
# 140|
# 141| /* Reinitialize */
Error: CPPCHECK_WARNING: [#def93]
nettle-3.9.1-build/nettle-3.9.1/yarrow256.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-40.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | nettle-3.9.1-6.fc40 |
| store-results-to | /tmp/tmp9aryo7k4/nettle-3.9.1-6.fc40.tar.xz |
| time-created | 2024-07-03 16:17:53 |
| time-finished | 2024-07-03 16:20:30 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmp9aryo7k4/nettle-3.9.1-6.fc40.tar.xz' '--gcc-analyze' '/tmp/tmp9aryo7k4/nettle-3.9.1-6.fc40.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |