Task #39703 - jss-5.6.0-1.20250225182755609117.pr1035.7.g9120a83f/scan-results.err
back to task #39703download
Error: CPPCHECK_WARNING (CWE-401):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/PK11Finder.c:1969: error[memleak]: Memory leak: derCert
# 1967|
# 1968| if (cert == NULL) {
# 1969|-> return NULL;
# 1970| }
# 1971|
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/PK11Finder.c: scope_hint: In function ‘Java_org_mozilla_jss_CryptoManager_importDERCertNative’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/PK11Finder.c:1976:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘derCert’
cc1: note: unrecognized command-line option ‘-Wno-unknown-warning-option’ may have been intended to silence earlier diagnostics
# 1974| }
# 1975|
# 1976|-> derCert->type = siDERCertBuffer;
# 1977| if (!JSS_RefByteArray(env, cert, (signed char **)&derCert->data, &derCertLen)) {
# 1978| return NULL;
Error: CPPCHECK_WARNING (CWE-401):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/PK11Finder.c:1978: error[memleak]: Memory leak: derCert
# 1976| derCert->type = siDERCertBuffer;
# 1977| if (!JSS_RefByteArray(env, cert, (signed char **)&derCert->data, &derCertLen)) {
# 1978|-> return NULL;
# 1979| }
# 1980|
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/JSSOAEPParameterSpec.c:105: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: oaep_params
# 103|
# 104| oaep_params = calloc(1, sizeof(CK_RSA_PKCS_OAEP_PARAMS));
# 105|-> oaep_params->hashAlg = hashAlg;
# 106| oaep_params->mgf = mgf;
# 107| oaep_params->source = source;
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/JSSOAEPParameterSpec.c: scope_hint: In function ‘Java_org_mozilla_jss_crypto_JSSOAEPParameterSpec_acquireNativeResources’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/JSSOAEPParameterSpec.c:105:26: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘oaep_params’
cc1: note: unrecognized command-line option ‘-Wno-unknown-warning-option’ may have been intended to silence earlier diagnostics
# 103|
# 104| oaep_params = calloc(1, sizeof(CK_RSA_PKCS_OAEP_PARAMS));
# 105|-> oaep_params->hashAlg = hashAlg;
# 106| oaep_params->mgf = mgf;
# 107| oaep_params->source = source;
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/JSSOAEPParameterSpec.c:106: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: oaep_params
# 104| oaep_params = calloc(1, sizeof(CK_RSA_PKCS_OAEP_PARAMS));
# 105| oaep_params->hashAlg = hashAlg;
# 106|-> oaep_params->mgf = mgf;
# 107| oaep_params->source = source;
# 108| oaep_params->pSourceData = pSourceData;
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/JSSOAEPParameterSpec.c:107: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: oaep_params
# 105| oaep_params->hashAlg = hashAlg;
# 106| oaep_params->mgf = mgf;
# 107|-> oaep_params->source = source;
# 108| oaep_params->pSourceData = pSourceData;
# 109| oaep_params->ulSourceDataLen = ulSourceDataLen;
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/JSSOAEPParameterSpec.c:108: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: oaep_params
# 106| oaep_params->mgf = mgf;
# 107| oaep_params->source = source;
# 108|-> oaep_params->pSourceData = pSourceData;
# 109| oaep_params->ulSourceDataLen = ulSourceDataLen;
# 110|
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/JSSOAEPParameterSpec.c:109: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: oaep_params
# 107| oaep_params->source = source;
# 108| oaep_params->pSourceData = pSourceData;
# 109|-> oaep_params->ulSourceDataLen = ulSourceDataLen;
# 110|
# 111| params_obj = JSS_PR_wrapStaticVoidPointer(env, (void **)&oaep_params);
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c: scope_hint: In function ‘kbkdf_WrapDataParam’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:85:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘param’
# 83| }
# 84|
# 85|-> param->type = (CK_PRF_DATA_TYPE)((*env)->GetLongField(env, this, field_id));
# 86| param->pValue = ptr;
# 87| param->ulValueLen = ptr_length;
Error: GCC_ANALYZER_WARNING (CWE-688):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:101:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘param’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 99|
# 100| failure:
# 101|-> memset(param, 0, param_length);
# 102| free(param);
# 103|
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c: scope_hint: In function ‘Java_org_mozilla_jss_crypto_KBKDFDerivedKey_acquireNativeResourcesInternal’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:515:23: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘attrs’
# 513| }
# 514|
# 515|-> attrs[offset] = *attr;
# 516| }
# 517|
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c: scope_hint: In function ‘kbkdf_GetDataParameters’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:701:32: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘data_params’
# 699| PR_ASSERT(this_param_size == sizeof(CK_PRF_DATA_PARAM));
# 700|
# 701|-> (*data_params)[offset] = *this_param;
# 702| }
# 703|
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c: scope_hint: In function ‘kbkdf_GetAdditionalDerivedKeys’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:749:36: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘additional_keys’
# 747| PR_ASSERT(this_key_size == sizeof(CK_DERIVED_KEY));
# 748|
# 749|-> (*additional_keys)[offset] = *this_key;
# 750| }
# 751|
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:819: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: kdf_params
# 817| kdf_params = calloc(1, sizeof(CK_SP800_108_KDF_PARAMS));
# 818|
# 819|-> kdf_params->prfType = prf_type;
# 820| kdf_params->ulNumberOfDataParams = num_data_params;
# 821| kdf_params->pDataParams = data_params;
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c: scope_hint: In function ‘Java_org_mozilla_jss_crypto_KBKDFCounterParams_acquireNativeResourcesInternal’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:819:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘kdf_params’
# 817| kdf_params = calloc(1, sizeof(CK_SP800_108_KDF_PARAMS));
# 818|
# 819|-> kdf_params->prfType = prf_type;
# 820| kdf_params->ulNumberOfDataParams = num_data_params;
# 821| kdf_params->pDataParams = data_params;
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:820: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: kdf_params
# 818|
# 819| kdf_params->prfType = prf_type;
# 820|-> kdf_params->ulNumberOfDataParams = num_data_params;
# 821| kdf_params->pDataParams = data_params;
# 822| kdf_params->ulAdditionalDerivedKeys = num_additional_keys;
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:821: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: kdf_params
# 819| kdf_params->prfType = prf_type;
# 820| kdf_params->ulNumberOfDataParams = num_data_params;
# 821|-> kdf_params->pDataParams = data_params;
# 822| kdf_params->ulAdditionalDerivedKeys = num_additional_keys;
# 823| kdf_params->pAdditionalDerivedKeys = additional_keys;
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:822: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: kdf_params
# 820| kdf_params->ulNumberOfDataParams = num_data_params;
# 821| kdf_params->pDataParams = data_params;
# 822|-> kdf_params->ulAdditionalDerivedKeys = num_additional_keys;
# 823| kdf_params->pAdditionalDerivedKeys = additional_keys;
# 824|
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:823: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: kdf_params
# 821| kdf_params->pDataParams = data_params;
# 822| kdf_params->ulAdditionalDerivedKeys = num_additional_keys;
# 823|-> kdf_params->pAdditionalDerivedKeys = additional_keys;
# 824|
# 825| /* Place it back into this NativeEnclosure. */
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:934: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: kdf_params
# 932| kdf_params = calloc(1, sizeof(CK_SP800_108_FEEDBACK_KDF_PARAMS));
# 933|
# 934|-> kdf_params->prfType = prf_type;
# 935| kdf_params->ulNumberOfDataParams = num_data_params;
# 936| kdf_params->pDataParams = data_params;
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c: scope_hint: In function ‘Java_org_mozilla_jss_crypto_KBKDFFeedbackParams_acquireNativeResourcesInternal’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:934:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘kdf_params’
cc1: note: unrecognized command-line option ‘-Wno-unknown-warning-option’ may have been intended to silence earlier diagnostics
# 932| kdf_params = calloc(1, sizeof(CK_SP800_108_FEEDBACK_KDF_PARAMS));
# 933|
# 934|-> kdf_params->prfType = prf_type;
# 935| kdf_params->ulNumberOfDataParams = num_data_params;
# 936| kdf_params->pDataParams = data_params;
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:935: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: kdf_params
# 933|
# 934| kdf_params->prfType = prf_type;
# 935|-> kdf_params->ulNumberOfDataParams = num_data_params;
# 936| kdf_params->pDataParams = data_params;
# 937| kdf_params->ulAdditionalDerivedKeys = num_additional_keys;
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:936: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: kdf_params
# 934| kdf_params->prfType = prf_type;
# 935| kdf_params->ulNumberOfDataParams = num_data_params;
# 936|-> kdf_params->pDataParams = data_params;
# 937| kdf_params->ulAdditionalDerivedKeys = num_additional_keys;
# 938| kdf_params->pAdditionalDerivedKeys = additional_keys;
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:937: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: kdf_params
# 935| kdf_params->ulNumberOfDataParams = num_data_params;
# 936| kdf_params->pDataParams = data_params;
# 937|-> kdf_params->ulAdditionalDerivedKeys = num_additional_keys;
# 938| kdf_params->pAdditionalDerivedKeys = additional_keys;
# 939| kdf_params->ulIVLen = initial_value_length;
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:938: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: kdf_params
# 936| kdf_params->pDataParams = data_params;
# 937| kdf_params->ulAdditionalDerivedKeys = num_additional_keys;
# 938|-> kdf_params->pAdditionalDerivedKeys = additional_keys;
# 939| kdf_params->ulIVLen = initial_value_length;
# 940| kdf_params->pIV = initial_value;
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:939: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: kdf_params
# 937| kdf_params->ulAdditionalDerivedKeys = num_additional_keys;
# 938| kdf_params->pAdditionalDerivedKeys = additional_keys;
# 939|-> kdf_params->ulIVLen = initial_value_length;
# 940| kdf_params->pIV = initial_value;
# 941|
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/crypto/KBKDF.c:940: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: kdf_params
# 938| kdf_params->pAdditionalDerivedKeys = additional_keys;
# 939| kdf_params->ulIVLen = initial_value_length;
# 940|-> kdf_params->pIV = initial_value;
# 941|
# 942| /* Place it back into this NativeEnclosure. */
Error: CPPCHECK_WARNING (CWE-682):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/nss/PR.c:177: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
# 175| * read than expected, when it could read much more. */
# 176| while (read_amount < amount) {
# 177|-> this_read = PR_Read(real_fd, buffer + read_amount, amount - read_amount);
# 178| if (this_read <= 0) {
# 179| if (PR_GetError() == 0) {
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/PK11Cert.c: scope_hint: In function ‘JSS_PK11_findCertAndSlotFromNickname’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/PK11Cert.c:307:16: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘colon’
/usr/include/nss3/seccomon.h:27: included_from: Included from here.
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/PK11Cert.c:9: included_from: Included from here.
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/PK11Cert.c:304:9: note: in expansion of macro ‘PORT_Strchr’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/PK11Cert.c:304:9: note: in expansion of macro ‘PORT_Strchr’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/PK11Cert.c:306:23: note: in expansion of macro ‘PORT_Strchr’
# 305| char* tokenname = PORT_Strdup(nickname);
# 306| char* colon = PORT_Strchr(tokenname, ':');
# 307|-> *colon = '\0';
# 308| *ppSlot = findSlotByTokenNameAndCert(tokenname, cert);
# 309| PORT_Free(tokenname);
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/PK11Cert.c: scope_hint: In function ‘JSS_PK11_findCertsAndSlotFromNickname’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/PK11Cert.c:347:16: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘colon’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/PK11Cert.c:343:9: note: in expansion of macro ‘PORT_Strchr’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/PK11Cert.c:343:9: note: in expansion of macro ‘PORT_Strchr’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/PK11Cert.c:345:23: note: in expansion of macro ‘PORT_Strchr’
cc1: note: unrecognized command-line option ‘-Wno-unknown-warning-option’ may have been intended to silence earlier diagnostics
# 345| char* colon = PORT_Strchr(tokenname, ':');
# 346| CERTCertListNode *head = CERT_LIST_HEAD(certList);
# 347|-> *colon = '\0';
# 348| *ppSlot = findSlotByTokenNameAndCert(tokenname, head->cert);
# 349| PORT_Free(tokenname);
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/attrs/CKAttribute.c: scope_hint: In function ‘JSS_PK11_WrapAttribute’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/attrs/CKAttribute.c:36:16: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘attr’
# 34| }
# 35|
# 36|-> attr->type = (CK_ULONG)((*env)->GetLongField(env, this, field_id));
# 37| attr->pValue = ptr;
# 38| attr->ulValueLen = ptr_length;
Error: GCC_ANALYZER_WARNING (CWE-401):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/attrs/CKAttribute.c: scope_hint: In function ‘Java_org_mozilla_jss_pkcs11_attrs_CKAKeyType_acquireNativeResources’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/attrs/CKAttribute.c:49:12: warning[-Wanalyzer-malloc-leak]: leak of ‘ptr’
# 47| }
# 48|
# 49|-> return PR_SUCCESS;
# 50|
# 51| failure:
Error: GCC_ANALYZER_WARNING (CWE-688):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/attrs/CKAttribute.c: scope_hint: In function ‘JSS_PK11_WrapAttribute’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/attrs/CKAttribute.c:52:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘attr’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 50|
# 51| failure:
# 52|-> memset(attr, 0, sizeof(CK_ATTRIBUTE));
# 53| free(attr);
# 54| return PR_FAILURE;
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/attrs/CKAttribute.c: scope_hint: In function ‘Java_org_mozilla_jss_pkcs11_attrs_CKAClass_acquireNativeResources’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/attrs/CKAttribute.c:104:10: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ptr’
# 102| }
# 103|
# 104|-> *ptr = (CK_ULONG)((*env)->GetLongField(env, this, field_id));
# 105|
# 106| if (JSS_PK11_WrapAttribute(env, this, (void *)ptr, sizeof(*ptr)) == PR_FAILURE) {
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/attrs/CKAttribute.c: scope_hint: In function ‘Java_org_mozilla_jss_pkcs11_attrs_CKAKeyType_acquireNativeResources’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/attrs/CKAttribute.c:162:10: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ptr’
# 160| }
# 161|
# 162|-> *ptr = (CK_ULONG)((*env)->GetLongField(env, this, field_id));
# 163|
# 164| JSS_PK11_WrapAttribute(env, this, (void *)ptr, sizeof(*ptr));
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/attrs/CKAttribute.c: scope_hint: In function ‘Java_org_mozilla_jss_pkcs11_attrs_CKAValueLen_acquireNativeResources’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/pkcs11/attrs/CKAttribute.c:241:10: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ptr’
cc1: note: unrecognized command-line option ‘-Wno-unknown-warning-option’ may have been intended to silence earlier diagnostics
# 239| }
# 240|
# 241|-> *ptr = (CK_ULONG)((*env)->GetLongField(env, this, field_id));
# 242|
# 243| if (JSS_PK11_WrapAttribute(env, this, (void *)ptr, sizeof(*ptr)) == PR_FAILURE) {
Error: GCC_ANALYZER_WARNING (CWE-688):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/ssl/javax/BufferPRFD.c: scope_hint: In function ‘newBufferPRFileDesc’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/ssl/javax/BufferPRFD.c:348:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘calloc(16, 1)’ where non-null expected
/usr/include/nspr4/nspr.h:26: included_from: Included from here.
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/ssl/javax/BufferPRFD.c:1: included_from: Included from here.
/usr/include/nspr4/prmem.h:65:38: note: in expansion of macro ‘PR_MALLOC’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/ssl/javax/BufferPRFD.c:339:22: note: in expansion of macro ‘PR_NEW’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
cc1: note: unrecognized command-line option ‘-Wno-unknown-warning-option’ may have been intended to silence earlier diagnostics
# 346|
# 347| fd->secret->peer_addr = calloc(16, sizeof(uint8_t));
# 348|-> memcpy(fd->secret->peer_addr, peer_info, len);
# 349| }
# 350|
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/ssl/javax/j_buffer.c:9: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: buf
# 7| j_buffer *jb_alloc(size_t length) {
# 8| j_buffer *buf = calloc(1, sizeof(j_buffer));
# 9|-> buf->contents = calloc(length, sizeof(uint8_t));
# 10|
# 11| buf->capacity = length;
Error: GCC_ANALYZER_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/ssl/javax/j_buffer.c: scope_hint: In function ‘jb_alloc’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/ssl/javax/j_buffer.c:9:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buf’
cc1: note: unrecognized command-line option ‘-Wno-unknown-warning-option’ may have been intended to silence earlier diagnostics
# 7| j_buffer *jb_alloc(size_t length) {
# 8| j_buffer *buf = calloc(1, sizeof(j_buffer));
# 9|-> buf->contents = calloc(length, sizeof(uint8_t));
# 10|
# 11| buf->capacity = length;
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/ssl/javax/j_buffer.c:11: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: buf
# 9| buf->contents = calloc(length, sizeof(uint8_t));
# 10|
# 11|-> buf->capacity = length;
# 12|
# 13| // In the beginning, we can only write, not read. Hence, set our read_pos
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/ssl/javax/j_buffer.c:15: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: buf
# 13| // In the beginning, we can only write, not read. Hence, set our read_pos
# 14| // to the sentinel value, buf->capacity.
# 15|-> buf->write_pos = 0;
# 16| buf->read_pos = length;
# 17|
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/ssl/javax/j_buffer.c:16: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: buf
# 14| // to the sentinel value, buf->capacity.
# 15| buf->write_pos = 0;
# 16|-> buf->read_pos = length;
# 17|
# 18| return buf;
Error: GCC_ANALYZER_WARNING (CWE-688):
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/util/jssutil.c: scope_hint: In function ‘JSS_FromByteArray’
jss-5.6.0-build/jss-5.6.0/native/src/main/native/org/mozilla/jss/util/jssutil.c:709:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*data’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
cc1: note: unrecognized command-line option ‘-Wno-unknown-warning-option’ may have been intended to silence earlier diagnostics
# 707| * a structure one larger to guarantee C functions work as expected. */
# 708| *data = calloc(array_length + 1, sizeof(uint8_t));
# 709|-> memcpy(*data, array_data, array_length);
# 710|
# 711| // Copy length, if specified
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/test/native/org/mozilla/jss/tests/TestBufferPRFDSSL.c:361: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: buf
# 359| char *server_message = "like a pound of bacon";
# 360|
# 361|-> memcpy(buf, client_message, strlen(client_message));
# 362| PRInt32 ret = PR_Write(c_nspr, buf, strlen(buf));
# 363| if (ret < 0) {
Error: GCC_ANALYZER_WARNING (CWE-688):
jss-5.6.0-build/jss-5.6.0/native/src/test/native/org/mozilla/jss/tests/TestBufferPRFDSSL.c: scope_hint: In function ‘main’
jss-5.6.0-build/jss-5.6.0/native/src/test/native/org/mozilla/jss/tests/TestBufferPRFDSSL.c:361:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘buf’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
cc1: note: unrecognized command-line option ‘-Wno-unknown-warning-option’ may have been intended to silence earlier diagnostics
# 359| char *server_message = "like a pound of bacon";
# 360|
# 361|-> memcpy(buf, client_message, strlen(client_message));
# 362| PRInt32 ret = PR_Write(c_nspr, buf, strlen(buf));
# 363| if (ret < 0) {
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/native/src/test/native/org/mozilla/jss/tests/TestBufferPRFDSSL.c:362: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: buf
# 360|
# 361| memcpy(buf, client_message, strlen(client_message));
# 362|-> PRInt32 ret = PR_Write(c_nspr, buf, strlen(buf));
# 363| if (ret < 0) {
# 364| const PRErrorCode err = PR_GetError();
Error: COMPILER_WARNING (CWE-674):
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SessionKey.cpp: scope_hint: In function ‘JSS_PK11_wrapSymKey(JNIEnv_*, PK11SymKeyStr**)’
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SessionKey.cpp:120:1: warning[-Winfinite-recursion]: infinite recursion detected
# 120 | JSS_PK11_wrapSymKey(JNIEnv *env, PK11SymKey **symKey)
# | ^~~~~~~~~~~~~~~~~~~
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SessionKey.cpp:124:31: note: recursive call
# 124 | return JSS_PK11_wrapSymKey(env, symKey);
# | ~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~
# 118| */
# 119| jobject
# 120|-> JSS_PK11_wrapSymKey(JNIEnv *env, PK11SymKey **symKey)
# 121| {
# 122| // return JSS_PK11_wrapSymKey(env, symKey, NULL);
Error: COMPILER_WARNING:
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SessionKey.cpp: scope_hint: In function ‘Java_org_mozilla_jss_symkey_SessionKey_ComputeSessionKeySCP02’
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SessionKey.cpp:857:16: warning[-Wstringop-truncation]: ‘strncpy’ specified bound 135 equals destination size
# 857 | strncpy(keyname,keyNameChars,KEYNAMELENGTH);
# | ^
# 855| {
# 856| keyNameChars = (char *)(env)->GetStringUTFChars(keyName, NULL);
# 857|-> strncpy(keyname,keyNameChars,KEYNAMELENGTH);
# 858| (env)->ReleaseStringUTFChars(keyName, (const char *)keyNameChars);
# 859| }else
Error: COMPILER_WARNING:
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SessionKey.cpp: scope_hint: In function ‘Java_org_mozilla_jss_symkey_SessionKey_ComputeSessionKey’
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SessionKey.cpp:1317:16: warning[-Wstringop-truncation]: ‘strncpy’ specified bound 135 equals destination size
# 1317 | strncpy(keyname,keyNameChars,KEYNAMELENGTH);
# | ^
# 1315| {
# 1316| keyNameChars = (char *)(env)->GetStringUTFChars(keyName, NULL);
# 1317|-> strncpy(keyname,keyNameChars,KEYNAMELENGTH);
# 1318| (env)->ReleaseStringUTFChars(keyName, (const char *)keyNameChars);
# 1319| }else
Error: COMPILER_WARNING:
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SessionKey.cpp: scope_hint: In function ‘Java_org_mozilla_jss_symkey_SessionKey_ComputeEncSessionKey’
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SessionKey.cpp:1718:16: warning[-Wstringop-truncation]: ‘strncpy’ specified bound 135 equals destination size
# 1718 | strncpy(keyname,keyNameChars,KEYNAMELENGTH);
# | ^
# 1716| {
# 1717| keyNameChars = (char *)(env)->GetStringUTFChars(keyName, NULL);
# 1718|-> strncpy(keyname,keyNameChars,KEYNAMELENGTH);
# 1719| (env)->ReleaseStringUTFChars(keyName, (const char *)keyNameChars);
# 1720| }
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SymKey.cpp:313: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: result
# 311| char *result= (char *)malloc(1);
# 312|
# 313|-> result[0] = '\0';
# 314| if( tokenNameChars == NULL || keyNameChars==NULL)
# 315| {
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SymKey.cpp:401: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: result
# 399|
# 400| result = (char *) malloc(1);
# 401|-> result[0] = '\0';
# 402|
# 403| if (tokenName) {
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SymKey.cpp:433: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: result
# 431| temp = result;
# 432| result = (char*)malloc( strlen(name) + strlen(temp) + 2 );
# 433|-> result[0]='\0';
# 434| strcat(result, temp);
# 435| strcat(result, ",");
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SymKey.cpp:434: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: result
# 432| result = (char*)malloc( strlen(name) + strlen(temp) + 2 );
# 433| result[0]='\0';
# 434|-> strcat(result, temp);
# 435| strcat(result, ",");
# 436| strcat(result, name);
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SymKey.cpp:435: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: result
# 433| result[0]='\0';
# 434| strcat(result, temp);
# 435|-> strcat(result, ",");
# 436| strcat(result, name);
# 437| free(temp);
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SymKey.cpp:436: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: result
# 434| strcat(result, temp);
# 435| strcat(result, ",");
# 436|-> strcat(result, name);
# 437| free(temp);
# 438|
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SymKey.cpp:553: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: keyData
# 551| for (i = 0;i < keysize; i++)
# 552| {
# 553|-> keyData[i] = 0x0;
# 554| }
# 555|
Error: COMPILER_WARNING:
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SymKey.cpp: scope_hint: In function ‘GetSharedSecretKeyName(char*)’
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SymKey.cpp:1087:19: warning[-Wstringop-truncation]: ‘strncpy’ specified bound 135 equals destination size
# 1087 | strncpy( sharedSecretSymKeyName, newKeyName, KEYNAMELENGTH);
# | ^
# 1085| if ( newKeyName && strlen( newKeyName ) > 0 ) {
# 1086| if( strlen( sharedSecretSymKeyName) == 0) {
# 1087|-> strncpy( sharedSecretSymKeyName, newKeyName, KEYNAMELENGTH);
# 1088| }
# 1089| }
Error: COMPILER_WARNING (CWE-697):
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SymKey.cpp: scope_hint: In function ‘_jbyteArray* Java_org_mozilla_jss_symkey_SessionKey_DiversifyKey(JNIEnv*, jclass, jstring, jstring, jstring, jstring, jbyteArray, jbyteArray, jbyte, jboolean, jbyteArray, jbyteArray, jbyteArray, jstring, jstring, jbyte)’
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SymKey.cpp:1457:30: warning[-Waddress]: the address of ‘fullNewMasterKeyName’ will never be NULL
# 1457 | if (fullNewMasterKeyName != NULL && strcmp(fullNewMasterKeyName, "#01#01") == 0)
# | ^
jss-5.6.0-build/jss-5.6.0/symkey/src/main/native/org/mozilla/jss/symkey/SymKey.cpp:1133:10: note: ‘fullNewMasterKeyName’ declared here
# 1133 | char fullNewMasterKeyName[KEYNAMELENGTH];
# | ^~~~~~~~~~~~~~~~~~~~
# 1455|
# 1456| /* special case #01#01 */
# 1457|-> if (fullNewMasterKeyName != NULL && strcmp(fullNewMasterKeyName, "#01#01") == 0)
# 1458| {
# 1459| Buffer empty = Buffer();
Error: COMPILER_WARNING (CWE-563):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/p7tool.c: scope_hint: In function ‘DecodeAndPrintFile’
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/p7tool.c:261:17: warning[-Wunused-but-set-variable]: variable ‘nb’ set but not used
# 261 | int nb = 0;
# | ^~
# 259| FILE *outFile;
# 260| char filename[256];
# 261|-> int nb = 0;
# 262|
# 263| sprintf(filename, "%s%d.der", prefix, i);
Error: COMPILER_WARNING (CWE-704):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/p7tool.c: scope_hint: In function ‘main’
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/p7tool.c:341:16: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
# 339|
# 340| case 'p':
# 341|-> prefix = optstate->value;
# 342| break;
# 343|
Error: COMPILER_WARNING (CWE-252):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secpwd.c: scope_hint: In function ‘SEC_GetPassword’
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secpwd.c:69:21: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’
# 69 | #define QUIET_FGETS fgets
# | ^
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secpwd.c:117:9: note: in expansion of macro ‘QUIET_FGETS’
# 117 | QUIET_FGETS ( phrase, sizeof(phrase), input);
# | ^~~~~~~~~~~
# 67| static char * quiet_fgets (char *buf, int length, FILE *input);
# 68| #else
# 69|-> #define QUIET_FGETS fgets
# 70| #endif
# 71|
Error: COMPILER_WARNING (CWE-563):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secutil.c: scope_hint: In function ‘SECU_ChangePW’
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secutil.c:378:15: warning[-Wunused-but-set-variable]: variable ‘rv’ set but not used
# 378 | SECStatus rv;
# | ^~
# 376| SECU_ChangePW(PK11SlotInfo *slot, char *passwd, char *pwFile)
# 377| {
# 378|-> SECStatus rv;
# 379| secuPWData pwdata, newpwdata;
# 380| char *oldpw = NULL, *newpw = NULL;
Error: COMPILER_WARNING (CWE-477):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secutil.c: scope_hint: In function ‘printflags’
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secutil.c:2153:5: warning[-Wdeprecated-declarations]: ‘__CERTDB_VALID_PEER’ is deprecated: CERTDB_VALID_PEER is now CERTDB_TERMINAL_RECORD
# 2151| !(flags & CERTDB_TRUSTED_CLIENT_CA))
# 2152| PORT_Strcat(trusts, "c");
# 2153|-> if (flags & CERTDB_VALID_PEER)
# 2154| if (!(flags & CERTDB_TRUSTED))
# 2155| PORT_Strcat(trusts, "p");
Error: COMPILER_WARNING (CWE-477):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secutil.c: scope_hint: In function ‘printFlags’
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secutil.c:2953:5: warning[-Wdeprecated-declarations]: ‘__CERTDB_VALID_PEER’ is deprecated: CERTDB_VALID_PEER is now CERTDB_TERMINAL_RECORD
# 2951| printFlags(FILE *out, unsigned int flags, int level)
# 2952| {
# 2953|-> if ( flags & CERTDB_VALID_PEER ) {
# 2954| SECU_Indent(out, level); fprintf(out, "Valid Peer\n");
# 2955| }
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secutil.c:3041: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: optstring
# 3039|
# 3040| for (i=0; i<cmd->numCommands; i++) {
# 3041|-> optstring[j++] = cmd->commands[i].flag;
# 3042| }
# 3043| for (i=0; i<cmd->numOptions; i++) {
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secutil.c:3044: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: optstring
# 3042| }
# 3043| for (i=0; i<cmd->numOptions; i++) {
# 3044|-> optstring[j++] = cmd->options[i].flag;
# 3045| if (cmd->options[i].needsArg)
# 3046| optstring[j++] = ':';
Error: CPPCHECK_WARNING (CWE-476):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secutil.c:3048: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: optstring
# 3046| optstring[j++] = ':';
# 3047| }
# 3048|-> optstring[j] = '\0';
# 3049| optstate = PL_CreateOptState(argc, argv, optstring);
# 3050|
Error: COMPILER_WARNING (CWE-704):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secutil.c: scope_hint: In function ‘SECU_printCertProblems’
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secutil.c:3291:25: warning[-Wpointer-to-int-cast]: cast from pointer to integer of different size
# 3289| switch (node->error) {
# 3290| case SEC_ERROR_INADEQUATE_KEY_USAGE:
# 3291|-> flags = (unsigned int)node->arg;
# 3292| switch (flags) {
# 3293| case KU_DIGITAL_SIGNATURE:
Error: COMPILER_WARNING (CWE-704):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/p7tool/secutil.c:3307:25: warning[-Wpointer-to-int-cast]: cast from pointer to integer of different size
# 3305| }
# 3306| case SEC_ERROR_INADEQUATE_CERT_TYPE:
# 3307|-> flags = (unsigned int)node->arg;
# 3308| switch (flags) {
# 3309| case NS_CERT_TYPE_SSL_CLIENT:
Error: COMPILER_WARNING (CWE-704):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/sslget/sslget.c: scope_hint: In function ‘my_GetClientAuthData’
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/sslget/sslget.c:218:59: warning[-Wpointer-to-int-cast]: cast from pointer to integer of different size
# 216| if (chosenNickName) {
# 217| cert = PK11_FindCertFromNickname(chosenNickName, proto_win);
# 218|-> FPRINTF(stderr," mygetclientauthdata - cert = %x\n",(unsigned int)cert);
# 219| if ( cert ) {
# 220| privkey = PK11_FindKeyByAnyCert(cert, proto_win);
Error: COMPILER_WARNING (CWE-704):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/sslget/sslget.c:221:64: warning[-Wpointer-to-int-cast]: cast from pointer to integer of different size
# 219| if ( cert ) {
# 220| privkey = PK11_FindKeyByAnyCert(cert, proto_win);
# 221|-> FPRINTF(stderr," mygetclientauthdata - privkey = %x\n",(unsigned int)privkey);
# 222| if ( privkey ) {
# 223| rv = SECSuccess;
Error: COMPILER_WARNING (CWE-563):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/sslget/sslget.c: scope_hint: In function ‘do_connect’
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/sslget/sslget.c:485:25: warning[-Wunused-but-set-variable]: variable ‘result’ set but not used
# 485 | SECStatus result;
# | ^~~~~~
# 483| PRFileDesc * tcp_sock;
# 484| PRStatus prStatus;
# 485|-> SECStatus result;
# 486| int rv = SECSuccess;
# 487| PRSocketOptionData opt;
Error: COMPILER_WARNING (CWE-1164):
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/sslget/sslget.c: scope_hint: At top level
jss-5.6.0-build/jss-5.6.0/tools/src/main/native/sslget/sslget.c:548:1: warning[-Wunused-function]: ‘getIPAddress’ defined but not used
# 548 | getIPAddress(const char * hostName)
# | ^~~~~~~~~~~~
# 546| */
# 547| static PRUint32
# 548|-> getIPAddress(const char * hostName)
# 549| {
# 550| const unsigned char *p;