libnftnl-1.2.6-6.fc41
List of Defects
Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
libnftnl-1.2.6-build/libnftnl-1.2.6/include/linux_list.h:83:20: warning[-Wanalyzer-malloc-leak]: leak of ‘nftnl_set_elem_alloc()’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: scope_hint: In function ‘nftnl_set_elems_parse2’
libnftnl-1.2.6-build/libnftnl-1.2.6/include/linux_list.h:67:24: note: in definition of macro ‘INIT_LIST_HEAD’
# 81| new->next = next;
# 82| new->prev = prev;
# 83|-> prev->next = new;
# 84| }
# 85|
Error: CPPCHECK_WARNING: [#def2]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-126): [#def3]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c: scope_hint: In function ‘nftnl_chain_set_data’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:236:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:11: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:236:17: note: read of 3 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 234| break;
# 235| case NFTNL_CHAIN_HOOKNUM:
# 236|-> memcpy(&c->hooknum, data, sizeof(c->hooknum));
# 237| break;
# 238| case NFTNL_CHAIN_PRIO:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def4]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:239:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:239:17: note: read of 3 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 237| break;
# 238| case NFTNL_CHAIN_PRIO:
# 239|-> memcpy(&c->prio, data, sizeof(c->prio));
# 240| break;
# 241| case NFTNL_CHAIN_POLICY:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def5]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:242:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:242:17: note: read of 3 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 240| break;
# 241| case NFTNL_CHAIN_POLICY:
# 242|-> memcpy(&c->policy, data, sizeof(c->policy));
# 243| break;
# 244| case NFTNL_CHAIN_USE:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def6]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:245:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:245:17: note: read of 3 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 243| break;
# 244| case NFTNL_CHAIN_USE:
# 245|-> memcpy(&c->use, data, sizeof(c->use));
# 246| break;
# 247| case NFTNL_CHAIN_BYTES:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def7]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:248:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:248:17: note: read of 4 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 246| break;
# 247| case NFTNL_CHAIN_BYTES:
# 248|-> memcpy(&c->bytes, data, sizeof(c->bytes));
# 249| break;
# 250| case NFTNL_CHAIN_PACKETS:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def8]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:251:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:251:17: note: read of 7 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 249| break;
# 250| case NFTNL_CHAIN_PACKETS:
# 251|-> memcpy(&c->packets, data, sizeof(c->packets));
# 252| break;
# 253| case NFTNL_CHAIN_HANDLE:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def9]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:254:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:254:17: note: read of 4 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 252| break;
# 253| case NFTNL_CHAIN_HANDLE:
# 254|-> memcpy(&c->handle, data, sizeof(c->handle));
# 255| break;
# 256| case NFTNL_CHAIN_FAMILY:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def10]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:257:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:257:17: note: read of 3 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 255| break;
# 256| case NFTNL_CHAIN_FAMILY:
# 257|-> memcpy(&c->family, data, sizeof(c->family));
# 258| break;
# 259| case NFTNL_CHAIN_TYPE:
Error: GCC_ANALYZER_WARNING (CWE-131): [#def11]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:277:33: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
# 275| case NFTNL_CHAIN_DEVICES:
# 276| dev_array = (const char **)data;
# 277|-> while (dev_array[len] != NULL)
# 278| len++;
# 279|
Error: GCC_ANALYZER_WARNING (CWE-126): [#def12]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:277:33: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:277:33: note: read of 4 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 275| case NFTNL_CHAIN_DEVICES:
# 276| dev_array = (const char **)data;
# 277|-> while (dev_array[len] != NULL)
# 278| len++;
# 279|
Error: GCC_ANALYZER_WARNING (CWE-126): [#def13]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:291:43: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:291:43: note: read of 4 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 289|
# 290| for (i = 0; i < len; i++)
# 291|-> c->dev_array[i] = strdup(dev_array[i]);
# 292|
# 293| c->dev_array_len = len;
Error: GCC_ANALYZER_WARNING (CWE-131): [#def14]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:291:59: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
# 289|
# 290| for (i = 0; i < len; i++)
# 291|-> c->dev_array[i] = strdup(dev_array[i]);
# 292|
# 293| c->dev_array_len = len;
Error: GCC_ANALYZER_WARNING (CWE-126): [#def15]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:296:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:296:17: note: read of 3 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 294| break;
# 295| case NFTNL_CHAIN_FLAGS:
# 296|-> memcpy(&c->chain_flags, data, sizeof(c->chain_flags));
# 297| break;
# 298| case NFTNL_CHAIN_ID:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def16]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:299:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:216:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/chain.c:299:17: note: read of 3 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 297| break;
# 298| case NFTNL_CHAIN_ID:
# 299|-> memcpy(&c->chain_id, data, sizeof(c->chain_id));
# 300| break;
# 301| case NFTNL_CHAIN_USERDATA:
Error: CPPCHECK_WARNING: [#def17]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/bitwise.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def18]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/byteorder.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-758): [#def19]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/data_reg.c:148: error[overlappingWriteUnion]: Overlapping read/write of union is undefined behavior
# 146| if (type)
# 147| *type = DATA_VERDICT;
# 148|-> data->len = sizeof(data->verdict);
# 149| break;
# 150| case NFT_JUMP:
Error: CPPCHECK_WARNING: [#def20]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/dynset.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def21]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/exthdr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def22]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/fib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def23]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/fwd.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def24]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/hash.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def25]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/immediate.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def26]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/inner.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def27]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/log.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def28]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/lookup.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def29]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/masq.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def30]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/nat.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def31]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/numgen.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def32]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/payload.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def33]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/expr/queue.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def34]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-131): [#def35]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:148:33: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’
# 146| case NFTNL_FLOWTABLE_DEVICES:
# 147| dev_array = (const char **)data;
# 148|-> while (dev_array[len] != NULL)
# 149| len++;
# 150|
Error: GCC_ANALYZER_WARNING (CWE-126): [#def36]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c: scope_hint: In function ‘nftnl_flowtable_set_data’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:148:33: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:1: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:148:33: note: read of 4 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 146| case NFTNL_FLOWTABLE_DEVICES:
# 147| dev_array = (const char **)data;
# 148|-> while (dev_array[len] != NULL)
# 149| len++;
# 150|
Error: GCC_ANALYZER_WARNING (CWE-126): [#def37]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:162:43: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:162:43: note: read of 4 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 160|
# 161| for (i = 0; i < len; i++)
# 162|-> c->dev_array[i] = strdup(dev_array[i]);
# 163|
# 164| c->dev_array_len = len;
Error: GCC_ANALYZER_WARNING (CWE-131): [#def38]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:162:59: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’
# 160|
# 161| for (i = 0; i < len; i++)
# 162|-> c->dev_array[i] = strdup(dev_array[i]);
# 163|
# 164| c->dev_array_len = len;
Error: GCC_ANALYZER_WARNING (CWE-126): [#def39]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:173:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:118:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/flowtable.c:173:17: note: read of 4 bytes from after the end of ‘data’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 171| break;
# 172| case NFTNL_FLOWTABLE_HANDLE:
# 173|-> memcpy(&c->handle, data, sizeof(c->handle));
# 174| break;
# 175| }
Error: CPPCHECK_WARNING: [#def40]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/ct_expect.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def41]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/ct_timeout.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def42]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/limit.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def43]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/obj/tunnel.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def44]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-126): [#def45]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c: scope_hint: In function ‘nftnl_obj_set_data’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:124:28: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:9: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:124:28: note: read of 2 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 122| break;
# 123| case NFTNL_OBJ_TYPE:
# 124|-> obj->ops = nftnl_obj_ops_lookup(*((uint32_t *)data));
# 125| if (!obj->ops)
# 126| return;
Error: GCC_ANALYZER_WARNING (CWE-126): [#def46]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:129:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:129:17: note: read of 3 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 127| break;
# 128| case NFTNL_OBJ_FAMILY:
# 129|-> memcpy(&obj->family, data, sizeof(obj->family));
# 130| break;
# 131| case NFTNL_OBJ_USE:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def47]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:132:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:132:17: note: read of 3 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 130| break;
# 131| case NFTNL_OBJ_USE:
# 132|-> memcpy(&obj->use, data, sizeof(obj->use));
# 133| break;
# 134| case NFTNL_OBJ_HANDLE:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def48]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:135:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:112:17: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/object.c:135:17: note: read of 4 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 133| break;
# 134| case NFTNL_OBJ_HANDLE:
# 135|-> memcpy(&obj->handle, data, sizeof(obj->handle));
# 136| break;
# 137| case NFTNL_OBJ_USERDATA:
Error: CPPCHECK_WARNING: [#def49]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-126): [#def50]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c: scope_hint: In function ‘nftnl_rule_set_data’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:134:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:11: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:134:17: note: read of 4 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 132| break;
# 133| case NFTNL_RULE_HANDLE:
# 134|-> memcpy(&r->handle, data, sizeof(r->handle));
# 135| break;
# 136| case NFTNL_RULE_COMPAT_PROTO:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def51]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:146:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:114:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:146:17: note: read of 4 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 144| break;
# 145| case NFTNL_RULE_POSITION:
# 146|-> memcpy(&r->position, data, sizeof(r->position));
# 147| break;
# 148| case NFTNL_RULE_USERDATA:
Error: CLANG_WARNING: [#def52]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/rule.c:600:3: warning[deadcode.DeadStores]: Value stored to 'sep' is never read
# 598| r->position_id);
# 599| SNPRINTF_BUFFER_SIZE(ret, remain, offset);
# 600|-> sep = " ";
# 601| }
# 602|
Error: CPPCHECK_WARNING: [#def53]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/ruleset.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def54]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-126): [#def55]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c: scope_hint: In function ‘nftnl_set_set_data’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:165:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:11: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:145:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:145:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:165:17: note: read of 4 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 163| break;
# 164| case NFTNL_SET_HANDLE:
# 165|-> memcpy(&s->handle, data, sizeof(s->handle));
# 166| break;
# 167| case NFTNL_SET_FLAGS:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def56]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:208:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:145:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:145:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set.c:208:17: note: read of 4 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 206| break;
# 207| case NFTNL_SET_TIMEOUT:
# 208|-> memcpy(&s->timeout, data, sizeof(s->timeout));
# 209| break;
# 210| case NFTNL_SET_GC_INTERVAL:
Error: CPPCHECK_WARNING: [#def57]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def58]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: scope_hint: In function ‘nftnl_set_elem_get_u32’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c:265:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 263| uint32_t size, val;
# 264|
# 265|-> memcpy(&val, nftnl_set_elem_get(s, attr, &size), sizeof(val));
# 266|
# 267| return val;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def59]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c: scope_hint: In function ‘nftnl_set_elem_get_u64’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/set_elem.c:276:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 274| uint64_t val;
# 275|
# 276|-> memcpy(&val, nftnl_set_elem_get(s, attr, &size), sizeof(val));
# 277|
# 278| return val;
Error: CPPCHECK_WARNING: [#def60]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-126): [#def61]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c: scope_hint: In function ‘nftnl_table_set_data’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:112:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/include/internal.h:7: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:11: included_from: Included from here.
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:112:17: note: read of 4 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 110| break;
# 111| case NFTNL_TABLE_HANDLE:
# 112|-> memcpy(&t->handle, data, sizeof(t->handle));
# 113| break;
# 114| case NFTNL_TABLE_FLAGS:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def62]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:115:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:115:17: note: read of 3 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 113| break;
# 114| case NFTNL_TABLE_FLAGS:
# 115|-> memcpy(&t->table_flags, data, sizeof(t->table_flags));
# 116| break;
# 117| case NFTNL_TABLE_FAMILY:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def63]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:118:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:118:17: note: read of 3 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 116| break;
# 117| case NFTNL_TABLE_FAMILY:
# 118|-> memcpy(&t->family, data, sizeof(t->family));
# 119| break;
# 120| case NFTNL_TABLE_USE:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def64]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:121:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:121:17: note: read of 3 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 119| break;
# 120| case NFTNL_TABLE_USE:
# 121|-> memcpy(&t->use, data, sizeof(t->use));
# 122| break;
# 123| case NFTNL_TABLE_USERDATA:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def65]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:134:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:100:9: note: in expansion of macro ‘nftnl_assert_validate’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/table.c:134:17: note: read of 3 bytes from after the end of ‘val’
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 132| break;
# 133| case NFTNL_TABLE_OWNER:
# 134|-> memcpy(&t->owner, data, sizeof(t->owner));
# 135| break;
# 136| }
Error: CPPCHECK_WARNING: [#def66]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/trace.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-476): [#def67]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c:83: warning[nullPointer]: Possible null pointer dereference: value
# 81| attr->len = len;
# 82| attr->type = type;
# 83|-> memcpy(attr->value, value, len);
# 84|
# 85| buf->end = (char *)nftnl_udata_next(attr);
Error: CLANG_WARNING: [#def68]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c:83:2: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 81| attr->len = len;
# 82| attr->type = type;
# 83|-> memcpy(attr->value, value, len);
# 84|
# 85| buf->end = (char *)nftnl_udata_next(attr);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def69]
libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c: scope_hint: In function ‘nftnl_udata_put’
libnftnl-1.2.6-build/libnftnl-1.2.6/src/udata.c:83:9: warning[-Wanalyzer-null-argument]: use of NULL ‘value’ where non-null expected
<built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null
# 81| attr->len = len;
# 82| attr->type = type;
# 83|-> memcpy(attr->value, value, len);
# 84|
# 85| buf->end = (char *)nftnl_udata_next(attr);
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-154.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | libnftnl-1.2.6-6.fc41 |
| store-results-to | /tmp/tmp14dy1mq1/libnftnl-1.2.6-6.fc41.tar.xz |
| time-created | 2024-07-03 15:48:32 |
| time-finished | 2024-07-03 15:49:58 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmp14dy1mq1/libnftnl-1.2.6-6.fc41.tar.xz' '--gcc-analyze' '/tmp/tmp14dy1mq1/libnftnl-1.2.6-6.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |