libuser-0.64-10.fc41
List of Defects
Error: CPPCHECK_WARNING: [#def1]
libuser-0.64-build/libuser-0.64/apps/apputil.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def2]
libuser-0.64-build/libuser-0.64/apps/lchage.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def3]
libuser-0.64-build/libuser-0.64/apps/lchfn.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def4]
libuser-0.64-build/libuser-0.64/apps/lgroupmod.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def5]
libuser-0.64-build/libuser-0.64/apps/lnewusers.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def6]
libuser-0.64-build/libuser-0.64/apps/lnewusers.c:42:8: warning[deadcode.DeadStores]: Value stored to 'fp' during its initialization is never read
# 40| int result;
# 41| char *file = NULL;
# 42|-> FILE *fp = stdin;
# 43| char buf[LINE_MAX];
# 44| poptContext popt;
Error: CPPCHECK_WARNING: [#def7]
libuser-0.64-build/libuser-0.64/apps/luseradd.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def8]
libuser-0.64-build/libuser-0.64/apps/lusermod.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING: [#def9]
libuser-0.64-build/libuser-0.64/lib/user_private.h:28: included_from: Included from here.
libuser-0.64-build/libuser-0.64/lib/common.c:25: included_from: Included from here.
libuser-0.64-build/libuser-0.64/config.h:9:9: warning: "GLIB_VERSION_MIN_REQUIRED" redefined
# 9 | #define GLIB_VERSION_MIN_REQUIRED GLIB_VERSION_2_30
# | ^~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/glib-2.0/glib/gtypes.h:36: included_from: Included from here.
/usr/include/glib-2.0/glib/galloca.h:34: included_from: Included from here.
/usr/include/glib-2.0/glib.h:32: included_from: Included from here.
libuser-0.64-build/libuser-0.64/lib/config.h:23: included_from: Included from here.
libuser-0.64-build/libuser-0.64/lib/common.c:19: included_from: Included from here.
/usr/include/glib-2.0/glib/gversionmacros.h:456:9: note: this is the location of the previous definition
# 456 | #define GLIB_VERSION_MIN_REQUIRED (GLIB_VERSION_CUR_STABLE)
# | ^~~~~~~~~~~~~~~~~~~~~~~~~
# 7|
# 8| /* Shut up warnings about deprecated GValueArray */
# 9|-> #define GLIB_VERSION_MIN_REQUIRED GLIB_VERSION_2_30
# 10|
# 11| /* Stay away from deprecated glib functionality. */
Error: CPPCHECK_WARNING: [#def10]
libuser-0.64-build/libuser-0.64/lib/common.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-252): [#def11]
libuser-0.64-build/libuser-0.64/lib/common.c: scope_hint: In function 'lu_audit_logger'
libuser-0.64-build/libuser-0.64/lib/common.c:139:9: warning[-Wunused-result]: ignoring return value of 'audit_log_acct_message' declared with attribute 'warn_unused_result'
# 139 | audit_log_acct_message(audit_fd, type, NULL, op, name, id,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 140 | NULL, NULL, NULL, (int) result);
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 137| if (audit_fd < 0)
# 138| return;
# 139|-> audit_log_acct_message(audit_fd, type, NULL, op, name, id,
# 140| NULL, NULL, NULL, (int) result);
# 141| }
Error: COMPILER_WARNING (CWE-252): [#def12]
libuser-0.64-build/libuser-0.64/lib/common.c: scope_hint: In function 'lu_audit_logger_with_group'
libuser-0.64-build/libuser-0.64/lib/common.c:173:9: warning[-Wunused-result]: ignoring return value of 'audit_log_acct_message' declared with attribute 'warn_unused_result'
# 173 | audit_log_acct_message(audit_fd, type, NULL, buf, name, id,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 174 | NULL, NULL, NULL, (int) result);
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 171| snprintf(buf, sizeof(buf), "%s grp=\"%s\"", op, grp);
# 172| }
# 173|-> audit_log_acct_message(audit_fd, type, NULL, buf, name, id,
# 174| NULL, NULL, NULL, (int) result);
# 175| }
Error: CPPCHECK_WARNING: [#def13]
libuser-0.64-build/libuser-0.64/lib/config.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def14]
libuser-0.64-build/libuser-0.64/lib/entity.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def15]
libuser-0.64-build/libuser-0.64/lib/fs.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def16]
libuser-0.64-build/libuser-0.64/lib/getdate.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-457): [#def17]
libuser-0.64-build/libuser-0.64/lib/getdate.c: scope_hint: In function 'lu_gdparse'
libuser-0.64-build/libuser-0.64/lib/getdate.c:620:7: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'yyss'
libuser-0.64-build/libuser-0.64/lib/getdate.c:605:9: note: in expansion of macro 'YYCOPY'
libuser-0.64-build/libuser-0.64/lib/getdate.c:1179:9: note: in expansion of macro 'YYSTACK_RELOCATE'
libuser-0.64-build/libuser-0.64/lib/getdate.c:605:9: note: in expansion of macro 'YYCOPY'
libuser-0.64-build/libuser-0.64/lib/getdate.c:1179:9: note: in expansion of macro 'YYSTACK_RELOCATE'
libuser-0.64-build/libuser-0.64/lib/getdate.c:605:9: note: in expansion of macro 'YYCOPY'
libuser-0.64-build/libuser-0.64/lib/getdate.c:1179:9: note: in expansion of macro 'YYSTACK_RELOCATE'
# 618| # if defined __GNUC__ && 1 < __GNUC__
# 619| # define YYCOPY(Dst, Src, Count) \
# 620|-> __builtin_memcpy (Dst, Src, YY_CAST (YYSIZE_T, (Count)) * sizeof (*(Src)))
# 621| # else
# 622| # define YYCOPY(Dst, Src, Count) \
Error: GCC_ANALYZER_WARNING (CWE-457): [#def18]
libuser-0.64-build/libuser-0.64/lib/getdate.c:1306:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '*(unsigned int *)<unknown>'
# 1304| unconditionally makes the parser a bit smaller, and it avoids a
# 1305| GCC warning that YYVAL may be used uninitialized. */
# 1306|-> yyval = yyvsp[1-yylen];
# 1307|
# 1308|
Error: CPPCHECK_WARNING (CWE-457): [#def19]
libuser-0.64-build/libuser-0.64/lib/misc.c:171: error[legacyUninitvar]: Uninitialized variable: val
# 169| g_return_val_if_fail((id_t)val == val, LU_VALUE_INVALID_ID);
# 170| g_return_val_if_fail(val != LU_VALUE_INVALID_ID, LU_VALUE_INVALID_ID);
# 171|-> return val;
# 172| }
# 173|
Error: CPPCHECK_WARNING: [#def20]
libuser-0.64-build/libuser-0.64/lib/modules.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def21]
libuser-0.64-build/libuser-0.64/lib/prompt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def22]
libuser-0.64-build/libuser-0.64/lib/user.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def23]
libuser-0.64-build/libuser-0.64/lib/util.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-823): [#def24]
libuser-0.64-build/libuser-0.64/lib/util.c:176: error[arrayIndexOutOfBounds]: Array 'salt_type_info[5]' accessed at index 5, which is out of bounds.
# 174| g_assert(i < G_N_ELEMENTS(salt_type_info));
# 175|
# 176|-> if (salt_type_info[i].sha_rounds != FALSE
# 177| && strncmp(previous + len, "rounds=", strlen("rounds=")) == 0) {
# 178| #if USE_XCRYPT_GENSALT
Error: CPPCHECK_WARNING (CWE-823): [#def25]
libuser-0.64-build/libuser-0.64/lib/util.c:204: error[arrayIndexOutOfBounds]: Array 'salt_type_info[5]' accessed at index 5, which is out of bounds.
# 202| }
# 203|
# 204|-> g_assert(len + salt_type_info[i].salt_length
# 205| + strlen(salt_type_info[i].separator) < sizeof(salt));
# 206| memcpy(salt, previous, len);
Error: CPPCHECK_WARNING: [#def26]
libuser-0.64-build/libuser-0.64/modules/files.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def27]
libuser-0.64-build/libuser-0.64/modules/files.c:884: error[legacyUninitvar]: Uninitialized variable: id_attribute
# 882| }
# 883|
# 884|-> id_change = lu_ent_get_first_id(ent, id_attribute);
# 885| if (id_change == LU_VALUE_INVALID_ID) {
# 886| /* The GID is not being changed, success */
Error: CPPCHECK_WARNING (CWE-457): [#def28]
libuser-0.64-build/libuser-0.64/modules/files.c:1306: error[legacyUninitvar]: Uninitialized variable: name_attribute
# 1304|
# 1305| current_name = lu_ent_get_first_value_strdup_current(ent,
# 1306|-> name_attribute);
# 1307| if (current_name == NULL) {
# 1308| lu_error_new(error, lu_error_generic,
Error: CLANG_WARNING: [#def29]
libuser-0.64-build/libuser-0.64/modules/files.c:2554:2: warning[unix.Malloc]: Potential memory leak
# 2552| }
# 2553|
# 2554|-> fclose(fp);
# 2555|
# 2556| err_filename:
Error: CPPCHECK_WARNING: [#def30]
libuser-0.64-build/libuser-0.64/modules/ldap.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-111.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | libuser-0.64-10.fc41 |
| store-results-to | /tmp/tmpq02gakbh/libuser-0.64-10.fc41.tar.xz |
| time-created | 2024-07-03 16:08:45 |
| time-finished | 2024-07-03 16:11:29 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpq02gakbh/libuser-0.64-10.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpq02gakbh/libuser-0.64-10.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |