editorconfig-0.12.8-1.fc41
List of Defects
Error: CPPCHECK_WARNING: [#def1]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/bin/main.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/bin/main.c: scope_hint: In function ‘main’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/bin/main.c:122:17: warning[-Wanalyzer-malloc-leak]: leak of ‘xstrdup(*<unknown>)’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/bin/main.c: scope_hint: In function ‘main’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/bin/main.c: scope_hint: In function ‘main’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/bin/main.c: scope_hint: In function ‘main’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/bin/main.c: scope_hint: In function ‘main’
# 120| ver = ec_atoi(pos);
# 121|
# 122|-> switch(ver_pos) {
# 123| case 0:
# 124| version_major = ver;
Error: CPPCHECK_WARNING: [#def3]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/ec_glob.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-681): [#def4]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/ec_glob.c: scope_hint: In function ‘ec_glob’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/ec_glob.c:133:24: warning[-Wpointer-sign]: pointer targets in passing argument 1 of ‘pcre2_compile_8’ differ in signedness
# 133 | re = pcre2_compile("^\\{[\\+\\-]?\\d+\\.\\.[\\+\\-]?\\d+\\}$", PCRE2_ZERO_TERMINATED, 0,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# | |
# | char *
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/ec_glob.c:33: included_from: Included from here.
/usr/include/pcre2.h:952:1: note: expected ‘PCRE2_SPTR8’ {aka ‘const unsigned char *’} but argument is of type ‘char *’
# 952 | PCRE2_TYPES_STRUCTURES_AND_FUNCTIONS
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 131|
# 132| /* used to search for {num1..num2} case */
# 133|-> re = pcre2_compile("^\\{[\\+\\-]?\\d+\\.\\.[\\+\\-]?\\d+\\}$", PCRE2_ZERO_TERMINATED, 0,
# 134| &error_code, &erroffset, NULL);
# 135| if (!re) /* failed to compile */
Error: CLANG_WARNING: [#def5]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/ec_glob.c:204:33: warning[unix.Malloc]: Potential leak of memory pointed to by 'nums'
# 202| /* Boundary check for strncat below. */
# 203| if (pcre_str_end - p_pcre <= right_bracket - c) {
# 204|-> return -1;
# 205| }
# 206| strncat(p_pcre, c, right_bracket - c);
Error: COMPILER_WARNING (CWE-681): [#def6]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/ec_glob.c:282:42: warning[-Wpointer-sign]: pointer targets in passing argument 2 of ‘pcre2_match_8’ differ in signedness
# 282 | rc = pcre2_match(re, c, cc - c + 1, 0, 0, match_data, NULL);
# | ^
# | |
# | char *
/usr/include/pcre2.h:952:1: note: expected ‘PCRE2_SPTR8’ {aka ‘const unsigned char *’} but argument is of type ‘char *’
# 952 | PCRE2_TYPES_STRUCTURES_AND_FUNCTIONS
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 280|
# 281| /* Check the case of {num1..num2} */
# 282|-> rc = pcre2_match(re, c, cc - c + 1, 0, 0, match_data, NULL);
# 283|
# 284| pcre2_match_data_free(match_data);
Error: COMPILER_WARNING (CWE-681): [#def7]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/ec_glob.c:356:24: warning[-Wpointer-sign]: pointer targets in passing argument 1 of ‘pcre2_compile_8’ differ in signedness
# 356 | re = pcre2_compile(pcre_str, PCRE2_ZERO_TERMINATED, 0, &error_code, &erroffset, NULL);
# | ^~~~~~~~
# | |
# | char *
/usr/include/pcre2.h:952:1: note: expected ‘PCRE2_SPTR8’ {aka ‘const unsigned char *’} but argument is of type ‘char *’
# 952 | PCRE2_TYPES_STRUCTURES_AND_FUNCTIONS
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 354| pcre2_code_free(re); /* ^\\d+\\.\\.\\d+$ */
# 355|
# 356|-> re = pcre2_compile(pcre_str, PCRE2_ZERO_TERMINATED, 0, &error_code, &erroffset, NULL);
# 357|
# 358| if (!re) /* failed to compile */
Error: COMPILER_WARNING (CWE-681): [#def8]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/ec_glob.c:365:26: warning[-Wpointer-sign]: pointer targets in passing argument 2 of ‘pcre2_match_8’ differ in signedness
# 365 | rc = pcre2_match(re, string, strlen(string), 0, 0, pcre_match_data, NULL);
# | ^~~~~~
# | |
# | const char *
/usr/include/pcre2.h:952:1: note: expected ‘PCRE2_SPTR8’ {aka ‘const unsigned char *’} but argument is of type ‘const char *’
# 952 | PCRE2_TYPES_STRUCTURES_AND_FUNCTIONS
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 363|
# 364| pcre_match_data = pcre2_match_data_create_from_pattern(re, NULL);
# 365|-> rc = pcre2_match(re, string, strlen(string), 0, 0, pcre_match_data, NULL);
# 366|
# 367| if (rc < 0) /* failed to match */
Error: CLANG_WARNING: [#def9]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/ec_glob.c:409:5: warning[core.CallAndMessage]: 1st function call argument is an uninitialized value
# 407|
# 408| pcre2_code_free(re);
# 409|-> pcre2_match_data_free(pcre_match_data);
# 410| utarray_free(nums);
# 411|
Error: CPPCHECK_WARNING: [#def10]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-401): [#def11]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: scope_hint: In function ‘set_name_value’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:80:18: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(name)’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: scope_hint: In function ‘set_name_value’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: scope_hint: In function ‘set_name_value’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:27: included_from: Included from here.
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:549:5: note: in expansion of macro ‘SET_EDITORCONFIG_VERSION’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:29: included_from: Included from here.
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:156:5: note: in expansion of macro ‘strlwr’
# 78| {
# 79| if (name)
# 80|-> nv->name = strdup(name);
# 81| if (value)
# 82| nv->value = strdup(value);
Error: GCC_ANALYZER_WARNING (CWE-401): [#def12]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:82:19: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(value)’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: scope_hint: In function ‘set_name_value’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: scope_hint: In function ‘set_name_value’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:549:5: note: in expansion of macro ‘SET_EDITORCONFIG_VERSION’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:156:5: note: in expansion of macro ‘strlwr’
# 80| nv->name = strdup(name);
# 81| if (value)
# 82|-> nv->value = strdup(value);
# 83| /* lowercase the value when the name is one of the following */
# 84| if (!strcmp(nv->name, "end_of_line") ||
Error: CLANG_WARNING: [#def13]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:90:9: warning[core.CallAndMessage]: 1st function call argument is an uninitialized value
# 88| !strcmp(nv->name, "trim_trailing_whitespace") ||
# 89| !strcmp(nv->name, "charset"))
# 90|-> strlwr(nv->value);
# 91|
# 92| /* set special pointers */
Error: CLANG_WARNING: [#def14]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:90:9: warning[unix.Malloc]: Use of memory after it is freed
# 88| !strcmp(nv->name, "trim_trailing_whitespace") ||
# 89| !strcmp(nv->name, "charset"))
# 90|-> strlwr(nv->value);
# 91|
# 92| /* set special pointers */
Error: CLANG_WARNING: [#def15]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:162:9: warning[core.CallAndMessage]: 1st function call argument is an uninitialized value
# 160|
# 161| if (name_value_pos >= 0) { /* current name has already been used */
# 162|-> free(aenv->name_values[name_value_pos].value);
# 163| set_name_value(&aenv->name_values[name_value_pos],
# 164| (const char*)NULL, value, &aenv->spnvp);
Error: GCC_ANALYZER_WARNING (CWE-122): [#def16]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: scope_hint: In function ‘get_filenames’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:361:18: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: scope_hint: In function ‘get_filenames’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: scope_hint: In function ‘get_filenames’
# 359| if (err_split == -1)
# 360| goto failure_cleanup;
# 361|-> files[i] = malloc(strlen(currdir) + strlen(filename) + 2);
# 362| strcpy(files[i], currdir);
# 363| strcat(files[i], "/");
Error: GCC_ANALYZER_WARNING (CWE-688): [#def17]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:361:27: warning[-Wanalyzer-null-argument]: use of NULL ‘currdir’ where non-null expected
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: scope_hint: In function ‘get_filenames’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: scope_hint: In function ‘get_filenames’
<built-in>: note: argument 1 of ‘__builtin_strlen’ must be non-null
# 359| if (err_split == -1)
# 360| goto failure_cleanup;
# 361|-> files[i] = malloc(strlen(currdir) + strlen(filename) + 2);
# 362| strcpy(files[i], currdir);
# 363| strcat(files[i], "/");
Error: CLANG_WARNING: [#def18]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:361:27: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 359| if (err_split == -1)
# 360| goto failure_cleanup;
# 361|-> files[i] = malloc(strlen(currdir) + strlen(filename) + 2);
# 362| strcpy(files[i], currdir);
# 363| strcat(files[i], "/");
Error: GCC_ANALYZER_WARNING (CWE-688): [#def19]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:362:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc(strlen(currdir) + strlen(filename) + 2)’ where non-null expected
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: scope_hint: In function ‘get_filenames’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: scope_hint: In function ‘get_filenames’
<built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null
# 360| goto failure_cleanup;
# 361| files[i] = malloc(strlen(currdir) + strlen(filename) + 2);
# 362|-> strcpy(files[i], currdir);
# 363| strcat(files[i], "/");
# 364| strcat(files[i], filename);
Error: GCC_ANALYZER_WARNING (CWE-401): [#def20]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:380:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: scope_hint: In function ‘get_filenames’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c: scope_hint: In function ‘get_filenames’
# 378| for (i = 0; i < slashes; ++ i)
# 379| free(files[i]);
# 380|-> free(files);
# 381| }
# 382|
Error: CLANG_WARNING: [#def21]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/editorconfig.c:580:9: warning[unix.Malloc]: Potential leak of memory pointed to by 'hfp.array_name_value.name_values'
# 578|
# 579| if (eh->name_value_count == 0) { /* no value is set, just return 0. */
# 580|-> free(hfp.full_filename);
# 581| free_filenames(config_files);
# 582| return 0;
Error: CPPCHECK_WARNING: [#def22]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/ini.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING: [#def23]
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/ini.c: scope_hint: In function ‘ini_parse_file’
editorconfig-0.12.8-build/editorconfig-core-c-0.12.8/src/lib/ini.c:93:5: warning[-Wstringop-truncation]: ‘strncpy’ specified bound 4097 equals destination size
# 93 | strncpy(dest, src, size);
# | ^
# 91| static char* strncpy0(char* dest, const char* src, size_t size)
# 92| {
# 93|-> strncpy(dest, src, size);
# 94| dest[size - 1] = '\0';
# 95| return dest;
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-183.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | editorconfig-0.12.8-1.fc41 |
| store-results-to | /tmp/tmpnw1x_cgf/editorconfig-0.12.8-1.fc41.tar.xz |
| time-created | 2024-07-03 12:38:39 |
| time-finished | 2024-07-03 12:39:46 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpnw1x_cgf/editorconfig-0.12.8-1.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpnw1x_cgf/editorconfig-0.12.8-1.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |