Newly introduced findings

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
openscap-1.4.3-build/openscap-1.4.3/src/OVAL/probes/unix/linux/iflisteners_probe.c: scope_hint: In function ‘iflisteners_probe_main’
openscap-1.4.3-build/openscap-1.4.3/src/OVAL/probes/unix/linux/iflisteners_probe.c:470:16: warning[-Wanalyzer-malloc-leak]: leak of ‘ll.head’
openscap-1.4.3-build/openscap-1.4.3/src/OVAL/probes/unix/linux/iflisteners_probe.c: scope_hint: In function ‘iflisteners_probe_main’
#  468|   	SEXP_free(interface_name_ent);
#  469|   
#  470|-> 	return err;
#  471|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def2]
openscap-1.4.3-build/openscap-1.4.3/utils/oscap-cpe.c: scope_hint: In function ‘getopt_cpe’
openscap-1.4.3-build/openscap-1.4.3/utils/oscap-cpe.c:134:42: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*action.cpe_action’
#  132|   	action->cpe_action = malloc(sizeof(struct cpe_action));
#  133|   	if (action->module == &CPE_MATCH_MODULE) {
#  134|-> 		action->cpe_action->name = argv[optind];
#  135|   		action->cpe_action->dict = argv[optind + 1];
#  136|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def3]
openscap-1.4.3-build/openscap-1.4.3/utils/oscap-cpe.c:138:42: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*action.cpe_action’
#  136|   	}
#  137|   	if (action->module == &CPE_CHECK_MODULE) {
#  138|-> 		action->cpe_action->name = argv[optind];
#  139|   	}
#  140|   	if (action->module == &CPE_VALIDATE) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def4]
openscap-1.4.3-build/openscap-1.4.3/utils/oscap-cpe.c:141:42: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*action.cpe_action’
#  139|   	}
#  140|   	if (action->module == &CPE_VALIDATE) {
#  141|-> 		action->cpe_action->dict = argv[optind];
#  142|   	}
#  143|   	return true;

Scan Properties

analyzer-version-clippy	1.86.0
analyzer-version-cppcheck	2.17.1
analyzer-version-gcc	15.0.1
analyzer-version-gcc-analyzer	15.0.1
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
diffbase-analyzer-version-clippy	1.86.0
diffbase-analyzer-version-cppcheck	2.17.1
diffbase-analyzer-version-gcc	15.0.1
diffbase-analyzer-version-gcc-analyzer	15.0.1
diffbase-analyzer-version-shellcheck	0.10.0
diffbase-analyzer-version-unicontrol	0.0.2
diffbase-enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code	0
diffbase-host	ip-172-16-1-188.us-west-2.compute.internal
diffbase-mock-config	fedora-rawhide-x86_64
diffbase-project-name	openscap-1.4.3-0.20250406163236211511.main.1.g6e7540844
diffbase-store-results-to	/tmp/tmpjnntqm7m/openscap-1.4.3-0.20250406163236211511.main.1.g6e7540844.tar.xz
diffbase-time-created	2025-04-10 08:48:39
diffbase-time-finished	2025-04-10 08:55:21
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'cppcheck,shellcheck,unicontrol,clippy,gcc' '-o' '/tmp/tmpjnntqm7m/openscap-1.4.3-0.20250406163236211511.main.1.g6e7540844.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmpjnntqm7m/openscap-1.4.3-0.20250406163236211511.main.1.g6e7540844.src.rpm'
diffbase-tool-version	csmock-3.8.0-1.el9
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-188.us-west-2.compute.internal
mock-config	fedora-rawhide-x86_64
project-name	openscap-1.4.3-0.20250410083936447384.pr2220.2.g3d818e5d0
store-results-to	/tmp/tmppi6ax8e5/openscap-1.4.3-0.20250410083936447384.pr2220.2.g3d818e5d0.tar.xz
time-created	2025-04-10 08:55:58
time-finished	2025-04-10 09:02:36
title	Newly introduced findings
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'cppcheck,shellcheck,unicontrol,clippy,gcc' '-o' '/tmp/tmppi6ax8e5/openscap-1.4.3-0.20250410083936447384.pr2220.2.g3d818e5d0.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmppi6ax8e5/openscap-1.4.3-0.20250410083936447384.pr2220.2.g3d818e5d0.src.rpm'
tool-version	csmock-3.8.0-1.el9