libupnp-1.14.19-1.fc41
List of Defects
Error: CPPCHECK_WARNING: [#def1]
libupnp-1.14.19-build/pupnp-release-1.14.19/ixml/src/document.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def2]
libupnp-1.14.19-build/pupnp-release-1.14.19/ixml/src/element.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def3]
libupnp-1.14.19-build/pupnp-release-1.14.19/ixml/src/ixmlparser.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def4]
libupnp-1.14.19-build/pupnp-release-1.14.19/ixml/src/node.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def5]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/sample/common/tv_ctrlpt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def6]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/sample/common/tv_device.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-401): [#def7]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/api/UpnpString.c:91: error[memleak]: Memory leak: p.m_string
# 89| }
# 90|
# 91|-> return (UpnpString *)p;
# 92|
# 93| /*free(p->m_string); */
Error: CPPCHECK_WARNING (CWE-401): [#def8]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/api/UpnpString.c:127: error[memleak]: Memory leak: q.m_string
# 125| }
# 126|
# 127|-> return (UpnpString *)q;
# 128|
# 129| /*free(q->m_string); */
Error: CPPCHECK_WARNING: [#def9]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/api/upnpapi.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def10]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/api/upnptools.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def11]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_ctrlpt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def12]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_device.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-401): [#def13]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_device.c: scope_hint: In function 'genaInitNotifyCommon'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_device.c:657:16: warning[-Wanalyzer-malloc-leak]: leak of 'UDN_copy'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/threadutil/FreeList.h:43: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/threadutil/LinkedList.h:39: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/httpparser.h:40: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/gena_device.h:39: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_device.c:39: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/upnpapi.h:142:9: note: in expansion of macro 'ithread_rwlock_wrlock'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/upnpapi.h:137:22: note: in expansion of macro 'HandleWriteLock'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_device.c:549:9: note: in expansion of macro 'HandleLock'
# 655| ret);
# 656|
# 657|-> return ret;
# 658| }
# 659|
Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_device.c:657:16: warning[-Wanalyzer-malloc-leak]: leak of 'servId_copy'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/upnpapi.h:142:9: note: in expansion of macro 'ithread_rwlock_wrlock'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/upnpapi.h:137:22: note: in expansion of macro 'HandleWriteLock'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_device.c:549:9: note: in expansion of macro 'HandleLock'
# 655| ret);
# 656|
# 657|-> return ret;
# 658| }
# 659|
Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_device.c: scope_hint: In function 'genaNotifyAllCommon'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_device.c:958:16: warning[-Wanalyzer-malloc-leak]: leak of 'UDN_copy'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/upnpapi.h:142:9: note: in expansion of macro 'ithread_rwlock_wrlock'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/upnpapi.h:137:22: note: in expansion of macro 'HandleWriteLock'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_device.c:856:9: note: in expansion of macro 'HandleLock'
# 956| ret);
# 957|
# 958|-> return ret;
# 959| }
# 960|
Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_device.c:958:16: warning[-Wanalyzer-malloc-leak]: leak of 'reference_count'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/upnpapi.h:142:9: note: in expansion of macro 'ithread_rwlock_wrlock'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/upnpapi.h:137:22: note: in expansion of macro 'HandleWriteLock'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_device.c:856:9: note: in expansion of macro 'HandleLock'
# 956| ret);
# 957|
# 958|-> return ret;
# 959| }
# 960|
Error: GCC_ANALYZER_WARNING (CWE-401): [#def17]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_device.c:958:16: warning[-Wanalyzer-malloc-leak]: leak of 'servId_copy'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/upnpapi.h:142:9: note: in expansion of macro 'ithread_rwlock_wrlock'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/upnpapi.h:137:22: note: in expansion of macro 'HandleWriteLock'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/gena/gena_device.c:856:9: note: in expansion of macro 'HandleLock'
# 956| ret);
# 957|
# 958|-> return ret;
# 959| }
# 960|
Error: CPPCHECK_WARNING: [#def18]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING: [#def19]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c: scope_hint: In function 'handle_request'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c:204:54: warning[-Wformat-truncation=]: ']:' directive output may be truncated writing 2 bytes into a region of size between 0 and 255
# 204 | n = snprintf(host_port, hp_size, "[%s]:%d", host, port);
# | ^~
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c:204:50: note: directive argument in the range [0, 65535]
# 204 | n = snprintf(host_port, hp_size, "[%s]:%d", host, port);
# | ^~~~~~~~~
/usr/include/bits/stdio2.h:68:10: note: '__snprintf_chk' output between 5 and 264 bytes into a destination of size 256
# 68 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 69 | __glibc_objsize (__s), __fmt,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 70 | __va_arg_pack ());
# | ~~~~~~~~~~~~~~~~~
# 202| }
# 203| port = ntohs(addr6->sin6_port);
# 204|-> n = snprintf(host_port, hp_size, "[%s]:%d", host, port);
# 205| break;
# 206| case AF_INET:
Error: COMPILER_WARNING: [#def20]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c: scope_hint: In function 'handle_request'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c:214:54: warning[-Wformat-truncation=]: '%d' directive output may be truncated writing between 1 and 5 bytes into a region of size between 0 and 255
# 214 | n = snprintf(host_port, hp_size, "%s:%d", host, port);
# | ^~
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c:214:50: note: directive argument in the range [0, 65535]
# 214 | n = snprintf(host_port, hp_size, "%s:%d", host, port);
# | ^~~~~~~
/usr/include/bits/stdio2.h:68:10: note: '__snprintf_chk' output between 3 and 262 bytes into a destination of size 256
# 68 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 69 | __glibc_objsize (__s), __fmt,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 70 | __va_arg_pack ());
# | ~~~~~~~~~~~~~~~~~
# 212| }
# 213| port = ntohs(addr4->sin_port);
# 214|-> n = snprintf(host_port, hp_size, "%s:%d", host, port);
# 215| break;
# 216| }
Error: COMPILER_WARNING: [#def21]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c: scope_hint: In function 'handle_request'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c:329:33: warning[-Wformat-truncation=]: '%s' directive output may be truncated writing up to 255 bytes into a region of size 206
# 329 | "HTTP/1.1 307 Temporary Redirect\r\n"
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#......
# 337 | snprintf(redir_str, NAME_SIZE, redir_fmt, host_port);
# | ~~~~~~~~~
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c:330:51: note: format string is defined here
# 330 | "Location: http://%s\r\n\r\n";
# | ^~
/usr/include/bits/stdio2.h:68:10: note: '__snprintf_chk' output between 55 and 310 bytes into a destination of size 256
# 68 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 69 | __glibc_objsize (__s), __fmt,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 70 | __va_arg_pack ());
# | ~~~~~~~~~~~~~~~~~
# 327| membuffer redir_buf;
# 328| static const char *redir_fmt =
# 329|-> "HTTP/1.1 307 Temporary Redirect\r\n"
# 330| "Location: http://%s\r\n\r\n";
# 331| char redir_str[NAME_SIZE];
Error: GCC_ANALYZER_WARNING: [#def22]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c: scope_hint: In function 'do_bind'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c:877:30: warning[-Wanalyzer-fd-use-without-check]: 'bind' on possibly invalid file descriptor 'ss4.fd'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/upnputil.h:40: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/membuffer.h:40: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/httpparser.h:41: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/miniserver.h:40: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c:50: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c:906:16: note: in expansion of macro 'UPNP_E_SUCCESS'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/threadutil/FreeList.h:45: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/threadutil/LinkedList.h:39: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/httpparser.h:40: included_from: Included from here.
# 875| break;
# 876| }
# 877|-> bind_error = bind(s->fd, s->serverAddr, s->address_len);
# 878| if (bind_error == SOCKET_ERROR) {
# 879| #ifdef _WIN32
Error: GCC_ANALYZER_WARNING: [#def23]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c:877:30: warning[-Wanalyzer-fd-use-without-check]: 'bind' on possibly invalid file descriptor 'ss6.fd'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c:906:16: note: in expansion of macro 'UPNP_E_SUCCESS'
# 875| break;
# 876| }
# 877|-> bind_error = bind(s->fd, s->serverAddr, s->address_len);
# 878| if (bind_error == SOCKET_ERROR) {
# 879| #ifdef _WIN32
Error: GCC_ANALYZER_WARNING: [#def24]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c:877:30: warning[-Wanalyzer-fd-use-without-check]: 'bind' on possibly invalid file descriptor 'ss6UlaGua.fd'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/miniserver/miniserver.c:906:16: note: in expansion of macro 'UPNP_E_SUCCESS'
# 875| break;
# 876| }
# 877|-> bind_error = bind(s->fd, s->serverAddr, s->address_len);
# 878| if (bind_error == SOCKET_ERROR) {
# 879| #ifdef _WIN32
Error: CPPCHECK_WARNING: [#def25]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/net/http/httpparser.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def26]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/net/http/httpreadwrite.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def27]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/net/http/httpreadwrite.c:610:7: warning[deadcode.DeadStores]: Value stored to 'nw' is never read
# 608| if (Instr && Instr->IsChunkActive) {
# 609| const char *str = "0\r\n\r\n";
# 610|-> nw = sock_write(info,
# 611| str,
# 612| strlen(str),
Error: CPPCHECK_WARNING: [#def28]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/net/http/statcodes.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def29]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/net/http/webserver.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-126): [#def30]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/net/http/webserver.c: scope_hint: In function 'CheckOtherHTTPHeaders'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/net/http/webserver.c:1024:41: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/net/http/webserver.c:1024:41: note: read of 19 bytes from after the end of the region
# └──────────────────────────────────────────────────────────────────────┘
# ^ ^
# 1022| sizeof(RespInstr->AcceptLanguageHeader) -
# 1023| 1;
# 1024|-> memcpy(RespInstr->AcceptLanguageHeader,
# 1025| TmpBuf,
# 1026| length);
Error: CPPCHECK_WARNING: [#def31]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/net/uri/uri.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-465): [#def32]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/net/uri/uri.c: scope_hint: In function 'parse_hostport'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/net/uri/uri.c:364:20: warning[-Wanalyzer-deref-before-check]: check of 'last_dot' for NULL after already dereferencing it
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/uri.h:46: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/service_table.h:49: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/client_table.h:16: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/inc/upnpapi.h:41: included_from: Included from here.
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/net/uri/uri.c:53: included_from: Included from here.
# 362| if (has_port == 1)
# 363| c++;
# 364|-> if (last_dot != NULL && isdigit(*(last_dot + 1)))
# 365| /* Must be an IPv4 address. */
# 366| af = AF_INET;
Error: CLANG_WARNING: [#def33]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/net/uri/uri.c:715:2: warning[deadcode.DeadStores]: Value stored to 'len' is never read
# 713| goto error;
# 714| out_finger += rv;
# 715|-> len -= (size_t)rv;
# 716|
# 717| if (remove_dots(path, (size_t)(out_finger - path)) != UPNP_E_SUCCESS)
Error: CPPCHECK_WARNING: [#def34]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/genlib/service_table/service_table.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def35]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/soap/soap_ctrlpt.c:901: error[uninitvar]: Uninitialized variable: &host
# 899| membuffer_init(&request);
# 900| /* get host hdr and url path */
# 901|-> if (get_host_and_path(action_url, &host, &path, &url) == -1) {
# 902| return UPNP_E_INVALID_URL;
# 903| }
Error: CPPCHECK_WARNING (CWE-457): [#def36]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/soap/soap_ctrlpt.c:901: error[uninitvar]: Uninitialized variable: &path
# 899| membuffer_init(&request);
# 900| /* get host hdr and url path */
# 901|-> if (get_host_and_path(action_url, &host, &path, &url) == -1) {
# 902| return UPNP_E_INVALID_URL;
# 903| }
Error: CPPCHECK_WARNING: [#def37]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/ssdp/ssdp_ctrlpt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def38]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/ssdp/ssdp_ctrlpt.c:274:4: warning[deadcode.DeadStores]: Value stored to 'ctrlpt_cookie' is never read
# 272| /* copy */
# 273| ctrlpt_callback = ctrlpt_info->Callback;
# 274|-> ctrlpt_cookie = ctrlpt_info->Cookie;
# 275|
# 276| node = ListHead(&ctrlpt_info->SsdpSearchList);
Error: CPPCHECK_WARNING: [#def39]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/ssdp/ssdp_device.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def40]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/ssdp/ssdp_server.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-775): [#def41]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/ssdp/ssdp_server.c: scope_hint: In function 'create_ssdp_sock_v4'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/ssdp/ssdp_server.c:975:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor '*ssdpSock'
# 973| ssdpAddr4->sin_port = htons(SSDP_PORT);
# 974| ret = bind(*ssdpSock, (struct sockaddr *)ssdpAddr4, sizeof(*ssdpAddr4));
# 975|-> if (ret == -1) {
# 976| strerror_r(errno, errorBuffer, ERROR_BUFFER_LEN);
# 977| UpnpPrintf(UPNP_CRITICAL,
Error: GCC_ANALYZER_WARNING (CWE-775): [#def42]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/ssdp/ssdp_server.c:1000:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor '*out.ssdpSock4'
# 998| */
# 999| memset((void *)&ssdpMcastAddr, 0, sizeof ssdpMcastAddr);
# 1000|-> inet_pton(AF_INET, gIF_IPV4, &ssdpMcastAddr.imr_interface);
# 1001| inet_pton(AF_INET, SSDP_IP, &ssdpMcastAddr.imr_multiaddr);
# 1002| ret = setsockopt(*ssdpSock,
Error: GCC_ANALYZER_WARNING (CWE-775): [#def43]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/ssdp/ssdp_server.c: scope_hint: In function 'create_ssdp_sock_v6'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/ssdp/ssdp_server.c:1189:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor '*ssdpSock'
# 1187| ssdpAddr6->sin6_port = htons(SSDP_PORT);
# 1188| ret = bind(*ssdpSock, (struct sockaddr *)ssdpAddr6, sizeof(*ssdpAddr6));
# 1189|-> if (ret == -1) {
# 1190| #ifndef _WIN32
# 1191| strerror_r(errno, errorBuffer, ERROR_BUFFER_LEN);
Error: GCC_ANALYZER_WARNING (CWE-775): [#def44]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/ssdp/ssdp_server.c:1220:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor '*out.ssdpSock6'
# 1218| memset((void *)&ssdpMcastAddr, 0, sizeof(ssdpMcastAddr));
# 1219| ssdpMcastAddr.ipv6mr_interface = gIF_INDEX;
# 1220|-> inet_pton(
# 1221| AF_INET6, SSDP_IPV6_LINKLOCAL, &ssdpMcastAddr.ipv6mr_multiaddr);
# 1222| ret = setsockopt(*ssdpSock,
Error: GCC_ANALYZER_WARNING (CWE-775): [#def45]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/ssdp/ssdp_server.c: scope_hint: In function 'create_ssdp_sock_v6_ula_gua'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/ssdp/ssdp_server.c:1367:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor '*ssdpSock'
# 1365| ssdpAddr6->sin6_port = htons(SSDP_PORT);
# 1366| ret = bind(*ssdpSock, (struct sockaddr *)ssdpAddr6, sizeof(*ssdpAddr6));
# 1367|-> if (ret == -1) {
# 1368| strerror_r(errno, errorBuffer, ERROR_BUFFER_LEN);
# 1369| UpnpPrintf(UPNP_CRITICAL,
Error: GCC_ANALYZER_WARNING (CWE-775): [#def46]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/ssdp/ssdp_server.c:1383:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor '*out.ssdpSock6UlaGua'
# 1381| ssdpMcastAddr.ipv6mr_interface = gIF_INDEX;
# 1382| /* SITE LOCAL */
# 1383|-> inet_pton(
# 1384| AF_INET6, SSDP_IPV6_SITELOCAL, &ssdpMcastAddr.ipv6mr_multiaddr);
# 1385| ret = setsockopt(*ssdpSock,
Error: CPPCHECK_WARNING: [#def47]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/threadutil/ThreadPool.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def48]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/threadutil/TimerThread.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def49]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/urlconfig/urlconfig.c:142:13: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 140|
# 141| /* add / suffix, if missing */
# 142|-> root_len = strlen(rootPath);
# 143| if (root_len == 0 || rootPath[root_len - 1] != '/')
# 144| temp_str = "/";
Error: COMPILER_WARNING: [#def50]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/urlconfig/urlconfig.c: scope_hint: In function 'configure_urlbase'
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/urlconfig/urlconfig.c:199:35: warning[-Wformat-truncation=]: '%s' directive output may be truncated writing up to 179 bytes into a region of size 173
# 199 | snprintf(descURL, len, "%s%s%s", http_scheme, ipPortStr, alias);
# | ^~
#......
# 405 | err_code = calc_descURL(ipaddr_port, new_alias, docURL);
# | ~~~~~~~~~~~
/usr/include/bits/stdio2.h:68:10: note: '__snprintf_chk' output 8 or more bytes (assuming 187) into a destination of size 180
# 68 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 69 | __glibc_objsize (__s), __fmt,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 70 | __va_arg_pack ());
# | ~~~~~~~~~~~~~~~~~
# 197| if (len > (size_t)LINE_SIZE)
# 198| return UPNP_E_URL_TOO_BIG;
# 199|-> snprintf(descURL, len, "%s%s%s", http_scheme, ipPortStr, alias);
# 200| UpnpPrintf(
# 201| UPNP_INFO, API, __FILE__, __LINE__, "desc url: %s\n", descURL);
Error: CPPCHECK_WARNING: [#def51]
libupnp-1.14.19-build/pupnp-release-1.14.19/upnp/src/uuid/uuid.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-147.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | libupnp-1.14.19-1.fc41 |
| store-results-to | /tmp/tmpy0vbg_iv/libupnp-1.14.19-1.fc41.tar.xz |
| time-created | 2024-07-03 16:01:29 |
| time-finished | 2024-07-03 16:03:00 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpy0vbg_iv/libupnp-1.14.19-1.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpy0vbg_iv/libupnp-1.14.19-1.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |