Task #365 - dhcpcd-10.0.6-4.fc41/scan-results.err
back to task #365download
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/compat/crypt/hmac.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/compat/rb.c:398:19: warning[deadcode.DeadStores]: Value stored to 'grandpa' during its initialization is never read
# 396| {
# 397| struct rb_node * father = RB_FATHER(self);
# 398|-> struct rb_node * grandpa = RB_FATHER(father);
# 399| struct rb_node * uncle;
# 400| unsigned int which;
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/compat/rb.c:477:3: warning[deadcode.DeadStores]: Value stored to 'father' is never read
# 475| KASSERT(RB_FATHER(self) == grandpa);
# 476| self = father;
# 477|-> father = RB_FATHER(self);
# 478| }
# 479| KASSERT(RB_RED_P(self) && RB_RED_P(father));
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/compat/rb.c:886:10: warning[core.NullDereference]: Array access (via field 'rb_nodes') results in a null pointer dereference
# 884| if (RB_RED_P(parent)
# 885| && RB_BLACK_P(brother)
# 886|-> && RB_BLACK_P(brother->rb_left)
# 887| && RB_BLACK_P(brother->rb_right)) {
# 888| KASSERT(RB_RED_P(parent));
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/compat/rb.c:914:8: warning[core.NullDereference]: Array access (via field 'rb_nodes') results in a null pointer dereference
# 912| KASSERT(RB_RED_P(brother->rb_nodes[which]) ||
# 913| RB_RED_P(brother->rb_nodes[other]));
# 914|-> if (RB_BLACK_P(brother->rb_nodes[other])) {
# 915| /*
# 916| * Case 3: our brother is black, our near
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/compat/setproctitle.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/compat/strtoi.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/compat/strtou.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/arp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/arp.c:295:24: warning[core.UndefinedBinaryOperatorResult]: The left operand of '>' is a garbage value
# 293| is_probe = ar.ar_op == htons(ARPOP_REQUEST) && IN_IS_ADDR_UNSPECIFIED(&arm.sip) &&
# 294| bpf_flags & BPF_BCAST;
# 295|-> if (is_probe && falen > 0 && (falen != ar.ar_hln ||
# 296| memcmp(&arm.sha, &arm.fsha, ar.ar_hln))) {
# 297| char abuf[HWADDR_LEN * 3];
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/arp.c:557:7: warning[deadcode.DeadStores]: Although the value stored to 'state' is used in the enclosing expression, the value is never actually read from 'state'
# 555| struct arp_state *astate;
# 556|
# 557|-> if ((state = ARP_STATE(ifp)) == NULL) {
# 558| ifp->if_data[IF_DATA_ARP] = malloc(sizeof(*state));
# 559| state = ARP_STATE(ifp);
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/arp.c:657:3: warning[unix.Malloc]: Use of memory after it is freed
# 655| while ((state = ARP_STATE(ifp)) != NULL &&
# 656| (astate = TAILQ_FIRST(&state->arp_states)) != NULL)
# 657|-> arp_free(astate);
# 658| }
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/auth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/bpf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/bpf.c: scope_hint: In function ‘bpf_bootp’
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/bpf.c:709:2: warning[-Wcpp]: #warning A compromised PF_PACKET socket can be used as a raw socket
# 709 | #warning A compromised PF_PACKET socket can be used as a raw socket
# | ^~~~~~~
# 707| #warning No BIOCSETWF support - a compromised BPF can be used as a raw socket
# 708| #else
# 709|-> #warning A compromised PF_PACKET socket can be used as a raw socket
# 710| #endif
# 711| #endif
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/control.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/control.c:221:3: warning[unix.Malloc]: Use of memory after it is freed
# 219| }
# 220| if (events & ELE_HANGUP)
# 221|-> control_hangup(fd);
# 222| }
# 223|
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/control.c:503:3: warning[unix.Malloc]: Use of memory after it is freed
# 501|
# 502| while ((l = TAILQ_FIRST(&ctx->control_fds)) != NULL) {
# 503|-> control_free(l);
# 504| }
# 505|
Error: CPPCHECK_WARNING (CWE-457):
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/control.c:577: warning[uninitvar]: Uninitialized variable: buffer
# 575| len += l;
# 576| }
# 577|-> return write(ctx->control_fd, buffer, len);
# 578| }
# 579|
Error: GCC_ANALYZER_WARNING (CWE-688):
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/control.c: scope_hint: In function ‘control_queue’
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/control.c:624:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
dhcpcd-10.0.6-build/dhcpcd-10.0.6/config.h:28: included_from: Included from here.
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/control.c:42: included_from: Included from here.
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 622| d->data_size = data_len;
# 623| }
# 624|-> memcpy(d->data, data, data_len);
# 625| d->data_len = data_len;
# 626| d->data_flags = fd->flags & FD_SENDLEN;
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/dev.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/dhcp-common.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/dhcp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/dhcp.c:188:7: warning[deadcode.DeadStores]: Although the value stored to 'o' is used in the enclosing expression, the value is never actually read from 'o'
# 186| p = bootp->vend + 4; /* options after the 4 byte cookie */
# 187| e = (const uint8_t *)bootp + bootp_len;
# 188|-> ol = o = overl = 0;
# 189| bp = NULL;
# 190| op = NULL;
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/dhcp6.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/dhcpcd.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-775):
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/dhcpcd.c: scope_hint: In function ‘dup_null’
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/dhcpcd.c:1881:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘err’
# 1879| if ((err = dup2(fd_null, fd)) == -1)
# 1880| logwarn("dup2 %d", fd);
# 1881|-> close(fd_null);
# 1882| return err;
# 1883| }
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/dhcpcd.c:2373:10: warning[deadcode.DeadStores]: Although the value stored to 'pid' is used in the enclosing expression, the value is never actually read from 'pid'
# 2371| goto exit_failure;
# 2372| }
# 2373|-> switch (pid = fork()) {
# 2374| case -1:
# 2375| logerr("fork");
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/dhcpcd.c:2395:11: warning[deadcode.DeadStores]: Although the value stored to 'pid' is used in the enclosing expression, the value is never actually read from 'pid'
# 2393| }
# 2394| /* Ensure we can never get a controlling terminal */
# 2395|-> switch (pid = fork()) {
# 2396| case -1:
# 2397| logerr("fork");
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/duid.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/eloop.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/if-linux.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/if-linux.c:1186:17: warning[-Wstringop-overflow=]: writing 16 bytes into a region of size 0
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/if-linux.c: scope_hint: In function ‘if_address’
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/if-linux.c:1489:25: note: at offset 20 into destination object ‘hdr’ of size 16
# 1184| rta->rta_len = len;
# 1185| if (alen)
# 1186|-> memcpy(RTA_DATA(rta), data, alen);
# 1187| n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len);
# 1188|
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/if-options.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476):
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/if-options.c: scope_hint: In function ‘parse_option’
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/if-options.c:1713:29: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘edop’
# 1711| case O_EMBED:
# 1712| if (dop == NULL) {
# 1713|-> if (*edop) {
# 1714| dop = &(*edop)->embopts;
# 1715| dop_len = &(*edop)->embopts_len;
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/if.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/ipv4.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-415):
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/ipv4.c: scope_hint: In function ‘ipv4_free’
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/ipv4.c:999:17: warning[-Wanalyzer-double-free]: double-‘free’ of ‘ia’
dhcpcd-10.0.6-build/dhcpcd-10.0.6/config.h:28: included_from: Included from here.
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/ipv4.c:47: included_from: Included from here.
# 997| while ((ia = TAILQ_FIRST(&state->addrs))) {
# 998| TAILQ_REMOVE(&state->addrs, ia, next);
# 999|-> free(ia);
# 1000| }
# 1001| free(state);
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/ipv4ll.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/ipv6.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/ipv6.c:555:28: warning[core.BitwiseShift]: Right shift overflows the capacity of 'uint64_t'
# 553| user_high = 0;
# 554| else
# 555|-> user_high = user_number >> (result_len - prefix_len);
# 556| user_low = user_number << (128 - result_len);
# 557| } else if (result_len == 64) {
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/ipv6nd.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/ipv6nd.c:681:7: warning[unix.Malloc]: Use of memory after it is freed
# 679|
# 680| TAILQ_FOREACH(rap, ifp->ctx->ra_routers, next) {
# 681|-> if (rap->iface == ifp)
# 682| break;
# 683| }
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/ipv6nd.c:1686:6: warning[deadcode.DeadStores]: Although the value stored to 'n' is used in the enclosing expression, the value is never actually read from 'n'
# 1684|
# 1685| clock_gettime(CLOCK_MONOTONIC, &now);
# 1686|-> i = n = 0;
# 1687| TAILQ_FOREACH(rap, ifp->ctx->ra_routers, next) {
# 1688| if (rap->iface != ifp || rap->expired)
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/logerr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep-bpf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep-control.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep-inet.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep-root.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-590):
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep-root.c:634: error[autovarInvalidDeallocation]: Deallocation of an auto-variable (mtime) results in undefined behaviour.
# 632| err = ps_root_writeerror(ctx, err, rlen != 0 ? rdata : 0, rlen);
# 633| if (free_rdata)
# 634|-> free(rdata);
# 635| return err;
# 636| }
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep.c:829:4: warning[unix.Malloc]: Use of memory after it is freed
# 827| while ((psp = TAILQ_FIRST(&ctx->ps_processes)) != NULL) {
# 828| if (stop && psp != ppsp)
# 829|-> ps_stopprocess(psp);
# 830| ps_freeprocess(psp);
# 831| }
Error: CLANG_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep.c:830:3: warning[unix.Malloc]: Use of memory after it is freed
# 828| if (stop && psp != ppsp)
# 829| ps_stopprocess(psp);
# 830|-> ps_freeprocess(psp);
# 831| }
# 832| }
Error: GCC_ANALYZER_WARNING (CWE-121):
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep.c: scope_hint: In function ‘ps_sendpsmmsg’
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep.c:926:40: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep.c:926:40: note: write of 8 bytes to beyond the end of ‘iov’
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep.c:926:40: note: valid subscripts for ‘iov’ are ‘[0]’ to ‘[6]’
# 924| }
# 925| iovp++;
# 926|-> iovp->iov_base = msg->msg_iov[i].iov_base;
# 927| iovp->iov_len = msg->msg_iov[i].iov_len;
# 928| }
Error: GCC_ANALYZER_WARNING (CWE-121):
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep.c:927:39: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep.c:927:39: note: write of 8 bytes to beyond the end of ‘iov’
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/privsep.c:927:39: note: valid subscripts for ‘iov’ are ‘[0]’ to ‘[6]’
# 925| iovp++;
# 926| iovp->iov_base = msg->msg_iov[i].iov_base;
# 927|-> iovp->iov_len = msg->msg_iov[i].iov_len;
# 928| }
# 929| iovlen += i;
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/sa.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING:
dhcpcd-10.0.6-build/dhcpcd-10.0.6/src/script.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.