Task #83631 - gpgme-2.0.1-1.fc44/scan-results.err
back to task #83631download
Error: SHELLCHECK_WARNING (CWE-156):
/usr/bin/gpgme-config:2:28: warning[SC2046]: Quote this to prevent word splitting.
# 1| #!/usr/bin/sh
# 2|-> exec /usr/bin/gpgme-config.$(arch) $@
Error: SHELLCHECK_WARNING (CWE-88):
/usr/bin/gpgme-config:2:36: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
# 1| #!/usr/bin/sh
# 2|-> exec /usr/bin/gpgme-config.$(arch) $@
Error: SHELLCHECK_WARNING (CWE-563):
/usr/bin/gpgme-config.x86_64:41:1: warning[SC2034]: libs_pthread appears unused. Verify use (or export if used externally).
# 39| # thread modules variable.
# 40| thread_modules="$thread_modules pthread"
# 41|-> libs_pthread="-lpthread"
# 42| cflags_pthread=""
# 43|
Error: SHELLCHECK_WARNING (CWE-457):
/usr/bin/gpgme-config.x86_64:128:37: warning[SC2154]: assuan_cflags is referenced but not assigned.
# 126| esac
# 127| test "x$with_glib" = "xyes" && tmp_g="$cflags_glib"
# 128|-> for i in $cflags $tmp_c $assuan_cflags $gpg_error_cflags $tmp_g ; do
# 129| skip=no
# 130| case $i in
Error: SHELLCHECK_WARNING (CWE-457):
/usr/bin/gpgme-config.x86_64:164:35: warning[SC2154]: assuan_libs is referenced but not assigned.
# 162| ;;
# 163| esac
# 164|-> for i in $libs $tmp_l $assuan_libs $gpg_error_libs $tmp_x; do
# 165| skip=no
# 166| case $i in
Error: SHELLCHECK_WARNING (CWE-457):
/usr/bin/gpgme-config.x86_64:164:48: warning[SC2154]: gpg_error_libs is referenced but not assigned.
# 162| ;;
# 163| esac
# 164|-> for i in $libs $tmp_l $assuan_libs $gpg_error_libs $tmp_x; do
# 165| skip=no
# 166| case $i in
Error: CLANG_WARNING:
gpgme-2.0.1/doc/mkdefsinc.c:199:15: warning[unix.Malloc]: Potential leak of memory pointed to by 'opt_date'
# 197| {
# 198| opt_date = xstrdup (*argv);
# 199|-> argc--; argv++;
# 200| }
# 201| }
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/doc/mkdefsinc.c: scope_hint: In function ‘main’
gpgme-2.0.1/doc/mkdefsinc.c:199:27: warning[-Wanalyzer-malloc-leak]: leak of ‘opt_date’
# 197| {
# 198| opt_date = xstrdup (*argv);
# 199|-> argc--; argv++;
# 200| }
# 201| }
Error: CPPCHECK_WARNING (CWE-457):
gpgme-2.0.1/doc/mkdefsinc.c:289: warning[uninitvar]: Uninitialized variable: monthoff
# 287|
# 288| printf ("@set UPDATED %s\n", opt_date);
# 289|-> printf ("@set UPDATED-MONTH %s\n", opt_date + monthoff);
# 290| printf ("@set EDITION %s\n", PACKAGE_VERSION);
# 291| printf ("@set VERSION %s\n", PACKAGE_VERSION);
Error: CLANG_WARNING:
gpgme-2.0.1/doc/mkdefsinc.c:290:3: warning[unix.Malloc]: Potential leak of memory pointed to by 'opt_date'
# 288| printf ("@set UPDATED %s\n", opt_date);
# 289| printf ("@set UPDATED-MONTH %s\n", opt_date + monthoff);
# 290|-> printf ("@set EDITION %s\n", PACKAGE_VERSION);
# 291| printf ("@set VERSION %s\n", PACKAGE_VERSION);
# 292|
Error: CPPCHECK_WARNING (CWE-457):
gpgme-2.0.1/gpgmepy/build/gpgme_wrap.c:873: warning[uninitvar]: Uninitialized variable: buff
# 871| *r = 0;
# 872| }
# 873|-> return buff;
# 874| }
# 875|
Error: CPPCHECK_WARNING (CWE-476):
gpgme-2.0.1/gpgmepy/build/gpgme_wrap.c:1902: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
# 1900| SwigPyClientData *data = (SwigPyClientData *)malloc(sizeof(SwigPyClientData));
# 1901| /* the klass element */
# 1902|-> data->klass = obj;
# 1903| SWIG_Py_INCREF(data->klass);
# 1904| /* the newraw method and newargs arguments used to create a new raw instance */
Error: CPPCHECK_WARNING (CWE-476):
gpgme-2.0.1/gpgmepy/build/gpgme_wrap.c:1903: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
# 1901| /* the klass element */
# 1902| data->klass = obj;
# 1903|-> SWIG_Py_INCREF(data->klass);
# 1904| /* the newraw method and newargs arguments used to create a new raw instance */
# 1905| if (PyClass_Check(obj)) {
Error: CPPCHECK_WARNING (CWE-457):
gpgme-2.0.1/gpgmepy/build/gpgme_wrap.c:16651: error[legacyUninitvar]: Uninitialized variable: arg2
#16649| {
#16650| SWIG_PYTHON_THREAD_BEGIN_ALLOW;
#16651|-> result = gpgme_data_new_from_estream(arg1,arg2);
#16652| SWIG_PYTHON_THREAD_END_ALLOW;
#16653| }
Error: CLANG_WARNING:
gpgme-2.0.1/qgpgme/src/cryptoconfig.cpp:61:42: warning[core.CallAndMessage]: Called C++ object pointer is null
# 59| const QStringList groupNames = comp ? comp->groupList() : QStringList();
# 60| for (const auto &groupName : groupNames) {
# 61|-> const CryptoConfigGroup *group = comp->group(groupName);
# 62| CryptoConfigEntry *entry = group ? group->entry(entryName) : nullptr;
# 63| if (entry) {
Error: COMPILER_WARNING (CWE-252):
gpgme-2.0.1/qgpgme/tests/run-decryptverifyjob.cpp: scope_hint: In function ‘int main(int, char**)’
gpgme-2.0.1/qgpgme/tests/run-decryptverifyjob.cpp:117:21: warning[-Wunused-result]: ignoring return value of ‘bool QFile::open(FILE*, QIODeviceBase::OpenMode, QFileDevice::FileHandleFlags)’, declared with attribute ‘nodiscard’
# 117 | output->open(stdout, QIODevice::WriteOnly);
# | ~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/qt6/QtCore/QFile:1: included_from: Included from here.
gpgme-2.0.1/qgpgme/tests/run-decryptverifyjob.cpp:44: included_from: Included from here.
/usr/include/qt6/QtCore/qfile.h:293:32: note: declared here
# 293 | QFILE_MAYBE_NODISCARD bool open(FILE *f, OpenMode ioFlags, FileHandleFlags handleFlags=DontCloseHandle);
# | ^~~~
# 115| if (options.outputFile.isEmpty() || options.outputFile == QLatin1String{"-"}) {
# 116| output.reset(new QFile);
# 117|-> output->open(stdout, QIODevice::WriteOnly);
# 118| } else {
# 119| if (QFile::exists(options.outputFile)) {
Error: COMPILER_WARNING (CWE-252):
gpgme-2.0.1/qgpgme/tests/run-encryptarchivejob.cpp: scope_hint: In function ‘int main(int, char**)’
gpgme-2.0.1/qgpgme/tests/run-encryptarchivejob.cpp:143:21: warning[-Wunused-result]: ignoring return value of ‘bool QFile::open(FILE*, QIODeviceBase::OpenMode, QFileDevice::FileHandleFlags)’, declared with attribute ‘nodiscard’
# 143 | output->open(stdout, QIODevice::WriteOnly);
# | ~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/qt6/QtCore/qdir.h:11: included_from: Included from here.
/usr/include/qt6/QtCore/QDir:1: included_from: Included from here.
gpgme-2.0.1/qgpgme/tests/run-encryptarchivejob.cpp:45: included_from: Included from here.
/usr/include/qt6/QtCore/qfile.h:293:32: note: declared here
# 293 | QFILE_MAYBE_NODISCARD bool open(FILE *f, OpenMode ioFlags, FileHandleFlags handleFlags=DontCloseHandle);
# | ^~~~
# 141| if (options.archiveName.isEmpty() || options.archiveName == QLatin1String{"-"}) {
# 142| output.reset(new QFile);
# 143|-> output->open(stdout, QIODevice::WriteOnly);
# 144| } else {
# 145| outputFilePath = checkOutputFilePath(options.archiveName, options.baseDirectory);
Error: COMPILER_WARNING (CWE-252):
gpgme-2.0.1/qgpgme/tests/run-encryptjob.cpp: scope_hint: In function ‘int main(int, char**)’
gpgme-2.0.1/qgpgme/tests/run-encryptjob.cpp:121:21: warning[-Wunused-result]: ignoring return value of ‘bool QFile::open(FILE*, QIODeviceBase::OpenMode, QFileDevice::FileHandleFlags)’, declared with attribute ‘nodiscard’
# 121 | output->open(stdout, QIODevice::WriteOnly);
# | ~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/qt6/QtCore/QFile:1: included_from: Included from here.
gpgme-2.0.1/qgpgme/tests/run-encryptjob.cpp:45: included_from: Included from here.
/usr/include/qt6/QtCore/qfile.h:293:32: note: declared here
# 293 | QFILE_MAYBE_NODISCARD bool open(FILE *f, OpenMode ioFlags, FileHandleFlags handleFlags=DontCloseHandle);
# | ^~~~
# 119| if (options.outputFile.isEmpty() || options.outputFile == QLatin1String{"-"}) {
# 120| output.reset(new QFile);
# 121|-> output->open(stdout, QIODevice::WriteOnly);
# 122| } else {
# 123| if (QFile::exists(options.outputFile)) {
Error: COMPILER_WARNING (CWE-252):
gpgme-2.0.1/qgpgme/tests/run-signarchivejob.cpp: scope_hint: In function ‘int main(int, char**)’
gpgme-2.0.1/qgpgme/tests/run-signarchivejob.cpp:137:21: warning[-Wunused-result]: ignoring return value of ‘bool QFile::open(FILE*, QIODeviceBase::OpenMode, QFileDevice::FileHandleFlags)’, declared with attribute ‘nodiscard’
# 137 | output->open(stdout, QIODevice::WriteOnly);
# | ~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/qt6/QtCore/qdir.h:11: included_from: Included from here.
/usr/include/qt6/QtCore/QDir:1: included_from: Included from here.
gpgme-2.0.1/qgpgme/tests/run-signarchivejob.cpp:44: included_from: Included from here.
/usr/include/qt6/QtCore/qfile.h:293:32: note: declared here
# 293 | QFILE_MAYBE_NODISCARD bool open(FILE *f, OpenMode ioFlags, FileHandleFlags handleFlags=DontCloseHandle);
# | ^~~~
# 135| if (options.archiveName.isEmpty() || options.archiveName == QLatin1String{"-"}) {
# 136| output.reset(new QFile);
# 137|-> output->open(stdout, QIODevice::WriteOnly);
# 138| } else {
# 139| outputFilePath = checkOutputFilePath(options.archiveName, options.baseDirectory);
Error: COMPILER_WARNING (CWE-252):
gpgme-2.0.1/qgpgme/tests/run-signjob.cpp: scope_hint: In function ‘int main(int, char**)’
gpgme-2.0.1/qgpgme/tests/run-signjob.cpp:124:21: warning[-Wunused-result]: ignoring return value of ‘bool QFile::open(FILE*, QIODeviceBase::OpenMode, QFileDevice::FileHandleFlags)’, declared with attribute ‘nodiscard’
# 124 | output->open(stdout, QIODevice::WriteOnly);
# | ~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/qt6/QtCore/QFile:1: included_from: Included from here.
gpgme-2.0.1/qgpgme/tests/run-signjob.cpp:44: included_from: Included from here.
/usr/include/qt6/QtCore/qfile.h:293:32: note: declared here
# 293 | QFILE_MAYBE_NODISCARD bool open(FILE *f, OpenMode ioFlags, FileHandleFlags handleFlags=DontCloseHandle);
# | ^~~~
# 122| if (options.outputFile.isEmpty() || options.outputFile == QLatin1String{"-"}) {
# 123| output.reset(new QFile);
# 124|-> output->open(stdout, QIODevice::WriteOnly);
# 125| } else {
# 126| if (QFile::exists(options.outputFile) && !options.appendSignature) {
Error: COMPILER_WARNING (CWE-252):
gpgme-2.0.1/qgpgme/tests/run-verifyopaquejob.cpp: scope_hint: In function ‘int main(int, char**)’
gpgme-2.0.1/qgpgme/tests/run-verifyopaquejob.cpp:116:21: warning[-Wunused-result]: ignoring return value of ‘bool QFile::open(FILE*, QIODeviceBase::OpenMode, QFileDevice::FileHandleFlags)’, declared with attribute ‘nodiscard’
# 116 | output->open(stdout, QIODevice::WriteOnly);
# | ~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/qt6/QtCore/QFile:1: included_from: Included from here.
gpgme-2.0.1/qgpgme/tests/run-verifyopaquejob.cpp:44: included_from: Included from here.
/usr/include/qt6/QtCore/qfile.h:293:32: note: declared here
# 293 | QFILE_MAYBE_NODISCARD bool open(FILE *f, OpenMode ioFlags, FileHandleFlags handleFlags=DontCloseHandle);
# | ^~~~
# 114| if (options.outputFile.isEmpty() || options.outputFile == QLatin1String{"-"}) {
# 115| output.reset(new QFile);
# 116|-> output->open(stdout, QIODevice::WriteOnly);
# 117| } else {
# 118| if (QFile::exists(options.outputFile)) {
Error: CLANG_WARNING:
gpgme-2.0.1/src/conversion.c:637:30: warning[core.UndefinedBinaryOperatorResult]: The right operand of '==' is a garbage value
# 635|
# 636| tim = _gpgme_parse_timestamp (timestamp, &tail);
# 637|-> if (tim == -1 || timestamp == tail || (*tail && *tail != ' '))
# 638| tim = 0; /* No time given or invalid engine. */
# 639|
Error: CLANG_WARNING:
gpgme-2.0.1/src/data-compat.c:86:10: warning[unix.Stream]: File position of the stream might be 'indeterminate' after a failed operation. Can cause undefined behavior
# 84| }
# 85|
# 86|-> while (fread (buf, length, 1, stream) < 1
# 87| && ferror (stream) && errno == EINTR);
# 88| if (ferror (stream))
Error: GCC_ANALYZER_WARNING (CWE-465):
gpgme-2.0.1/src/data-identify.c: scope_hint: In function 'basic_detection'
gpgme-2.0.1/src/data-identify.c:453:20: warning[-Wanalyzer-deref-before-check]: check of 'data' for NULL after already dereferencing it
# 451|
# 452| /* Now check whether there are armor lines. */
# 453|-> for (s = data; s && *s; s = (*s=='\n')?(s+1):((s=strchr (s,'\n'))?(s+1):s))
# 454| {
# 455| if (!strncmp (s, "-----BEGIN ", 11))
Error: CLANG_WARNING:
gpgme-2.0.1/src/data-mem.c:104:3: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 102| }
# 103|
# 104|-> memcpy (dh->data.mem.buffer + dh->data.mem.offset, buffer, size);
# 105| dh->data.mem.offset += size;
# 106| if (dh->data.mem.length < dh->data.mem.offset)
Error: CLANG_WARNING:
gpgme-2.0.1/src/data-mem.c:275:14: warning[core.NullDereference]: Dereference of null pointer (loaded from variable 'str')
# 273| {
# 274| if (blankout && len)
# 275|-> *str = 0;
# 276| /* Prevent mem_release from releasing the buffer memory. We
# 277| * must not fail from this point. */
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/src/data.c: scope_hint: In function '_gpgme_data_inbound_handler'
gpgme-2.0.1/src/data.c:624:14: warning[-Wanalyzer-malloc-leak]: leak of 'malloc((long unsigned int)*dh.io_buffer_size)'
# 622| {
# 623| dh->inbound_buffer = malloc (dh->io_buffer_size);
# 624|-> if (!dh->inbound_buffer)
# 625| return TRACE_ERR (gpg_error_from_syserror ());
# 626| }
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/src/data.c: scope_hint: In function '_gpgme_data_outbound_handler'
gpgme-2.0.1/src/data.c:684:14: warning[-Wanalyzer-malloc-leak]: leak of 'malloc((long unsigned int)*dh.io_buffer_size)'
# 682| {
# 683| dh->outbound_buffer = malloc (dh->io_buffer_size);
# 684|-> if (!dh->outbound_buffer)
# 685| return TRACE_ERR (gpg_error_from_syserror ());
# 686| dh->outbound_pending = 0;
Error: CPPCHECK_WARNING (CWE-457):
gpgme-2.0.1/src/decrypt-verify.c:48: warning[uninitvar]: Uninitialized variable: err2
# 46| || (code == GPGME_STATUS_EOF && gpg_err_code (err) == GPG_ERR_NO_DATA))
# 47| err2 = _gpgme_verify_status_handler (priv, code, args);
# 48|-> return err ? err : err2;
# 49| }
# 50|
Error: CLANG_WARNING:
gpgme-2.0.1/src/engine-g13.c:457:6: warning[deadcode.DeadStores]: Value stored to 'rest' is never read
# 455| rest = strchr (line + 2, ' ');
# 456| if (!rest)
# 457|-> rest = line + linelen; /* set to an empty string */
# 458| else
# 459| *(rest++) = 0;
Error: CLANG_WARNING:
gpgme-2.0.1/src/engine-gpg.c:1349:10: warning[unix.Malloc]: Potential leak of memory pointed to by 'argv'
# 1347| after a malloc failure for a small object, it is
# 1348| probably better not to do anything. */
# 1349|-> return gpg_error (GPG_ERR_GENERAL);
# 1350| }
# 1351| /* If the data_type is FD, we have to do a dup2 here. */
Error: CLANG_WARNING:
gpgme-2.0.1/src/engine-gpg.c:1349:10: warning[unix.Malloc]: Potential leak of memory pointed to by 'fd_data_map'
# 1347| after a malloc failure for a small object, it is
# 1348| probably better not to do anything. */
# 1349|-> return gpg_error (GPG_ERR_GENERAL);
# 1350| }
# 1351| /* If the data_type is FD, we have to do a dup2 here. */
Error: CLANG_WARNING:
gpgme-2.0.1/src/engine-gpg.c:3412:8: warning[core.CallAndMessage]: 1st function call argument is an uninitialized value
# 3410| }
# 3411|
# 3412|-> if (!strcmp (field[0], "info"))
# 3413| rectype = RT_INFO;
# 3414| else if (!strcmp (field[0], "pub"))
Error: CLANG_WARNING:
gpgme-2.0.1/src/engine-gpg.c:3486:26: warning[core.CallAndMessage]: 1st function call argument is an uninitialized value
# 3484| most 4/3 th the number of bytes. But because we also need
# 3485| to escape the backslashes we allocate twice as much. */
# 3486|-> char *uid = malloc (2 * strlen (field[1]) + 1);
# 3487| char *src;
# 3488| char *dst;
Error: CLANG_WARNING:
gpgme-2.0.1/src/engine-gpg.c:3530:14: warning[unix.Malloc]: Potential leak of memory pointed to by 'dst'
# 3528| }
# 3529| }
# 3530|-> return 0;
# 3531|
# 3532| case RT_NONE:
Error: CLANG_WARNING:
gpgme-2.0.1/src/engine-gpg.c:3573:7: warning[deadcode.DeadStores]: Value stored to 'err' is never read
# 3571| if (!err && (mode & GPGME_KEYLIST_MODE_WITH_SECRET))
# 3572| {
# 3573|-> err = add_arg (gpg, "--with-secret");
# 3574| err = add_arg (gpg, "--with-keygrip");
# 3575| }
Error: CLANG_WARNING:
gpgme-2.0.1/src/engine-gpg.c:4025:13: warning[deadcode.DeadStores]: Value stored to 'err' is never read
# 4023| err = add_arg (gpg, "--directory");
# 4024| if (!err)
# 4025|-> err = add_file_name_arg (gpg, file_name);
# 4026| }
# 4027| /* gpgtar uses --decrypt also for signed-only archives */
Error: CLANG_WARNING:
gpgme-2.0.1/src/engine-gpg.c:4041:9: warning[deadcode.DeadStores]: Value stored to 'err' is never read
# 4039| const char *output = gpgme_data_get_file_name (plaintext);
# 4040| if (have_gpg_version (gpg, "2.1.16"))
# 4041|-> err = add_arg (gpg, "--verify");
# 4042| err = add_arg (gpg, "--output");
# 4043| if (!err && output)
Error: CLANG_WARNING:
gpgme-2.0.1/src/engine-gpgconf.c:1041:5: warning[deadcode.DeadStores]: Value stored to 'err' is never read
# 1039|
# 1040| if (!err)
# 1041|-> err = gpg_error(GPG_ERR_NOT_FOUND);
# 1042| return 0;
# 1043| }
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/src/engine-gpgsm.c: scope_hint: In function 'gpgsm_export.part.0'
gpgme-2.0.1/src/engine-gpgsm.c:1690:12: warning[-Wanalyzer-malloc-leak]: leak of 'cmd'
# 1688| : map_data_enc (gpgsm->output_cb.data));
# 1689| if (err)
# 1690|-> return err;
# 1691| gpgsm_clear_fd (gpgsm, INPUT_FD);
# 1692| gpgsm_clear_fd (gpgsm, MESSAGE_FD);
Error: CLANG_WARNING:
gpgme-2.0.1/src/engine-gpgsm.c:1690:12: warning[unix.Malloc]: Potential leak of memory pointed to by 'cmd'
# 1688| : map_data_enc (gpgsm->output_cb.data));
# 1689| if (err)
# 1690|-> return err;
# 1691| gpgsm_clear_fd (gpgsm, INPUT_FD);
# 1692| gpgsm_clear_fd (gpgsm, MESSAGE_FD);
Error: CLANG_WARNING:
gpgme-2.0.1/src/engine-gpgsm.c:1802:12: warning[unix.Malloc]: Potential leak of memory pointed to by 'line'
# 1800| : map_data_enc (gpgsm->output_cb.data));
# 1801| if (err)
# 1802|-> return err;
# 1803| gpgsm_clear_fd (gpgsm, INPUT_FD);
# 1804| gpgsm_clear_fd (gpgsm, MESSAGE_FD);
Error: CLANG_WARNING:
gpgme-2.0.1/src/engine.c:378:26: warning[core.NullDereference]: Access to field 'protocol' results in a dereference of a null pointer
# 376| }
# 377|
# 378|-> (*lastp)->protocol = info->protocol;
# 379| (*lastp)->file_name = file_name;
# 380| (*lastp)->home_dir = home_dir;
Error: CLANG_WARNING:
gpgme-2.0.1/src/export.c:207:3: warning[deadcode.DeadStores]: Value stored to 'opd' is never read
# 205| err = _gpgme_op_data_lookup (ctx, OPDATA_EXPORT, &hook,
# 206| sizeof (*opd), release_op_data);
# 207|-> opd = hook;
# 208| if (err)
# 209| return err;
Error: CLANG_WARNING:
gpgme-2.0.1/src/export.c:282:3: warning[deadcode.DeadStores]: Value stored to 'opd' is never read
# 280| err = _gpgme_op_data_lookup (ctx, OPDATA_EXPORT, &hook,
# 281| sizeof (*opd), release_op_data);
# 282|-> opd = hook;
# 283| if (err)
# 284| return err;
Error: CLANG_WARNING:
gpgme-2.0.1/src/genkey.c:349:3: warning[deadcode.DeadStores]: Value stored to 'opd' is never read
# 347| err = _gpgme_op_data_lookup (ctx, OPDATA_GENKEY, &hook,
# 348| sizeof (*opd), release_op_data);
# 349|-> opd = hook;
# 350| if (err)
# 351| return err;
Error: CLANG_WARNING:
gpgme-2.0.1/src/genkey.c:648:12: warning[deadcode.DeadStores]: Although the value stored to 'err' is used in the enclosing expression, the value is never actually read from 'err'
# 646| }
# 647| else
# 648|-> return err = gpg_error (GPG_ERR_UNKNOWN_NAME);
# 649|
# 650| if (synchronous && !err)
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-json.c:139:7: warning[deadcode.DeadStores]: Value stored to 'n' is never read
# 137| *p++ = *s++;
# 138| *p = 0;
# 139|-> n = p - line;
# 140| }
# 141|
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-json.c:215:24: warning[core.NullDereference]: Access to field 'type' results in a dereference of a null pointer (loaded from variable 'j_msg')
# 213| {
# 214| j_msg = cJSON_GetObjectItem (json, "msg");
# 215|-> if (j_msg || cjson_is_string (j_msg))
# 216| {
# 217| msg = j_msg->valuestring;
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-json.c:419:11: warning[deadcode.DeadStores]: Value stored to 'err' is never read
# 417| if (!request)
# 418| {
# 419|-> err = gpg_error_from_syserror ();
# 420| log_error ("error reading request: Not enough memory for %zu MiB)\n",
# 421| (size_t)nrequest / (1024*1024));
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-json.c:698:29: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 696| exit (1);
# 697| }
# 698|-> cmd_identify (argc && strcmp (*argv, "-")? *argv : NULL);
# 699| break;
# 700|
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-tool.c:331:3: warning[core.VLASize]: Declared variable-length array (VLA) has negative size
# 329| result_xml_indent (struct result_xml_state *state)
# 330| {
# 331|-> char spaces[state->indent + 1];
# 332| int i;
# 333| for (i = 0; i < state->indent; i++)
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-tool.c:1472:3: warning[core.CallAndMessage]: 10th function call argument is an uninitialized value
# 1470| modes[idx++] = NULL;
# 1471|
# 1472|-> gt_write_status (gt, STATUS_KEYLIST_MODE, modes[0], modes[1], modes[2],
# 1473| modes[3], modes[4], modes[5], modes[6], modes[7], modes[8],
# 1474| modes[9], modes[10], NULL);
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-tool.c:1472:3: warning[core.CallAndMessage]: 11th function call argument is an uninitialized value
# 1470| modes[idx++] = NULL;
# 1471|
# 1472|-> gt_write_status (gt, STATUS_KEYLIST_MODE, modes[0], modes[1], modes[2],
# 1473| modes[3], modes[4], modes[5], modes[6], modes[7], modes[8],
# 1474| modes[9], modes[10], NULL);
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-tool.c:1472:3: warning[core.CallAndMessage]: 12th function call argument is an uninitialized value
# 1470| modes[idx++] = NULL;
# 1471|
# 1472|-> gt_write_status (gt, STATUS_KEYLIST_MODE, modes[0], modes[1], modes[2],
# 1473| modes[3], modes[4], modes[5], modes[6], modes[7], modes[8],
# 1474| modes[9], modes[10], NULL);
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-tool.c:1472:3: warning[core.CallAndMessage]: 13th function call argument is an uninitialized value
# 1470| modes[idx++] = NULL;
# 1471|
# 1472|-> gt_write_status (gt, STATUS_KEYLIST_MODE, modes[0], modes[1], modes[2],
# 1473| modes[3], modes[4], modes[5], modes[6], modes[7], modes[8],
# 1474| modes[9], modes[10], NULL);
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-tool.c:1472:3: warning[core.CallAndMessage]: 4th function call argument is an uninitialized value
# 1470| modes[idx++] = NULL;
# 1471|
# 1472|-> gt_write_status (gt, STATUS_KEYLIST_MODE, modes[0], modes[1], modes[2],
# 1473| modes[3], modes[4], modes[5], modes[6], modes[7], modes[8],
# 1474| modes[9], modes[10], NULL);
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-tool.c:1472:3: warning[core.CallAndMessage]: 5th function call argument is an uninitialized value
# 1470| modes[idx++] = NULL;
# 1471|
# 1472|-> gt_write_status (gt, STATUS_KEYLIST_MODE, modes[0], modes[1], modes[2],
# 1473| modes[3], modes[4], modes[5], modes[6], modes[7], modes[8],
# 1474| modes[9], modes[10], NULL);
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-tool.c:1472:3: warning[core.CallAndMessage]: 6th function call argument is an uninitialized value
# 1470| modes[idx++] = NULL;
# 1471|
# 1472|-> gt_write_status (gt, STATUS_KEYLIST_MODE, modes[0], modes[1], modes[2],
# 1473| modes[3], modes[4], modes[5], modes[6], modes[7], modes[8],
# 1474| modes[9], modes[10], NULL);
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-tool.c:1472:3: warning[core.CallAndMessage]: 7th function call argument is an uninitialized value
# 1470| modes[idx++] = NULL;
# 1471|
# 1472|-> gt_write_status (gt, STATUS_KEYLIST_MODE, modes[0], modes[1], modes[2],
# 1473| modes[3], modes[4], modes[5], modes[6], modes[7], modes[8],
# 1474| modes[9], modes[10], NULL);
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-tool.c:1472:3: warning[core.CallAndMessage]: 8th function call argument is an uninitialized value
# 1470| modes[idx++] = NULL;
# 1471|
# 1472|-> gt_write_status (gt, STATUS_KEYLIST_MODE, modes[0], modes[1], modes[2],
# 1473| modes[3], modes[4], modes[5], modes[6], modes[7], modes[8],
# 1474| modes[9], modes[10], NULL);
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-tool.c:1472:3: warning[core.CallAndMessage]: 9th function call argument is an uninitialized value
# 1470| modes[idx++] = NULL;
# 1471|
# 1472|-> gt_write_status (gt, STATUS_KEYLIST_MODE, modes[0], modes[1], modes[2],
# 1473| modes[3], modes[4], modes[5], modes[6], modes[7], modes[8],
# 1474| modes[9], modes[10], NULL);
Error: CLANG_WARNING:
gpgme-2.0.1/src/gpgme-tool.c:1694:15: warning[deadcode.DeadStores]: Value stored to 's' during its initialization is never read
# 1692| gt_identify (gpgme_tool_t gt, gpgme_data_t data)
# 1693| {
# 1694|-> const char *s = "?";
# 1695|
# 1696| switch (gpgme_data_identify (data, 0))
Error: CPPCHECK_WARNING (CWE-562):
gpgme-2.0.1/src/gpgme-tool.c:3314: error[autoVariables]: Address of local auto-variable assigned to a function parameter.
# 3312| server.gt = gt;
# 3313| gt->write_status = server_write_status;
# 3314|-> gt->write_status_hook = &server;
# 3315| gt->write_data = server_write_data;
# 3316| gt->write_data_hook = &server;
Error: CPPCHECK_WARNING (CWE-562):
gpgme-2.0.1/src/gpgme-tool.c:3316: error[autoVariables]: Address of local auto-variable assigned to a function parameter.
# 3314| gt->write_status_hook = &server;
# 3315| gt->write_data = server_write_data;
# 3316|-> gt->write_data_hook = &server;
# 3317|
# 3318| /* We use a pipe based server so that we can work from scripts.
Error: CLANG_WARNING:
gpgme-2.0.1/src/json-core.c:468:12: warning[deadcode.DeadStores]: Although the value stored to 'err' is used in the enclosing expression, the value is never actually read from 'err'
# 466| }
# 467|
# 468|-> while (!(err = gpgme_op_keylist_next (ctx, &key)))
# 469| {
# 470| if (!key || !key->fpr)
Error: CLANG_WARNING:
gpgme-2.0.1/src/json-core.c:1465:16: warning[deadcode.DeadStores]: Although the value stored to 'err' is used in the enclosing expression, the value is never actually read from 'err'
# 1463| goto leave;
# 1464| }
# 1465|-> while (!(err = gpgme_op_keylist_next (keylist_ctx, &key)))
# 1466| {
# 1467| if ((err = gpgme_signers_add (ctx, key)))
Error: CLANG_WARNING:
gpgme-2.0.1/src/json-core.c:1788:12: warning[deadcode.DeadStores]: Although the value stored to 'err' is used in the enclosing expression, the value is never actually read from 'err'
# 1786| goto leave;
# 1787| }
# 1788|-> while (!(err = gpgme_op_keylist_next (keylist_ctx, &key)))
# 1789| {
# 1790| if ((err = gpgme_signers_add (ctx, key)))
Error: CLANG_WARNING:
gpgme-2.0.1/src/json-core.c:2265:12: warning[deadcode.DeadStores]: Although the value stored to 'err' is used in the enclosing expression, the value is never actually read from 'err'
# 2263| }
# 2264|
# 2265|-> while (!(err = gpgme_op_keylist_next (ctx, &key)))
# 2266| {
# 2267| cJSON_AddItemToArray (keyarray, key_to_json (key));
Error: CLANG_WARNING:
gpgme-2.0.1/src/json-core.c:2626:3: warning[deadcode.DeadStores]: Value stored to 'comp' is never read
# 2624| }
# 2625|
# 2626|-> comp = conf;
# 2627| for (comp = conf; comp; comp = comp->next)
# 2628| {
Error: CLANG_WARNING:
gpgme-2.0.1/src/json-core.c:2727:3: warning[deadcode.DeadStores]: Value stored to 'comp' is never read
# 2725|
# 2726| j_comps = xjson_CreateArray ();
# 2727|-> comp = conf;
# 2728| for (comp = conf; comp; comp = comp->next)
# 2729| {
Error: CLANG_WARNING:
gpgme-2.0.1/src/json-util.c:59:15: warning[deadcode.DeadStores]: Value stored to 's' during its initialization is never read
# 57| data_type_to_string (gpgme_data_type_t dt)
# 58| {
# 59|-> const char *s = "[?]";
# 60|
# 61| switch (dt)
Error: CLANG_WARNING:
gpgme-2.0.1/src/json-util.c:95:9: warning[deadcode.DeadStores]: Although the value stored to 'j_tmp' is used in the enclosing expression, the value is never actually read from 'j_tmp'
# 93| response = json? json : xjson_CreateObject ();
# 94|
# 95|-> if (!(j_tmp = cJSON_GetObjectItem (response, "type")))
# 96| xjson_AddStringToObject (response, "type", "error");
# 97| else /* Replace existing "type". */
Error: GCC_ANALYZER_WARNING (CWE-457):
gpgme-2.0.1/src/key.c: scope_hint: In function 'gpgme_key_from_uid'
gpgme-2.0.1/src/key.c:470:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'key'
# 468|
# 469| /* Note: protocol doesn't matter if only email is provided. */
# 470|-> err = _gpgme_key_append_name (key, name, 0);
# 471| if (err)
# 472| gpgme_key_unref (key);
Error: CLANG_WARNING:
gpgme-2.0.1/src/keylist.c:1406:3: warning[deadcode.DeadStores]: Value stored to 'opd' is never read
# 1404| err = _gpgme_op_data_lookup (ctx, OPDATA_KEYLIST, &hook,
# 1405| sizeof (*opd), release_op_data);
# 1406|-> opd = hook;
# 1407| if (err)
# 1408| return TRACE_ERR (err);
Error: CLANG_WARNING:
gpgme-2.0.1/src/keysign.c:168:3: warning[deadcode.DeadStores]: Value stored to 'opd' is never read
# 166| err = _gpgme_op_data_lookup (ctx, OPDATA_KEYSIGN, &hook,
# 167| sizeof (*opd), release_op_data);
# 168|-> opd = hook;
# 169| if (err)
# 170| return err;
Error: CLANG_WARNING:
gpgme-2.0.1/src/op-support.c:129:7: warning[deadcode.DeadStores]: Value stored to 'err' is never read
# 127| if (!reuse_engine)
# 128| {
# 129|-> err = 0;
# 130| #ifdef LC_CTYPE
# 131| err = _gpgme_engine_set_locale (ctx->engine, LC_CTYPE, ctx->lc_ctype);
Error: CLANG_WARNING:
gpgme-2.0.1/src/posix-io.c:471:7: warning[deadcode.DeadStores]: Value stored to 'source' is never read
# 469| if (fds == -1 && max_fds_fallback >= 0)
# 470| {
# 471|-> source = "fallback";
# 472| return max_fds_fallback;
# 473| }
Error: CLANG_WARNING:
gpgme-2.0.1/src/posix-io.c:645:14: warning[unix.StdCLibraryFunctions]: The 1st argument to 'dup2' is < 0 but should be >= 0
# 643| continue;
# 644|
# 645|-> res = dup2 (fd_list[i].fd, fd_list[i].dup_to);
# 646| if (res < 0)
# 647| {
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-2.0.1/src/posix-io.c: scope_hint: In function '_gpgme_io_spawn'
gpgme-2.0.1/src/posix-io.c:670:38: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/dev/null", 2)'
# 668| }
# 669| /* Make sure that the process has connected stdin. */
# 670|-> if (! seen_stdin && fd != 0)
# 671| {
# 672| if (dup2 (fd, 0) == -1)
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-2.0.1/src/posix-io.c:672:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 0)'
# 670| if (! seen_stdin && fd != 0)
# 671| {
# 672|-> if (dup2 (fd, 0) == -1)
# 673| _exit (8);
# 674| }
Error: GCC_ANALYZER_WARNING:
gpgme-2.0.1/src/posix-io.c:672:23: warning[-Wanalyzer-fd-use-without-check]: 'dup2' on possibly invalid file descriptor '0'
# 670| if (! seen_stdin && fd != 0)
# 671| {
# 672|-> if (dup2 (fd, 0) == -1)
# 673| _exit (8);
# 674| }
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-2.0.1/src/posix-io.c:677:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 1)'
# 675| if (! seen_stdout && fd != 1)
# 676| {
# 677|-> if (dup2 (fd, 1) == -1)
# 678| _exit (8);
# 679| }
Error: GCC_ANALYZER_WARNING:
gpgme-2.0.1/src/posix-io.c:677:23: warning[-Wanalyzer-fd-use-without-check]: 'dup2' on possibly invalid file descriptor '1'
# 675| if (! seen_stdout && fd != 1)
# 676| {
# 677|-> if (dup2 (fd, 1) == -1)
# 678| _exit (8);
# 679| }
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-2.0.1/src/posix-io.c:682:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open("/dev/null", 2), 2)'
# 680| if (! seen_stderr && fd != 2)
# 681| {
# 682|-> if (dup2 (fd, 2) == -1)
# 683| _exit (8);
# 684| }
Error: CLANG_WARNING:
gpgme-2.0.1/src/revsig.c:160:3: warning[deadcode.DeadStores]: Value stored to 'opd' is never read
# 158| err = _gpgme_op_data_lookup (ctx, OPDATA_REVSIG, &hook, sizeof (*opd),
# 159| NULL);
# 160|-> opd = hook;
# 161| if (err)
# 162| return err;
Error: CLANG_WARNING:
gpgme-2.0.1/src/setexpire.c:151:3: warning[deadcode.DeadStores]: Value stored to 'opd' is never read
# 149| err = _gpgme_op_data_lookup (ctx, OPDATA_SETEXPIRE, &hook, sizeof (*opd),
# 150| NULL);
# 151|-> opd = hook;
# 152| if (err)
# 153| return err;
Error: CLANG_WARNING:
gpgme-2.0.1/src/setownertrust.c:149:3: warning[deadcode.DeadStores]: Value stored to 'opd' is never read
# 147| err = _gpgme_op_data_lookup (ctx, OPDATA_SETOWNERTRUST, &hook, sizeof (*opd),
# 148| NULL);
# 149|-> opd = hook;
# 150| if (err)
# 151| return err;
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/src/sign.c:207:12: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
# 205| sig = malloc (sizeof (*sig));
# 206| if (!sig)
# 207|-> return gpg_error_from_syserror ();
# 208|
# 209| sig->next = NULL;
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/src/sign.c: scope_hint: In function 'parse_sig_created'
gpgme-2.0.1/src/sign.c:207:12: warning[-Wanalyzer-malloc-leak]: leak of 'sig'
# 205| sig = malloc (sizeof (*sig));
# 206| if (!sig)
# 207|-> return gpg_error_from_syserror ();
# 208|
# 209| sig->next = NULL;
Error: GCC_ANALYZER_WARNING (CWE-787):
gpgme-2.0.1/src/signers.c: scope_hint: In function 'gpgme_signers_add'
gpgme-2.0.1/src/signers.c:85:19: warning[-Wanalyzer-out-of-bounds]: buffer overflow
# 83| return TRACE_ERR (gpg_error_from_syserror ());
# 84| for (j = ctx->signers_size; j < n; j++)
# 85|-> newarr[j] = NULL;
# 86| ctx->signers = newarr;
# 87| ctx->signers_size = n;
Error: CLANG_WARNING:
gpgme-2.0.1/src/tofupolicy.c:141:3: warning[deadcode.DeadStores]: Value stored to 'opd' is never read
# 139| err = _gpgme_op_data_lookup (ctx, OPDATA_TOFU_POLICY, &hook,
# 140| sizeof (*opd), NULL);
# 141|-> opd = hook;
# 142| if (err)
# 143| return err;
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/src/verify.c: scope_hint: In function 'parse_valid_sig'
gpgme-2.0.1/src/verify.c:429:6: warning[-Wanalyzer-malloc-leak]: leak of '*sig.fpr'
# 427| free (sig->fpr);
# 428| sig->fpr = strdup (args);
# 429|-> if (!sig->fpr)
# 430| return gpg_error_from_syserror ();
# 431|
Error: GCC_ANALYZER_WARNING (CWE-688):
gpgme-2.0.1/src/verify.c:433:9: warning[-Wanalyzer-null-argument]: use of NULL 'end' where non-null expected
<built-in>: note: argument 1 of '__builtin_strchr' must be non-null
# 431|
# 432| /* Skip the creation date. */
# 433|-> end = strchr (end, ' ');
# 434| if (end)
# 435| {
Error: CLANG_WARNING:
gpgme-2.0.1/src/verify.c:433:9: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 431|
# 432| /* Skip the creation date. */
# 433|-> end = strchr (end, ' ');
# 434| if (end)
# 435| {
Error: CLANG_WARNING:
gpgme-2.0.1/src/verify.c:480:5: warning[deadcode.DeadStores]: Value stored to 'end' is never read
# 478| if (errno || end == tail || *tail != ' ')
# 479| return trace_gpg_error (GPG_ERR_INV_ENGINE);
# 480|-> end = tail;
# 481| }
# 482| }
Error: CLANG_WARNING:
gpgme-2.0.1/src/verify.c:556:4: warning[deadcode.DeadStores]: Value stored to 'lastp' is never read
# 554| while (notation && notation->next)
# 555| {
# 556|-> lastp = ¬ation->next;
# 557| notation = notation->next;
# 558| }
Error: CLANG_WARNING:
gpgme-2.0.1/src/verify.c:589:4: warning[deadcode.DeadStores]: Value stored to 'lastp' is never read
# 587| while (notation && notation->next)
# 588| {
# 589|-> lastp = ¬ation->next;
# 590| notation = notation->next;
# 591| }
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/src/verify.c: scope_hint: In function 'parse_tofu_user'
gpgme-2.0.1/src/verify.c:757:10: warning[-Wanalyzer-malloc-leak]: leak of 'fpr'
# 755| free (fpr);
# 756| free (address);
# 757|-> return err;
# 758| }
# 759|
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/src/verify.c: scope_hint: In function '_gpgme_verify_status_handler'
gpgme-2.0.1/src/verify.c:1014:24: warning[-Wanalyzer-malloc-leak]: leak of '*sig.pka_address'
# 1012| if (end)
# 1013| *end = 0;
# 1014|-> sig->pka_address = strdup (args);
# 1015| break;
# 1016|
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-2.0.1/src/verify.c: scope_hint: In function 'gpgme_get_sig_key'
gpgme-2.0.1/src/verify.c:1239:7: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-2.0.1/src/verify.c:32: included_from: Included from here.
gpgme-2.0.1/src/verify.c:100:7: note: in expansion of macro 'TRACE_SUC'
# 1237|
# 1238| result = gpgme_op_verify_result (ctx);
# 1239|-> sig = result->signatures;
# 1240|
# 1241| while (sig && idx)
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-2.0.1/src/verify.c: scope_hint: In function 'gpgme_get_sig_status'
gpgme-2.0.1/src/verify.c:1265:7: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
gpgme-2.0.1/src/verify.c:100:7: note: in expansion of macro 'TRACE_SUC'
# 1263|
# 1264| result = gpgme_op_verify_result (ctx);
# 1265|-> sig = result->signatures;
# 1266|
# 1267| while (sig && idx)
Error: CLANG_WARNING:
gpgme-2.0.1/src/vfs-create.c:133:18: warning[core.NullDereference]: Array access (from variable 'recp') results in a null pointer dereference
# 131|
# 132| i = 0;
# 133|-> while (!err && recp[i])
# 134| {
# 135| if (!recp[i]->subkeys || !recp[i]->subkeys->fpr)
Error: CLANG_WARNING:
gpgme-2.0.1/src/vfs-mount.c:107:3: warning[deadcode.DeadStores]: Value stored to 'opd' is never read
# 105| err = _gpgme_op_data_lookup (ctx, OPDATA_VFS_MOUNT, &hook, sizeof (*opd),
# 106| NULL);
# 107|-> opd = hook;
# 108| if (err)
# 109| return err;
Error: CLANG_WARNING:
gpgme-2.0.1/src/wait.c:139:3: warning[unix.Malloc]: Potential leak of memory pointed to by 'item'
# 137| }
# 138|
# 139|-> TRACE (DEBUG_CTX, "_gpgme_add_io_cb", ctx,
# 140| "fd=%d, dir=%d -> tag=%p", fd, dir, tag);
# 141|
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/src/wait.c: scope_hint: In function '_gpgme_add_io_cb'
gpgme-2.0.1/src/wait.c:142:10: warning[-Wanalyzer-malloc-leak]: leak of 'item'
gpgme-2.0.1/src/wait.c:27: included_from: Included from here.
gpgme-2.0.1/src/wait.c:40: included_from: Included from here.
gpgme-2.0.1/src/wait.c:139:3: note: in expansion of macro 'TRACE'
# 140| "fd=%d, dir=%d -> tag=%p", fd, dir, tag);
# 141|
# 142|-> *r_tag = tag;
# 143| return 0;
# 144| }
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/gpg/t-import.c:230:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("pubkey-1.asc")’
gpgme-2.0.1/tests/gpg/t-support.h:219:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpg/t-import.c:228:3: note: in expansion of macro ‘fail_if_err’
# 228| fail_if_err (err);
# 229|
# 230|-> err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");
# 231| fail_if_err (err);
# 232|
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/gpg/t-import.c:230:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("seckey-1.asc")’
gpgme-2.0.1/tests/gpg/t-support.h:219:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpg/t-import.c:228:3: note: in expansion of macro ‘fail_if_err’
# 228| fail_if_err (err);
# 229|
# 230|-> err = gpgme_set_ctx_flag (ctx, "key-origin", "wkd,https://openpgpkey.gnupg.org");
# 231| fail_if_err (err);
# 232|
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist-secret-sig.c:366:39: warning[core.NullDereference]: Access to field 'comment' results in a dereference of a null pointer (loaded from field 'uids')
# 364| }
# 365| if (keys[i].uid[0].comment
# 366|-> && strcmp (keys[i].uid[0].comment, key->uids->comment))
# 367| {
# 368| fprintf (stderr, "Unexpected comment in first user ID: %s\n",
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist-secret-sig.c:373:37: warning[core.NullDereference]: Access to field 'email' results in a dereference of a null pointer (loaded from field 'uids')
# 371| }
# 372| if (keys[i].uid[0].email
# 373|-> && strcmp (keys[i].uid[0].email, key->uids->email))
# 374| {
# 375| fprintf (stderr, "Unexpected email in first user ID: %s\n",
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist-secret-sig.c:384:38: warning[core.NullDereference]: Access to field 'signatures' results in a dereference of a null pointer (loaded from field 'uids')
# 382| exit (1);
# 383| }
# 384|-> if (keys[i].uid[0].sig.algo != key->uids->signatures->pubkey_algo)
# 385| {
# 386| fprintf (stderr, "Unexpected algorithm in first user ID sig: %s\n",
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist-sig.c:366:39: warning[core.NullDereference]: Access to field 'comment' results in a dereference of a null pointer (loaded from field 'uids')
# 364| }
# 365| if (keys[i].uid[0].comment
# 366|-> && strcmp (keys[i].uid[0].comment, key->uids->comment))
# 367| {
# 368| fprintf (stderr, "Unexpected comment in first user ID: %s\n",
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist-sig.c:373:37: warning[core.NullDereference]: Access to field 'email' results in a dereference of a null pointer (loaded from field 'uids')
# 371| }
# 372| if (keys[i].uid[0].email
# 373|-> && strcmp (keys[i].uid[0].email, key->uids->email))
# 374| {
# 375| fprintf (stderr, "Unexpected email in first user ID: %s\n",
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist-sig.c:384:38: warning[core.NullDereference]: Access to field 'signatures' results in a dereference of a null pointer (loaded from field 'uids')
# 382| exit (1);
# 383| }
# 384|-> if (keys[i].uid[0].sig.algo != key->uids->signatures->pubkey_algo)
# 385| {
# 386| fprintf (stderr, "Unexpected algorithm in first user ID sig: %s\n",
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist.c:345:7: warning[core.NullDereference]: Access to field 'revoked' results in a dereference of a null pointer (loaded from field 'next')
# 343|
# 344| /* Secondary key. */
# 345|-> if (key->subkeys->next->revoked)
# 346| {
# 347| fprintf (stderr, "Secondary key unexpectedly revoked\n");
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist.c:472:44: warning[core.NullDereference]: Access to field 'comment' results in a dereference of a null pointer (loaded from field 'uids')
# 470| }
# 471| if (key_info->uid[0].comment
# 472|-> && strcmp (key_info->uid[0].comment, key->uids->comment))
# 473| {
# 474| fprintf (stderr, "Unexpected comment in first user ID: %s\n",
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist.c:479:42: warning[core.NullDereference]: Access to field 'email' results in a dereference of a null pointer (loaded from field 'uids')
# 477| }
# 478| if (key_info->uid[0].email
# 479|-> && strcmp (key_info->uid[0].email, key->uids->email))
# 480| {
# 481| fprintf (stderr, "Unexpected email in first user ID: %s\n",
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist.c:508:41: warning[core.NullDereference]: Access to field 'next' results in a dereference of a null pointer (loaded from field 'uids')
# 506| }
# 507| if (key_info->uid[1].name
# 508|-> && strcmp (key_info->uid[1].name, key->uids->next->name))
# 509| {
# 510| fprintf (stderr, "Unexpected name in second user ID: %s\n",
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist.c:515:44: warning[core.NullDereference]: Access to field 'comment' results in a dereference of a null pointer (loaded from field 'next')
# 513| }
# 514| if (key_info->uid[1].comment
# 515|-> && strcmp (key_info->uid[1].comment, key->uids->next->comment))
# 516| {
# 517| fprintf (stderr, "Unexpected comment in second user ID: %s\n",
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist.c:515:44: warning[core.NullDereference]: Access to field 'next' results in a dereference of a null pointer (loaded from field 'uids')
# 513| }
# 514| if (key_info->uid[1].comment
# 515|-> && strcmp (key_info->uid[1].comment, key->uids->next->comment))
# 516| {
# 517| fprintf (stderr, "Unexpected comment in second user ID: %s\n",
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist.c:522:42: warning[core.NullDereference]: Access to field 'email' results in a dereference of a null pointer (loaded from field 'next')
# 520| }
# 521| if (key_info->uid[1].email
# 522|-> && strcmp (key_info->uid[1].email, key->uids->next->email))
# 523| {
# 524| fprintf (stderr, "Unexpected email in second user ID: %s\n",
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist.c:522:42: warning[core.NullDereference]: Access to field 'next' results in a dereference of a null pointer (loaded from field 'uids')
# 520| }
# 521| if (key_info->uid[1].email
# 522|-> && strcmp (key_info->uid[1].email, key->uids->next->email))
# 523| {
# 524| fprintf (stderr, "Unexpected email in second user ID: %s\n",
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-keylist.c:672:3: warning[deadcode.DeadStores]: Value stored to 'err' is never read
# 670| fail_if_err (err);
# 671|
# 672|-> err = gpgme_op_keylist_from_data_start (ctx, data, 0);
# 673|
# 674| while (!(err = gpgme_op_keylist_next (ctx, &key)))
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/gpg/t-decrypt.c:36: included_from: Included from here.
gpgme-2.0.1/tests/gpg/t-decrypt.c: scope_hint: In function ‘main’
gpgme-2.0.1/tests/gpg/t-support.h:48:10: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-1.asc")’
gpgme-2.0.1/tests/gpg/t-decrypt.c:55:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpg/t-support.h:219:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpg/t-decrypt.c:55:3: note: in expansion of macro ‘fail_if_err’
# 46| do \
# 47| { \
# 48|-> if (err) \
# 49| { \
# 50| fprintf (stderr, "%s:%d: %s: %s\n", \
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/gpg/t-decrypt-verify.c:36: included_from: Included from here.
gpgme-2.0.1/tests/gpg/t-decrypt-verify.c: scope_hint: In function ‘main’
gpgme-2.0.1/tests/gpg/t-support.h:48:10: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-2.asc")’
gpgme-2.0.1/tests/gpg/t-decrypt-verify.c:125:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpg/t-support.h:219:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpg/t-decrypt-verify.c:125:3: note: in expansion of macro ‘fail_if_err’
# 46| do \
# 47| { \
# 48|-> if (err) \
# 49| { \
# 50| fprintf (stderr, "%s:%d: %s: %s\n", \
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/gpg/t-import.c:35: included_from: Included from here.
gpgme-2.0.1/tests/gpg/t-import.c: scope_hint: In function ‘main’
gpgme-2.0.1/tests/gpg/t-support.h:48:10: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("pubkey-1.asc")’
gpgme-2.0.1/tests/gpg/t-import.c:228:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpg/t-support.h:219:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpg/t-import.c:228:3: note: in expansion of macro ‘fail_if_err’
# 46| do \
# 47| { \
# 48|-> if (err) \
# 49| { \
# 50| fprintf (stderr, "%s:%d: %s: %s\n", \
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/gpg/t-support.h:48:10: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("seckey-1.asc")’
gpgme-2.0.1/tests/gpg/t-import.c:228:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpg/t-support.h:219:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpg/t-import.c:228:3: note: in expansion of macro ‘fail_if_err’
# 46| do \
# 47| { \
# 48|-> if (err) \
# 49| { \
# 50| fprintf (stderr, "%s:%d: %s: %s\n", \
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-thread-keylist-verify.c:64:12: warning[deadcode.DeadStores]: Although the value stored to 'err' is used in the enclosing expression, the value is never actually read from 'err'
# 62| fail_if_err (err);
# 63|
# 64|-> while (!(err = gpgme_op_keylist_next (ctx, &key)))
# 65| {
# 66| gpgme_key_unref (key);
Error: CLANG_WARNING:
gpgme-2.0.1/tests/gpg/t-thread-keylist.c:52:12: warning[deadcode.DeadStores]: Although the value stored to 'err' is used in the enclosing expression, the value is never actually read from 'err'
# 50| fail_if_err (err);
# 51|
# 52|-> while (!(err = gpgme_op_keylist_next (ctx, &key)))
# 53| {
# 54| gpgme_key_unref (key);
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/gpg/t-thread1.c:115:9: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cipher-1.asc")’
gpgme-2.0.1/tests/gpg/t-support.h:219:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpg/t-thread1.c:112:7: note: in expansion of macro ‘fail_if_err’
# 113|
# 114| if (!(agent_info && strchr (agent_info, ':')))
# 115|-> gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL);
# 116|
# 117| err = gpgme_data_new_from_file (&in, cipher_1_asc, 1);
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/gpgsm/t-import.c:155:3: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca15.der")’
gpgme-2.0.1/tests/gpgsm/t-support.h:122:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpgsm/t-import.c:153:3: note: in expansion of macro ‘fail_if_err’
# 153| fail_if_err (err);
# 154|
# 155|-> gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
# 156|
# 157| err = gpgme_data_new_from_file (&in, cert_1, 1);
Error: GCC_ANALYZER_WARNING (CWE-465):
gpgme-2.0.1/tests/gpgsm/t-keylist.c: scope_hint: In function ‘main’
gpgme-2.0.1/tests/gpgsm/t-keylist.c:214:10: warning[-Wanalyzer-deref-before-check]: check of ‘*key.subkeys’ for NULL after already dereferencing it
gpgme-2.0.1/tests/gpgsm/t-keylist.c:34: included_from: Included from here.
gpgme-2.0.1/tests/gpgsm/t-support.h:122:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpgsm/t-keylist.c:95:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpgsm/t-keylist.c:99:3: note: in expansion of macro ‘fail_if_err’
# 212| exit (1);
# 213| }
# 214|-> if (!key->subkeys || key->subkeys->next)
# 215| {
# 216| fprintf (stderr, "Key has unexpected number of subkeys\n");
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/gpgsm/t-import.c:35: included_from: Included from here.
gpgme-2.0.1/tests/gpgsm/t-import.c: scope_hint: In function ‘main’
gpgme-2.0.1/tests/gpgsm/t-support.h:36:10: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca01.der")’
gpgme-2.0.1/tests/gpgsm/t-import.c:153:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpgsm/t-support.h:122:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpgsm/t-import.c:153:3: note: in expansion of macro ‘fail_if_err’
# 34| do \
# 35| { \
# 36|-> if (err) \
# 37| { \
# 38| fprintf (stderr, "%s:%d: %s: %s (%d.%d)\n", \
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/gpgsm/t-support.h:36:10: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("cert_dfn_pca15.der")’
gpgme-2.0.1/tests/gpgsm/t-import.c:153:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpgsm/t-support.h:122:3: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/gpgsm/t-import.c:153:3: note: in expansion of macro ‘fail_if_err’
# 34| do \
# 35| { \
# 36|-> if (err) \
# 37| { \
# 38| fprintf (stderr, "%s:%d: %s: %s (%d.%d)\n", \
Error: CLANG_WARNING:
gpgme-2.0.1/tests/run-genkey.c:530:15: warning[unix.Malloc]: Potential leak of memory pointed to by 'subfprs'
# 528| else if (setexpire)
# 529| {
# 530|-> err = gpgme_op_setexpire (ctx, akey, expire, subfprs, 0);
# 531| if (err)
# 532| {
Error: CLANG_WARNING:
gpgme-2.0.1/tests/run-identify.c:44:15: warning[deadcode.DeadStores]: Value stored to 's' during its initialization is never read
# 42| data_type_to_string (gpgme_data_type_t dt)
# 43| {
# 44|-> const char *s = "[?]";
# 45|
# 46| switch (dt)
Error: CLANG_WARNING:
gpgme-2.0.1/tests/run-import.c:159:11: warning[unix.Malloc]: Potential leak of memory pointed to by 'import_options'
# 157| if (import_options)
# 158| {
# 159|-> err = gpgme_set_ctx_flag (ctx, "import-options", import_options);
# 160| fail_if_err (err);
# 161| }
Error: CLANG_WARNING:
gpgme-2.0.1/tests/run-import.c:164:11: warning[unix.Malloc]: Potential leak of memory pointed to by 'import_filter'
# 162| if (import_filter)
# 163| {
# 164|-> err = gpgme_set_ctx_flag (ctx, "import-filter", import_filter);
# 165| fail_if_err (err);
# 166| }
Error: CLANG_WARNING:
gpgme-2.0.1/tests/run-import.c:169:11: warning[unix.Malloc]: Potential leak of memory pointed to by 'key_origin'
# 167| if (key_origin)
# 168| {
# 169|-> err = gpgme_set_ctx_flag (ctx, "key-origin", key_origin);
# 170| fail_if_err (err);
# 171| }
Error: CLANG_WARNING:
gpgme-2.0.1/tests/run-keylist.c:254:11: warning[unix.Malloc]: Potential leak of memory pointed to by 'trust_model'
# 252| show_usage (1);
# 253| trust_model = strdup (*argv);
# 254|-> argc--; argv++;
# 255| }
# 256| else if (!strncmp (*argv, "--", 2))
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/run-keylist.c: scope_hint: In function ‘main’
gpgme-2.0.1/tests/run-keylist.c:254:23: warning[-Wanalyzer-malloc-leak]: leak of ‘trust_model’
# 252| show_usage (1);
# 253| trust_model = strdup (*argv);
# 254|-> argc--; argv++;
# 255| }
# 256| else if (!strncmp (*argv, "--", 2))
Error: CPPCHECK_WARNING (CWE-476):
gpgme-2.0.1/tests/run-threaded.c:288: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ret
# 286| int data_rand;
# 287|
# 288|-> ret->fd = -1;
# 289|
# 290| if (data_type)
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-2.0.1/tests/run-threaded.c: scope_hint: In function ‘random_data_new’
gpgme-2.0.1/tests/run-threaded.c:288:11: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ret’
gpgme-2.0.1/tests/run-threaded.c:43: included_from: Included from here.
gpgme-2.0.1/tests/run-support.h:40:11: note: in definition of macro ‘fail_if_err’
gpgme-2.0.1/tests/run-threaded.c:571:3: note: in expansion of macro ‘fail_if_err’
# 286| int data_rand;
# 287|
# 288|-> ret->fd = -1;
# 289|
# 290| if (data_type)
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/run-threaded.c: scope_hint: In function ‘verify’
gpgme-2.0.1/tests/run-threaded.c:290:7: warning[-Wanalyzer-malloc-leak]: leak of ‘random_data_new(fname)’
gpgme-2.0.1/tests/run-support.h:40:11: note: in definition of macro ‘fail_if_err’
gpgme-2.0.1/tests/run-threaded.c:571:3: note: in expansion of macro ‘fail_if_err’
# 288| ret->fd = -1;
# 289|
# 290|-> if (data_type)
# 291| {
# 292| data_rand = data_type;
Error: CPPCHECK_WARNING (CWE-476):
gpgme-2.0.1/tests/run-threaded.c:762: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: msg_it
# 760| msg_it = msg_it->next;
# 761| }
# 762|-> msg_it->file_name = *argv;
# 763| argc--; argv++;
# 764| }
Error: GCC_ANALYZER_WARNING (CWE-476):
gpgme-2.0.1/tests/run-threaded.c: scope_hint: In function ‘main’
gpgme-2.0.1/tests/run-threaded.c:762:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘msg_it’
# 760| msg_it = msg_it->next;
# 761| }
# 762|-> msg_it->file_name = *argv;
# 763| argc--; argv++;
# 764| }
Error: CLANG_WARNING:
gpgme-2.0.1/tests/run-threaded.c:797:10: warning[unix.Malloc]: Potential leak of memory pointed to by 'msg_it'
# 795| while (--repeats != 0);
# 796|
# 797|-> return 0;
# 798| }
Error: GCC_ANALYZER_WARNING (CWE-775):
gpgme-2.0.1/tests/run-verify.c: scope_hint: In function ‘main’
gpgme-2.0.1/tests/run-verify.c:418:24: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*argv, "rb")’
gpgme-2.0.1/tests/run-verify.c:36: included_from: Included from here.
gpgme-2.0.1/tests/run-support.h:154:3: note: in expansion of macro ‘fail_if_err’
# 416| if (argc > 1)
# 417| {
# 418|-> fp_msg = fopen (argv[1], "rb");
# 419| if (!fp_msg)
# 420| {
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/run-verify.c:418:24: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*argv, "rb")’
gpgme-2.0.1/tests/run-support.h:154:3: note: in expansion of macro ‘fail_if_err’
# 416| if (argc > 1)
# 417| {
# 418|-> fp_msg = fopen (argv[1], "rb");
# 419| if (!fp_msg)
# 420| {
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/t-data.c:37:31: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-2.0.1/tests/t-data.c:264:7: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/t-data.c:264:7: note: in expansion of macro ‘fail_if_err’
# 35|
# 36| #undef fail_if_err
# 37|-> #define fail_if_err(a) do { if(a) { \
# 38| fprintf (stderr, "%s:%d: (%i) gpgme_error_t " \
# 39| "%s\n", __FILE__, __LINE__, round, \
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/t-data.c:37:31: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
gpgme-2.0.1/tests/t-data.c:264:7: note: in expansion of macro ‘fail_if_err’
gpgme-2.0.1/tests/t-data.c:264:7: note: in expansion of macro ‘fail_if_err’
# 35|
# 36| #undef fail_if_err
# 37|-> #define fail_if_err(a) do { if(a) { \
# 38| fprintf (stderr, "%s:%d: (%i) gpgme_error_t " \
# 39| "%s\n", __FILE__, __LINE__, round, \
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/t-data.c: scope_hint: In function ‘main’
gpgme-2.0.1/tests/t-data.c:195:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
gpgme-2.0.1/tests/t-data.c:34: included_from: Included from here.
# 193| case TEST_INVALID_ARGUMENT:
# 194| err = gpgme_data_new (NULL);
# 195|-> if (!err)
# 196| {
# 197| fprintf (stderr, "%s:%d: gpgme_data_new on NULL pointer succeeded "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/t-data.c:195:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
# 193| case TEST_INVALID_ARGUMENT:
# 194| err = gpgme_data_new (NULL);
# 195|-> if (!err)
# 196| {
# 197| fprintf (stderr, "%s:%d: gpgme_data_new on NULL pointer succeeded "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/t-data.c:216:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
# 214| case TEST_INOUT_MEM_FROM_INEXISTANT_FILE:
# 215| err = gpgme_data_new_from_file (&data, missing_filename, 1);
# 216|-> if (!err)
# 217| {
# 218| fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/t-data.c:216:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
# 214| case TEST_INOUT_MEM_FROM_INEXISTANT_FILE:
# 215| err = gpgme_data_new_from_file (&data, missing_filename, 1);
# 216|-> if (!err)
# 217| {
# 218| fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/t-data.c:237:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
# 235| err = gpgme_data_new_from_filepart (&data, missing_filename, 0,
# 236| strlen (text), strlen (text));
# 237|-> if (!err)
# 238| {
# 239| fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/t-data.c:237:14: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
# 235| err = gpgme_data_new_from_filepart (&data, missing_filename, 0,
# 236| strlen (text), strlen (text));
# 237|-> if (!err)
# 238| {
# 239| fprintf (stderr, "%s:%d: gpgme_data_new_from_file on inexistant "
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/t-data.c:247:16: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-1.txt")’
# 245| {
# 246| FILE *fp = fopen (longer_text_filename, "rb");
# 247|-> if (! fp)
# 248| {
# 249| fprintf (stderr, "%s:%d: fopen: %s\n", __FILE__, __LINE__,
Error: GCC_ANALYZER_WARNING (CWE-401):
gpgme-2.0.1/tests/t-data.c:247:16: warning[-Wanalyzer-malloc-leak]: leak of ‘make_filename("t-data-2.txt")’
# 245| {
# 246| FILE *fp = fopen (longer_text_filename, "rb");
# 247|-> if (! fp)
# 248| {
# 249| fprintf (stderr, "%s:%d: fopen: %s\n", __FILE__, __LINE__,
Error: CLANG_WARNING:
gpgme-2.0.1/tools/gnupg-key-manage.c:110:15: warning[deadcode.DeadStores]: Value stored to 's' during its initialization is never read
# 108| data_type_to_string (gpgme_data_type_t dt)
# 109| {
# 110|-> const char *s = "[?]";
# 111|
# 112| switch (dt)