libiptcdata-1.0.5-18.fc41
List of Defects
Error: CPPCHECK_WARNING: [#def1]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c: scope_hint: In function ‘locale_to_utf8’
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c:93:12: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open("UTF-8", nl_langinfo(14))’
# 91|
# 92| ic = iconv_open ("UTF-8", nl_langinfo (CODESET));
# 93|-> if (ic == (iconv_t) -1)
# 94| return strdup (str);
# 95|
Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c:97:12: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open("UTF-8", nl_langinfo(14))’
# 95|
# 96| outstr = malloc (out_size);
# 97|-> if (!outstr)
# 98| return NULL;
# 99|
Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c: scope_hint: In function ‘str_to_locale’
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c:124:12: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open("WCHAR_T", charset)’
# 122|
# 123| ic = iconv_open ("WCHAR_T", charset);
# 124|-> if (ic == (iconv_t) -1)
# 125| return strdup (str);
# 126|
Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c:125:24: warning[-Wanalyzer-malloc-leak]: leak of ‘outstr’
# 123| ic = iconv_open ("WCHAR_T", charset);
# 124| if (ic == (iconv_t) -1)
# 125|-> return strdup (str);
# 126|
# 127| wstr = malloc (w_size);
Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c:128:12: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open("WCHAR_T", charset)’
# 126|
# 127| wstr = malloc (w_size);
# 128|-> if (!wstr)
# 129| return NULL;
# 130|
Error: CPPCHECK_WARNING (CWE-401): [#def7]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c:151: error[memleakOnRealloc]: Common realloc mistake: 'outstr' nulled but not freed upon failure
# 149| while (out_len - j < MB_CUR_MAX + 1) {
# 150| out_len *= 2;
# 151|-> outstr = realloc (outstr, out_len);
# 152| if (!outstr)
# 153| return NULL;
Error: CLANG_WARNING: [#def8]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c:153:12: warning[unix.Malloc]: Potential leak of memory pointed to by 'outstr'
# 151| outstr = realloc (outstr, out_len);
# 152| if (!outstr)
# 153|-> return NULL;
# 154| }
# 155| n = wcrtomb (outstr + j, wstr[i], &ps);
Error: GCC_ANALYZER_WARNING (CWE-476): [#def9]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c:162:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘outstr’
# 160| j += n;
# 161| }
# 162|-> outstr[j] = '\0';
# 163|
# 164| free (wstr);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def10]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c: scope_hint: In function ‘parse_tag_id’
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c:500:26: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘name’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_strchr’ must be non-null
# 498| char * name = strdup (str);
# 499| char * a;
# 500|-> if ((a = strchr (name, ':'))) {
# 501| if (!strcmp (a+1, "all"))
# 502| *num = -1;
Error: GCC_ANALYZER_WARNING (CWE-688): [#def11]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c: scope_hint: In function ‘main’
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c:666:57: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘locale_to_utf8(optarg)’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_strlen’ must be non-null
# 664| convbuf = locale_to_utf8 (optarg);
# 665| iptc_dataset_set_data (ds, (unsigned char *) convbuf,
# 666|-> strlen (convbuf),
# 667| IPTC_DONT_VALIDATE);
# 668| free (convbuf);
Error: CLANG_WARNING: [#def12]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c:697:5: warning[unix.Malloc]: Potential leak of memory pointed to by 'oplist.ops'
# 695|
# 696| default:
# 697|-> print_help(argv);
# 698| return 1;
# 699| }
Error: COMPILER_WARNING (CWE-252): [#def13]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c: scope_hint: In function ‘main’
libiptcdata-1.0.5-build/libiptcdata-1.0.5/iptc/main.c:850:41: warning[-Wunused-result]: ignoring return value of ‘chown’ declared with attribute ‘warn_unused_result’
# 850 | chown (filename, -1, statinfo.st_gid);
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 848| }
# 849| else {
# 850|-> chown (filename, -1, statinfo.st_gid);
# 851| chmod (filename, statinfo.st_mode);
# 852| }
Error: GCC_ANALYZER_WARNING (CWE-476): [#def14]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/libiptcdata/iptc-data.c: scope_hint: In function 'iptc_data_add_dataset_with_value'
libiptcdata-1.0.5-build/libiptcdata-1.0.5/libiptcdata/iptc-data.c:895:40: warning[-Wanalyzer-null-dereference]: dereference of NULL 'data'
# 893| int ret;
# 894|
# 895|-> ds = iptc_dataset_new_mem (data->priv->mem);
# 896| if (!ds)
# 897| return -1;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def15]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/libiptcdata/iptc-data.c: scope_hint: In function 'iptc_data_add_dataset_with_contents'
libiptcdata-1.0.5-build/libiptcdata-1.0.5/libiptcdata/iptc-data.c:938:40: warning[-Wanalyzer-null-dereference]: dereference of NULL 'data'
# 936| int ret;
# 937|
# 938|-> ds = iptc_dataset_new_mem (data->priv->mem);
# 939| if (!ds)
# 940| return -1;
Error: CPPCHECK_WARNING: [#def16]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/libiptcdata/iptc-dataset.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def17]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/libiptcdata/iptc-dataset.c: scope_hint: In function 'iptc_dataset_copy'
libiptcdata-1.0.5-build/libiptcdata-1.0.5/libiptcdata/iptc-dataset.c:115:22: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
# 113| copy = iptc_dataset_new_mem (e->priv->mem);
# 114|
# 115|-> copy->record = e->record;
# 116| copy->tag = e->tag;
# 117| copy->info = e->info;
Error: CPPCHECK_WARNING: [#def18]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/libiptcdata/iptc-jpeg.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING: [#def19]
libiptcdata-1.0.5-build/libiptcdata-1.0.5/python/pyiptcdata.c:4: included_from: Included from here.
libiptcdata-1.0.5-build/libiptcdata-1.0.5/python/python3/pyiptcdata.c: scope_hint: In function 'save'
libiptcdata-1.0.5-build/libiptcdata-1.0.5/python/python3/pyiptcdata.c:138:17: warning[-Wstringop-truncation]: '__strncpy_chk' specified bound depends on the length of the source argument
# 138 | strncpy(tmp_filename, arg_filename, path_len);
# | ^
libiptcdata-1.0.5-build/libiptcdata-1.0.5/python/python3/pyiptcdata.c:131:24: note: length computed here
# 131 | int file_len = strlen(arg_filename);
# | ^~~~~~~~~~~~~~~~~~~~
# 136| if (basename) {
# 137| int path_len = file_len - strlen(basename) + 1;
# 138|-> strncpy(tmp_filename, arg_filename, path_len);
# 139| }
# 140| strcat(tmp_filename, TMP_TEMPLATE);
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-11.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | libiptcdata-1.0.5-18.fc41 |
| store-results-to | /tmp/tmpv0nipgge/libiptcdata-1.0.5-18.fc41.tar.xz |
| time-created | 2024-07-03 14:49:37 |
| time-finished | 2024-07-03 14:50:41 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpv0nipgge/libiptcdata-1.0.5-18.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpv0nipgge/libiptcdata-1.0.5-18.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |