Task #810 - libnftnl-1.2.6-6.fc41/scan-results.err
back to task #810download
Error: GCC_ANALYZER_WARNING (CWE-401): libnftnl-1.2.6-build/libnftnl-1.2.6/include/linux_list.h:83:20: warning[-Wanalyzer-malloc-leak]: leak of ‘nftnl_set_elem_alloc()’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: scope_hint: In function ‘nftnl_set_elems_parse2’ libnftnl-1.2.6-build/libnftnl-1.2.6/include/linux_list.h:67:24: note: in definition of macro ‘INIT_LIST_HEAD’ # 81| new->next = next; # 82| new->prev = prev; # 83|-> prev->next = new; # 84| } # 85| Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c: scope_hint: In function ‘nftnl_chain_set_data’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:236:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:11: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:236:17: note: read of 3 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 234| break; # 235| case NFTNL_CHAIN_HOOKNUM: # 236|-> memcpy(&c->hooknum, data, sizeof(c->hooknum)); # 237| break; # 238| case NFTNL_CHAIN_PRIO: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:239:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:239:17: note: read of 3 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 237| break; # 238| case NFTNL_CHAIN_PRIO: # 239|-> memcpy(&c->prio, data, sizeof(c->prio)); # 240| break; # 241| case NFTNL_CHAIN_POLICY: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:242:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:242:17: note: read of 3 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 240| break; # 241| case NFTNL_CHAIN_POLICY: # 242|-> memcpy(&c->policy, data, sizeof(c->policy)); # 243| break; # 244| case NFTNL_CHAIN_USE: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:245:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:245:17: note: read of 3 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 243| break; # 244| case NFTNL_CHAIN_USE: # 245|-> memcpy(&c->use, data, sizeof(c->use)); # 246| break; # 247| case NFTNL_CHAIN_BYTES: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:248:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:248:17: note: read of 4 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 246| break; # 247| case NFTNL_CHAIN_BYTES: # 248|-> memcpy(&c->bytes, data, sizeof(c->bytes)); # 249| break; # 250| case NFTNL_CHAIN_PACKETS: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:251:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:251:17: note: read of 7 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 249| break; # 250| case NFTNL_CHAIN_PACKETS: # 251|-> memcpy(&c->packets, data, sizeof(c->packets)); # 252| break; # 253| case NFTNL_CHAIN_HANDLE: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:254:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:254:17: note: read of 4 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 252| break; # 253| case NFTNL_CHAIN_HANDLE: # 254|-> memcpy(&c->handle, data, sizeof(c->handle)); # 255| break; # 256| case NFTNL_CHAIN_FAMILY: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:257:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:257:17: note: read of 3 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 255| break; # 256| case NFTNL_CHAIN_FAMILY: # 257|-> memcpy(&c->family, data, sizeof(c->family)); # 258| break; # 259| case NFTNL_CHAIN_TYPE: Error: GCC_ANALYZER_WARNING (CWE-131): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:277:33: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ # 275| case NFTNL_CHAIN_DEVICES: # 276| dev_array = (const char **)data; # 277|-> while (dev_array[len] != NULL) # 278| len++; # 279| Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:277:33: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:277:33: note: read of 4 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 275| case NFTNL_CHAIN_DEVICES: # 276| dev_array = (const char **)data; # 277|-> while (dev_array[len] != NULL) # 278| len++; # 279| Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:291:43: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:291:43: note: read of 4 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 289| # 290| for (i = 0; i < len; i++) # 291|-> c->dev_array[i] = strdup(dev_array[i]); # 292| # 293| c->dev_array_len = len; Error: GCC_ANALYZER_WARNING (CWE-131): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:291:59: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ # 289| # 290| for (i = 0; i < len; i++) # 291|-> c->dev_array[i] = strdup(dev_array[i]); # 292| # 293| c->dev_array_len = len; Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:296:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:296:17: note: read of 3 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 294| break; # 295| case NFTNL_CHAIN_FLAGS: # 296|-> memcpy(&c->chain_flags, data, sizeof(c->chain_flags)); # 297| break; # 298| case NFTNL_CHAIN_ID: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:299:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:299:17: note: read of 3 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 297| break; # 298| case NFTNL_CHAIN_ID: # 299|-> memcpy(&c->chain_id, data, sizeof(c->chain_id)); # 300| break; # 301| case NFTNL_CHAIN_USERDATA: Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/bitwise.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/byteorder.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING (CWE-758): libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/data_reg.c:148: error[overlappingWriteUnion]: Overlapping read/write of union is undefined behavior # 146| if (type) # 147| *type = DATA_VERDICT; # 148|-> data->len = sizeof(data->verdict); # 149| break; # 150| case NFT_JUMP: Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/dynset.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/exthdr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/fib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/fwd.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/hash.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/immediate.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/inner.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/log.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/lookup.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/masq.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/nat.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/numgen.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/payload.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/queue.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: GCC_ANALYZER_WARNING (CWE-131): libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:148:33: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’ # 146| case NFTNL_FLOWTABLE_DEVICES: # 147| dev_array = (const char **)data; # 148|-> while (dev_array[len] != NULL) # 149| len++; # 150| Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c: scope_hint: In function ‘nftnl_flowtable_set_data’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:148:33: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:1: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:148:33: note: read of 4 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 146| case NFTNL_FLOWTABLE_DEVICES: # 147| dev_array = (const char **)data; # 148|-> while (dev_array[len] != NULL) # 149| len++; # 150| Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:162:43: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:162:43: note: read of 4 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 160| # 161| for (i = 0; i < len; i++) # 162|-> c->dev_array[i] = strdup(dev_array[i]); # 163| # 164| c->dev_array_len = len; Error: GCC_ANALYZER_WARNING (CWE-131): libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:162:59: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’ # 160| # 161| for (i = 0; i < len; i++) # 162|-> c->dev_array[i] = strdup(dev_array[i]); # 163| # 164| c->dev_array_len = len; Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:173:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:173:17: note: read of 4 bytes from after the end of ‘data’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 171| break; # 172| case NFTNL_FLOWTABLE_HANDLE: # 173|-> memcpy(&c->handle, data, sizeof(c->handle)); # 174| break; # 175| } Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/ct_expect.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/ct_timeout.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/limit.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/tunnel.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c: scope_hint: In function ‘nftnl_obj_set_data’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:124:28: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:9: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:124:28: note: read of 2 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 122| break; # 123| case NFTNL_OBJ_TYPE: # 124|-> obj->ops = nftnl_obj_ops_lookup(*((uint32_t *)data)); # 125| if (!obj->ops) # 126| return; Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:129:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:129:17: note: read of 3 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 127| break; # 128| case NFTNL_OBJ_FAMILY: # 129|-> memcpy(&obj->family, data, sizeof(obj->family)); # 130| break; # 131| case NFTNL_OBJ_USE: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:132:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:132:17: note: read of 3 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 130| break; # 131| case NFTNL_OBJ_USE: # 132|-> memcpy(&obj->use, data, sizeof(obj->use)); # 133| break; # 134| case NFTNL_OBJ_HANDLE: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:135:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:135:17: note: read of 4 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 133| break; # 134| case NFTNL_OBJ_HANDLE: # 135|-> memcpy(&obj->handle, data, sizeof(obj->handle)); # 136| break; # 137| case NFTNL_OBJ_USERDATA: Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c: scope_hint: In function ‘nftnl_rule_set_data’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:134:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:11: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:134:17: note: read of 4 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 132| break; # 133| case NFTNL_RULE_HANDLE: # 134|-> memcpy(&r->handle, data, sizeof(r->handle)); # 135| break; # 136| case NFTNL_RULE_COMPAT_PROTO: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:146:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:146:17: note: read of 4 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 144| break; # 145| case NFTNL_RULE_POSITION: # 146|-> memcpy(&r->position, data, sizeof(r->position)); # 147| break; # 148| case NFTNL_RULE_USERDATA: Error: CLANG_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:600:3: warning[deadcode.DeadStores]: Value stored to 'sep' is never read # 598| r->position_id); # 599| SNPRINTF_BUFFER_SIZE(ret, remain, offset); # 600|-> sep = " "; # 601| } # 602| Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/ruleset.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c: scope_hint: In function ‘nftnl_set_set_data’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:165:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:11: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:145:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:145:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:165:17: note: read of 4 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 163| break; # 164| case NFTNL_SET_HANDLE: # 165|-> memcpy(&s->handle, data, sizeof(s->handle)); # 166| break; # 167| case NFTNL_SET_FLAGS: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:208:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:145:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:145:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:208:17: note: read of 4 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 206| break; # 207| case NFTNL_SET_TIMEOUT: # 208|-> memcpy(&s->timeout, data, sizeof(s->timeout)); # 209| break; # 210| case NFTNL_SET_GC_INTERVAL: Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: GCC_ANALYZER_WARNING (CWE-476): libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: scope_hint: In function ‘nftnl_set_elem_get_u32’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c:265:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ # 263| uint32_t size, val; # 264| # 265|-> memcpy(&val, nftnl_set_elem_get(s, attr, &size), sizeof(val)); # 266| # 267| return val; Error: GCC_ANALYZER_WARNING (CWE-476): libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: scope_hint: In function ‘nftnl_set_elem_get_u64’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c:276:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ # 274| uint64_t val; # 275| # 276|-> memcpy(&val, nftnl_set_elem_get(s, attr, &size), sizeof(val)); # 277| # 278| return val; Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c: scope_hint: In function ‘nftnl_table_set_data’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:112:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:11: included_from: Included from here. libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:112:17: note: read of 4 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 110| break; # 111| case NFTNL_TABLE_HANDLE: # 112|-> memcpy(&t->handle, data, sizeof(t->handle)); # 113| break; # 114| case NFTNL_TABLE_FLAGS: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:115:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:115:17: note: read of 3 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 113| break; # 114| case NFTNL_TABLE_FLAGS: # 115|-> memcpy(&t->table_flags, data, sizeof(t->table_flags)); # 116| break; # 117| case NFTNL_TABLE_FAMILY: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:118:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:118:17: note: read of 3 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 116| break; # 117| case NFTNL_TABLE_FAMILY: # 118|-> memcpy(&t->family, data, sizeof(t->family)); # 119| break; # 120| case NFTNL_TABLE_USE: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:121:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:121:17: note: read of 3 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 119| break; # 120| case NFTNL_TABLE_USE: # 121|-> memcpy(&t->use, data, sizeof(t->use)); # 122| break; # 123| case NFTNL_TABLE_USERDATA: Error: GCC_ANALYZER_WARNING (CWE-126): libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:134:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:134:17: note: read of 3 bytes from after the end of ‘val’ # └──────────────────────────────────────────────────────────────────────┘ # ^ ^ # 132| break; # 133| case NFTNL_TABLE_OWNER: # 134|-> memcpy(&t->owner, data, sizeof(t->owner)); # 135| break; # 136| } Error: CPPCHECK_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/trace.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. Error: CPPCHECK_WARNING (CWE-476): libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c:83: warning[nullPointer]: Possible null pointer dereference: value # 81| attr->len = len; # 82| attr->type = type; # 83|-> memcpy(attr->value, value, len); # 84| # 85| buf->end = (char *)nftnl_udata_next(attr); Error: CLANG_WARNING: libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c:83:2: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull' # 81| attr->len = len; # 82| attr->type = type; # 83|-> memcpy(attr->value, value, len); # 84| # 85| buf->end = (char *)nftnl_udata_next(attr); Error: GCC_ANALYZER_WARNING (CWE-688): libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c: scope_hint: In function ‘nftnl_udata_put’ libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c:83:9: warning[-Wanalyzer-null-argument]: use of NULL ‘value’ where non-null expected <built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null # 81| attr->len = len; # 82| attr->type = type; # 83|-> memcpy(attr->value, value, len); # 84| # 85| buf->end = (char *)nftnl_udata_next(attr);