Fixed defects
List of Defects
Error: GCC_ANALYZER_WARNING (CWE-775): [#def1]
findutils-4.9.0-build/findutils-4.9.0/find/ftsfind.c: scope_hint: In function 'process_all_startpoints'
findutils-4.9.0-build/findutils-4.9.0/find/ftsfind.c:624:22: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(options.files0_from, "r")'
findutils-4.9.0-build/findutils-4.9.0/find/ftsfind.c:33: included_from: Included from here.
findutils-4.9.0-build/findutils-4.9.0/find/ftsfind.c:49: included_from: Included from here.
findutils-4.9.0-build/findutils-4.9.0/find/ftsfind.c:635:24: note: in expansion of macro 'SAME_INODE'
findutils-4.9.0-build/findutils-4.9.0/find/ftsfind.c:635:24: note: in expansion of macro 'SAME_INODE'
# 622| const int fd = fileno (stream);
# 623| assert (fd >= 0);
# 624|-> if (options.ok_prompt_stdin)
# 625| {
# 626| /* Check if the given file is associated to the same stream as
Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
findutils-4.9.0-build/findutils-4.9.0/find/ftsfind.c:624:22: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(options.files0_from, "r")'
findutils-4.9.0-build/findutils-4.9.0/find/ftsfind.c:635:24: note: in expansion of macro 'SAME_INODE'
findutils-4.9.0-build/findutils-4.9.0/find/ftsfind.c:635:24: note: in expansion of macro 'SAME_INODE'
# 622| const int fd = fileno (stream);
# 623| assert (fd >= 0);
# 624|-> if (options.ok_prompt_stdin)
# 625| {
# 626| /* Check if the given file is associated to the same stream as
Error: CLANG_WARNING: [#def3]
findutils-4.9.0-build/findutils-4.9.0/find/parser.c:1144:13: warning[deadcode.DeadStores]: Value stored to 'saved_argc' during its initialization is never read
# 1142| {
# 1143| const char *groupname;
# 1144|-> const int saved_argc = *arg_ptr;
# 1145|
# 1146| if (collect_arg (argv, arg_ptr, &groupname))
Error: CLANG_WARNING: [#def4]
findutils-4.9.0-build/findutils-4.9.0/find/parser.c:2537:3: warning[deadcode.DeadStores]: Value stored to 'has_features' is never read
# 2535| #if defined HAVE_STRUCT_DIRENT_D_TYPE
# 2536| printf ("D_TYPE ");
# 2537|-> has_features = true;
# 2538| #endif
# 2539| #if defined O_NOFOLLOW
Error: CLANG_WARNING: [#def5]
findutils-4.9.0-build/findutils-4.9.0/find/parser.c:2542:3: warning[deadcode.DeadStores]: Value stored to 'has_features' is never read
# 2540| printf ("O_NOFOLLOW(%s) ",
# 2541| (options.open_nofollow_available ? "enabled" : "disabled"));
# 2542|-> has_features = true;
# 2543| #endif
# 2544| #if defined LEAF_OPTIMISATION
Error: CLANG_WARNING: [#def6]
findutils-4.9.0-build/findutils-4.9.0/find/parser.c:2546:3: warning[deadcode.DeadStores]: Value stored to 'has_features' is never read
# 2544| #if defined LEAF_OPTIMISATION
# 2545| printf ("LEAF_OPTIMISATION ");
# 2546|-> has_features = true;
# 2547| #endif
# 2548| if (0 < is_selinux_enabled ())
Error: CLANG_WARNING: [#def7]
findutils-4.9.0-build/findutils-4.9.0/find/parser.c:2551:7: warning[deadcode.DeadStores]: Value stored to 'has_features' is never read
# 2549| {
# 2550| printf ("SELINUX ");
# 2551|-> has_features = true;
# 2552| }
# 2553|
Error: CLANG_WARNING: [#def8]
findutils-4.9.0-build/findutils-4.9.0/find/parser.c:2558:7: warning[deadcode.DeadStores]: Value stored to 'has_features' is never read
# 2556| {
# 2557| printf ("FTS(");
# 2558|-> has_features = true;
# 2559|
# 2560| if (flags & FTS_CWDFD)
Error: COMPILER_WARNING (CWE-457): [#def9]
findutils-4.9.0-build/findutils-4.9.0/gl/lib/canonicalize.c:401:33: warning[-Wmaybe-uninitialized]: 'end_idx' may be used uninitialized
# 401 | end = extra_buf + end_idx;
# | ~~~~~~~~~~^~~~~~~~~
findutils-4.9.0-build/findutils-4.9.0/gl/lib/canonicalize.c: scope_hint: In function 'canonicalize_filename_mode'
findutils-4.9.0-build/findutils-4.9.0/gl/lib/canonicalize.c:388:21: note: 'end_idx' was declared here
# 388 | idx_t end_idx IF_LINT (= 0);
# | ^~~~~~~
# 399| }
# 400| if (end_in_extra_buffer)
# 401|-> end = extra_buf + end_idx;
# 402|
# 403| /* Careful here, end may be a pointer into extra_buf... */
Error: COMPILER_WARNING: [#def10]
findutils-4.9.0-build/findutils-4.9.0/gl/lib/canonicalize.c: scope_hint: In function 'canonicalize_filename_mode'
findutils-4.9.0-build/findutils-4.9.0/gl/lib/canonicalize.c:484:5: warning[-Wcpp]: #warning "GCC might issue a bogus -Wreturn-local-addr warning here."
# 484 | #warning "GCC might issue a bogus -Wreturn-local-addr warning here."
# | ^~~~~~~
# 482| {
# 483| #ifdef GCC_BOGUS_WRETURN_LOCAL_ADDR
# 484|-> #warning "GCC might issue a bogus -Wreturn-local-addr warning here."
# 485| #warning "See <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93644>."
# 486| #endif
Error: COMPILER_WARNING: [#def11]
findutils-4.9.0-build/findutils-4.9.0/gl/lib/canonicalize.c:485:5: warning[-Wcpp]: #warning "See <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93644>."
# 485 | #warning "See <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93644>."
# | ^~~~~~~
# 483| #ifdef GCC_BOGUS_WRETURN_LOCAL_ADDR
# 484| #warning "GCC might issue a bogus -Wreturn-local-addr warning here."
# 485|-> #warning "See <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93644>."
# 486| #endif
# 487| struct scratch_buffer rname_buffer;
Error: COMPILER_WARNING: [#def12]
findutils-4.9.0-build/findutils-4.9.0/gl/lib/careadlinkat.c: scope_hint: In function 'careadlinkat'
findutils-4.9.0-build/findutils-4.9.0/gl/lib/careadlinkat.c:178:5: warning[-Wcpp]: #warning "GCC might issue a bogus -Wreturn-local-addr warning here."
# 178 | #warning "GCC might issue a bogus -Wreturn-local-addr warning here."
# | ^~~~~~~
# 176| shrinking realloc. */
# 177| #ifdef GCC_BOGUS_WRETURN_LOCAL_ADDR
# 178|-> #warning "GCC might issue a bogus -Wreturn-local-addr warning here."
# 179| #warning "See <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93644>."
# 180| #endif
Error: COMPILER_WARNING: [#def13]
findutils-4.9.0-build/findutils-4.9.0/gl/lib/careadlinkat.c:179:5: warning[-Wcpp]: #warning "See <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93644>."
# 179 | #warning "See <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93644>."
# | ^~~~~~~
# 177| #ifdef GCC_BOGUS_WRETURN_LOCAL_ADDR
# 178| #warning "GCC might issue a bogus -Wreturn-local-addr warning here."
# 179|-> #warning "See <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93644>."
# 180| #endif
# 181| char stack_buf[STACK_BUF_SIZE];
Error: COMPILER_WARNING (CWE-562): [#def14]
findutils-4.9.0-build/findutils-4.9.0/gl/lib/careadlinkat.c:182:10: warning[-Wreturn-local-addr]: function may return address of local variable
# 182 | return readlink_stk (fd, filename, buffer, buffer_size, alloc,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 183 | preadlinkat, stack_buf);
# | ~~~~~~~~~~~~~~~~~~~~~~~
findutils-4.9.0-build/findutils-4.9.0/gl/lib/careadlinkat.c:181:8: note: declared here
# 181 | char stack_buf[STACK_BUF_SIZE];
# | ^~~~~~~~~
# 180| #endif
# 181| char stack_buf[STACK_BUF_SIZE];
# 182|-> return readlink_stk (fd, filename, buffer, buffer_size, alloc,
# 183| preadlinkat, stack_buf);
# 184| }
Error: GCC_ANALYZER_WARNING (CWE-775): [#def15]
findutils-4.9.0-build/findutils-4.9.0/gl/lib/fopen-safer.c: scope_hint: In function 'fopen_safer'
findutils-4.9.0-build/findutils-4.9.0/gl/lib/fopen-safer.c:47:21: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(file, mode)'
findutils-4.9.0-build/findutils-4.9.0/gl/lib/fopen-safer.c:24: included_from: Included from here.
# 45| int e = errno;
# 46| fclose (fp);
# 47|-> errno = e;
# 48| return NULL;
# 49| }
Error: GCC_ANALYZER_WARNING (CWE-775): [#def16]
findutils-4.9.0-build/findutils-4.9.0/gl/lib/fopen-safer.c:51:14: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(file, mode)'
findutils-4.9.0-build/findutils-4.9.0/gl/lib/stdio-safer.h:20: included_from: Included from here.
findutils-4.9.0-build/findutils-4.9.0/gl/lib/fopen-safer.c:22: included_from: Included from here.
# 49| }
# 50|
# 51|-> if (fclose (fp) != 0
# 52| || ! (fp = fdopen (f, mode)))
# 53| {
Error: CPPCHECK_WARNING (CWE-401): [#def17]
findutils-4.9.0-build/findutils-4.9.0/gl/lib/malloc/scratch_buffer_dupfree.c:38: error[memleak]: Memory leak: copy
# 36| {
# 37| void *copy = realloc (data, size);
# 38|-> return copy != NULL ? copy : data;
# 39| }
# 40| }
Error: CPPCHECK_WARNING: [#def18]
findutils-4.9.0-build/findutils-4.9.0/gl/lib/xmalloc.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-758): [#def19]
findutils-4.9.0-build/findutils-4.9.0/gl/lib/xmalloc.c:254: error[shiftTooManyBitsSigned]: Shifting signed 64-bit value by 63 bits is undefined behaviour
# 252| #endif
# 253| idx_t adjusted_nbytes
# 254|-> = (INT_MULTIPLY_WRAPV (n, s, &nbytes)
# 255| ? MIN (IDX_MAX, SIZE_MAX)
# 256| : nbytes < DEFAULT_MXFAST ? DEFAULT_MXFAST : 0);
Error: CPPCHECK_WARNING (CWE-758): [#def20]
findutils-4.9.0-build/findutils-4.9.0/gl/lib/xmalloc.c:268: error[shiftTooManyBitsSigned]: Shifting signed 64-bit value by 63 bits is undefined behaviour
# 266| && (INT_ADD_WRAPV (n0, n_incr_min, &n)
# 267| || (0 <= n_max && n_max < n)
# 268|-> || INT_MULTIPLY_WRAPV (n, s, &nbytes)))
# 269| xalloc_die ();
# 270| pa = xrealloc (pa, nbytes);
Error: GCC_ANALYZER_WARNING (CWE-401): [#def21]
findutils-4.9.0-build/findutils-4.9.0/gnulib-tests/localename.c: scope_hint: In function 'struniq'
findutils-4.9.0-build/findutils-4.9.0/gnulib-tests/localename.c:2708:10: warning[-Wanalyzer-malloc-leak]: leak of 'new_node'
# 2706| if (mt) gl_lock_unlock (struniq_lock);
# 2707| }
# 2708|-> return new_node->contents;
# 2709| }
# 2710|
Error: GCC_ANALYZER_WARNING (CWE-775): [#def22]
findutils-4.9.0-build/findutils-4.9.0/xargs/xargs.c: scope_hint: In function 'prep_child_for_exec'
findutils-4.9.0-build/findutils-4.9.0/xargs/xargs.c:1257:14: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(open_safer(<unknown>, 0), 0)'
findutils-4.9.0-build/findutils-4.9.0/xargs/xargs.c:37: included_from: Included from here.
# 1255| if (STDIN_FILENO < fd)
# 1256| {
# 1257|-> if (dup2(fd, STDIN_FILENO) != 0)
# 1258| die (EXIT_FAILURE, errno,
# 1259| _("failed to redirect standard input of the child process"));
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| diffbase-analyzer-version-clang | 18.1.7 |
| diffbase-analyzer-version-cppcheck | 2.14.2 |
| diffbase-analyzer-version-gcc | 14.1.1 |
| diffbase-analyzer-version-gcc-analyzer | 14.1.1 |
| diffbase-analyzer-version-shellcheck | 0.10.0 |
| diffbase-enabled-plugins | clang, cppcheck, gcc, shellcheck |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-126.us-west-2.compute.internal |
| diffbase-mock-config | fedora-41-x86_64 |
| diffbase-project-name | findutils-4.10.0-2.fc41 |
| diffbase-store-results-to | /tmp/tmpoh10i4tx/findutils-4.10.0-2.fc41.tar.xz |
| diffbase-time-created | 2024-07-03 12:40:30 |
| diffbase-time-finished | 2024-07-03 12:42:49 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpoh10i4tx/findutils-4.10.0-2.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpoh10i4tx/findutils-4.10.0-2.fc41.src.rpm' |
| diffbase-tool-version | csmock-3.5.3-1.el9 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-126.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | findutils-4.9.0-8.fc40 |
| store-results-to | /tmp/tmpp647hy6d/findutils-4.9.0-8.fc40.tar.xz |
| time-created | 2024-07-03 12:37:09 |
| time-finished | 2024-07-03 12:40:16 |
| title | Fixed defects |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpp647hy6d/findutils-4.9.0-8.fc40.tar.xz' '--gcc-analyze' '/tmp/tmpp647hy6d/findutils-4.9.0-8.fc40.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |