Task #47827 - libxcrypt-4.4.38-6.fc43/scan-results.err
back to task #47827download
Error: GCC_ANALYZER_WARNING (CWE-457):
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.c: scope_hint: In function 'SHA256_Transform'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.c:94:14: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '*<unknown>'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.c:83:36: note: in definition of macro 'RND'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.c:121:17: note: in expansion of macro 'RNDr'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.c:28: included_from: Included from here.
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.h:47:25: note: in expansion of macro 'libcperciva_HMAC_SHA256_Buf'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.c:465:1: note: in expansion of macro 'HMAC_SHA256_Buf'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.h:39:21: note: in expansion of macro 'libcperciva_SHA256_Init'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.c:356:17: note: in expansion of macro 'SHA256_Init'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.c: scope_hint: In function 'SHA256_Transform'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.c:34: included_from: Included from here.
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.c:112:9: note: in expansion of macro 'be32dec_vect'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:129:3: note: in definition of macro 'VECTOR_TO_CPU_'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:144:1: note: in expansion of macro 'VECTOR_TO_CPU'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:126:34: note: in expansion of macro 'VECTOR_TO_CPU_'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:144:1: note: in expansion of macro 'VECTOR_TO_CPU'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:133:16: note: in definition of macro 'VECTOR_TO_CPU_'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:144:1: note: in expansion of macro 'VECTOR_TO_CPU'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h: scope_hint: In function 'SHA256_Transform'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:126:34: note: in expansion of macro 'VECTOR_TO_CPU_'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:144:1: note: in expansion of macro 'VECTOR_TO_CPU'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:126:34: note: in expansion of macro 'VECTOR_TO_CPU_'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:144:1: note: in expansion of macro 'VECTOR_TO_CPU'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.c:112:9: note: in expansion of macro 'be32dec_vect'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.c:83:36: note: in definition of macro 'RND'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha256.c:121:17: note: in expansion of macro 'RNDr'
# 92| S[(68 - i) % 8], S[(69 - i) % 8], \
# 93| S[(70 - i) % 8], S[(71 - i) % 8], \
# 94|-> W[i + ii] + Krnd[i + ii])
# 95|
# 96| /* Message schedule computation */
Error: GCC_ANALYZER_WARNING (CWE-457):
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.c: scope_hint: In function 'SHA512_Transform'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.c:107:14: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'W[<unknown>]'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.c:96:36: note: in definition of macro 'RND'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.c:134:17: note: in expansion of macro 'RNDr'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.c:29: included_from: Included from here.
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.h:40:20: note: in expansion of macro 'libcperciva_SHA512_Buf'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.c:301:1: note: in expansion of macro 'SHA512_Buf'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.h:38:23: note: in expansion of macro 'libcperciva_SHA512_Update'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.c:307:9: note: in expansion of macro 'SHA512_Update'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.h:38:23: note: in expansion of macro 'libcperciva_SHA512_Update'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.c:236:1: note: in expansion of macro 'SHA512_Update'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.c:34: included_from: Included from here.
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.c:125:9: note: in expansion of macro 'be64dec_vect'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:129:3: note: in definition of macro 'VECTOR_TO_CPU_'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:145:1: note: in expansion of macro 'VECTOR_TO_CPU'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:126:34: note: in expansion of macro 'VECTOR_TO_CPU_'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:145:1: note: in expansion of macro 'VECTOR_TO_CPU'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:133:16: note: in definition of macro 'VECTOR_TO_CPU_'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:145:1: note: in expansion of macro 'VECTOR_TO_CPU'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:126:34: note: in expansion of macro 'VECTOR_TO_CPU_'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:145:1: note: in expansion of macro 'VECTOR_TO_CPU'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:126:34: note: in expansion of macro 'VECTOR_TO_CPU_'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/byteorder.h:145:1: note: in expansion of macro 'VECTOR_TO_CPU'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.c:125:9: note: in expansion of macro 'be64dec_vect'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.c:96:36: note: in definition of macro 'RND'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-sha512.c:134:17: note: in expansion of macro 'RNDr'
# 105| S[(84 - i) % 8], S[(85 - i) % 8], \
# 106| S[(86 - i) % 8], S[(87 - i) % 8], \
# 107|-> W[i + ii] + K[i + ii])
# 108|
# 109| /* Message schedule computation */
Error: GCC_ANALYZER_WARNING (CWE-476):
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-yescrypt-opt.c: scope_hint: In function 'yescrypt_kdf_body'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-yescrypt-opt.c:1320:17: warning[-Wanalyzer-null-dereference]: dereference of NULL 'B'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-yescrypt-opt.c:31: included_from: Included from here.
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-yescrypt-opt.c:1445:5: note: in expansion of macro 'yescrypt_init_shared'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-yescrypt-opt.c: scope_hint: In function 'yescrypt_kdf_body'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-yescrypt-opt.c:1474:21: note: in expansion of macro 'yescrypt_kdf'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-yescrypt-opt.c:1395:5: note: in expansion of macro 'yescrypt_kdf'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/alg-yescrypt-opt.c: scope_hint: In function 'yescrypt_kdf_body'
# 1318|
# 1319| if (flags)
# 1320|-> memcpy(sha256, B, sizeof(sha256));
# 1321|
# 1322| if (p == 1 || (flags & YESCRYPT_RW)) {
Error: GCC_ANALYZER_WARNING (CWE-787):
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/crypt-bcrypt.c: scope_hint: In function 'BF_crypt'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/crypt-bcrypt.c:732:24: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/crypt-port.h:322: included_from: Included from here.
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/crypt-bcrypt.c:46: included_from: Included from here.
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/crypt-bcrypt.c:1046:1: note: in expansion of macro 'crypt_bcrypt_y_rn'
libxcrypt-4.4.38-build/libxcrypt-4.4.38/lib/crypt-bcrypt.c:732:24: note: valid subscripts for 'flags_by_subtype' are '[0]' to '[25]'
# 730| setting[1] != '2' ||
# 731| setting[2] < 'a' || setting[2] > 'z' ||
# 732|-> !flags_by_subtype[(unsigned int) (unsigned char) setting[2] - 'a'] ||
# 733| setting[3] != '$' ||
# 734| setting[4] < '0' || setting[4] > '3' ||