pkcs11-provider-0.3-2.fc40

List of Defects

Error: CPPCHECK_WARNING: [#def1]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/debug.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def2]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/digests.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def3]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/encoder.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def4]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/interface.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CLANG_WARNING: [#def5]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/interface.c:168:5: warning[deadcode.DeadStores]: Value stored to 'ret' is never read
#  166|       }
#  167|   
#  168|->     ret = CKR_FUNCTION_NOT_SUPPORTED;
#  169|       intf->GetInterface = dlsym(mctx->dlhandle, "C_GetInterface");
#  170|       if (!intf->GetInterface) {

Error: CPPCHECK_WARNING: [#def6]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/keymgmt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def7]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/objects.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CLANG_WARNING: [#def8]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/objects.c:1867:9: warning[deadcode.DeadStores]: Value stored to 'nattr' is never read
# 1865|       case CKK_EC:
# 1866|           attrs[0].type = CKA_P11PROV_CURVE_NID;
# 1867|->         nattr = 1;
# 1868|           rv = get_public_attrs(obj, attrs, 1);
# 1869|           if (rv != CKR_OK) {

Error: CPPCHECK_WARNING: [#def9]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/provider.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING (CWE-457): [#def10]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/provider.c:849: warning[uninitvar]: Uninitialized variable: tmplist
#  847|           }
#  848|       }
#  849|->     memcpy(checklist, tmplist, t * sizeof(CK_ULONG));
#  850|       *clsize = t;
#  851|   }

Error: CPPCHECK_WARNING: [#def11]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/session.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def12]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/signature.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: GCC_ANALYZER_WARNING (CWE-476): [#def13]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/signature.c: scope_hint: In function 'p11prov_sig_get_sig_size'
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/signature.c:580:17: warning[-Wanalyzer-null-dereference]: dereference of NULL 'siglen'
#  578|       switch (type) {
#  579|       case CKK_RSA:
#  580|->         *siglen = size;
#  581|           break;
#  582|       case CKK_EC:

Error: CLANG_WARNING: [#def14]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/signature.c:580:17: warning[core.NullDereference]: Dereference of null pointer (loaded from variable 'siglen')
#  578|       switch (type) {
#  579|       case CKK_RSA:
#  580|->         *siglen = size;
#  581|           break;
#  582|       case CKK_EC:

Error: GCC_ANALYZER_WARNING (CWE-476): [#def15]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/signature.c:584:17: warning[-Wanalyzer-null-dereference]: dereference of NULL 'siglen'
#  582|       case CKK_EC:
#  583|           /* add room for ECDSA Signature DER overhead */
#  584|->         *siglen = 3 + (size + 4) * 2;
#  585|           break;
#  586|       case CKK_EC_EDWARDS:

Error: CLANG_WARNING: [#def16]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/signature.c:584:17: warning[core.NullDereference]: Dereference of null pointer (loaded from variable 'siglen')
#  582|       case CKK_EC:
#  583|           /* add room for ECDSA Signature DER overhead */
#  584|->         *siglen = 3 + (size + 4) * 2;
#  585|           break;
#  586|       case CKK_EC_EDWARDS:

Error: GCC_ANALYZER_WARNING (CWE-476): [#def17]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/signature.c:588:21: warning[-Wanalyzer-null-dereference]: dereference of NULL 'siglen'
#  586|       case CKK_EC_EDWARDS:
#  587|           if (size == ED25519_BYTE_SIZE) {
#  588|->             *siglen = ED25519_SIG_SIZE;
#  589|           } else if (size == ED448_BYTE_SIZE) {
#  590|               *siglen = ED448_SIG_SIZE;

Error: CLANG_WARNING: [#def18]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/signature.c:588:21: warning[core.NullDereference]: Dereference of null pointer (loaded from variable 'siglen')
#  586|       case CKK_EC_EDWARDS:
#  587|           if (size == ED25519_BYTE_SIZE) {
#  588|->             *siglen = ED25519_SIG_SIZE;
#  589|           } else if (size == ED448_BYTE_SIZE) {
#  590|               *siglen = ED448_SIG_SIZE;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def19]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/signature.c:590:21: warning[-Wanalyzer-null-dereference]: dereference of NULL 'siglen'
#  588|               *siglen = ED25519_SIG_SIZE;
#  589|           } else if (size == ED448_BYTE_SIZE) {
#  590|->             *siglen = ED448_SIG_SIZE;
#  591|           } else {
#  592|               return CKR_KEY_TYPE_INCONSISTENT;

Error: CLANG_WARNING: [#def20]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/signature.c:590:21: warning[core.NullDereference]: Dereference of null pointer (loaded from variable 'siglen')
#  588|               *siglen = ED25519_SIG_SIZE;
#  589|           } else if (size == ED448_BYTE_SIZE) {
#  590|->             *siglen = ED448_SIG_SIZE;
#  591|           } else {
#  592|               return CKR_KEY_TYPE_INCONSISTENT;

Error: CLANG_WARNING: [#def21]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/signature.c:1899:11: warning[core.CallAndMessage]: 2nd function call argument is an uninitialized value
# 1897|       }
# 1898|   
# 1899|->     ret = convert_ecdsa_raw_to_der(raw, rawlen, sig, siglen, sigsize);
# 1900|       OPENSSL_cleanse(raw, rawlen);
# 1901|       return ret;

Error: CPPCHECK_WARNING: [#def22]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/slot.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def23]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/store.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def24]
pkcs11-provider-0.3-build/pkcs11-provider-0.3/src/util.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Scan Properties

analyzer-version-clang	18.1.7
analyzer-version-cppcheck	2.14.2
analyzer-version-gcc	14.1.1
analyzer-version-gcc-analyzer	14.1.1
analyzer-version-shellcheck	0.10.0
enabled-plugins	clang, cppcheck, gcc, shellcheck
exit-code	0
host	ip-172-16-1-227.us-west-2.compute.internal
mock-config	fedora-41-x86_64
project-name	pkcs11-provider-0.3-2.fc40
store-results-to	/tmp/tmp6aqw4lym/pkcs11-provider-0.3-2.fc40.tar.xz
time-created	2024-07-03 16:53:56
time-finished	2024-07-03 16:55:43
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmp6aqw4lym/pkcs11-provider-0.3-2.fc40.tar.xz' '--gcc-analyze' '/tmp/tmp6aqw4lym/pkcs11-provider-0.3-2.fc40.src.rpm'
tool-version	csmock-3.5.3-1.el9