libsodium-1.0.20-1.fc41
List of Defects
Error: CPPCHECK_WARNING: [#def1]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_aead/aegis128l/aegis128l_aesni.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-457): [#def2]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_aead/aegis128l/aegis128l_aesni.c:59: included_from: Included from here.
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_aead/aegis128l/aegis128l_common.h: scope_hint: In function 'encrypt_detached'
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_aead/aegis128l/aegis128l_common.h:186:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '&dst'
# 184| memcpy(src, m + i, mlen % RATE);
# 185| aegis128l_enc(dst, src, state);
# 186|-> memcpy(c + i, dst, mlen % RATE);
# 187| }
# 188|
Error: CPPCHECK_WARNING: [#def3]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_aead/aegis128l/aegis128l_soft.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def4]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_aead/aegis256/aegis256_aesni.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-457): [#def5]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_aead/aegis256/aegis256_soft.c:47: included_from: Included from here.
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_aead/aegis256/aegis256_common.h: scope_hint: In function 'encrypt_detached'
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_aead/aegis256/aegis256_common.h:169:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '&dst'
# 167| memcpy(src, m + i, mlen % RATE);
# 168| aegis256_enc(dst, src, state);
# 169|-> memcpy(c + i, dst, mlen % RATE);
# 170| }
# 171|
Error: CPPCHECK_WARNING: [#def6]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_aead/aegis256/aegis256_soft.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def7]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def8]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-1164): [#def9]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c:501:1: warning[-Wunused-function]: 'ge25519_p3_to_precomp' defined but not used
# 501 | ge25519_p3_to_precomp(ge25519_precomp *pi, const ge25519_p3 *p)
# | ^~~~~~~~~~~~~~~~~~~~~
# 499|
# 500| static void
# 501|-> ge25519_p3_to_precomp(ge25519_precomp *pi, const ge25519_p3 *p)
# 502| {
# 503| fe25519 recip;
Error: CPPCHECK_WARNING (CWE-758): [#def10]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:36: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 34| t[4] = f[4];
# 35|
# 36|-> t[1] += t[0] >> 51;
# 37| t[0] &= mask;
# 38| t[2] += t[1] >> 51;
Error: CPPCHECK_WARNING (CWE-758): [#def11]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:38: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 36| t[1] += t[0] >> 51;
# 37| t[0] &= mask;
# 38|-> t[2] += t[1] >> 51;
# 39| t[1] &= mask;
# 40| t[3] += t[2] >> 51;
Error: CPPCHECK_WARNING (CWE-758): [#def12]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:40: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 38| t[2] += t[1] >> 51;
# 39| t[1] &= mask;
# 40|-> t[3] += t[2] >> 51;
# 41| t[2] &= mask;
# 42| t[4] += t[3] >> 51;
Error: CPPCHECK_WARNING (CWE-758): [#def13]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:42: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 40| t[3] += t[2] >> 51;
# 41| t[2] &= mask;
# 42|-> t[4] += t[3] >> 51;
# 43| t[3] &= mask;
# 44| t[0] += 19 * (t[4] >> 51);
Error: CPPCHECK_WARNING (CWE-758): [#def14]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:44: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 42| t[4] += t[3] >> 51;
# 43| t[3] &= mask;
# 44|-> t[0] += 19 * (t[4] >> 51);
# 45| t[4] &= mask;
# 46|
Error: CPPCHECK_WARNING (CWE-758): [#def15]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:47: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 45| t[4] &= mask;
# 46|
# 47|-> t[1] += t[0] >> 51;
# 48| t[0] &= mask;
# 49| t[2] += t[1] >> 51;
Error: CPPCHECK_WARNING (CWE-758): [#def16]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:49: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 47| t[1] += t[0] >> 51;
# 48| t[0] &= mask;
# 49|-> t[2] += t[1] >> 51;
# 50| t[1] &= mask;
# 51| t[3] += t[2] >> 51;
Error: CPPCHECK_WARNING (CWE-758): [#def17]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:51: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 49| t[2] += t[1] >> 51;
# 50| t[1] &= mask;
# 51|-> t[3] += t[2] >> 51;
# 52| t[2] &= mask;
# 53| t[4] += t[3] >> 51;
Error: CPPCHECK_WARNING (CWE-758): [#def18]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:53: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 51| t[3] += t[2] >> 51;
# 52| t[2] &= mask;
# 53|-> t[4] += t[3] >> 51;
# 54| t[3] &= mask;
# 55| t[0] += 19 * (t[4] >> 51);
Error: CPPCHECK_WARNING (CWE-758): [#def19]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:55: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 53| t[4] += t[3] >> 51;
# 54| t[3] &= mask;
# 55|-> t[0] += 19 * (t[4] >> 51);
# 56| t[4] &= mask;
# 57|
Error: CPPCHECK_WARNING (CWE-758): [#def20]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:63: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 61| t[0] += 19ULL;
# 62|
# 63|-> t[1] += t[0] >> 51;
# 64| t[0] &= mask;
# 65| t[2] += t[1] >> 51;
Error: CPPCHECK_WARNING (CWE-758): [#def21]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:65: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 63| t[1] += t[0] >> 51;
# 64| t[0] &= mask;
# 65|-> t[2] += t[1] >> 51;
# 66| t[1] &= mask;
# 67| t[3] += t[2] >> 51;
Error: CPPCHECK_WARNING (CWE-758): [#def22]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:67: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 65| t[2] += t[1] >> 51;
# 66| t[1] &= mask;
# 67|-> t[3] += t[2] >> 51;
# 68| t[2] &= mask;
# 69| t[4] += t[3] >> 51;
Error: CPPCHECK_WARNING (CWE-758): [#def23]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:69: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 67| t[3] += t[2] >> 51;
# 68| t[2] &= mask;
# 69|-> t[4] += t[3] >> 51;
# 70| t[3] &= mask;
# 71| t[0] += 19ULL * (t[4] >> 51);
Error: CPPCHECK_WARNING (CWE-758): [#def24]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:71: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 69| t[4] += t[3] >> 51;
# 70| t[3] &= mask;
# 71|-> t[0] += 19ULL * (t[4] >> 51);
# 72| t[4] &= mask;
# 73|
Error: CPPCHECK_WARNING (CWE-758): [#def25]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:84: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 82| /* now between 2^255 and 2^256-20, and offset by 2^255. */
# 83|
# 84|-> t[1] += t[0] >> 51;
# 85| t[0] &= mask;
# 86| t[2] += t[1] >> 51;
Error: CPPCHECK_WARNING (CWE-758): [#def26]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:86: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 84| t[1] += t[0] >> 51;
# 85| t[0] &= mask;
# 86|-> t[2] += t[1] >> 51;
# 87| t[1] &= mask;
# 88| t[3] += t[2] >> 51;
Error: CPPCHECK_WARNING (CWE-758): [#def27]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:88: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 86| t[2] += t[1] >> 51;
# 87| t[1] &= mask;
# 88|-> t[3] += t[2] >> 51;
# 89| t[2] &= mask;
# 90| t[4] += t[3] >> 51;
Error: CPPCHECK_WARNING (CWE-758): [#def28]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_core/ed25519/ref10/fe_51/fe.h:90: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 88| t[3] += t[2] >> 51;
# 89| t[2] &= mask;
# 90|-> t[4] += t[3] >> 51;
# 91| t[3] &= mask;
# 92| t[4] &= mask;
Error: CPPCHECK_WARNING: [#def29]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-758): [#def30]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c:65: error[shiftTooManyBits]: Shifting 32-bit value by 64 bits is undefined behaviour
# 63| {
# 64| #ifdef HAVE_TI_MODE
# 65|-> uint128_t t = ((uint128_t) S->t[1] << 64) | S->t[0];
# 66| t += inc;
# 67| S->t[0] = (uint64_t)(t >> 0);
Error: CPPCHECK_WARNING (CWE-758): [#def31]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c:68: error[shiftTooManyBits]: Shifting 32-bit value by 64 bits is undefined behaviour
# 66| t += inc;
# 67| S->t[0] = (uint64_t)(t >> 0);
# 68|-> S->t[1] = (uint64_t)(t >> 64);
# 69| #else
# 70| S->t[0] += inc;
Error: GCC_ANALYZER_WARNING (CWE-457): [#def32]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c: scope_hint: In function 'blake2b_final'
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c:325:5: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '&buffer'
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c: scope_hint: In function 'blake2b_final'
# 323| STORE64_LE(buffer + 8 * 6, S->h[6]);
# 324| STORE64_LE(buffer + 8 * 7, S->h[7]);
# 325|-> memcpy(out, buffer, outlen); /* outlen <= BLAKE2B_OUTBYTES (64) */
# 326|
# 327| sodium_memzero(S->h, sizeof S->h);
Error: CPPCHECK_WARNING: [#def33]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_hash/sha256/cp/hash_sha256_cp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def34]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-457): [#def35]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c: scope_hint: In function 'SHA512_Transform'
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c:107:10: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '*<unknown>'
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c:100:32: note: in definition of macro 'RND'
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c:123:9: note: in expansion of macro 'RNDr'
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c:37: included_from: Included from here.
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/common.h:154:47: note: in definition of macro 'STORE64_BE'
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/common.h:154:47: note: in definition of macro 'STORE64_BE'
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/common.h:133:34: note: in definition of macro 'LOAD64_BE'
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c:100:32: note: in definition of macro 'RND'
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c:123:9: note: in expansion of macro 'RNDr'
# 105| RND(S[(80 - i) % 8], S[(81 - i) % 8], S[(82 - i) % 8], S[(83 - i) % 8], \
# 106| S[(84 - i) % 8], S[(85 - i) % 8], S[(86 - i) % 8], S[(87 - i) % 8], \
# 107|-> W[i + ii] + Krnd[i + ii])
# 108|
# 109| #define MSCH(W, ii, i) \
Error: CPPCHECK_WARNING (CWE-758): [#def36]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna64.h:113: error[shiftTooManyBits]: Shifting 32-bit value by 44 bits is undefined behaviour
# 111|
# 112| /* (partial) h %= p */
# 113|-> c = SHR(d0, 44);
# 114| h0 = LO(d0) & 0xfffffffffff;
# 115| ADDLO(d1, c);
Error: CPPCHECK_WARNING (CWE-758): [#def37]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna64.h:116: error[shiftTooManyBits]: Shifting 32-bit value by 44 bits is undefined behaviour
# 114| h0 = LO(d0) & 0xfffffffffff;
# 115| ADDLO(d1, c);
# 116|-> c = SHR(d1, 44);
# 117| h1 = LO(d1) & 0xfffffffffff;
# 118| ADDLO(d2, c);
Error: CPPCHECK_WARNING (CWE-758): [#def38]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna64.h:119: error[shiftTooManyBits]: Shifting 32-bit value by 42 bits is undefined behaviour
# 117| h1 = LO(d1) & 0xfffffffffff;
# 118| ADDLO(d2, c);
# 119|-> c = SHR(d2, 42);
# 120| h2 = LO(d2) & 0x3ffffffffff;
# 121| h0 += c * 5;
Error: CPPCHECK_WARNING: [#def39]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_onetimeauth/poly1305/sse2/poly1305_sse2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-758): [#def40]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_onetimeauth/poly1305/sse2/poly1305_sse2.c:169: error[shiftTooManyBits]: Shifting 32-bit value by 44 bits is undefined behaviour
# 167|
# 168| rt0 = (uint64_t) d[0] & 0xfffffffffff;
# 169|-> c = (uint64_t)(d[0] >> 44);
# 170| d[1] += c;
# 171|
Error: CPPCHECK_WARNING (CWE-758): [#def41]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_onetimeauth/poly1305/sse2/poly1305_sse2.c:173: error[shiftTooManyBits]: Shifting 32-bit value by 44 bits is undefined behaviour
# 171|
# 172| rt1 = (uint64_t) d[1] & 0xfffffffffff;
# 173|-> c = (uint64_t)(d[1] >> 44);
# 174| d[2] += c;
# 175|
Error: CPPCHECK_WARNING (CWE-758): [#def42]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_onetimeauth/poly1305/sse2/poly1305_sse2.c:177: error[shiftTooManyBits]: Shifting 32-bit value by 42 bits is undefined behaviour
# 175|
# 176| rt2 = (uint64_t) d[2] & 0x3ffffffffff;
# 177|-> c = (uint64_t)(d[2] >> 42);
# 178| rt0 += c * 5;
# 179| c = (rt0 >> 44);
Error: CPPCHECK_WARNING: [#def43]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/argon2/argon2-core.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-1164): [#def44]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/argon2/argon2.c:23: included_from: Included from here.
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/argon2/argon2-core.h:139:17: warning[-Wunused-function]: 'index_alpha' defined but not used
# 139 | static uint32_t index_alpha(const argon2_instance_t *instance,
# | ^~~~~~~~~~~
# 137| * @pre All pointers must be valid
# 138| */
# 139|-> static uint32_t index_alpha(const argon2_instance_t *instance,
# 140| const argon2_position_t *position, uint32_t pseudo_rand,
# 141| int same_lane)
Error: CPPCHECK_WARNING: [#def45]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/argon2/argon2-encoding.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def46]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/argon2/argon2-fill-block-avx2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def47]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/argon2/argon2-fill-block-avx512f.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def48]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/argon2/argon2-fill-block-ref.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def49]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/argon2/argon2-fill-block-ssse3.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def50]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/argon2/argon2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def51]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/argon2/blake2b-long.c:54: warning[uninitvar]: Uninitialized variable: out_buffer
# 52| TRY(crypto_generichash_blake2b_final(
# 53| &blake_state, out_buffer, crypto_generichash_blake2b_BYTES_MAX));
# 54|-> memcpy(out, out_buffer, crypto_generichash_blake2b_BYTES_MAX / 2);
# 55| out += crypto_generichash_blake2b_BYTES_MAX / 2;
# 56| toproduce =
Error: CPPCHECK_WARNING: [#def52]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def53]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c:188:5: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 186| }
# 187| dst = buf;
# 188|-> memcpy(dst, setting, prefixlen + saltlen);
# 189| dst += prefixlen + saltlen;
# 190| *dst++ = '$';
Error: CPPCHECK_WARNING: [#def54]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/scryptsalsa208sha256/nosse/pwhash_scryptsalsa208sha256_nosse.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def55]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def56]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def57]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def58]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_secretbox/xchacha20poly1305/secretbox_xchacha20poly1305.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def59]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_secretstream/xchacha20poly1305/secretstream_xchacha20poly1305.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def60]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_stream/chacha20/dolbeau/chacha20_dolbeau-avx2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def61]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_stream/chacha20/dolbeau/chacha20_dolbeau-ssse3.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def62]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_stream/chacha20/ref/chacha20_ref.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def63]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_stream/salsa20/xmm6int/salsa20_xmm6int-avx2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-1164): [#def64]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:109:1: warning[-Wunused-function]: 'fe25519_cmov' defined but not used
# 109 | fe25519_cmov(fe25519 f, const fe25519 g, unsigned int b)
# | ^~~~~~~~~~~~
# 107|
# 108| static void
# 109|-> fe25519_cmov(fe25519 f, const fe25519 g, unsigned int b)
# 110| {
# 111| const uint64_t mask = (uint64_t) (-(int64_t) b);
Error: COMPILER_WARNING (CWE-1164): [#def65]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:146:1: warning[-Wunused-function]: 'fe25519_cswap' defined but not used
# 146 | fe25519_cswap(fe25519 f, fe25519 g, unsigned int b)
# | ^~~~~~~~~~~~~
# 144|
# 145| static void
# 146|-> fe25519_cswap(fe25519 f, fe25519 g, unsigned int b)
# 147| {
# 148| const uint64_t mask = (uint64_t) (-(int64_t) b);
Error: COMPILER_WARNING (CWE-1164): [#def66]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:233:1: warning[-Wunused-function]: 'fe25519_mul' defined but not used
# 233 | fe25519_mul(fe25519 h, const fe25519 f, const fe25519 g)
# | ^~~~~~~~~~~
# 231|
# 232| static void
# 233|-> fe25519_mul(fe25519 h, const fe25519 f, const fe25519 g)
# 234| {
# 235| const uint64_t mask = 0x7ffffffffffffULL;
Error: CPPCHECK_WARNING (CWE-758): [#def67]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:290: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 288|
# 289| r00 = ((uint64_t) r0) & mask;
# 290|-> carry = r0 >> 51;
# 291| r1 += carry;
# 292| r01 = ((uint64_t) r1) & mask;
Error: CPPCHECK_WARNING (CWE-758): [#def68]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:293: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 291| r1 += carry;
# 292| r01 = ((uint64_t) r1) & mask;
# 293|-> carry = r1 >> 51;
# 294| r2 += carry;
# 295| r02 = ((uint64_t) r2) & mask;
Error: CPPCHECK_WARNING (CWE-758): [#def69]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:296: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 294| r2 += carry;
# 295| r02 = ((uint64_t) r2) & mask;
# 296|-> carry = r2 >> 51;
# 297| r3 += carry;
# 298| r03 = ((uint64_t) r3) & mask;
Error: CPPCHECK_WARNING (CWE-758): [#def70]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:299: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 297| r3 += carry;
# 298| r03 = ((uint64_t) r3) & mask;
# 299|-> carry = r3 >> 51;
# 300| r4 += carry;
# 301| r04 = ((uint64_t) r4) & mask;
Error: CPPCHECK_WARNING (CWE-758): [#def71]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:302: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 300| r4 += carry;
# 301| r04 = ((uint64_t) r4) & mask;
# 302|-> carry = r4 >> 51;
# 303| r00 += 19ULL * (uint64_t) carry;
# 304| carry = r00 >> 51;
Error: COMPILER_WARNING (CWE-1164): [#def72]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:324:1: warning[-Wunused-function]: 'fe25519_sq' defined but not used
# 324 | fe25519_sq(fe25519 h, const fe25519 f)
# | ^~~~~~~~~~
# 322|
# 323| static void
# 324|-> fe25519_sq(fe25519 h, const fe25519 f)
# 325| {
# 326| const uint64_t mask = 0x7ffffffffffffULL;
Error: CPPCHECK_WARNING (CWE-758): [#def73]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:369: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 367|
# 368| r00 = ((uint64_t) r0) & mask;
# 369|-> carry = r0 >> 51;
# 370| r1 += carry;
# 371| r01 = ((uint64_t) r1) & mask;
Error: CPPCHECK_WARNING (CWE-758): [#def74]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:372: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 370| r1 += carry;
# 371| r01 = ((uint64_t) r1) & mask;
# 372|-> carry = r1 >> 51;
# 373| r2 += carry;
# 374| r02 = ((uint64_t) r2) & mask;
Error: CPPCHECK_WARNING (CWE-758): [#def75]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:375: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 373| r2 += carry;
# 374| r02 = ((uint64_t) r2) & mask;
# 375|-> carry = r2 >> 51;
# 376| r3 += carry;
# 377| r03 = ((uint64_t) r3) & mask;
Error: CPPCHECK_WARNING (CWE-758): [#def76]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:378: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 376| r3 += carry;
# 377| r03 = ((uint64_t) r3) & mask;
# 378|-> carry = r3 >> 51;
# 379| r4 += carry;
# 380| r04 = ((uint64_t) r4) & mask;
Error: CPPCHECK_WARNING (CWE-758): [#def77]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:381: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 379| r4 += carry;
# 380| r04 = ((uint64_t) r4) & mask;
# 381|-> carry = r4 >> 51;
# 382| r00 += 19ULL * (uint64_t) carry;
# 383| carry = r00 >> 51;
Error: COMPILER_WARNING (CWE-1164): [#def78]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10.h:23: included_from: Included from here.
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/crypto_sign/ed25519/ref10/obsolete.c:9: included_from: Included from here.
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:403:1: warning[-Wunused-function]: 'fe25519_sq2' defined but not used
# 403 | fe25519_sq2(fe25519 h, const fe25519 f)
# | ^~~~~~~~~~~
# 401|
# 402| static void
# 403|-> fe25519_sq2(fe25519 h, const fe25519 f)
# 404| {
# 405| const uint64_t mask = 0x7ffffffffffffULL;
Error: CPPCHECK_WARNING (CWE-758): [#def79]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:454: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 452|
# 453| r00 = ((uint64_t) r0) & mask;
# 454|-> carry = r0 >> 51;
# 455| r1 += carry;
# 456| r01 = ((uint64_t) r1) & mask;
Error: CPPCHECK_WARNING (CWE-758): [#def80]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:457: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 455| r1 += carry;
# 456| r01 = ((uint64_t) r1) & mask;
# 457|-> carry = r1 >> 51;
# 458| r2 += carry;
# 459| r02 = ((uint64_t) r2) & mask;
Error: CPPCHECK_WARNING (CWE-758): [#def81]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:460: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 458| r2 += carry;
# 459| r02 = ((uint64_t) r2) & mask;
# 460|-> carry = r2 >> 51;
# 461| r3 += carry;
# 462| r03 = ((uint64_t) r3) & mask;
Error: CPPCHECK_WARNING (CWE-758): [#def82]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:463: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 461| r3 += carry;
# 462| r03 = ((uint64_t) r3) & mask;
# 463|-> carry = r3 >> 51;
# 464| r4 += carry;
# 465| r04 = ((uint64_t) r4) & mask;
Error: CPPCHECK_WARNING (CWE-758): [#def83]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:466: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 464| r4 += carry;
# 465| r04 = ((uint64_t) r4) & mask;
# 466|-> carry = r4 >> 51;
# 467| r00 += 19ULL * (uint64_t) carry;
# 468| carry = r00 >> 51;
Error: CPPCHECK_WARNING (CWE-758): [#def84]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:492: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 490| a = f[0] * sn;
# 491| h0 = ((uint64_t) a) & mask;
# 492|-> a = f[1] * sn + ((uint64_t) (a >> 51));
# 493| h1 = ((uint64_t) a) & mask;
# 494| a = f[2] * sn + ((uint64_t) (a >> 51));
Error: CPPCHECK_WARNING (CWE-758): [#def85]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:494: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 492| a = f[1] * sn + ((uint64_t) (a >> 51));
# 493| h1 = ((uint64_t) a) & mask;
# 494|-> a = f[2] * sn + ((uint64_t) (a >> 51));
# 495| h2 = ((uint64_t) a) & mask;
# 496| a = f[3] * sn + ((uint64_t) (a >> 51));
Error: CPPCHECK_WARNING (CWE-758): [#def86]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:496: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 494| a = f[2] * sn + ((uint64_t) (a >> 51));
# 495| h2 = ((uint64_t) a) & mask;
# 496|-> a = f[3] * sn + ((uint64_t) (a >> 51));
# 497| h3 = ((uint64_t) a) & mask;
# 498| a = f[4] * sn + ((uint64_t) (a >> 51));
Error: CPPCHECK_WARNING (CWE-758): [#def87]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:498: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 496| a = f[3] * sn + ((uint64_t) (a >> 51));
# 497| h3 = ((uint64_t) a) & mask;
# 498|-> a = f[4] * sn + ((uint64_t) (a >> 51));
# 499| h4 = ((uint64_t) a) & mask;
# 500|
Error: CPPCHECK_WARNING (CWE-758): [#def88]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/include/sodium/private/ed25519_ref10_fe_51.h:501: error[shiftTooManyBits]: Shifting 32-bit value by 51 bits is undefined behaviour
# 499| h4 = ((uint64_t) a) & mask;
# 500|
# 501|-> h0 += (a >> 51) * 19ULL;
# 502|
# 503| h[0] = h0;
Error: COMPILER_WARNING (CWE-1164): [#def89]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/randombytes/internal/randombytes_internal_random.c:325:1: warning[-Wunused-function]: 'safe_read' defined but not used
# 325 | safe_read(const int fd, void * const buf_, size_t size)
# | ^~~~~~~~~
# 323|
# 324| static ssize_t
# 325|-> safe_read(const int fd, void * const buf_, size_t size)
# 326| {
# 327| unsigned char *buf = (unsigned char *) buf_;
Error: CPPCHECK_WARNING: [#def90]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/sodium/codecs.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-190): [#def91]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/sodium/codecs.c:122: error[integerOverflow]: Signed integer overflow for expression ''0'-52'.
# 120| return (LT(x, 26) & (x + 'A')) |
# 121| (GE(x, 26) & LT(x, 52) & (x + ('a' - 26))) |
# 122|-> (GE(x, 52) & LT(x, 62) & (x + ('0' - 52))) | (EQ(x, 62) & '+') |
# 123| (EQ(x, 63) & '/');
# 124| }
Error: CPPCHECK_WARNING (CWE-190): [#def92]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/sodium/codecs.c:143: error[integerOverflow]: Signed integer overflow for expression ''0'-52'.
# 141| return (LT(x, 26) & (x + 'A')) |
# 142| (GE(x, 26) & LT(x, 52) & (x + ('a' - 26))) |
# 143|-> (GE(x, 52) & LT(x, 62) & (x + ('0' - 52))) | (EQ(x, 62) & '-') |
# 144| (EQ(x, 63) & '_');
# 145| }
Error: CPPCHECK_WARNING: [#def93]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/sodium/runtime.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def94]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/sodium/utils.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-563): [#def95]
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/sodium/utils.c: scope_hint: In function 'sodium_sub'
libsodium-1.0.20-build/libsodium-1.0.20/src/libsodium/sodium/utils.c:371:14: warning[-Wunused-variable]: unused variable 't32'
# 371 | uint32_t t32;
# | ^~~
# 369| uint64_t t64_1, t64_2, t64_3, t64_4;
# 370| uint64_t t64_5, t64_6, t64_7, t64_8;
# 371|-> uint32_t t32;
# 372|
# 373| if (len == 64U) {
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-142.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | libsodium-1.0.20-1.fc41 |
| store-results-to | /tmp/tmp9z_8bwvb/libsodium-1.0.20-1.fc41.tar.xz |
| time-created | 2024-07-03 15:57:34 |
| time-finished | 2024-07-03 16:03:55 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmp9z_8bwvb/libsodium-1.0.20-1.fc41.tar.xz' '--gcc-analyze' '/tmp/tmp9z_8bwvb/libsodium-1.0.20-1.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |