Task #375 - dotconf-1.4.1-2.fc41/scan-results.err
back to task #375download
Error: CPPCHECK_WARNING: dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CLANG_WARNING: dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:114:15: warning[core.NullDereference]: Dereference of null pointer # 112| int i; # 113| # 114|-> for (i = 0; (options[i].name && options[i].name[0]); i++) ; # 115| if (options[i].type == ARG_NAME && options[i].callback) # 116| return &options[i]; Error: GCC_ANALYZER_WARNING (CWE-688): dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c: scope_hint: In function 'dotconf_get_here_document' dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:357:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'here_doc' where non-null expected dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:67: included_from: Included from here. dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.h:45:44: note: in definition of macro 'DOTCONF_CB' <built-in>: note: argument 1 of '__builtin_memset' must be non-null # 355| */ # 356| here_doc = malloc(configfile->size); /* allocate buffer memory */ # 357|-> memset(here_doc, 0, configfile->size); # 358| # 359| here_string = 1; Error: COMPILER_WARNING (CWE-681): dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c: scope_hint: In function 'dotconf_set_command' dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:513:42: warning[-Wpointer-sign]: pointer targets in passing argument 1 of 'strlen' differ in signedness # 513 | signed char *eob = args + strlen(args); # | ^~~~ # | | # | signed char * dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:26: included_from: Included from here. /usr/include/string.h:407:35: note: expected 'const char *' but argument is of type 'signed char *' # 407 | extern size_t strlen (const char *__s) # | ~~~~~~~~~~~~^~~ # 511| command_t * cmd) # 512| { # 513|-> signed char *eob = args + strlen(args); # 514| # 515| /* fill in the command_t structure with values we already know */ Error: COMPILER_WARNING (CWE-681): dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:526:40: warning[-Wpointer-sign]: pointer targets in passing argument 1 of 'strdup' differ in signedness # 526 | cmd->data.str = strdup(args); # | ^~~~ # | | # | signed char * /usr/include/string.h:187:34: note: expected 'const char *' but argument is of type 'signed char *' # 187 | extern char *strdup (const char *__s) # | ~~~~~~~~~~~~^~~ # 524| /* if it is an ARG_RAW type, save some time and call the # 525| callback now */ # 526|-> cmd->data.str = strdup(args); # 527| } else if (option->type == ARG_STR) { # 528| signed char *cp = args; Error: COMPILER_WARNING (CWE-681): dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:533:36: warning[-Wpointer-sign]: pointer targets in passing argument 2 of 'strncmp' differ in signedness # 533 | if (!strncmp("<<", cp, 2)) { # | ^~ # | | # | signed char * /usr/include/string.h:159:51: note: expected 'const char *' but argument is of type 'signed char *' # 159 | extern int strncmp (const char *__s1, const char *__s2, size_t __n) # | ~~~~~~~~~~~~^~~~ # 531| skip_whitespace(&cp, eob - cp, 0); # 532| # 533|-> if (!strncmp("<<", cp, 2)) { # 534| cmd->data.str = # 535| dotconf_get_here_document(configfile, cp + 2); Error: COMPILER_WARNING (CWE-681): dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:535:70: warning[-Wpointer-sign]: pointer targets in passing argument 2 of 'dotconf_get_here_document' differ in signedness # 535 | dotconf_get_here_document(configfile, cp + 2); # | ~~~^~~ # | | # | signed char * dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:331:72: note: expected 'const char *' but argument is of type 'signed char *' # 331 | char *dotconf_get_here_document(configfile_t * configfile, const char *delimit) # | ~~~~~~~~~~~~^~~~~~~ # 533| if (!strncmp("<<", cp, 2)) { # 534| cmd->data.str = # 535|-> dotconf_get_here_document(configfile, cp + 2); # 536| cmd->arg_count = 1; # 537| } Error: COMPILER_WARNING (CWE-681): dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:556:67: warning[-Wpointer-sign]: pointer targets in passing argument 1 of 'strdup' differ in signedness # 556 | cmd->data.list[cmd->arg_count++] = strdup(args); # | ^~~~ # | | # | signed char * /usr/include/string.h:187:34: note: expected 'const char *' but argument is of type 'signed char *' # 187 | extern char *strdup (const char *__s) # | ~~~~~~~~~~~~^~~ # 554| if (cmd->arg_count && cmd->data.list[cmd->arg_count - 1] # 555| && *args) # 556|-> cmd->data.list[cmd->arg_count++] = strdup(args); # 557| # 558| /* has an option entry been found before or do we have to use a fallback? */ Error: COMPILER_WARNING (CWE-681): dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c: scope_hint: In function 'dotconf_handle_command' dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:656:13: warning[-Wpointer-sign]: pointer targets in assignment from 'char *' to 'signed char *' differ in signedness # 656 | cp1 = buffer; # | ^ # 654| context_error = 0; # 655| # 656|-> cp1 = buffer; # 657| eob = cp1 + strlen(cp1); # 658| Error: COMPILER_WARNING (CWE-681): dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:657:28: warning[-Wpointer-sign]: pointer targets in passing argument 1 of 'strlen' differ in signedness # 657 | eob = cp1 + strlen(cp1); # | ^~~ # | | # | signed char * /usr/include/string.h:407:35: note: expected 'const char *' but argument is of type 'signed char *' # 407 | extern size_t strlen (const char *__s) # | ~~~~~~~~~~~~^~~ # 655| # 656| cp1 = buffer; # 657|-> eob = cp1 + strlen(cp1); # 658| # 659| skip_whitespace(&cp1, eob - cp1, 0); Error: COMPILER_WARNING (CWE-681): dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:670:13: warning[-Wpointer-sign]: pointer targets in assignment from 'char *' to 'signed char *' differ in signedness # 670 | cp2 = name; # | ^ # 668| # 669| /* get first token: read the name of a possible option */ # 670|-> cp2 = name; # 671| copy_word(&cp2, &cp1, MIN(eob - cp1, CFG_MAX_OPTION), 0); # 672| Error: GCC_ANALYZER_WARNING (CWE-688): dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c: scope_hint: In function 'dotconf_find_wild_card' dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:941:19: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'filename' where non-null expected dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.h:45:44: note: in definition of macro 'DOTCONF_CB' <built-in>: note: argument 1 of '__builtin_strlen' must be non-null # 939| int found_path = 0; # 940| # 941|-> int len = strlen(filename); # 942| # 943| if (wildcard != NULL && len > 0 && path != NULL && pre != NULL Error: CLANG_WARNING: dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:978:43: warning[unix.Malloc]: Use of memory allocated with size zero # 976| (tmp_count - (found_path ? 0 : 1)))); # 977| (*pre)[(prefix_len - # 978|-> (tmp_count - (found_path ? 0 : 1)))] = # 979| '\0'; # 980| Error: CPPCHECK_WARNING (CWE-457): dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:1149: error[legacyUninitvar]: Uninitialized variable: already_matched # 1147| new_pre, ext); # 1148| # 1149|-> if (strcmp(new_path, already_matched) == # 1150| 0) { # 1151| continue; /* Already searched this expression */ Error: CLANG_WARNING: dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:1392:6: warning[unix.Malloc]: Potential leak of memory pointed to by 'wc_path' # 1390| # 1391| if (access(new_path, R_OK)) { # 1392|-> dotconf_warning(cmd->configfile, # 1393| DCLOG_WARNING, # 1394| ERR_INCLUDE_ERROR, Error: CLANG_WARNING: dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:1392:6: warning[unix.Malloc]: Potential leak of memory pointed to by 'wc_pre' # 1390| # 1391| if (access(new_path, R_OK)) { # 1392|-> dotconf_warning(cmd->configfile, # 1393| DCLOG_WARNING, # 1394| ERR_INCLUDE_ERROR, Error: COMPILER_WARNING (CWE-252): dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c: scope_hint: In function 'get_cwd' dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:1436:9: warning[-Wunused-result]: ignoring return value of 'getcwd' declared with attribute 'warn_unused_result' # 1436 | getcwd(buf, CFG_MAX_FILENAME); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 1434| if (buf == NULL) # 1435| return NULL; # 1436|-> getcwd(buf, CFG_MAX_FILENAME); # 1437| return buf; # 1438| } Error: CLANG_WARNING: dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:1522:6: warning[unix.Malloc]: Potential leak of memory pointed to by 'path' # 1520| } # 1521| # 1522|-> if (access(filename, R_OK)) { # 1523| dotconf_warning(cmd->configfile, DCLOG_WARNING, # 1524| ERR_INCLUDE_ERROR, Error: CLANG_WARNING: dotconf-1.4.1-build/dotconf-1.4.1/src/dotconf.c:1522:6: warning[unix.Malloc]: Potential leak of memory pointed to by 'pre' # 1520| } # 1521| # 1522|-> if (access(filename, R_OK)) { # 1523| dotconf_warning(cmd->configfile, DCLOG_WARNING, # 1524| ERR_INCLUDE_ERROR,