bubblewrap-0.8.0-3.fc40
List of Defects
Error: GCC_ANALYZER_WARNING (CWE-775): [#def1]
bubblewrap-0.8.0/bind-mount.c: scope_hint: In function ‘bind_mount’
bubblewrap-0.8.0/bind-mount.c:408:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(realpath(dest, 0), 2621440)’
# 406| return BIND_MOUNT_ERROR_REALPATH_DEST;
# 407|
# 408|-> dest_fd = open (resolved_dest, O_PATH | O_CLOEXEC);
# 409| if (dest_fd < 0)
# 410| {
Error: CLANG_WARNING: [#def2]
bubblewrap-0.8.0/bubblewrap.c:1476:15: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 1474| case SETUP_MAKE_SYMLINK:
# 1475| assert (op->source != NULL); /* guaranteed by the constructor */
# 1476|-> if (symlink (op->source, dest) != 0)
# 1477| die_with_error ("Can't make symlink at %s", op->dest);
# 1478| break;
Error: GCC_ANALYZER_WARNING: [#def3]
bubblewrap-0.8.0/tests/try-syscall.c: scope_hint: In function ‘main’
bubblewrap-0.8.0/tests/try-syscall.c:157:15: warning[-Wanalyzer-fd-use-without-check]: ‘listen’ on possibly invalid file descriptor ‘-1’
# 155| {
# 156| /* If not blocked by seccomp, this will fail with EBADF */
# 157|-> if (listen (-1, 42) != 0)
# 158| {
# 159| errsv = errno;
Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
bubblewrap-0.8.0/utils.c: scope_hint: In function ‘load_file_data’
bubblewrap-0.8.0/utils.c:143:12: warning[-Wanalyzer-malloc-leak]: leak of ‘xrealloc(data, (long unsigned int)data_len)’
# 141| void *res = realloc (ptr, size);
# 142|
# 143|-> if (size != 0 && res == NULL)
# 144| die_oom ();
# 145| return res;
Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
bubblewrap-0.8.0/utils.c: scope_hint: In function ‘readlink_malloc’
bubblewrap-0.8.0/utils.c:143:12: warning[-Wanalyzer-malloc-leak]: leak of ‘xrealloc(value, size)’
# 141| void *res = realloc (ptr, size);
# 142|
# 143|-> if (size != 0 && res == NULL)
# 144| die_oom ();
# 145| return res;
Error: GCC_ANALYZER_WARNING (CWE-1341): [#def6]
bubblewrap-0.8.0/utils.c: scope_hint: In function ‘load_file_at’
bubblewrap-0.8.0/utils.c:626:3: warning[-Wanalyzer-fd-double-close]: double ‘close’ of file descriptor ‘openat(dirfd, path, 524288)’
bubblewrap-0.8.0/utils.c: scope_hint: In function ‘load_file_at’
# 624|
# 625| errsv = errno;
# 626|-> close (fd);
# 627| errno = errsv;
# 628|
Error: CLANG_WARNING: [#def7]
bubblewrap-0.8.0/utils.c:718:10: warning[unix.Malloc]: Potential leak of memory pointed to by 'p'
# 716| while (p);
# 717|
# 718|-> return 0;
# 719| }
# 720|
Error: CLANG_WARNING: [#def8]
bubblewrap-0.8.0/utils.c:816:16: warning[unix.Malloc]: Potential leak of memory pointed to by 'value'
# 814| n = readlink (pathname, value, size - 1);
# 815| if (n < 0)
# 816|-> return NULL;
# 817| }
# 818| while (size - 2 < n);
Error: GCC_ANALYZER_WARNING (CWE-415): [#def9]
bubblewrap-0.8.0/utils.h:142:5: warning[-Wanalyzer-double-free]: double-‘free’ of ‘data’
bubblewrap-0.8.0/utils.c: scope_hint: In function ‘load_file_data’
# 140|
# 141| if (*pp)
# 142|-> free (*pp);
# 143| }
# 144|
Error: GCC_ANALYZER_WARNING (CWE-415): [#def10]
bubblewrap-0.8.0/utils.h:142:5: warning[-Wanalyzer-double-free]: double-‘free’ of ‘value’
bubblewrap-0.8.0/utils.c: scope_hint: In function ‘readlink_malloc’
# 140|
# 141| if (*pp)
# 142|-> free (*pp);
# 143| }
# 144|
Scan Properties
| analyzer-version-clang | 18.1.3 |
| analyzer-version-cppcheck | 2.13.0 |
| analyzer-version-gcc | 14.0.1 |
| analyzer-version-gcc-analyzer | 14.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-118.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | bubblewrap-0.8.0-3.fc40 |
| store-results-to | /tmp/tmpes_951id/bubblewrap-0.8.0-3.fc40.tar.xz |
| time-created | 2024-04-22 10:41:17 |
| time-finished | 2024-04-22 10:42:53 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpes_951id/bubblewrap-0.8.0-3.fc40.tar.xz' '--gcc-analyze' '/tmp/tmpes_951id/bubblewrap-0.8.0-3.fc40.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |