Task #62418 - sssd-2.11.0-99.20250711122346187408.pr8024.85.gc2adf0ae6/scan-results.err
back to task #62418download
Error: GCC_ANALYZER_WARNING (CWE-476):
sssd-2.11.0/src/util/util.h:46: included_from: Included from here.
sssd-2.11.0/src/db/sysdb.c:23: included_from: Included from here.
sssd-2.11.0/src/db/sysdb.c: scope_hint: In function 'sysdb_attrs_add_val_int'
sssd-2.11.0/src/db/sysdb.c:512:45: warning[-Wanalyzer-null-dereference]: dereference of NULL 'el'
# 510|
# 511| vals = talloc_realloc(attrs->a, el->values,
# 512|-> struct ldb_val, el->num_values+1);
# 513| if (!vals) return ENOMEM;
# 514|
Error: CPPCHECK_WARNING (CWE-457):
sssd-2.11.0/src/db/sysdb_ops.c:5749: error[legacyUninitvar]: Uninitialized variable: ldb_ret
# 5747| ERROR_OUT(ret, EINVAL, done);
# 5748| }
# 5749|-> if (ldb_ret != LDB_SUCCESS) {
# 5750| ERROR_OUT(ret, EIO, done);
# 5751| }
Error: GCC_ANALYZER_WARNING (CWE-476):
sssd-2.11.0/src/db/sysdb_search.c: scope_hint: In function 'sysdb_getpwnam_with_views'
sssd-2.11.0/src/db/sysdb_search.c:392:42: warning[-Wanalyzer-null-dereference]: dereference of NULL 'orig_obj'
sssd-2.11.0/src/db/sysdb_search.c:22: included_from: Included from here.
sssd-2.11.0/src/db/sysdb_search.c:370:9: note: in expansion of macro 'DOM_HAS_VIEWS'
sssd-2.11.0/src/db/sysdb_private.h:128: included_from: Included from here.
sssd-2.11.0/src/db/sysdb_search.c:23: included_from: Included from here.
sssd-2.11.0/src/db/sysdb_search.c:319:15: note: in expansion of macro 'sysdb_error_to_errno'
sssd-2.11.0/src/db/sysdb_search.c:392:9: note: in expansion of macro 'DOM_HAS_VIEWS'
# 390| /* If there are views we have to check if override values must be added to
# 391| * the original object. */
# 392|-> if (DOM_HAS_VIEWS(domain) && orig_obj->count == 1) {
# 393| ret = sysdb_add_overrides_to_object(domain, orig_obj->msgs[0],
# 394| override_obj == NULL ? NULL : override_obj->msgs[0],
Error: GCC_ANALYZER_WARNING (CWE-476):
sssd-2.11.0/src/db/sysdb_search.c: scope_hint: In function 'sysdb_get_user_attr_with_views'
sssd-2.11.0/src/db/sysdb_search.c:2048:42: warning[-Wanalyzer-null-dereference]: dereference of NULL 'orig_obj'
sssd-2.11.0/src/db/sysdb_search.c:1976:15: note: in expansion of macro 'sysdb_error_to_errno'
sssd-2.11.0/src/db/sysdb_search.c:2048:9: note: in expansion of macro 'DOM_HAS_VIEWS'
# 2046| /* If there are views we have to check if override values must be added to
# 2047| * the original object. */
# 2048|-> if (DOM_HAS_VIEWS(domain) && orig_obj->count == 1) {
# 2049| ret = sysdb_add_overrides_to_object(domain, orig_obj->msgs[0],
# 2050| override_obj == NULL ? NULL : override_obj ->msgs[0],
Error: GCC_ANALYZER_WARNING (CWE-775):
sssd-2.11.0/src/krb5_plugin/passkey/passkey_clpreauth.c: scope_hint: In function 'sss_passkeycl_exec_child'
sssd-2.11.0/src/krb5_plugin/passkey/passkey_clpreauth.c:173:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'pipe_to_child[0]'
# 171| if (buf == NULL) {
# 172| ret = ENOMEM;
# 173|-> return ret;
# 174| }
# 175|
Error: GCC_ANALYZER_WARNING (CWE-775):
sssd-2.11.0/src/krb5_plugin/passkey/passkey_clpreauth.c:173:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'pipe_to_child[1]'
# 171| if (buf == NULL) {
# 172| ret = ENOMEM;
# 173|-> return ret;
# 174| }
# 175|
Error: GCC_ANALYZER_WARNING (CWE-775):
sssd-2.11.0/src/krb5_plugin/passkey/passkey_clpreauth.c:173:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'pipe_to_parent[0]'
# 171| if (buf == NULL) {
# 172| ret = ENOMEM;
# 173|-> return ret;
# 174| }
# 175|
Error: COMPILER_WARNING (CWE-252):
sssd-2.11.0/src/krb5_plugin/passkey/passkey_clpreauth.c: scope_hint: In function 'sss_passkeycl_exec_child'
sssd-2.11.0/src/krb5_plugin/passkey/passkey_clpreauth.c:222:9: warning[-Wunused-result]: ignoring return value of 'write' declared with attribute 'warn_unused_result'
# 222 | write(pipe_to_child[1], pin, strlen(pin));
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 220| close(pipe_to_parent[1]);
# 221|
# 222|-> write(pipe_to_child[1], pin, strlen(pin));
# 223| close(pipe_to_child[1]);
# 224|
Error: GCC_ANALYZER_WARNING (CWE-416):
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function 'sss_passkey_challenge_free.part.0'
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c:111:14: warning[-Wanalyzer-use-after-free]: use after 'free' of 'data'
# 109| }
# 110|
# 111|-> free(data->domain);
# 112| free(data->cryptographic_challenge);
# 113| sss_string_array_free(data->credential_id_list);
Error: GCC_ANALYZER_WARNING (CWE-416):
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_challenge_free.part.0’
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c:111:14: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘data’
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_challenge_free.part.0’
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_challenge_free.part.0’
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_challenge_free.part.0’
# 109| }
# 110|
# 111|-> free(data->domain);
# 112| free(data->cryptographic_challenge);
# 113| sss_string_array_free(data->credential_id_list);
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c:115:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
# 113| sss_string_array_free(data->credential_id_list);
# 114|
# 115|-> free(data);
# 116| }
# 117|
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c:115:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_challenge_free.part.0’
# 113| sss_string_array_free(data->credential_id_list);
# 114|
# 115|-> free(data);
# 116| }
# 117|
Error: GCC_ANALYZER_WARNING (CWE-416):
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function 'sss_passkey_reply_free.part.0'
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c:243:14: warning[-Wanalyzer-use-after-free]: use after 'free' of 'data'
# 241| }
# 242|
# 243|-> free(data->credential_id);
# 244| free(data->cryptographic_challenge);
# 245| free(data->authenticator_data);
Error: GCC_ANALYZER_WARNING (CWE-416):
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_reply_free.part.0’
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c:243:14: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘data’
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_reply_free.part.0’
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_reply_free.part.0’
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_reply_free.part.0’
# 241| }
# 242|
# 243|-> free(data->credential_id);
# 244| free(data->cryptographic_challenge);
# 245| free(data->authenticator_data);
Error: GCC_ANALYZER_WARNING (CWE-126):
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c:247:14: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
sssd-2.11.0/src/krb5_plugin/passkey/passkey_utils.c:247:14: note: read of 8 bytes from after the end of the region
# 245| free(data->authenticator_data);
# 246| free(data->assertion_signature);
# 247|-> free(data->user_id);
# 248| free(data);
# 249| }
Error: GCC_ANALYZER_WARNING (CWE-476):
sssd-2.11.0/src/ldb_modules/memberof.c: scope_hint: In function 'mbof_append_addop'
sssd-2.11.0/src/ldb_modules/memberof.c:376:22: warning[-Wanalyzer-null-dereference]: dereference of NULL 'lastop'
/usr/include/samba-4.0/ldb.h:50: included_from: Included from here.
/usr/include/samba-4.0/ldb_module.h:36: included_from: Included from here.
sssd-2.11.0/src/ldb_modules/memberof.c:23: included_from: Included from here.
# 374|
# 375| if (add_ctx->add_list) {
# 376|-> lastop->next = addop;
# 377| } else {
# 378| add_ctx->add_list = addop;
Error: COMPILER_WARNING (CWE-457):
sssd-2.11.0/src/p11_child/p11_child_openssl.c: scope_hint: In function ‘do_card’
sssd-2.11.0/src/p11_child/p11_child_openssl.c:2227:15: warning[-Wmaybe-uninitialized]: ‘module_id’ may be used uninitialized
# 2227 | ret = do_slot(module, module_id, slot_id, &info, &token_info, &module_info,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 2228 | mem_ctx, p11_ctx, mode, pin, module_name_in, token_name_in,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 2229 | key_id_in, label_in, uri_str, _multi);
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sssd-2.11.0/src/p11_child/p11_child_openssl.c:1995:12: note: ‘module_id’ was declared here
# 1995 | size_t module_id;
# | ^~~~~~~~~
# 2225| }
# 2226|
# 2227|-> ret = do_slot(module, module_id, slot_id, &info, &token_info, &module_info,
# 2228| mem_ctx, p11_ctx, mode, pin, module_name_in, token_name_in,
# 2229| key_id_in, label_in, uri_str, _multi);
Error: GCC_ANALYZER_WARNING (CWE-476):
sssd-2.11.0/src/providers/ad/ad_subdomains.c: scope_hint: In function 'ad_get_slave_domain_send'
sssd-2.11.0/src/providers/ad/ad_subdomains.c:1164:30: warning[-Wanalyzer-null-dereference]: dereference of NULL 'root_id_ctx'
sssd-2.11.0/src/util/util.h:59: included_from: Included from here.
sssd-2.11.0/src/providers/data_provider.h:40: included_from: Included from here.
sssd-2.11.0/src/providers/backend.h:25: included_from: Included from here.
sssd-2.11.0/src/providers/ldap/sdap_async.h:29: included_from: Included from here.
sssd-2.11.0/src/providers/ad/ad_subdomains.c:25: included_from: Included from here.
sssd-2.11.0/src/providers/ad/ad_subdomains.c:2306:9: note: in expansion of macro 'DEBUG'
# 1162| state->sd_ctx = sd_ctx;
# 1163| state->be_ctx = sd_ctx->be_ctx;
# 1164|-> state->opts = root_id_ctx->sdap_id_ctx->opts;
# 1165| state->idmap_ctx = root_id_ctx->sdap_id_ctx->opts->idmap_ctx;
# 1166| state->root_attrs = root_attrs;
Error: GCC_ANALYZER_WARNING (CWE-476):
sssd-2.11.0/src/providers/data_provider_fo.c: scope_hint: In function ‘be_fo_add_service’
sssd-2.11.0/src/providers/data_provider_fo.c:161:11: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘*ctx.be_fo’
# 159| /* if not in the be service list, try to create new one */
# 160|
# 161|-> ret = fo_new_service(ctx->be_fo->fo_ctx, service_name, user_data_cmp,
# 162| &service);
# 163| if (ret != EOK && ret != EEXIST) {
Error: GCC_ANALYZER_WARNING (CWE-476):
sssd-2.11.0/src/providers/data_provider_fo.c:161:29: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘ctx’
# 159| /* if not in the be service list, try to create new one */
# 160|
# 161|-> ret = fo_new_service(ctx->be_fo->fo_ctx, service_name, user_data_cmp,
# 162| &service);
# 163| if (ret != EOK && ret != EEXIST) {
Error: GCC_ANALYZER_WARNING (CWE-476):
sssd-2.11.0/src/providers/ipa/ipa_subdomains_id.c:936:16: warning[-Wanalyzer-null-dereference]: dereference of NULL 'iter'
sssd-2.11.0/src/providers/ipa/ipa_subdomains_id.c: scope_hint: In function 'ipa_srv_acct_send'
# 934| }
# 935|
# 936|-> return iter->type;
# 937| }
# 938|
Error: CPPCHECK_WARNING (CWE-457):
sssd-2.11.0/src/providers/ipa/selinux_child.c:203: error[uninitvar]: Uninitialized variable: &chain_id
# 201| {"debug-fd", 0, POPT_ARG_INT, &debug_fd, 0,
# 202| _("An open file descriptor for the debug logs"), NULL},
# 203|-> {"chain-id", 0, POPT_ARG_LONG, &chain_id,
# 204| 0, _("Tevent chain ID used for logging purposes"), NULL},
# 205| SSSD_LOGGER_OPTS
Error: COMPILER_WARNING (CWE-252):
sssd-2.11.0/src/providers/ipa/selinux_child.c: scope_hint: In function ‘main’
sssd-2.11.0/src/providers/ipa/selinux_child.c:360:9: warning[-Wunused-result]: ignoring return value of ‘setresuid’ declared with attribute ‘warn_unused_result’
# 360 | setresuid(suid, suid, suid);
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~
# 358|
# 359| if (getresuid(&ruid, &euid, &suid) == 0) {
# 360|-> setresuid(suid, suid, suid);
# 361| }
# 362| if (getresgid(&rgid, &egid, &sgid) == 0) {
Error: COMPILER_WARNING (CWE-252):
sssd-2.11.0/src/providers/ipa/selinux_child.c:363:9: warning[-Wunused-result]: ignoring return value of ‘setresgid’ declared with attribute ‘warn_unused_result’
# 363 | setresgid(sgid, sgid, sgid);
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~
# 361| }
# 362| if (getresgid(&rgid, &egid, &sgid) == 0) {
# 363|-> setresgid(sgid, sgid, sgid);
# 364| }
# 365|
Error: COMPILER_WARNING (CWE-252):
sssd-2.11.0/src/providers/krb5/krb5_ccache.c: scope_hint: In function 'switch_to_user'
sssd-2.11.0/src/providers/krb5/krb5_ccache.c:64:9: warning[-Wunused-result]: ignoring return value of 'setresuid' declared with attribute 'warn_unused_result'
# 64 | setresuid(-1, suid, -1);
# | ^~~~~~~~~~~~~~~~~~~~~~~
# 62| ret = setresgid(-1, rgid, -1);
# 63| if (ret != 0) {
# 64|-> setresuid(-1, suid, -1);
# 65| return errno;
# 66| }
Error: COMPILER_WARNING (CWE-252):
sssd-2.11.0/src/providers/krb5/krb5_ccache.c: scope_hint: In function ‘switch_to_user’
sssd-2.11.0/src/providers/krb5/krb5_ccache.c:64:9: warning[-Wunused-result]: ignoring return value of ‘setresuid’ declared with attribute ‘warn_unused_result’
# 64 | setresuid(-1, suid, -1);
# | ^~~~~~~~~~~~~~~~~~~~~~~
# 62| ret = setresgid(-1, rgid, -1);
# 63| if (ret != 0) {
# 64|-> setresuid(-1, suid, -1);
# 65| return errno;
# 66| }
Error: COMPILER_WARNING (CWE-252):
sssd-2.11.0/src/providers/krb5/krb5_ccache.c: scope_hint: In function 'switch_to_service'
sssd-2.11.0/src/providers/krb5/krb5_ccache.c:94:9: warning[-Wunused-result]: ignoring return value of 'setresuid' declared with attribute 'warn_unused_result'
# 94 | setresuid(-1, ruid, -1);
# | ^~~~~~~~~~~~~~~~~~~~~~~
# 92| ret = setresgid(-1, sgid, -1);
# 93| if (ret != 0) {
# 94|-> setresuid(-1, ruid, -1);
# 95| return errno;
# 96| }
Error: COMPILER_WARNING (CWE-252):
sssd-2.11.0/src/providers/krb5/krb5_ccache.c: scope_hint: In function ‘switch_to_service’
sssd-2.11.0/src/providers/krb5/krb5_ccache.c:94:9: warning[-Wunused-result]: ignoring return value of ‘setresuid’ declared with attribute ‘warn_unused_result’
# 94 | setresuid(-1, ruid, -1);
# | ^~~~~~~~~~~~~~~~~~~~~~~
# 92| ret = setresgid(-1, sgid, -1);
# 93| if (ret != 0) {
# 94|-> setresuid(-1, ruid, -1);
# 95| return errno;
# 96| }
Error: GCC_ANALYZER_WARNING (CWE-476):
sssd-2.11.0/src/providers/ldap/sdap_async.c: scope_hint: In function 'sdap_get_generic_ext_send'
sssd-2.11.0/src/providers/ldap/sdap_async.c:1598:44: warning[-Wanalyzer-null-dereference]: dereference of NULL 'serverctrls'
sssd-2.11.0/src/util/util.h:46: included_from: Included from here.
sssd-2.11.0/src/providers/ldap/sdap_async.c:24: included_from: Included from here.
# 1596|
# 1597| for (i=0; i < state->nserverctrls; i++) {
# 1598|-> state->serverctrls[i] = serverctrls[i];
# 1599| }
# 1600| state->serverctrls[i] = NULL;
Error: GCC_ANALYZER_WARNING (CWE-476):
sssd-2.11.0/src/providers/ldap/sdap_async_initgroups.c: scope_hint: In function 'sdap_add_incomplete_groups'
sssd-2.11.0/src/providers/ldap/sdap_async_initgroups.c:71:31: warning[-Wanalyzer-null-dereference]: dereference of NULL 'sysdb_groupnames'
sssd-2.11.0/src/util/util.h:46: included_from: Included from here.
sssd-2.11.0/src/providers/ldap/sdap_async_initgroups.c:24: included_from: Included from here.
# 69| mi = 0;
# 70|
# 71|-> for (i=0; sysdb_groupnames[i]; i++) {
# 72| subdomain = find_domain_by_object_name(domain, sysdb_groupnames[i]);
# 73| if (subdomain == NULL) {
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/providers/proxy/proxy_child.c: scope_hint: In function ‘proxy_internal_conv’
sssd-2.11.0/src/providers/proxy/proxy_child.c:108:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 106|
# 107| failed:
# 108|-> free(reply);
# 109| return PAM_CONV_ERR;
# 110| }
Error: CPPCHECK_WARNING (CWE-457):
sssd-2.11.0/src/providers/proxy/proxy_child.c:481: error[uninitvar]: Uninitialized variable: &chain_id
# 479| {"id", 0, POPT_ARG_LONG, &id, 0,
# 480| _("Child identifier (mandatory)"), NULL },
# 481|-> {"chain-id", 0, POPT_ARG_LONG, &chain_id, 0,
# 482| _("Tevent chain ID used for logging purposes"), NULL },
# 483| POPT_TABLEEND
Error: CPPCHECK_WARNING (CWE-562):
sssd-2.11.0/src/python/pyhbac.c:59: error[returnDanglingLifetime]: Returning pointer to local variable 'copy' that will be invalid when returning.
# 57| }
# 58|
# 59|-> return strcpy(copy, string);
# 60| }
# 61|
Error: CPPCHECK_WARNING (CWE-457):
sssd-2.11.0/src/responder/kcm/kcmsrv_ccache_binary.c:238: error[uninitvar]: Uninitialized variable: uuid
# 236|
# 237| for (uint32_t i = 0; i < count; i++) {
# 238|-> ret = sss_iobuf_read_len(buf, sizeof(uuid_t), (uint8_t*)uuid);
# 239| if (ret != EOK) {
# 240| return ret;
Error: CPPCHECK_WARNING (CWE-457):
sssd-2.11.0/src/responder/kcm/kcmsrv_ops.c:1113: error[uninitvar]: Uninitialized variable: uuid
# 1111| crd != NULL;
# 1112| crd = kcm_cc_next_cred(crd)) {
# 1113|-> ret = kcm_cred_get_uuid(crd, uuid);
# 1114| if (ret != EOK) {
# 1115| DEBUG(SSSDBG_MINOR_FAILURE, "Credential has no UUID, skipping\n");
Error: CPPCHECK_WARNING (CWE-457):
sssd-2.11.0/src/responder/kcm/kcmsrv_ops.c:1230: error[legacyUninitvar]: Uninitialized variable: uuid
# 1228| crd != NULL;
# 1229| crd = kcm_cc_next_cred(crd)) {
# 1230|-> ret = kcm_cred_get_uuid(crd, uuid);
# 1231| if (ret != EOK) {
# 1232| DEBUG(SSSDBG_MINOR_FAILURE, "Credential has no UUID, skipping\n");
Error: CPPCHECK_WARNING (CWE-457):
sssd-2.11.0/src/responder/kcm/kcmsrv_ops.c:1551: error[uninitvar]: Uninitialized variable: uuid_in
# 1549|
# 1550| ret = sss_iobuf_read_len(op_ctx->input,
# 1551|-> UUID_BYTES, uuid_in);
# 1552| if (ret != EOK) {
# 1553| DEBUG(SSSDBG_OP_FAILURE,
Error: GCC_ANALYZER_WARNING (CWE-688):
sssd-2.11.0/src/responder/pam/pamsrv_p11.c: scope_hint: In function ‘pack_cert_data’
sssd-2.11.0/src/responder/pam/pamsrv_p11.c:1101:17: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
sssd-2.11.0/src/responder/pam/pamsrv_p11.c: scope_hint: In function ‘pack_cert_data’
sssd-2.11.0/src/responder/pam/pamsrv_p11.c: scope_hint: In function ‘pack_cert_data’
sssd-2.11.0/src/responder/pam/pamsrv_p11.c: scope_hint: In function ‘pack_cert_data’
<built-in>: note: argument 1 of ‘__builtin_strlen’ must be non-null
# 1099|
# 1100| user_len = strlen(username) + 1;
# 1101|-> token_len = strlen(token_name) + 1;
# 1102| module_len = strlen(module_name) + 1;
# 1103| key_id_len = strlen(key_id) + 1;
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/common.c: scope_hint: In function ‘sss_cli_check_socket’
sssd-2.11.0/src/sss_client/common.c:740:16: warning[-Wanalyzer-malloc-leak]: leak of ‘descriptor’
# 738| if (ret != 0) {
# 739| *errnop = EFAULT;
# 740|-> return SSS_STATUS_UNAVAIL;
# 741| }
# 742| if (!sss_sd_key_initialized) {
Error: GCC_ANALYZER_WARNING (CWE-476):
sssd-2.11.0/src/sss_client/nss_mc_common.c: scope_hint: In function 'sss_nss_mc_get_record'
sssd-2.11.0/src/sss_client/nss_mc_common.c:356:38: warning[-Wanalyzer-null-dereference]: dereference of NULL 'copy_rec'
sssd-2.11.0/src/sss_client/nss_mc.h:35: included_from: Included from here.
sssd-2.11.0/src/sss_client/nss_mc_common.c:33: included_from: Included from here.
sssd-2.11.0/src/util/mmap_cache.h:65:43: note: in definition of macro 'MC_SLOT_TO_PTR'
sssd-2.11.0/src/sss_client/nss_mc_common.c:336:14: note: in expansion of macro 'MC_CHECK_RECORD_LENGTH'
sssd-2.11.0/src/sss_client/nss_mc_common.c:353:9: note: in expansion of macro 'MEMCPY_WITH_BARRIERS'
sssd-2.11.0/src/sss_client/nss_mc_common.c:353:9: note: in expansion of macro 'MEMCPY_WITH_BARRIERS'
# 354|
# 355| /* we must check data is consistent again after the copy */
# 356|-> if (copy_ok && b1 == copy_rec->b2) {
# 357| /* record is consistent, use it */
# 358| break;
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:212:8: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:532:5: note: in expansion of macro 'SAFEALIGN_COPY_UINT32_CHECK'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function 'pc_list_add_pc'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
# 210|
# 211| pcl = realloc(*pc_list, (c + 2) * sizeof(struct prompt_config *));
# 212|-> if (pcl == NULL) {
# 213| return ENOMEM;
# 214| }
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function 'pc_list_add_pc'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:212:8: warning[-Wanalyzer-malloc-leak]: leak of 'pcl'
sssd-2.11.0/src/sss_client/sss_cli.h:38: included_from: Included from here.
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:25: included_from: Included from here.
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:532:5: note: in expansion of macro 'SAFEALIGN_COPY_UINT32_CHECK'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function 'pc_list_add_pc'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
# 210|
# 211| pcl = realloc(*pc_list, (c + 2) * sizeof(struct prompt_config *));
# 212|-> if (pcl == NULL) {
# 213| return ENOMEM;
# 214| }
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:212:8: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:532:5: note: in expansion of macro ‘SAFEALIGN_COPY_UINT32_CHECK’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function ‘pc_list_add_pc’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
# 210|
# 211| pcl = realloc(*pc_list, (c + 2) * sizeof(struct prompt_config *));
# 212|-> if (pcl == NULL) {
# 213| return ENOMEM;
# 214| }
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function ‘pc_list_add_pc’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:212:8: warning[-Wanalyzer-malloc-leak]: leak of ‘pcl’
sssd-2.11.0/src/sss_client/sss_cli.h:38: included_from: Included from here.
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:25: included_from: Included from here.
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:532:5: note: in expansion of macro ‘SAFEALIGN_COPY_UINT32_CHECK’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function ‘pc_list_add_pc’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
# 210|
# 211| pcl = realloc(*pc_list, (c + 2) * sizeof(struct prompt_config *));
# 212|-> if (pcl == NULL) {
# 213| return ENOMEM;
# 214| }
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:216:8: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:532:5: note: in expansion of macro 'SAFEALIGN_COPY_UINT32_CHECK'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function 'pc_list_add_pc'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
# 214| }
# 215| pcl[c] = pc;
# 216|-> pcl[c + 1] = NULL;
# 217|
# 218| *pc_list = pcl;
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:216:8: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:532:5: note: in expansion of macro ‘SAFEALIGN_COPY_UINT32_CHECK’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function ‘pc_list_add_pc’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
# 214| }
# 215| pcl[c] = pc;
# 216|-> pcl[c + 1] = NULL;
# 217|
# 218| *pc_list = pcl;
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function 'pc_list_add_password'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:252:8: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:532:5: note: in expansion of macro 'SAFEALIGN_COPY_UINT32_CHECK'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function 'pc_list_add_password'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
# 250|
# 251| ret = pc_list_add_pc(pc_list, pc);
# 252|-> if (ret != EOK) {
# 253| goto done;
# 254| }
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function ‘pc_list_add_password’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:252:8: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:532:5: note: in expansion of macro ‘SAFEALIGN_COPY_UINT32_CHECK’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function ‘pc_list_add_password’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
# 250|
# 251| ret = pc_list_add_pc(pc_list, pc);
# 252|-> if (ret != EOK) {
# 253| goto done;
# 254| }
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function 'pc_list_add_2fa'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:297:8: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:532:5: note: in expansion of macro 'SAFEALIGN_COPY_UINT32_CHECK'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function 'pc_list_add_2fa'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
# 295|
# 296| ret = pc_list_add_pc(pc_list, pc);
# 297|-> if (ret != EOK) {
# 298| goto done;
# 299| }
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function ‘pc_list_add_2fa’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:297:8: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:532:5: note: in expansion of macro ‘SAFEALIGN_COPY_UINT32_CHECK’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function ‘pc_list_add_2fa’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
# 295|
# 296| ret = pc_list_add_pc(pc_list, pc);
# 297|-> if (ret != EOK) {
# 298| goto done;
# 299| }
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function 'pc_list_add_2fa_single'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:337:8: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:532:5: note: in expansion of macro 'SAFEALIGN_COPY_UINT32_CHECK'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function 'pc_list_add_2fa_single'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
# 335|
# 336| ret = pc_list_add_pc(pc_list, pc);
# 337|-> if (ret != EOK) {
# 338| goto done;
# 339| }
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function ‘pc_list_add_2fa_single’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:337:8: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:532:5: note: in expansion of macro ‘SAFEALIGN_COPY_UINT32_CHECK’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function ‘pc_list_add_2fa_single’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
# 335|
# 336| ret = pc_list_add_pc(pc_list, pc);
# 337|-> if (ret != EOK) {
# 338| goto done;
# 339| }
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function 'pc_list_add_passkey'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:383:8: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:532:5: note: in expansion of macro 'SAFEALIGN_COPY_UINT32_CHECK'
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function 'pc_list_add_passkey'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32'
# 381|
# 382| ret = pc_list_add_pc(pc_list, pc);
# 383|-> if (ret != EOK) {
# 384| goto done;
# 385| }
Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function ‘pc_list_add_passkey’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:383:8: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c:532:5: note: in expansion of macro ‘SAFEALIGN_COPY_UINT32_CHECK’
sssd-2.11.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function ‘pc_list_add_passkey’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
sssd-2.11.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’
# 381|
# 382| ret = pc_list_add_pc(pc_list, pc);
# 383|-> if (ret != EOK) {
# 384| goto done;
# 385| }
Error: GCC_ANALYZER_WARNING (CWE-457):
sssd-2.11.0/src/tools/sss_override.c: scope_hint: In function ‘list_user_overrides’
sssd-2.11.0/src/tools/sss_override.c:1153:19: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘count’
sssd-2.11.0/src/util/util.h:46: included_from: Included from here.
sssd-2.11.0/src/tools/sss_override.c:23: included_from: Included from here.
/usr/include/grp.h:177: included_from: Included from here.
sssd-2.11.0/src/sss_client/sss_cli.h:32: included_from: Included from here.
sssd-2.11.0/src/db/sysdb.h:27: included_from: Included from here.
sssd-2.11.0/src/tools/sss_override.c:25: included_from: Included from here.
# 1151| }
# 1152|
# 1153|-> for (i = 0; i < count; i++) {
# 1154| objs[i].orig_name = ldb_msg_find_attr_as_string(msgs[i], ORIGNAME,
# 1155| NULL);
Error: GCC_ANALYZER_WARNING (CWE-910):
sssd-2.11.0/src/util/debug.c: scope_hint: In function 'rotate_debug_files'
sssd-2.11.0/src/util/debug.c:445:19: warning[-Wanalyzer-double-fclose]: double 'fclose' of FILE '_sss_debug_file'
# 443| do {
# 444| error = 0;
# 445|-> ret = fclose(_sss_debug_file);
# 446| if (ret != 0) {
# 447| error = errno;
Error: GCC_ANALYZER_WARNING (CWE-415):
sssd-2.11.0/src/util/debug.c:445:19: warning[-Wanalyzer-double-free]: double-'fclose' of '_sss_debug_file'
# 443| do {
# 444| error = 0;
# 445|-> ret = fclose(_sss_debug_file);
# 446| if (ret != 0) {
# 447| error = errno;
Error: GCC_ANALYZER_WARNING (CWE-457):
sssd-2.11.0/src/util/find_uid.c: scope_hint: In function 'get_active_uid_linux'
sssd-2.11.0/src/util/find_uid.c:276:13: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'is_systemd'
sssd-2.11.0/src/util/find_uid.c: scope_hint: In function 'get_active_uid_linux'
sssd-2.11.0/src/util/find_uid.c:28: included_from: Included from here.
# 274| }
# 275|
# 276|-> if (is_systemd) {
# 277| /* Systemd process may linger for a while even when user.
# 278| * is logged out. Lets ignore it and focus only
Error: GCC_ANALYZER_WARNING (CWE-457):
sssd-2.11.0/src/util/find_uid.c: scope_hint: In function ‘get_active_uid_linux’
sssd-2.11.0/src/util/find_uid.c:276:13: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘is_systemd’
sssd-2.11.0/src/util/find_uid.c: scope_hint: In function ‘get_active_uid_linux’
sssd-2.11.0/src/util/find_uid.c:28: included_from: Included from here.
# 274| }
# 275|
# 276|-> if (is_systemd) {
# 277| /* Systemd process may linger for a while even when user.
# 278| * is logged out. Lets ignore it and focus only