Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] openscap-1.4.0-build/openscap-1.4.0/src/OVAL/probes/unix/linux/iflisteners_probe.c: scope_hint: In function ‘iflisteners_probe_main’ openscap-1.4.0-build/openscap-1.4.0/src/OVAL/probes/unix/linux/iflisteners_probe.c:470:16: warning[-Wanalyzer-malloc-leak]: leak of ‘ll.cur’ openscap-1.4.0-build/openscap-1.4.0/src/OVAL/probes/unix/linux/iflisteners_probe.c: scope_hint: In function ‘iflisteners_probe_main’ # 468| SEXP_free(interface_name_ent); # 469| # 470|-> return err; # 471| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def2] openscap-1.4.0-build/openscap-1.4.0/src/XCCDF_POLICY/xccdf_policy_remediate.c: scope_hint: In function ‘_parse_blueprint_fix’ openscap-1.4.0-build/openscap-1.4.0/src/XCCDF_POLICY/xccdf_policy_remediate.c:742:25: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘val’ where non-null expected openscap-1.4.0-build/openscap-1.4.0/src/XCCDF_POLICY/xccdf_policy_remediate.c: scope_hint: In function ‘_parse_blueprint_fix’ <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 740| # 741| char *val = malloc((ovector[3] - ovector[2] + 1) * sizeof(char)); # 742|-> memcpy(val, &fix_text[ovector[2]], ovector[3] - ovector[2]); # 743| val[ovector[3] - ovector[2]] = '\0'; # 744| Error: GCC_ANALYZER_WARNING (CWE-688): [#def3] openscap-1.4.0-build/openscap-1.4.0/src/XCCDF_POLICY/xccdf_policy_remediate.c: scope_hint: In function ‘_parse_ansible_fix’ openscap-1.4.0-build/openscap-1.4.0/src/XCCDF_POLICY/xccdf_policy_remediate.c:809:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘variable_name’ where non-null expected openscap-1.4.0-build/openscap-1.4.0/src/XCCDF_POLICY/xccdf_policy_remediate.c: scope_hint: In function ‘_parse_ansible_fix’ <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 807| // ovector[4] and [5] hold the start and end of the second capture group # 808| char *variable_name = malloc((ovector[3] - ovector[2] + 1) * sizeof(char)); # 809|-> memcpy(variable_name, &fix_text[ovector[2]], ovector[3] - ovector[2]); # 810| variable_name[ovector[3] - ovector[2]] = '\0'; # 811| Error: GCC_ANALYZER_WARNING (CWE-688): [#def4] openscap-1.4.0-build/openscap-1.4.0/src/XCCDF_POLICY/xccdf_policy_remediate.c:813:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘variable_value’ where non-null expected openscap-1.4.0-build/openscap-1.4.0/src/XCCDF_POLICY/xccdf_policy_remediate.c: scope_hint: In function ‘_parse_ansible_fix’ <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 811| # 812| char *variable_value = malloc((ovector[5] - ovector[4] + 1) * sizeof(char)); # 813|-> memcpy(variable_value, &fix_text[ovector[4]], ovector[5] - ovector[4]); # 814| variable_value[ovector[5] - ovector[4]] = '\0'; # 815| Error: GCC_ANALYZER_WARNING (CWE-688): [#def5] openscap-1.4.0-build/openscap-1.4.0/src/XCCDF_POLICY/xccdf_policy_remediate.c:829:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘remediation_part’ where non-null expected openscap-1.4.0-build/openscap-1.4.0/src/XCCDF_POLICY/xccdf_policy_remediate.c: scope_hint: In function ‘_parse_ansible_fix’ <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 827| const int length_between_matches = ovector[0] - start_offset; # 828| char *remediation_part = malloc((length_between_matches + 1) * sizeof(char)); # 829|-> memcpy(remediation_part, &fix_text[start_offset], length_between_matches); # 830| remediation_part[length_between_matches] = '\0'; # 831| oscap_list_add(tasks, remediation_part); Error: GCC_ANALYZER_WARNING (CWE-688): [#def6] openscap-1.4.0-build/openscap-1.4.0/src/XCCDF_POLICY/xccdf_policy_remediate.c:838:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘remediation_part’ where non-null expected openscap-1.4.0-build/openscap-1.4.0/src/XCCDF_POLICY/xccdf_policy_remediate.c: scope_hint: In function ‘_parse_ansible_fix’ <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 836| if (fix_text_len - start_offset > 0) { # 837| char *remediation_part = malloc((fix_text_len - start_offset + 1) * sizeof(char)); # 838|-> memcpy(remediation_part, &fix_text[start_offset], fix_text_len - start_offset); # 839| remediation_part[fix_text_len - start_offset] = '\0'; # 840| oscap_list_add(tasks, remediation_part);
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| diffbase-analyzer-version-cppcheck | 2.14.2 |
| diffbase-analyzer-version-gcc | 14.1.1 |
| diffbase-analyzer-version-gcc-analyzer | 14.1.1 |
| diffbase-analyzer-version-shellcheck | 0.10.0 |
| diffbase-enabled-plugins | cppcheck, gcc, shellcheck |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-63.us-west-2.compute.internal |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | openscap-1.4.0-0.20240801074328123134.main.147.g66b58f11d |
| diffbase-store-results-to | /tmp/tmp73h0hnpd/openscap-1.4.0-0.20240801074328123134.main.147.g66b58f11d.tar.xz |
| diffbase-time-created | 2024-08-07 18:18:23 |
| diffbase-time-finished | 2024-08-07 18:24:42 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,shellcheck,cppcheck' '-o' '/tmp/tmp73h0hnpd/openscap-1.4.0-0.20240801074328123134.main.147.g66b58f11d.tar.xz' '--gcc-analyze' '--cppcheck-add-flag=--check-level=exhaustive' '/tmp/tmp73h0hnpd/openscap-1.4.0-0.20240801074328123134.main.147.g66b58f11d.src.rpm' |
| diffbase-tool-version | csmock-3.6.1-1.el9 |
| enabled-plugins | cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-63.us-west-2.compute.internal |
| mock-config | fedora-rawhide-x86_64 |
| project-name | openscap-1.4.0-0.20240807180817381243.pr2147.149.gd1ec3ed26 |
| store-results-to | /tmp/tmp78wkrjz1/openscap-1.4.0-0.20240807180817381243.pr2147.149.gd1ec3ed26.tar.xz |
| time-created | 2024-08-07 18:25:13 |
| time-finished | 2024-08-07 18:31:06 |
| title | Newly introduced defects |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,shellcheck,cppcheck' '-o' '/tmp/tmp78wkrjz1/openscap-1.4.0-0.20240807180817381243.pr2147.149.gd1ec3ed26.tar.xz' '--gcc-analyze' '--cppcheck-add-flag=--check-level=exhaustive' '/tmp/tmp78wkrjz1/openscap-1.4.0-0.20240807180817381243.pr2147.149.gd1ec3ed26.src.rpm' |
| tool-version | csmock-3.6.1-1.el9 |