libselinux-3.7-1.fc41
List of Defects
Error: CPPCHECK_WARNING: [#def1]
libselinux-3.7-build/libselinux-3.7/src/avc.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def2]
libselinux-3.7-build/libselinux-3.7/src/avc_internal.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def3]
libselinux-3.7-build/libselinux-3.7/src/avc_internal.c:176:6: warning[core.uninitialized.Branch]: Branch condition evaluates to a garbage value
# 174| }
# 175|
# 176|-> if (nladdr.nl_pid) {
# 177| avc_log(SELINUX_WARNING,
# 178| "%s: warning: received spoofed netlink packet from: %u\n",
Error: CPPCHECK_WARNING: [#def4]
libselinux-3.7-build/libselinux-3.7/src/booleans.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def5]
libselinux-3.7-build/libselinux-3.7/src/compute_user.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def6]
libselinux-3.7-build/libselinux-3.7/src/context.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def7]
libselinux-3.7-build/libselinux-3.7/src/get_context_list.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def8]
libselinux-3.7-build/libselinux-3.7/src/get_default_type.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def9]
libselinux-3.7-build/libselinux-3.7/src/get_initial_context.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def10]
libselinux-3.7-build/libselinux-3.7/src/is_customizable_type.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def11]
libselinux-3.7-build/libselinux-3.7/src/label_db.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-401): [#def12]
libselinux-3.7-build/libselinux-3.7/src/label_file.c: scope_hint: In function ‘load_mmap’
libselinux-3.7-build/libselinux-3.7/src/label_file.c:204:24: warning[-Wanalyzer-malloc-leak]: leak of ‘mmap_area’
# 202| mmap_area = malloc(sizeof(*mmap_area));
# 203| if (!mmap_area) {
# 204|-> return -1;
# 205| }
# 206|
Error: GCC_ANALYZER_WARNING (CWE-401): [#def13]
libselinux-3.7-build/libselinux-3.7/src/label_file.c:25: included_from: Included from here.
libselinux-3.7-build/libselinux-3.7/src/label_file.h: scope_hint: In function ‘grow_specs’
libselinux-3.7-build/libselinux-3.7/src/label_file.h:145:27: warning[-Wanalyzer-malloc-leak]: leak of ‘specs’
libselinux-3.7-build/libselinux-3.7/src/label_file.c:14: included_from: Included from here.
# 143|
# 144| data->spec_arr = specs;
# 145|-> data->alloc_specs = total_specs;
# 146| return 0;
# 147| }
Error: GCC_ANALYZER_WARNING (CWE-127): [#def14]
libselinux-3.7-build/libselinux-3.7/utils/sefcontext_compile.c:14: included_from: Included from here.
libselinux-3.7-build/libselinux-3.7/src/label_file.h: scope_hint: In function ‘sort_specs’
libselinux-3.7-build/libselinux-3.7/src/label_file.h:224:17: warning[-Wanalyzer-out-of-bounds]: heap-based buffer under-read
libselinux-3.7-build/libselinux-3.7/src/callbacks.h:14: included_from: Included from here.
libselinux-3.7-build/libselinux-3.7/src/label_file.h:19: included_from: Included from here.
libselinux-3.7-build/libselinux-3.7/src/label_file.h:491:9: note: in expansion of macro ‘__pthread_mutex_init’
libselinux-3.7-build/libselinux-3.7/src/label_file.h:491:9: note: in expansion of macro ‘__pthread_mutex_init’
libselinux-3.7-build/libselinux-3.7/src/label_file.h:365:9: note: in expansion of macro ‘__pthread_mutex_lock’
libselinux-3.7-build/libselinux-3.7/src/label_file.h:365:9: note: in expansion of macro ‘__pthread_mutex_lock’
libselinux-3.7-build/libselinux-3.7/src/label_file.h:365:9: note: in expansion of macro ‘__pthread_mutex_lock’
libselinux-3.7-build/libselinux-3.7/src/label_file.h:377:17: note: in expansion of macro ‘__pthread_mutex_unlock’
libselinux-3.7-build/libselinux-3.7/src/label_file.h:377:17: note: in expansion of macro ‘__pthread_mutex_unlock’
# └──────────────────────────────────┘
# ^
# 222| memcpy(&spec, &spec_copy[front], len);
# 223| /* move the back to the front */
# 224|-> memcpy(&spec_copy[front], &spec_copy[back], len);
# 225| /* put the old front in the back */
# 226| memcpy(&spec_copy[back], &spec, len);
Error: GCC_ANALYZER_WARNING (CWE-124): [#def15]
libselinux-3.7-build/libselinux-3.7/src/label_file.h:226:17: warning[-Wanalyzer-out-of-bounds]: heap-based buffer underwrite
libselinux-3.7-build/libselinux-3.7/src/label_file.h:491:9: note: in expansion of macro ‘__pthread_mutex_init’
libselinux-3.7-build/libselinux-3.7/src/label_file.h:491:9: note: in expansion of macro ‘__pthread_mutex_init’
libselinux-3.7-build/libselinux-3.7/src/label_file.h:365:9: note: in expansion of macro ‘__pthread_mutex_lock’
libselinux-3.7-build/libselinux-3.7/src/label_file.h:365:9: note: in expansion of macro ‘__pthread_mutex_lock’
libselinux-3.7-build/libselinux-3.7/src/label_file.h:365:9: note: in expansion of macro ‘__pthread_mutex_lock’
libselinux-3.7-build/libselinux-3.7/src/label_file.h:377:17: note: in expansion of macro ‘__pthread_mutex_unlock’
libselinux-3.7-build/libselinux-3.7/src/label_file.h:377:17: note: in expansion of macro ‘__pthread_mutex_unlock’
# 224| memcpy(&spec_copy[front], &spec_copy[back], len);
# 225| /* put the old front in the back */
# 226|-> memcpy(&spec_copy[back], &spec, len);
# 227| front++;
# 228| back--;
Error: CPPCHECK_WARNING: [#def16]
libselinux-3.7-build/libselinux-3.7/src/label_media.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def17]
libselinux-3.7-build/libselinux-3.7/src/label_support.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-401): [#def18]
libselinux-3.7-build/libselinux-3.7/src/label_support.c: scope_hint: In function ‘read_spec_entries’
libselinux-3.7-build/libselinux-3.7/src/label_support.c:95:28: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 93| items = 0;
# 94| while (items < num_args) {
# 95|-> spec_entry = va_arg(ap, char **);
# 96|
# 97| if (len - 1 == buf_p - line_buf) {
Error: CPPCHECK_WARNING: [#def19]
libselinux-3.7-build/libselinux-3.7/src/label_x.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def20]
libselinux-3.7-build/libselinux-3.7/src/load_policy.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def21]
libselinux-3.7-build/libselinux-3.7/src/mapping.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def22]
libselinux-3.7-build/libselinux-3.7/src/matchpathcon.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-416): [#def23]
libselinux-3.7-build/libselinux-3.7/src/matchpathcon.c: scope_hint: In function ‘free_array_elts’
libselinux-3.7-build/libselinux-3.7/src/matchpathcon.c:86:17: warning[-Wanalyzer-use-after-free]: use after ‘reallocarray’ of ‘con_array’
# 84| int i;
# 85| for (i = 0; i < con_array_used; i++)
# 86|-> free(con_array[i]);
# 87| free(con_array);
# 88|
Error: CPPCHECK_WARNING: [#def24]
libselinux-3.7-build/libselinux-3.7/src/procattr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def25]
libselinux-3.7-build/libselinux-3.7/src/query_user_context.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def26]
libselinux-3.7-build/libselinux-3.7/src/selinux_check_securetty_context.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def27]
libselinux-3.7-build/libselinux-3.7/src/selinux_config.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def28]
libselinux-3.7-build/libselinux-3.7/src/selinux_restorecon.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-416): [#def29]
libselinux-3.7-build/libselinux-3.7/src/selinux_restorecon.c: scope_hint: In function ‘add_exclude’
libselinux-3.7-build/libselinux-3.7/src/selinux_restorecon.c:160:53: warning[-Wanalyzer-use-after-free]: use after ‘reallocarray’ of ‘exclude_lst’
libselinux-3.7-build/libselinux-3.7/src/callbacks.h:14: included_from: Included from here.
libselinux-3.7-build/libselinux-3.7/src/selinux_restorecon.c:37: included_from: Included from here.
libselinux-3.7-build/libselinux-3.7/src/callbacks.h:37:9: note: in expansion of macro ‘__pthread_mutex_lock’
libselinux-3.7-build/libselinux-3.7/src/selinux_restorecon.c:200:9: note: in expansion of macro ‘selinux_log’
libselinux-3.7-build/libselinux-3.7/src/callbacks.h:39:9: note: in expansion of macro ‘__pthread_mutex_unlock’
libselinux-3.7-build/libselinux-3.7/src/selinux_restorecon.c:200:9: note: in expansion of macro ‘selinux_log’
libselinux-3.7-build/libselinux-3.7/src/selinux_restorecon.c:15: included_from: Included from here.
# 158| /* Check if already present. */
# 159| for (i = 0; i < exclude_count; i++) {
# 160|-> if (strcmp(directory, exclude_lst[i].directory) == 0)
# 161| return 0;
# 162| }
Error: GCC_ANALYZER_WARNING (CWE-415): [#def30]
libselinux-3.7-build/libselinux-3.7/src/selinux_restorecon.c:178:20: warning[-Wanalyzer-double-free]: double-‘reallocarray’ of ‘exclude_lst’
libselinux-3.7-build/libselinux-3.7/src/callbacks.h:37:9: note: in expansion of macro ‘__pthread_mutex_lock’
libselinux-3.7-build/libselinux-3.7/src/selinux_restorecon.c:200:9: note: in expansion of macro ‘selinux_log’
libselinux-3.7-build/libselinux-3.7/src/callbacks.h:39:9: note: in expansion of macro ‘__pthread_mutex_unlock’
libselinux-3.7-build/libselinux-3.7/src/selinux_restorecon.c:200:9: note: in expansion of macro ‘selinux_log’
# 176| }
# 177|
# 178|-> tmp_list = reallocarray(exclude_lst, exclude_count + 1, sizeof(struct edir));
# 179| if (!tmp_list)
# 180| goto oom;
Error: CLANG_WARNING: [#def31]
libselinux-3.7-build/libselinux-3.7/src/selinux_restorecon.c:1006:3: warning[core.CallAndMessage]: Called function pointer is null (null dereference)
# 1004| unlock:
# 1005| if (state->parallel)
# 1006|-> pthread_mutex_unlock(&state->mutex);
# 1007| return NULL;
# 1008| }
Error: GCC_ANALYZER_WARNING (CWE-476): [#def32]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c: scope_hint: In function ‘SWIG_MangledTypeQueryModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:621:13: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘iter’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:3249:12: note: in expansion of macro ‘SWIG_TypeQuery’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:3249:12: note: in expansion of macro ‘SWIG_TypeQuery’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:2970:37: note: in expansion of macro ‘SWIG_GetModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:2970:37: note: in expansion of macro ‘SWIG_GetModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:2970:37: note: in expansion of macro ‘SWIG_GetModule’
# 619| swig_module_info *iter = start;
# 620| do {
# 621|-> if (iter->size) {
# 622| size_t l = 0;
# 623| size_t r = iter->size - 1;
Error: GCC_ANALYZER_WARNING (CWE-126): [#def33]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1143:57: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15503:15: note: in expansion of macro ‘SWIG_InternalNewPointerObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15585:1: note: in expansion of macro ‘SWIG_init’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15325:17: note: in expansion of macro ‘SWIG_GetModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15325:17: note: in expansion of macro ‘SWIG_GetModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15704:3: note: in expansion of macro ‘SWIG_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1607:3: note: in expansion of macro ‘Py_INCREF’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c: scope_hint: In function ‘SWIG_Python_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15514:9: note: in expansion of macro ‘Py_DECREF’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c: scope_hint: In function ‘SWIG_Python_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15503:15: note: in expansion of macro ‘SWIG_InternalNewPointerObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1143:57: note: read of 8 bytes from after the end of ‘swig_const_table’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15503:15: note: in expansion of macro ‘SWIG_InternalNewPointerObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1143:57: note: valid subscripts for ‘swig_const_table’ are ‘[0]’ to ‘[0]’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15503:15: note: in expansion of macro ‘SWIG_InternalNewPointerObj’
# └──────────────────────────┘
# ^
# 1141| #endif
# 1142|
# 1143|-> #define SWIG_InternalNewPointerObj(ptr, type, flags) SWIG_Python_NewPointerObj(NULL, ptr, type, flags)
# 1144|
# 1145| #define SWIG_CheckImplicit(ty) SWIG_Python_CheckImplicit(ty)
Error: GCC_ANALYZER_WARNING (CWE-126): [#def34]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1151:57: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15585:1: note: in expansion of macro ‘SWIG_init’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15325:17: note: in expansion of macro ‘SWIG_GetModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15325:17: note: in expansion of macro ‘SWIG_GetModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15704:3: note: in expansion of macro ‘SWIG_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1607:3: note: in expansion of macro ‘Py_INCREF’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c: scope_hint: In function ‘SWIG_Python_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15514:9: note: in expansion of macro ‘Py_DECREF’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c: scope_hint: In function ‘SWIG_Python_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1151:57: note: read of 8 bytes from after the end of ‘swig_const_table’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1151:57: note: valid subscripts for ‘swig_const_table’ are ‘[0]’ to ‘[0]’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
# └──────────────────────────┘
# ^
# 1149| /* for raw packed data */
# 1150| #define SWIG_ConvertPacked(obj, ptr, sz, ty) SWIG_Python_ConvertPacked(obj, ptr, sz, ty)
# 1151|-> #define SWIG_NewPackedObj(ptr, sz, type) SWIG_Python_NewPackedObj(ptr, sz, type)
# 1152|
# 1153| /* for class or struct pointers */
Error: CLANG_WARNING: [#def35]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:6598:3: warning[deadcode.DeadStores]: Value stored to 'resultobj' is never read
# 6596| }
# 6597| }
# 6598|-> resultobj = SWIG_From_int((int)(result));
# 6599| {
# 6600| PyObject* plist;
Error: CLANG_WARNING: [#def36]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:6676:3: warning[deadcode.DeadStores]: Value stored to 'resultobj' is never read
# 6674| }
# 6675| }
# 6676|-> resultobj = SWIG_From_int((int)(result));
# 6677| {
# 6678| PyObject* plist;
Error: GCC_ANALYZER_WARNING (CWE-126): [#def37]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c: scope_hint: In function ‘SWIG_Python_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15500:29: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15585:1: note: in expansion of macro ‘SWIG_init’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15325:17: note: in expansion of macro ‘SWIG_GetModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15325:17: note: in expansion of macro ‘SWIG_GetModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15704:3: note: in expansion of macro ‘SWIG_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
/usr/include/python3.13/Python.h:68: included_from: Included from here.
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:198: included_from: Included from here.
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1607:3: note: in expansion of macro ‘Py_INCREF’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c: scope_hint: In function ‘SWIG_Python_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15514:9: note: in expansion of macro ‘Py_DECREF’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c: scope_hint: In function ‘SWIG_Python_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15500:29: note: read of 4 bytes from after the end of ‘swig_const_table’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15500:29: note: valid subscripts for ‘swig_const_table’ are ‘[0]’ to ‘[0]’
# └───────────────────────┘
# ^
#15498| PyObject *obj = 0;
#15499| size_t i;
#15500|-> for (i = 0; constants[i].type; ++i) {
#15501| switch(constants[i].type) {
#15502| case SWIG_PY_POINTER:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def38]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15503:78: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1143:94: note: in definition of macro ‘SWIG_InternalNewPointerObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15585:1: note: in expansion of macro ‘SWIG_init’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15325:17: note: in expansion of macro ‘SWIG_GetModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15325:17: note: in expansion of macro ‘SWIG_GetModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15704:3: note: in expansion of macro ‘SWIG_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1607:3: note: in expansion of macro ‘Py_INCREF’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c: scope_hint: In function ‘SWIG_Python_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15514:9: note: in expansion of macro ‘Py_DECREF’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c: scope_hint: In function ‘SWIG_Python_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1143:94: note: in definition of macro ‘SWIG_InternalNewPointerObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15503:78: note: read of 8 bytes from after the end of ‘swig_const_table’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1143:94: note: in definition of macro ‘SWIG_InternalNewPointerObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15503:78: note: valid subscripts for ‘swig_const_table’ are ‘[0]’ to ‘[0]’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1143:94: note: in definition of macro ‘SWIG_InternalNewPointerObj’
# └─────────────────────────────────────────────┘
# ^
#15501| switch(constants[i].type) {
#15502| case SWIG_PY_POINTER:
#15503|-> obj = SWIG_InternalNewPointerObj(constants[i].pvalue, *(constants[i]).ptype,0);
#15504| break;
#15505| case SWIG_PY_BINARY:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def39]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:66: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1151:87: note: in definition of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15585:1: note: in expansion of macro ‘SWIG_init’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15325:17: note: in expansion of macro ‘SWIG_GetModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15325:17: note: in expansion of macro ‘SWIG_GetModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15704:3: note: in expansion of macro ‘SWIG_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1607:3: note: in expansion of macro ‘Py_INCREF’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c: scope_hint: In function ‘SWIG_Python_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15514:9: note: in expansion of macro ‘Py_DECREF’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c: scope_hint: In function ‘SWIG_Python_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1151:87: note: in definition of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:66: note: read of 8 bytes from after the end of ‘swig_const_table’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1151:87: note: in definition of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:66: note: valid subscripts for ‘swig_const_table’ are ‘[0]’ to ‘[0]’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1151:87: note: in definition of macro ‘SWIG_NewPackedObj’
# └────────────────────────────┘
# ^
#15504| break;
#15505| case SWIG_PY_BINARY:
#15506|-> obj = SWIG_NewPackedObj(constants[i].pvalue, constants[i].lvalue, *(constants[i].ptype));
#15507| break;
#15508| default:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def40]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:89: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1151:91: note: in definition of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15585:1: note: in expansion of macro ‘SWIG_init’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15325:17: note: in expansion of macro ‘SWIG_GetModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15325:17: note: in expansion of macro ‘SWIG_GetModule’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15704:3: note: in expansion of macro ‘SWIG_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1607:3: note: in expansion of macro ‘Py_INCREF’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c: scope_hint: In function ‘SWIG_Python_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:15: note: in expansion of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15514:9: note: in expansion of macro ‘Py_DECREF’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c: scope_hint: In function ‘SWIG_Python_InstallConstants’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1151:91: note: in definition of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:89: note: read of 8 bytes from after the end of ‘swig_const_table’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1151:91: note: in definition of macro ‘SWIG_NewPackedObj’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:15506:89: note: valid subscripts for ‘swig_const_table’ are ‘[0]’ to ‘[0]’
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_python_wrap.c:1151:91: note: in definition of macro ‘SWIG_NewPackedObj’
# └─────────────────────────────────────────────┘
# ^
#15504| break;
#15505| case SWIG_PY_BINARY:
#15506|-> obj = SWIG_NewPackedObj(constants[i].pvalue, constants[i].lvalue, *(constants[i].ptype));
#15507| break;
#15508| default:
Error: CPPCHECK_WARNING: [#def41]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_ruby_wrap.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def42]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_ruby_wrap.c:2081: error[uninitvar]: Uninitialized variable: v
# 2079| if (rb_funcall(obj, swig_lowerthan_id, 1, INT2FIX(0)) != Qfalse)
# 2080| return SWIG_OverflowError;
# 2081|-> if (val) *val = v;
# 2082| return SWIG_OK;
# 2083| }
Error: CPPCHECK_WARNING (CWE-457): [#def43]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_ruby_wrap.c:2167: error[uninitvar]: Uninitialized variable: v
# 2165| a[1] = (VALUE)(&v);
# 2166| if (rb_rescue(VALUEFUNC(SWIG_AUX_NUM2LONG), (VALUE)a, VALUEFUNC(SWIG_ruby_failed), 0) != Qnil) {
# 2167|-> if (val) *val = v;
# 2168| return SWIG_OK;
# 2169| }
Error: CPPCHECK_WARNING (CWE-457): [#def44]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_ruby_wrap.c:2228: error[uninitvar]: Uninitialized variable: v
# 2226| if (rb_funcall(obj, swig_lowerthan_id, 1, INT2FIX(0)) != Qfalse)
# 2227| return SWIG_OverflowError;
# 2228|-> if (val) *val = v;
# 2229| return SWIG_OK;
# 2230| }
Error: CLANG_WARNING: [#def45]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_ruby_wrap.c:8320:11: warning[unix.Malloc]: Potential memory leak
# 8318| arg1 = (int)(val1);
# 8319| result = selinux_get_callback(arg1);
# 8320|-> vresult = SWIG_NewPointerObj((union selinux_callback *)memcpy((union selinux_callback *)calloc(1,sizeof(union selinux_callback)),&result,sizeof(union selinux_callback)), SWIGTYPE_p_selinux_callback, SWIG_POINTER_OWN | 0 );
# 8321| return vresult;
# 8322| fail:
Error: CPPCHECK_WARNING (CWE-457): [#def46]
libselinux-3.7-build/libselinux-3.7/src/selinuxswig_ruby_wrap.c:10689: error[legacyUninitvar]: Uninitialized variable: arg1
#10687| }
#10688| arg3 = (char *)(buf3);
#10689|-> result = (int)matchpathcon_filespec_add(arg1,arg2,(char const *)arg3);
#10690| vresult = SWIG_From_int((int)(result));
#10691| if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
Error: CPPCHECK_WARNING: [#def47]
libselinux-3.7-build/libselinux-3.7/src/setrans_client.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def48]
libselinux-3.7-build/libselinux-3.7/src/seusers.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def49]
libselinux-3.7-build/libselinux-3.7/src/stringrep.c:75:16: warning[unix.MallocSizeof]: Result of 'calloc' is converted to a pointer of type 'char *', which is incompatible with sizeof operand type 'access_vector_t'
# 73|
# 74| /* allocate array for perms */
# 75|-> node->perms = calloc(MAXVECTORS,sizeof(char*));
# 76| if (node->perms == NULL)
# 77| goto err1;
Error: GCC_ANALYZER_WARNING (CWE-401): [#def50]
libselinux-3.7-build/libselinux-3.7/src/stringrep.c: scope_hint: In function ‘discover_class’
libselinux-3.7-build/libselinux-3.7/src/stringrep.c:148:20: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(&*dentry.d_name)’
# 146|
# 147| node->perms[value-1] = strdup(dentry->d_name);
# 148|-> if (node->perms[value-1] == NULL)
# 149| goto err4;
# 150|
Error: CPPCHECK_WARNING: [#def51]
libselinux-3.7-build/libselinux-3.7/utils/avcstat.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-775): [#def52]
libselinux-3.7-build/libselinux-3.7/utils/avcstat.c: scope_hint: In function ‘main’
libselinux-3.7-build/libselinux-3.7/utils/avcstat.c:160:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&avcstatfile, 0)’
# 158| memset(buf, 0, DEF_BUF_SIZE);
# 159| ret = read(fd, buf, DEF_BUF_SIZE-1);
# 160|-> if (ret < 0)
# 161| die("read");
# 162|
Error: GCC_ANALYZER_WARNING (CWE-775): [#def53]
libselinux-3.7-build/libselinux-3.7/utils/avcstat.c:163:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&avcstatfile, 0)’
# 161| die("read");
# 162|
# 163|-> if (ret == 0)
# 164| die("read: \'%s\': unexpected end of file",
# 165| avcstatfile);
Error: GCC_ANALYZER_WARNING (CWE-775): [#def54]
libselinux-3.7-build/libselinux-3.7/utils/avcstat.c:168:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&avcstatfile, 0)’
# 166|
# 167| line = strtok(buf, "\n");
# 168|-> if (!line)
# 169| die("unable to parse \'%s\': end of line not found",
# 170| avcstatfile);
Error: GCC_ANALYZER_WARNING (CWE-775): [#def55]
libselinux-3.7-build/libselinux-3.7/utils/avcstat.c:172:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&avcstatfile, 0)’
# 170| avcstatfile);
# 171|
# 172|-> if (strcmp(line, HEADERS))
# 173| die("unable to parse \'%s\': invalid headers",
# 174| avcstatfile);
Error: GCC_ANALYZER_WARNING (CWE-775): [#def56]
libselinux-3.7-build/libselinux-3.7/utils/avcstat.c:191:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&avcstatfile, 0)’
# 189| &tmp.allocations,
# 190| &tmp.reclaims, &tmp.frees);
# 191|-> if (ret != 6)
# 192| die("unable to parse \'%s\': scan error",
# 193| avcstatfile);
Error: GCC_ANALYZER_WARNING (CWE-775): [#def57]
libselinux-3.7-build/libselinux-3.7/utils/avcstat.c:195:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&avcstatfile, 0)’
# 193| avcstatfile);
# 194|
# 195|-> tot.lookups += tmp.lookups;
# 196| tot.hits += tmp.hits;
# 197| tot.misses += tmp.misses;
Error: GCC_ANALYZER_WARNING (CWE-775): [#def58]
libselinux-3.7-build/libselinux-3.7/utils/avcstat.c:204:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&avcstatfile, 0)’
# 202| }
# 203|
# 204|-> if (!parsed)
# 205| die("unable to parse \'%s\': no data", avcstatfile);
# 206|
Error: CPPCHECK_WARNING: [#def59]
libselinux-3.7-build/libselinux-3.7/utils/compute_av.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def60]
libselinux-3.7-build/libselinux-3.7/utils/getconlist.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def61]
libselinux-3.7-build/libselinux-3.7/utils/getdefaultcon.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def62]
libselinux-3.7-build/libselinux-3.7/utils/getdefaultcon.c:114:2: warning[unix.Malloc]: Potential leak of memory pointed to by 'level'
# 112| free(seuser);
# 113| if (level != dlevel) free(level);
# 114|-> free(dlevel);
# 115| free(usercon);
# 116| free(cur_con);
Error: CPPCHECK_WARNING: [#def63]
libselinux-3.7-build/libselinux-3.7/utils/getseuser.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def64]
libselinux-3.7-build/libselinux-3.7/utils/matchpathcon.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def65]
libselinux-3.7-build/libselinux-3.7/utils/sefcontext_compile.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def66]
libselinux-3.7-build/libselinux-3.7/utils/selabel_lookup_best_match.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def67]
libselinux-3.7-build/libselinux-3.7/utils/setenforce.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-76.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | libselinux-3.7-1.fc41 |
| store-results-to | /tmp/tmpxql7v3mb/libselinux-3.7-1.fc41.tar.xz |
| time-created | 2024-07-03 15:54:17 |
| time-finished | 2024-07-03 15:56:34 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpxql7v3mb/libselinux-3.7-1.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpxql7v3mb/libselinux-3.7-1.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |