lirc-0.10.0-43.fc41
List of Defects
Error: CPPCHECK_WARNING: [#def1]
lirc-0.10.0-build/lirc-0.10.0/daemons/lircd-uinput.cpp: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-401): [#def2]
lirc-0.10.0-build/lirc-0.10.0/daemons/lircd-uinput.cpp:128: error[memleak]: Memory leak: entry
# 126| entry->is_release = release;
# 127| cache[button] = *entry;
# 128|-> };
# 129|
# 130| bool lookup(const std::string button_name,
Error: CLANG_WARNING: [#def3]
lirc-0.10.0-build/lirc-0.10.0/daemons/lircd-uinput.cpp:128:3: warning[cplusplus.NewDeleteLeaks]: Potential leak of memory pointed to by 'entry'
# 126| entry->is_release = release;
# 127| cache[button] = *entry;
# 128|-> };
# 129|
# 130| bool lookup(const std::string button_name,
Error: COMPILER_WARNING: [#def4]
lirc-0.10.0-build/lirc-0.10.0/daemons/lircd.cpp: scope_hint: In function ‘add_peer_connection(char const*)’
lirc-0.10.0-build/lirc-0.10.0/daemons/lircd.cpp:793:16: warning[-Wstringop-truncation]: ‘__strncpy_chk’ output truncated before terminating nul copying as many bytes from a string as its length
# 793 | strncpy(server, server_arg, sizeof(server) - 1);
# | ^
lirc-0.10.0-build/lirc-0.10.0/daemons/lircd.cpp:791:27: note: length computed here
# 791 | char server[strlen(server_arg) + 1];
# | ~~~~~~^~~~~~~~~~~~
# 791| char server[strlen(server_arg) + 1];
# 792|
# 793|-> strncpy(server, server_arg, sizeof(server) - 1);
# 794|
# 795| if (peern < MAX_PEERS) {
Error: COMPILER_WARNING (CWE-758): [#def5]
lirc-0.10.0-build/lirc-0.10.0/daemons/lircd.cpp: scope_hint: In function ‘void free_old_remotes()’
lirc-0.10.0-build/lirc-0.10.0/daemons/lircd.cpp:1824:79: warning[-Wrestrict]: passing argument 3 to ‘restrict’-qualified parameter aliases with argument 2
# 1824 | setitimer(ITIMER_REAL, &repeat_timer, &repeat_timer);
# | ~~~~~~~~~~~~~ ^~~~~~~~~~~~~
# 1822| found->max_remaining_gap = repeat_remote->max_remaining_gap;
# 1823|
# 1824|-> setitimer(ITIMER_REAL, &repeat_timer, &repeat_timer);
# 1825| /* "atomic" (shouldn't be necessary any more) */
# 1826| repeat_remote = found;
Error: COMPILER_WARNING: [#def6]
lirc-0.10.0-build/lirc-0.10.0/daemons/lircd.cpp: scope_hint: In function ‘main’
lirc-0.10.0-build/lirc-0.10.0/daemons/lircd.cpp:2096:28: warning[-Wformat-overflow=]: ‘: bad port number "’ directive writing 19 bytes into a region of size between 1 and 128
# 2096 | "%s: bad port number \"%s\"\n", progname, port_str);
# | ^~~~~~~~~~~~~~~~~~~~
/usr/include/bits/stdio2.h:30:34: note: ‘__sprintf_chk’ output 22 or more bytes (assuming 149) into a destination of size 128
# 30 | return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,
# | ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 31 | __glibc_objsize (__s), __fmt,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 32 | __va_arg_pack ());
# | ~~~~~~~~~~~~~~~~~
# 2094| if (!*optarg || *endptr || p < 1 || p > USHRT_MAX) {
# 2095| sprintf(errmsg,
# 2096|-> "%s: bad port number \"%s\"\n", progname, port_str);
# 2097| return -1;
# 2098| }
Error: COMPILER_WARNING: [#def7]
lirc-0.10.0-build/lirc-0.10.0/daemons/lircd.cpp: scope_hint: In function ‘main’
lirc-0.10.0-build/lirc-0.10.0/daemons/lircd.cpp:2104:36: warning[-Wformat-overflow=]: ‘: bad address "’ directive writing 15 bytes into a region of size between 1 and 128
# 2104 | "%s: bad address \"%s\"\n", progname, optarg);
# | ^~~~~~~~~~~~~~~~
/usr/include/bits/stdio2.h:30:34: note: ‘__sprintf_chk’ output 18 or more bytes (assuming 145) into a destination of size 128
# 30 | return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,
# | ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 31 | __glibc_objsize (__s), __fmt,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 32 | __va_arg_pack ());
# | ~~~~~~~~~~~~~~~~~
# 2102| if (!inet_aton(optarg, address)) {
# 2103| sprintf(errmsg,
# 2104|-> "%s: bad address \"%s\"\n", progname, optarg);
# 2105| return -1;
# 2106| }
Error: CPPCHECK_WARNING: [#def8]
lirc-0.10.0-build/lirc-0.10.0/daemons/lircmd.cpp: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def9]
lirc-0.10.0-build/lirc-0.10.0/daemons/lircmd.cpp:243:3: warning[unix.Malloc]: Potential leak of memory pointed to by 'tm_list'
# 241| fclose(fd);
# 242| if (tm_list == (void*)-1) {
# 243|-> syslog(LOG_WARNING, "reading of config file failed");
# 244| } else {
# 245| freetm(tm_first);
Error: CLANG_WARNING: [#def10]
lirc-0.10.0-build/lirc-0.10.0/daemons/lircmd.cpp:720:8: warning[unix.Malloc]: Potential leak of memory pointed to by 'remote'
# 718| if (remote != NULL && remote != ALL)
# 719| free(remote);
# 720|-> if (button != NULL && button != ALL)
# 721| free(button);
# 722| if (tm_new != NULL)
Error: CLANG_WARNING: [#def11]
lirc-0.10.0-build/lirc-0.10.0/daemons/lircmd.cpp:722:8: warning[unix.Malloc]: Potential leak of memory pointed to by 'button'
# 720| if (button != NULL && button != ALL)
# 721| free(button);
# 722|-> if (tm_new != NULL)
# 723| free(tm_new);
# 724| free(tm_list);
Error: CPPCHECK_WARNING: [#def12]
lirc-0.10.0-build/lirc-0.10.0/daemons/lircrcd.cpp: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def13]
lirc-0.10.0-build/lirc-0.10.0/lib/ciniparser.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-688): [#def14]
lirc-0.10.0-build/lirc-0.10.0/lib/ciniparser.c: scope_hint: In function 'ciniparser_dump_ini'
lirc-0.10.0-build/lirc-0.10.0/lib/ciniparser.c:270:31: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
<built-in>: note: argument 1 of '__builtin_strlen' must be non-null
# 268| for (i = 0; i < nsec; i++) {
# 269| secname = ciniparser_getsecname(d, i);
# 270|-> seclen = (int)strlen(secname);
# 271| fprintf(f, "\n[%s]\n", secname);
# 272| snprintf(keym, ASCIILINESZ + 1, "%s:", secname);
Error: CPPCHECK_WARNING: [#def15]
lirc-0.10.0-build/lirc-0.10.0/lib/config_file.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def16]
lirc-0.10.0-build/lirc-0.10.0/lib/config_file.c:1037:17: warning[core.NullDereference]: Access to field 'freq' results in a dereference of a null pointer (loaded from variable 'rem')
# 1035| log_trace1("creating first remote");
# 1036| rem = top_rem = s_malloc(sizeof(struct ir_remote));
# 1037|-> rem->freq = DEFAULT_FREQ;
# 1038| } else {
# 1039| /* create new remote */
Error: GCC_ANALYZER_WARNING (CWE-476): [#def17]
lirc-0.10.0-build/lirc-0.10.0/lib/config_file.c: scope_hint: In function 'read_config_recursive'
lirc-0.10.0-build/lirc-0.10.0/lib/config_file.c:1037:59: warning[-Wanalyzer-null-dereference]: dereference of NULL 's_malloc(504)'
lirc-0.10.0-build/lirc-0.10.0/lib/config_file.c:44: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/lib/config_file.c:1029:41: note: in expansion of macro 'log_trace'
lirc-0.10.0-build/lirc-0.10.0/lib/config_file.c:1035:49: note: in expansion of macro 'log_trace1'
# 1035| log_trace1("creating first remote");
# 1036| rem = top_rem = s_malloc(sizeof(struct ir_remote));
# 1037|-> rem->freq = DEFAULT_FREQ;
# 1038| } else {
# 1039| /* create new remote */
Error: CPPCHECK_WARNING: [#def18]
lirc-0.10.0-build/lirc-0.10.0/lib/curl_poll.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def19]
lirc-0.10.0-build/lirc-0.10.0/lib/dictionary.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def20]
lirc-0.10.0-build/lirc-0.10.0/lib/driver.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def21]
lirc-0.10.0-build/lirc-0.10.0/lib/drv_admin.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def22]
lirc-0.10.0-build/lirc-0.10.0/lib/drv_enum.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def23]
lirc-0.10.0-build/lirc-0.10.0/lib/drv_enum.c: scope_hint: In function 'glob_t_add_path'
lirc-0.10.0-build/lirc-0.10.0/lib/drv_enum.c:57:40: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'newbuf.gl_pathv'
lirc-0.10.0-build/lirc-0.10.0/lib/drv_enum.c:15: included_from: Included from here.
# 55| glob->gl_offs * sizeof(char*));
# 56| }
# 57|-> glob->gl_pathv[glob->gl_pathc] = strdup(path);
# 58| glob->gl_pathc += 1;
# 59| }
Error: GCC_ANALYZER_WARNING (CWE-401): [#def24]
lirc-0.10.0-build/lirc-0.10.0/lib/drv_enum.c:58:24: warning[-Wanalyzer-malloc-leak]: leak of 'strdup(path)'
# 56| }
# 57| glob->gl_pathv[glob->gl_pathc] = strdup(path);
# 58|-> glob->gl_pathc += 1;
# 59| }
# 60|
Error: GCC_ANALYZER_WARNING (CWE-688): [#def25]
lirc-0.10.0-build/lirc-0.10.0/lib/drv_enum.c: scope_hint: In function 'udev_from_dev_path'
lirc-0.10.0-build/lirc-0.10.0/lib/drv_enum.c:86:13: warning[-Wanalyzer-null-argument]: use of NULL 'path' where non-null expected
/usr/include/sys/stat.h:205:12: note: argument 1 of 'stat' must be non-null
# 84| char dev_id[64];
# 85|
# 86|-> if (stat(path, &statbuf) != 0) {
# 87| log_perror_debug("Cannot stat device %s", path);
# 88| return NULL;
Error: CLANG_WARNING: [#def26]
lirc-0.10.0-build/lirc-0.10.0/lib/drv_enum.c:141:17: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 139| glob_t_init(&newbuf);
# 140| for (i = 0; i < oldbuf->gl_pathc; i += 1) {
# 141|-> device_path = strdup(oldbuf->gl_pathv[i]);
# 142| device_path = strtok(device_path, "\n \t");
# 143| struct udev_device* udev_device =
Error: CLANG_WARNING: [#def27]
lirc-0.10.0-build/lirc-0.10.0/lib/drv_enum.c:144:4: warning[unix.Malloc]: Potential leak of memory pointed to by 'device_path'
# 142| device_path = strtok(device_path, "\n \t");
# 143| struct udev_device* udev_device =
# 144|-> udev_from_dev_path(udev, device_path);
# 145| if (udev_device == NULL) {
# 146| glob_t_add_path(&newbuf, oldbuf->gl_pathv[i]);
Error: COMPILER_WARNING: [#def28]
lirc-0.10.0-build/lirc-0.10.0/lib/drv_enum.c: scope_hint: In function 'drv_enum_udev'
lirc-0.10.0-build/lirc-0.10.0/lib/drv_enum.c:320:53: warning[-Wformat-truncation=]: '%s' directive output may be truncated writing up to 127 bytes into a region of size 124
# 320 | snprintf(buff, sizeof(buff), "%s -> %s",
# | ^~
# 321 | udev_list_entry_get_name(links), path);
# | ~~~~
/usr/include/bits/stdio2.h:68:10: note: '__snprintf_chk' output 5 or more bytes (assuming 132) into a destination of size 128
# 68 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 69 | __glibc_objsize (__s), __fmt,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 70 | __va_arg_pack ());
# | ~~~~~~~~~~~~~~~~~
# 318| sizeof(path) - 1);
# 319| path[pathlen] = '\0';
# 320|-> snprintf(buff, sizeof(buff), "%s -> %s",
# 321| udev_list_entry_get_name(links), path);
# 322| links = udev_list_entry_get_next(links);
Error: CLANG_WARNING: [#def29]
lirc-0.10.0-build/lirc-0.10.0/lib/drv_enum.c:334:7: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 332|
# 333| for (i = 0; i < globbuf->gl_pathc; i += 1) {
# 334|-> if (strcmp(globbuf->gl_pathv[i], buff) == 0)
# 335| return true;
# 336| }
Error: CPPCHECK_WARNING: [#def30]
lirc-0.10.0-build/lirc-0.10.0/lib/dump_config.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def31]
lirc-0.10.0-build/lirc-0.10.0/lib/dump_config.c:55: error[uninitvar]: Uninitialized variable: uname
# 53| p = popen("uname -r", "r");
# 54| if (p < 0) {
# 55|-> strcat(uname, "Cannot run uname -r(!)");
# 56| } else {
# 57| if (fgets(uname, sizeof(uname), p) != uname)
Error: GCC_ANALYZER_WARNING (CWE-688): [#def32]
lirc-0.10.0-build/lirc-0.10.0/lib/dump_config.c: scope_hint: In function 'fprint_comment'
lirc-0.10.0-build/lirc-0.10.0/lib/dump_config.c:57:21: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'popen("uname -r", "r")' where non-null expected
lirc-0.10.0-build/lirc-0.10.0/lib/dump_config.c:31: included_from: Included from here.
/usr/include/stdio.h:654:14: note: argument 3 of 'fgets' must be non-null
# 55| strcat(uname, "Cannot run uname -r(!)");
# 56| } else {
# 57|-> if (fgets(uname, sizeof(uname), p) != uname)
# 58| strcat(uname, "Cannot run uname -r (!)");
# 59| pclose(p);
Error: CPPCHECK_WARNING (CWE-457): [#def33]
lirc-0.10.0-build/lirc-0.10.0/lib/dump_config.c:64: error[uninitvar]: Uninitialized variable: cmd
# 62| snprintf(cmd, sizeof(cmd), "%s", commandline);
# 63| else
# 64|-> strcat(cmd, "");
# 65|
# 66| timet = time(NULL);
Error: CPPCHECK_WARNING: [#def34]
lirc-0.10.0-build/lirc-0.10.0/lib/ir_remote.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-401): [#def35]
lirc-0.10.0-build/lirc-0.10.0/lib/ir_remote.c:86: error[memleak]: Memory leak: new_ncode
# 84| new_ncode->signals = (lirc_t*)malloc(signal_size);
# 85| if (new_ncode->signals == NULL)
# 86|-> return NULL;
# 87| memcpy(new_ncode->signals, ncode->signals, signal_size);
# 88| } else {
Error: CLANG_WARNING: [#def36]
lirc-0.10.0-build/lirc-0.10.0/lib/ir_remote.c:86:11: warning[unix.Malloc]: Potential leak of memory pointed to by 'new_ncode'
# 84| new_ncode->signals = (lirc_t*)malloc(signal_size);
# 85| if (new_ncode->signals == NULL)
# 86|-> return NULL;
# 87| memcpy(new_ncode->signals, ncode->signals, signal_size);
# 88| } else {
Error: CLANG_WARNING: [#def37]
lirc-0.10.0-build/lirc-0.10.0/lib/ir_remote.c:483:13: warning[deadcode.DeadStores]: Although the value stored to 'code_mask' is used in the enclosing expression, the value is never actually read from 'code_mask'
# 481| struct ir_ncode* found;
# 482|
# 483|-> pre_mask = code_mask = post_mask = 0;
# 484|
# 485| if (has_toggle_bit_mask(remote)) {
Error: CPPCHECK_WARNING: [#def38]
lirc-0.10.0-build/lirc-0.10.0/lib/irrecord.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def39]
lirc-0.10.0-build/lirc-0.10.0/lib/irrecord.c:640: warning[uninitvar]: Uninitialized variable: last
# 638| l = l->next;
# 639| }
# 640|-> last->next = new_length(length);
# 641| if (last->next == NULL)
# 642| return 0;
Error: CLANG_WARNING: [#def40]
lirc-0.10.0-build/lirc-0.10.0/lib/irrecord.c:1183:32: warning[core.DivideZero]: Division by zero
# 1181| /* + 1/2 bit */
# 1182| (remote->pone + remote->sone) / 2;
# 1183|-> remote->bits = data_length / (remote->pone +
# 1184| remote->sone);
# 1185| if (is_rc6(remote))
Error: COMPILER_WARNING: [#def41]
lirc-0.10.0-build/lirc-0.10.0/lib/irrecord.c: scope_hint: In function 'analyse_remote'
lirc-0.10.0-build/lirc-0.10.0/lib/irrecord.c:1737:40: warning[-Wuse-after-free]: pointer 'new_codes_77' may be used after 'realloc'
# 1737 | memset(&new_codes[new_codes_count / 2],
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lirc-0.10.0-build/lirc-0.10.0/lib/irrecord.c:1729:41: note: call to 'realloc' here
# 1729 | realloc(new_codes,
# | ^~~~~~~~~~~~~~~~~~
# 1730 | new_codes_count *
# | ~~~~~~~~~~~~~~~~~
# 1731 | sizeof(*new_codes));
# | ~~~~~~~~~~~~~~~~~~~
# 1735| return 0;
# 1736| }
# 1737|-> memset(&new_codes[new_codes_count / 2],
# 1738| 0,
# 1739| new_codes_count / 2 *
Error: CPPCHECK_WARNING: [#def42]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc-utils.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-910): [#def43]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_driver.h:18: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/zotac.c:25: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/lib/lirc/lirc_log.h: scope_hint: In function 'do_chk_write'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc/lirc_log.h:228:13: warning[-Wanalyzer-fd-use-after-close]: 'write' on closed file descriptor 'fd'
lirc-0.10.0-build/lirc-0.10.0/plugins/zotac.c:133:17: note: in expansion of macro 'log_error'
lirc-0.10.0-build/lirc-0.10.0/plugins/zotac.c:363:33: note: in expansion of macro 'log_error'
lirc-0.10.0-build/lirc-0.10.0/plugins/zotac.c:403:9: note: in expansion of macro 'chk_write'
# 226| do_chk_write(int fd, const void* buf, size_t count, const char* msg)
# 227| {
# 228|-> if (write(fd, buf, count) == -1)
# 229| logperror(LIRC_WARNING, msg);
# 230| }
Error: CPPCHECK_WARNING: [#def44]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING: [#def45]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c: scope_hint: In function 'lirc_command_run'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c:297:33: warning[-Wstringop-truncation]: '__strncpy_chk' output may be truncated copying between 0 and 256 bytes from a string of length 256
# 297 | strncpy(ctx->reply,
# | ^
# 295| chk_write(STDOUT_FILENO, "\n", 1, "reply (2)");
# 296| } else {
# 297|-> strncpy(ctx->reply,
# 298| string,
# 299| PACKET_SIZE - strlen(ctx->reply));
Error: CLANG_WARNING: [#def46]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c:798:3: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 796| if (getenv("XDG_CONFIG_HOME") != NULL) {
# 797| path = malloc(MAXPATHLEN);
# 798|-> strncpy(path, getenv("XDG_CONFIG_HOME"), MAXPATHLEN);
# 799| strncat(path, "/", MAXPATHLEN - strlen(path));
# 800| strncat(path, CFG_LIRCRC, MAXPATHLEN - strlen(path));
Error: COMPILER_WARNING: [#def47]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c: scope_hint: In function 'lirc_open'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c:798:17: warning[-Wstringop-truncation]: 'strncpy' specified bound 4096 equals destination size
# 798 | strncpy(path, getenv("XDG_CONFIG_HOME"), MAXPATHLEN);
# | ^
# 796| if (getenv("XDG_CONFIG_HOME") != NULL) {
# 797| path = malloc(MAXPATHLEN);
# 798|-> strncpy(path, getenv("XDG_CONFIG_HOME"), MAXPATHLEN);
# 799| strncat(path, "/", MAXPATHLEN - strlen(path));
# 800| strncat(path, CFG_LIRCRC, MAXPATHLEN - strlen(path));
Error: CPPCHECK_WARNING (CWE-401): [#def48]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c:828: error[memleakOnRealloc]: Common realloc mistake: 'filename' nulled but not freed upon failure
# 826| strcat(filename, "/" LIRCRC_USER_FILE);
# 827| }
# 828|-> filename = realloc(filename, strlen(filename) + 1);
# 829| } else if (strncmp(file, "~/", 2) == 0) {
# 830| filename = get_homepath();
Error: CPPCHECK_WARNING (CWE-401): [#def49]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c:834: error[memleakOnRealloc]: Common realloc mistake: 'filename' nulled but not freed upon failure
# 832| return NULL;
# 833| strcat(filename, file + 1);
# 834|-> filename = realloc(filename, strlen(filename) + 1);
# 835| } else if (file[0] == '/' || current_file == NULL) {
# 836| /* absolute path or root */
Error: CLANG_WARNING: [#def50]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c:870:10: warning[unix.Malloc]: Potential memory leak
# 868| filename = lirc_getfilename(file, current_file);
# 869| if (filename == NULL)
# 870|-> return NULL;
# 871|
# 872| fin = fopen(filename, "r");
Error: GCC_ANALYZER_WARNING (CWE-688): [#def51]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c: scope_hint: In function 'lirc_code2char'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c:1820:15: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'my_code' where non-null expected
/usr/include/string.h:462: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c:31: included_from: Included from here.
/usr/include/strings.h:96:14: note: argument 1 of 'rindex' must be non-null
# 1818|
# 1819| my_code = strdup(code);
# 1820|-> pos = rindex(my_code, '\n');
# 1821| if (pos != NULL)
# 1822| *pos = '\0';
Error: COMPILER_WARNING: [#def52]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c: scope_hint: In function 'lirc_code2char'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c:1832:25: warning[-Wstringop-truncation]: 'strncpy' output may be truncated copying 256 bytes from a string of length 256
# 1832 | strncpy(static_buff, cmd.reply, PACKET_SIZE);
# | ^
# 1830| while (ret == EAGAIN || ret == EWOULDBLOCK);
# 1831| if (ret == 0) {
# 1832|-> strncpy(static_buff, cmd.reply, PACKET_SIZE);
# 1833| *string = static_buff;
# 1834| }
Error: COMPILER_WARNING: [#def53]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c: scope_hint: In function 'lirc_getmode.part.0'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c:1956:25: warning[-Wstringop-truncation]: 'strncpy' output may be truncated copying 256 bytes from a string of length 256
# 1956 | strncpy(static_buff, cmd.reply, PACKET_SIZE);
# | ^
# 1954| while (ret == EAGAIN || ret == EWOULDBLOCK);
# 1955| if (ret == 0) {
# 1956|-> strncpy(static_buff, cmd.reply, PACKET_SIZE);
# 1957| return static_buff;
# 1958| }
Error: COMPILER_WARNING: [#def54]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c: scope_hint: In function 'lirc_setmode'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c:1982:25: warning[-Wstringop-truncation]: 'strncpy' output may be truncated copying 256 bytes from a string of length 256
# 1982 | strncpy(static_buff, cmd.reply, PACKET_SIZE);
# | ^
# 1980| while (r == EAGAIN || r == EWOULDBLOCK);
# 1981| if (r == 0) {
# 1982|-> strncpy(static_buff, cmd.reply, PACKET_SIZE);
# 1983| return static_buff;
# 1984| }
Error: GCC_ANALYZER_WARNING (CWE-775): [#def55]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c: scope_hint: In function 'do_connect'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_client.c:2048:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fd'
# 2046| perror("connect");
# 2047| }
# 2048|-> return -errno;
# 2049| }
# 2050| return fd;
Error: CPPCHECK_WARNING: [#def56]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_log.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING: [#def57]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_log.c: scope_hint: In function 'lirc_log_open'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_log.c:97:9: warning[-Wstringop-truncation]: 'strncpy' specified bound 128 equals destination size
# 97 | strncpy(progname, _progname, sizeof(progname));
# | ^
# 95| int lirc_log_open(const char* _progname, int _nodaemon, loglevel_t level)
# 96| {
# 97|-> strncpy(progname, _progname, sizeof(progname));
# 98| nodaemon = _nodaemon;
# 99| loglevel = level;
Error: CLANG_WARNING: [#def58]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_log.c:127:21: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 125| }
# 126| if (getenv("LIRC_LOGCHANNEL") != NULL) {
# 127|-> logged_channels = atoi(getenv("LIRC_LOGCHANNEL")); // FIXME...
# 128| }
# 129| if (level != LIRC_NOLOG) {
Error: GCC_ANALYZER_WARNING (CWE-688): [#def59]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_log.c: scope_hint: In function 'logperror'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_log.c:316:9: warning[-Wanalyzer-null-argument]: use of NULL 'fmt' where non-null expected
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_log.c:34: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_log.c:158:9: note: in expansion of macro 'log_info'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_log.c:170:9: note: in expansion of macro 'log_info'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_log.c:172:17: note: in expansion of macro 'log_warn'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_log.c:24: included_from: Included from here.
/usr/include/stdio.h:389:12: note: argument 3 of 'vsnprintf' must be non-null
# 314|
# 315| va_start(ap, fmt);
# 316|-> vsnprintf(s, sizeof(s), fmt, ap);
# 317| va_end(ap);
# 318| if (use_syslog) {
Error: CLANG_WARNING: [#def60]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_log.c:340:3: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 338|
# 339| if (getenv("XDG_CACHE_HOME") != NULL) {
# 340|-> strncpy(buffer, getenv("XDG_CACHE_HOME"), size);
# 341| buffer[size - 1] = '\0';
# 342| } else if (getenv("SUDO_USER") != NULL && geteuid() == 0) {
Error: COMPILER_WARNING: [#def61]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_log.c: scope_hint: In function 'hexdump'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_log.c:377:17: warning[-Wstringop-truncation]: 'strncpy' specified bound 1024 equals destination size
# 377 | strncpy(str, prefix, sizeof(str));
# | ^
# 375|
# 376| if (prefix != NULL) {
# 377|-> strncpy(str, prefix, sizeof(str));
# 378| pos = strnlen(str, sizeof(str));
# 379| }
Error: CPPCHECK_WARNING: [#def62]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_options.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING: [#def63]
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_options.c: scope_hint: In function 'options_load'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_options.c:135:52: warning[-Wformat-truncation=]: '__snprintf_chk' output may be truncated before the last format character
# 135 | snprintf(buff, sizeof(buff), "%s/%s", buff2, path);
# | ^
/usr/include/bits/stdio2.h:68:10: note: '__snprintf_chk' output 2 or more bytes (assuming 129) into a destination of size 128
# 68 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 69 | __glibc_objsize (__s), __fmt,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 70 | __va_arg_pack ());
# | ~~~~~~~~~~~~~~~~~
# 133| if (getcwd(buff2, sizeof(buff2)) == NULL)
# 134| log_perror_warn("options_load: getcwd():");
# 135|-> snprintf(buff, sizeof(buff), "%s/%s", buff2, path);
# 136| path = buff;
# 137| }
Error: CPPCHECK_WARNING: [#def64]
lirc-0.10.0-build/lirc-0.10.0/lib/receive.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def65]
lirc-0.10.0-build/lirc-0.10.0/lib/receive.c:720:20: warning[deadcode.DeadStores]: Although the value stored to 'state' is used in the enclosing expression, the value is never actually read from 'state'
# 718| if (!sync_pending_pulse(remote))
# 719| return (ir_code) -1;
# 720|-> for (laststate = state = -1, i = 0; i < bits; ) {
# 721| deltas = get_next_space(remote->szero + remote->sone + remote->stwo + remote->sthree);
# 722| deltap = get_next_pulse(remote->pzero + remote->pone + remote->ptwo + remote->pthree);
Error: CPPCHECK_WARNING: [#def66]
lirc-0.10.0-build/lirc-0.10.0/lib/serial.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def67]
lirc-0.10.0-build/lirc-0.10.0/lib/transmit.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def68]
lirc-0.10.0-build/lirc-0.10.0/plugins/accent.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def69]
lirc-0.10.0-build/lirc-0.10.0/plugins/alsa_usb.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def70]
lirc-0.10.0-build/lirc-0.10.0/plugins/atilibusb.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-775): [#def71]
lirc-0.10.0-build/lirc-0.10.0/plugins/atilibusb.c: scope_hint: In function 'ati_init'
lirc-0.10.0-build/lirc-0.10.0/plugins/atilibusb.c:159:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'pipe_fd[1]'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_driver.h:18: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/atilibusb.c:35: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/atilibusb.c:165:17: note: in expansion of macro 'log_error'
# 157| if (pipe(pipe_fd) != 0) {
# 158| log_perror_err("couldn't open pipe");
# 159|-> return 0;
# 160| }
# 161| drv.fd = pipe_fd[0];
Error: COMPILER_WARNING (CWE-697): [#def72]
lirc-0.10.0-build/lirc-0.10.0/plugins/atilibusb.c: scope_hint: In function 'ati_init'
lirc-0.10.0-build/lirc-0.10.0/plugins/atilibusb.c:164:42: warning[-Waddress]: the comparison will always evaluate as 'true' for the address of 'filename' will never be NULL
# 164 | if (!usb_dev || !usb_dev->bus || !usb_dev->filename) {
# | ^
lirc-0.10.0-build/lirc-0.10.0/plugins/atilibusb.c:31: included_from: Included from here.
/usr/include/usb.h:268:8: note: 'filename' declared here
# 268 | char filename[PATH_MAX + 1];
# | ^~~~~~~~
# 162|
# 163| usb_dev = find_usb_device();
# 164|-> if (!usb_dev || !usb_dev->bus || !usb_dev->filename) {
# 165| log_error("couldn't find a compatible USB device");
# 166| return 0;
Error: CPPCHECK_WARNING: [#def73]
lirc-0.10.0-build/lirc-0.10.0/plugins/audio.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def74]
lirc-0.10.0-build/lirc-0.10.0/plugins/audio_alsa.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-775): [#def75]
lirc-0.10.0-build/lirc-0.10.0/plugins/awlibusb.c: scope_hint: In function 'awlibusb_init'
lirc-0.10.0-build/lirc-0.10.0/plugins/awlibusb.c:167:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'pipe_fd[1]'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_driver.h:18: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/awlibusb.c:44: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/awlibusb.c:173:17: note: in expansion of macro 'log_error'
# 165| if (pipe(pipe_fd) != 0) {
# 166| log_perror_err("couldn't open pipe");
# 167|-> return 0;
# 168| }
# 169| drv.fd = pipe_fd[0];
Error: CPPCHECK_WARNING: [#def76]
lirc-0.10.0-build/lirc-0.10.0/plugins/bte.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def77]
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def78]
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c:716:19: warning[core.CallAndMessage]: 4th function call argument is an uninitialized value
# 714|
# 715| // Ready the first status that will tell us all the above info
# 716|-> receive_status = usb_bulk_read(cd->cmdir_udev, 1, // endpoint 1
# 717| (char*)commandir_data_buffer, cd->endpoint_max[1], 1500);
# 718|
Error: GCC_ANALYZER_WARNING (CWE-457): [#def79]
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c: scope_hint: In function 'commandir_iii_update_status'
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c:716:26: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '*cd.endpoint_max[1]'
# 714|
# 715| // Ready the first status that will tell us all the above info
# 716|-> receive_status = usb_bulk_read(cd->cmdir_udev, 1, // endpoint 1
# 717| (char*)commandir_data_buffer, cd->endpoint_max[1], 1500);
# 718|
Error: GCC_ANALYZER_WARNING (CWE-476): [#def80]
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c: scope_hint: In function 'claim_and_setup_commandir'
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c:745:31: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'new_commandir'
# 743|
# 744| new_commandir = malloc(sizeof(struct commandir_device));
# 745|-> new_commandir->busnum = bus_num;
# 746| new_commandir->devnum = devnum;
# 747| new_commandir->next_commandir_device = NULL;
Error: CLANG_WARNING: [#def81]
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c:830:3: warning[deadcode.DeadStores]: Value stored to 'send_status' is never read
# 828| static char get_version[] = { 2, GET_VERSION };
# 829|
# 830|-> send_status = 4; // FIXME: dead code.
# 831| while (tries--) {
# 832| usleep(USB_TIMEOUT_US); // wait a moment
Error: CLANG_WARNING: [#def82]
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c:844:5: warning[core.CallAndMessage]: 4th function call argument is an uninitialized value
# 842|
# 843| send_status =
# 844|-> usb_bulk_read(new_commandir->cmdir_udev, 1, (char*)commandir_data_buffer,
# 845| new_commandir->endpoint_max[1], 1500);
# 846|
Error: GCC_ANALYZER_WARNING (CWE-457): [#def83]
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c:844:33: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '*new_commandir.endpoint_max[1]'
# 842|
# 843| send_status =
# 844|-> usb_bulk_read(new_commandir->cmdir_udev, 1, (char*)commandir_data_buffer,
# 845| new_commandir->endpoint_max[1], 1500);
# 846|
Error: GCC_ANALYZER_WARNING (CWE-476): [#def84]
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c:903:62: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'malloc((long unsigned int)*new_commandir.num_transmitters * 4)'
# 901| new_commandir->next_enabled_emitters_list = malloc(sizeof(int) * new_commandir->num_transmitters);
# 902| for (x = 0; x < new_commandir->num_transmitters; x++) {
# 903|-> new_commandir->next_enabled_emitters_list[x] = x + 1;
# 904| new_commandir->commandir_tx_available[x] = 0;
# 905| }
Error: GCC_ANALYZER_WARNING (CWE-476): [#def85]
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c: scope_hint: In function 'set_detected'
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c:1018:23: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'newdc'
# 1016|
# 1017| newdc = malloc(sizeof(struct detected_commandir));
# 1018|-> newdc->busnum = bus_num;
# 1019| newdc->devnum = devnum;
# 1020| newdc->next = NULL;
Error: CLANG_WARNING: [#def86]
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c:1031:2: warning[deadcode.DeadStores]: Value stored to 'last_detected_commandir' is never read
# 1029| last_detected_commandir->next = newdc;
# 1030| }
# 1031|-> last_detected_commandir = newdc; // FIXME: dead assigment?!
# 1032| }
# 1033|
Error: CLANG_WARNING: [#def87]
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c:1243:3: warning[deadcode.DeadStores]: Value stored to 'curCommandLength' is never read
# 1241|
# 1242| curCommandStart = 0;
# 1243|-> curCommandLength = 0;
# 1244|
# 1245| bytes_read = read(tochild_read, commands, MAX_COMMAND);
Error: CPPCHECK_WARNING (CWE-401): [#def88]
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c:1426: error[memleak]: Memory leak: new_tx_signal.raw_signal
# 1424| }
# 1425| }
# 1426|-> }
# 1427|
# 1428| static int get_hardware_tx_bitmask(struct commandir_device* pcd)
Error: CLANG_WARNING: [#def89]
lirc-0.10.0-build/lirc-0.10.0/plugins/commandir.c:1426:1: warning[unix.Malloc]: Potential leak of memory pointed to by 'new_tx_signal'
# 1424| }
# 1425| }
# 1426|-> }
# 1427|
# 1428| static int get_hardware_tx_bitmask(struct commandir_device* pcd)
Error: CPPCHECK_WARNING: [#def90]
lirc-0.10.0-build/lirc-0.10.0/plugins/creative_infracd.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def91]
lirc-0.10.0-build/lirc-0.10.0/plugins/default.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-775): [#def92]
lirc-0.10.0-build/lirc-0.10.0/plugins/default.c: scope_hint: In function 'visit_rc'
lirc-0.10.0-build/lirc-0.10.0/plugins/default.c:158:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open(&path, 0)'
# 156| return -1;
# 157| }
# 158|-> r = read(fd, buff, sizeof(buff));
# 159| if (r < 0) {
# 160| log_debug("Cannot read from %s", path);
Error: CPPCHECK_WARNING: [#def93]
lirc-0.10.0-build/lirc-0.10.0/plugins/devinput.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-775): [#def94]
lirc-0.10.0-build/lirc-0.10.0/plugins/devinput.c: scope_hint: In function 'locate_dev'
lirc-0.10.0-build/lirc-0.10.0/plugins/devinput.c:309:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open(&devname, 0)'
# 307| sprintf(devname, "/dev/input/%s", obj->d_name);
# 308| fd = open(devname, O_RDONLY);
# 309|-> if (!fd)
# 310| continue;
# 311| if (ioctl(fd, request, ioname) >= 0) {
Error: GCC_ANALYZER_WARNING (CWE-1341): [#def95]
lirc-0.10.0-build/lirc-0.10.0/plugins/devinput.c:324:17: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'open(&devname, 0)'
# 322| }
# 323| }
# 324|-> close(fd);
# 325| }
# 326|
Error: CPPCHECK_WARNING: [#def96]
lirc-0.10.0-build/lirc-0.10.0/plugins/dfclibusb.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def97]
lirc-0.10.0-build/lirc-0.10.0/plugins/dfclibusb.c: scope_hint: In function 'dfc_init'
lirc-0.10.0-build/lirc-0.10.0/plugins/dfclibusb.c:121:25: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
# 119| snprintf(device_path, sizeof(device_path),
# 120| "/dev/bus/usb/%s/%s",
# 121|-> usb_dev->bus->dirname, usb_dev->filename);
# 122| drv.device = device_path;
# 123| if (usb_dev == NULL) {
Error: GCC_ANALYZER_WARNING (CWE-775): [#def98]
lirc-0.10.0-build/lirc-0.10.0/plugins/dfclibusb.c:125:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'pipe_fd[1]'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_driver.h:18: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/dfclibusb.c:36: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/dfclibusb.c:157:9: note: in expansion of macro 'log_trace'
# 123| if (usb_dev == NULL) {
# 124| log_error("couldn't find a compatible USB device");
# 125|-> return 0;
# 126| }
# 127|
Error: CPPCHECK_WARNING: [#def99]
lirc-0.10.0-build/lirc-0.10.0/plugins/dsp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def100]
lirc-0.10.0-build/lirc-0.10.0/plugins/file.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def101]
lirc-0.10.0-build/lirc-0.10.0/plugins/ftdi.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING: [#def102]
lirc-0.10.0-build/lirc-0.10.0/plugins/ftdi.c: scope_hint: In function 'list_devices'
lirc-0.10.0-build/lirc-0.10.0/plugins/ftdi.c:152:56: warning[-Wformat-truncation=]: '%s' directive output may be truncated writing up to 127 bytes into a region of size between 104 and 231
# 152 | "/dev/bus/usb/%03d/%03d: %s:%s\n",
# | ^~
#......
# 155 | vendor, descr);
# | ~~~~~
/usr/include/bits/stdio2.h:68:10: note: '__snprintf_chk' output between 27 and 281 bytes into a destination of size 256
# 68 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 69 | __glibc_objsize (__s), __fmt,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 70 | __va_arg_pack ());
# | ~~~~~~~~~~~~~~~~~
# 150| }
# 151| snprintf(device, sizeof(device),
# 152|-> "/dev/bus/usb/%03d/%03d: %s:%s\n",
# 153| libusb_get_bus_number(dev->dev),
# 154| libusb_get_port_number(dev->dev),
Error: COMPILER_WARNING (CWE-477): [#def103]
lirc-0.10.0-build/lirc-0.10.0/plugins/ftdi.c: scope_hint: In function 'child_process'
lirc-0.10.0-build/lirc-0.10.0/plugins/ftdi.c:252:33: warning[-Wdeprecated-declarations]: 'ftdi_usb_purge_tx_buffer' is deprecated
# 252 | if (ftdi_usb_purge_tx_buffer(&ftdic) < 0)
# | ^~
lirc-0.10.0-build/lirc-0.10.0/plugins/ftdi.c:62: included_from: Included from here.
/usr/include/libftdi1/ftdi.h:565:20: note: declared here
# 565 | int DEPRECATED(ftdi_usb_purge_tx_buffer(struct ftdi_context *ftdi));
# | ^~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/libftdi1/ftdi.h:247:55: note: in definition of macro 'DEPRECATED'
# 247 | #define DEPRECATED(func) __attribute__ ((deprecated)) func
# | ^~~~
# 250| log_error("enable to write ftdi buffer (%s)",
# 251| ftdi_get_error_string(&ftdic));
# 252|-> if (ftdi_usb_purge_tx_buffer(&ftdic) < 0)
# 253| log_error("unable to purge ftdi buffer (%s)",
# 254| ftdi_get_error_string(&ftdic));
Error: CLANG_WARNING: [#def104]
lirc-0.10.0-build/lirc-0.10.0/plugins/ftdi.c:563:2: warning[deadcode.DeadStores]: Value stored to 'val_carrier' is never read
# 561| bufidx = 0;
# 562| div_carrier = 0;
# 563|-> val_carrier = 0;
# 564| sendpulse = 0;
# 565|
Error: GCC_ANALYZER_WARNING (CWE-401): [#def105]
lirc-0.10.0-build/lirc-0.10.0/plugins/ftdi.c: scope_hint: In function 'hwftdix_open'
lirc-0.10.0-build/lirc-0.10.0/plugins/ftdi.c:677:24: warning[-Wanalyzer-malloc-leak]: leak of 'config._config_text'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_driver.h:18: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/ftdi.c:60: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/ftdi.c:680:9: note: in expansion of macro 'log_info'
lirc-0.10.0-build/lirc-0.10.0/plugins/ftdi.c:34: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/ftdi.c:709:9: note: in expansion of macro 'log_debug'
# 675| if (is_open) {
# 676| log_info("Ignoring attempt to reopen ftdi device");
# 677|-> return 0;
# 678| }
# 679|
Error: CLANG_WARNING: [#def106]
lirc-0.10.0-build/lirc-0.10.0/plugins/ftdi.c:689:3: warning[unix.Malloc]: Potential leak of memory pointed to by 'config._config_text'
# 687|
# 688| if (ftdi_init(&ftdic) < 0) {
# 689|-> log_error(
# 690| "ftdi_init failed: %s", ftdi_get_error_string(&ftdic));
# 691| goto fail;
Error: CPPCHECK_WARNING: [#def107]
lirc-0.10.0-build/lirc-0.10.0/plugins/girs.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING: [#def108]
lirc-0.10.0-build/lirc-0.10.0/plugins/girs.c: scope_hint: In function 'sendcommandln'
lirc-0.10.0-build/lirc-0.10.0/plugins/girs.c:467:9: warning[-Wstringop-overflow=]: 'strncat' specified bound 1 equals source length
# 465|
# 466| strncpy(buf, command, strlen(command)+1);
# 467|-> strncat(buf, EOL, strlen(EOL));
# 468| int success = sendcommand(buf);
# 469|
Error: COMPILER_WARNING: [#def109]
lirc-0.10.0-build/lirc-0.10.0/plugins/girs.c: scope_hint: In function 'initialize'
lirc-0.10.0-build/lirc-0.10.0/plugins/girs.c:856:25: warning[-Wstringop-overflow=]: 'strncat' specified bound 1 equals source length
# 854| if (success) {
# 855| strncpy(dev.driver_version, hw_girs.driver_version, LONG_LINE_SIZE-1);
# 856|-> strncat(dev.driver_version, "/", 1);
# 857| strncat(dev.driver_version, dev.version, strlen(dev.version));
# 858| } else {
Error: COMPILER_WARNING: [#def110]
lirc-0.10.0-build/lirc-0.10.0/plugins/girs.c: scope_hint: In function 'initialize'
lirc-0.10.0-build/lirc-0.10.0/plugins/girs.c:857:25: warning[-Wstringop-overflow=]: '__builtin___strncat_chk' specified bound depends on the length of the source argument
# 857 | strncat(dev.driver_version, dev.version, strlen(dev.version));
# | ^
lirc-0.10.0-build/lirc-0.10.0/plugins/girs.c:857:25: note: length computed here
# 857 | strncat(dev.driver_version, dev.version, strlen(dev.version));
# | ^
# 855| strncpy(dev.driver_version, hw_girs.driver_version, LONG_LINE_SIZE-1);
# 856| strncat(dev.driver_version, "/", 1);
# 857|-> strncat(dev.driver_version, dev.version, strlen(dev.version));
# 858| } else {
# 859| log_error(DRIVER_NAME ": cannot get version");
Error: COMPILER_WARNING: [#def111]
lirc-0.10.0-build/lirc-0.10.0/plugins/girs.c:857:25: warning[-Wstringop-overflow=]: 'strncat' specified bound depends on the length of the source argument
lirc-0.10.0-build/lirc-0.10.0/plugins/girs.c:857:25: note: length computed here
# 855| strncpy(dev.driver_version, hw_girs.driver_version, LONG_LINE_SIZE-1);
# 856| strncat(dev.driver_version, "/", 1);
# 857|-> strncat(dev.driver_version, dev.version, strlen(dev.version));
# 858| } else {
# 859| log_error(DRIVER_NAME ": cannot get version");
Error: COMPILER_WARNING: [#def112]
lirc-0.10.0-build/lirc-0.10.0/plugins/girs.c: scope_hint: In function 'send_ir.part.0'
lirc-0.10.0-build/lirc-0.10.0/plugins/girs.c:988:17: warning[-Wstringop-truncation]: '__strncat_chk' output may be truncated copying 19 bytes from a string of length 19
# 988 | strncat(buf, b, SMALLSTRINGSIZE - 1);
# | ^
# 986|
# 987| snprintf(b, SMALLSTRINGSIZE - 1, " %d", (unsigned int) signals[i]);
# 988|-> strncat(buf, b, SMALLSTRINGSIZE - 1);
# 989| }
# 990|
Error: COMPILER_WARNING: [#def113]
lirc-0.10.0-build/lirc-0.10.0/plugins/girs.c: scope_hint: In function 'send_ir'
lirc-0.10.0-build/lirc-0.10.0/plugins/girs.c:993:9: warning[-Wstringop-overflow=]: 'strncat' specified bound 2 equals source length
# 991| // Girs requires the last duration to be a space, however, Lirc thinks
# 992| // differently. Just add a 1 microsecond space.
# 993|-> strncat(buf, " 1", 2);
# 994|
# 995| sendcommandln(buf);
Error: CPPCHECK_WARNING: [#def114]
lirc-0.10.0-build/lirc-0.10.0/plugins/hiddev.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def115]
lirc-0.10.0-build/lirc-0.10.0/plugins/i2cuser.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-775): [#def116]
lirc-0.10.0-build/lirc-0.10.0/plugins/i2cuser.c: scope_hint: In function 'i2cuser_init'
lirc-0.10.0-build/lirc-0.10.0/plugins/i2cuser.c:186:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'pipe_fd[1]'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_driver.h:18: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/i2cuser.c:58: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/i2cuser.c:192:17: note: in expansion of macro 'log_error'
# 184| if (pipe(pipe_fd) != 0) {
# 185| log_error("Couldn't open pipe: %s", strerror(errno));
# 186|-> return 0;
# 187| }
# 188| drv.fd = pipe_fd[0];
Error: CPPCHECK_WARNING: [#def117]
lirc-0.10.0-build/lirc-0.10.0/plugins/irlink.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def118]
lirc-0.10.0-build/lirc-0.10.0/plugins/irtoy.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def119]
lirc-0.10.0-build/lirc-0.10.0/plugins/livedrive_midi.c:46: warning[uninitvar]: Uninitialized variable: midi.dev
# 44| chk_read(drv.fd, &buf, sizeof(buf));
# 45| /* skip 2 missing filler bytes for audigy2 non-infrared messages */
# 46|-> if (midi.dev == NONREMOTE && i == 4)
# 47| i += 2;
# 48| *(bytep + i) = buf;
Error: CLANG_WARNING: [#def120]
lirc-0.10.0-build/lirc-0.10.0/plugins/livedrive_midi.c:46:16: warning[core.UndefinedBinaryOperatorResult]: The left operand of '==' is a garbage value
# 44| chk_read(drv.fd, &buf, sizeof(buf));
# 45| /* skip 2 missing filler bytes for audigy2 non-infrared messages */
# 46|-> if (midi.dev == NONREMOTE && i == 4)
# 47| i += 2;
# 48| *(bytep + i) = buf;
Error: GCC_ANALYZER_WARNING (CWE-457): [#def121]
lirc-0.10.0-build/lirc-0.10.0/plugins/livedrive_midi.c: scope_hint: In function 'livedrive_rec_midi'
lirc-0.10.0-build/lirc-0.10.0/plugins/livedrive_midi.c:46:25: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'midi.dev'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_driver.h:18: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/livedrive_midi.c:22: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/livedrive_midi.c:44:17: note: in expansion of macro 'chk_read'
# 44| chk_read(drv.fd, &buf, sizeof(buf));
# 45| /* skip 2 missing filler bytes for audigy2 non-infrared messages */
# 46|-> if (midi.dev == NONREMOTE && i == 4)
# 47| i += 2;
# 48| *(bytep + i) = buf;
Error: CPPCHECK_WARNING (CWE-457): [#def122]
lirc-0.10.0-build/lirc-0.10.0/plugins/livedrive_seq.c:46: warning[uninitvar]: Uninitialized variable: midi.dev
# 44| chk_read(drv.fd, &seq, sizeof(seq));
# 45| /* skip 2 missing filler bytes for audigy2 non-infrared messages */
# 46|-> if (midi.dev == NONREMOTE && i == 4)
# 47| i += 2;
# 48| *(bytep + i) = seq.data;
Error: CLANG_WARNING: [#def123]
lirc-0.10.0-build/lirc-0.10.0/plugins/livedrive_seq.c:46:16: warning[core.UndefinedBinaryOperatorResult]: The left operand of '==' is a garbage value
# 44| chk_read(drv.fd, &seq, sizeof(seq));
# 45| /* skip 2 missing filler bytes for audigy2 non-infrared messages */
# 46|-> if (midi.dev == NONREMOTE && i == 4)
# 47| i += 2;
# 48| *(bytep + i) = seq.data;
Error: GCC_ANALYZER_WARNING (CWE-457): [#def124]
lirc-0.10.0-build/lirc-0.10.0/plugins/livedrive_seq.c: scope_hint: In function 'livedrive_rec_seq'
lirc-0.10.0-build/lirc-0.10.0/plugins/livedrive_seq.c:46:25: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'midi.dev'
lirc-0.10.0-build/lirc-0.10.0/lib/lirc_driver.h:18: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/livedrive_seq.c:22: included_from: Included from here.
lirc-0.10.0-build/lirc-0.10.0/plugins/livedrive_seq.c:44:17: note: in expansion of macro 'chk_read'
# 44| chk_read(drv.fd, &seq, sizeof(seq));
# 45| /* skip 2 missing filler bytes for audigy2 non-infrared messages */
# 46|-> if (midi.dev == NONREMOTE && i == 4)
# 47| i += 2;
# 48| *(bytep + i) = seq.data;
Error: CPPCHECK_WARNING: [#def125]
lirc-0.10.0-build/lirc-0.10.0/plugins/mouseremote.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def126]
lirc-0.10.0-build/lirc-0.10.0/plugins/mplay.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def127]
lirc-0.10.0-build/lirc-0.10.0/plugins/pcmak.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def128]
lirc-0.10.0-build/lirc-0.10.0/plugins/silitek.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def129]
lirc-0.10.0-build/lirc-0.10.0/plugins/srm7500libusb.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def130]
lirc-0.10.0-build/lirc-0.10.0/plugins/srm7500libusb.c:850:4: warning[deadcode.DeadStores]: Value stored to 'inret' is never read
# 848| packet_buffer_out.data[11] = 0;
# 849| philipsrf_output(packet_buffer_out);
# 850|-> inret = philipsrf_input(&packet_buffer_in); // FIXME: never read.
# 851| if ((packet_buffer_in.type == MLME_COMM_STATUS_indication)
# 852| && (packet_buffer_in.data[packet_buffer_in.length - 2] == 0)) {
Error: CPPCHECK_WARNING: [#def131]
lirc-0.10.0-build/lirc-0.10.0/plugins/tira.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-401): [#def132]
lirc-0.10.0-build/lirc-0.10.0/plugins/tira.c: scope_hint: In function 'tira_send'
lirc-0.10.0-build/lirc-0.10.0/plugins/tira.c:685:24: warning[-Wanalyzer-malloc-leak]: leak of 'sendtable'
# 683| if ((deviceflags & 1) == 0) {
# 684| log_error("this device cannot send ir signals!");
# 685|-> return 0;
# 686| }
# 687|
Error: CLANG_WARNING: [#def133]
lirc-0.10.0-build/lirc-0.10.0/plugins/tira.c:773:10: warning[unix.Malloc]: Potential leak of memory pointed to by 'sendtable'
# 771| wrtbuf = malloc(length + 28);
# 772| if (wrtbuf == NULL)
# 773|-> return retval;
# 774| wrtbuf[0] = 'I';
# 775| wrtbuf[1] = 'X';
Error: CPPCHECK_WARNING: [#def134]
lirc-0.10.0-build/lirc-0.10.0/plugins/udp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def135]
lirc-0.10.0-build/lirc-0.10.0/plugins/uirt2_raw.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def136]
lirc-0.10.0-build/lirc-0.10.0/plugins/zotac.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def137]
lirc-0.10.0-build/lirc-0.10.0/tools/ircat.cpp: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def138]
lirc-0.10.0-build/lirc-0.10.0/tools/irexec.cpp: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def139]
lirc-0.10.0-build/lirc-0.10.0/tools/irpipe.cpp:163:10: warning[deadcode.DeadStores]: Although the value stored to 'value' is used in the enclosing expression, the value is never actually read from 'value'
# 161| return (uint32_t)-1;
# 162| if (strcmp("pulse", token1) == 0)
# 163|-> return value |= PULSE_BIT;
# 164| else if (strcmp("space", token1) == 0)
# 165| return (uint32_t)value;
Error: COMPILER_WARNING: [#def140]
lirc-0.10.0-build/lirc-0.10.0/tools/irpipe.cpp: scope_hint: In function ‘write_tobin()’
lirc-0.10.0-build/lirc-0.10.0/tools/irpipe.cpp:188:24: warning[-Wstringop-truncation]: ‘strncpy’ output may be truncated copying 127 bytes from a string of length 127
# 188 | strncpy(buff, line, sizeof(buff) - 1);
# | ^
# 186| }
# 187| while (fgets(line, sizeof(line), stdin) != NULL) {
# 188|-> strncpy(buff, line, sizeof(buff) - 1);
# 189| token1 = strtok(buff, "\n ");
# 190| token2 = strtok(NULL, "\n ");
Error: CPPCHECK_WARNING: [#def141]
lirc-0.10.0-build/lirc-0.10.0/tools/irpty.cpp: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-664): [#def142]
lirc-0.10.0-build/lirc-0.10.0/tools/irpty.cpp:68: error[va_end_missing]: va_list 'args' was opened but not closed by va_end().
# 66| lirc_deinit();
# 67| exit(1);
# 68|-> }
# 69|
# 70| static void sig_term(int sig)
Error: CPPCHECK_WARNING: [#def143]
lirc-0.10.0-build/lirc-0.10.0/tools/irrecord-ui.cpp: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-404): [#def144]
lirc-0.10.0-build/lirc-0.10.0/tools/irrecord-ui.cpp:439: error[resourceLeak]: Resource leak: f
# 437| if (f != NULL) {
# 438| if (opts->force && !opts->update)
# 439|-> return STS_INIT_FORCE_TMPL;
# 440| my_remote = read_config(f, opts->filename);
# 441| fclose(f);
Error: COMPILER_WARNING: [#def145]
lirc-0.10.0-build/lirc-0.10.0/tools/irrecord-ui.cpp: scope_hint: In function ‘get_name(ir_remote*, opts*)’
lirc-0.10.0-build/lirc-0.10.0/tools/irrecord-ui.cpp:1115:49: warning[-Wformat-truncation=]: ‘.lircd.conf.bak’ directive output may be truncated writing 15 bytes into a region of size between 1 and 256
# 1115 | snprintf(path, sizeof(path), "%s.lircd.conf.bak", buff);
# | ^~~~~~~~~~~~~~~
/usr/include/bits/stdio2.h:68:35: note: ‘__snprintf_chk’ output between 16 and 271 bytes into a destination of size 256
# 68 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 69 | __glibc_objsize (__s), __fmt,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 70 | __va_arg_pack ());
# | ~~~~~~~~~~~~~~~~~
# 1113| continue;
# 1114| }
# 1115|-> snprintf(path, sizeof(path), "%s.lircd.conf.bak", buff);
# 1116| if (access(path, F_OK) == 0) {
# 1117| printf("Backup file %s already exists.\n", path);
Error: COMPILER_WARNING: [#def146]
lirc-0.10.0-build/lirc-0.10.0/tools/irrecord-ui.cpp: scope_hint: In function ‘get_name(ir_remote*, opts*)’
lirc-0.10.0-build/lirc-0.10.0/tools/irrecord-ui.cpp:1124:41: warning[-Wformat-truncation=]: ‘.lircd.conf’ directive output may be truncated writing 11 bytes into a region of size between 1 and 256
# 1124 | snprintf(path, sizeof(path), "%s.lircd.conf", buff);
# | ^~~~~~~~~~~
/usr/include/bits/stdio2.h:68:35: note: ‘__snprintf_chk’ output between 12 and 267 bytes into a destination of size 256
# 68 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 69 | __glibc_objsize (__s), __fmt,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 70 | __va_arg_pack ());
# | ~~~~~~~~~~~~~~~~~
# 1122| }
# 1123| opts->backupfile = opts->update ? strdup(path) : NULL;
# 1124|-> snprintf(path, sizeof(path), "%s.lircd.conf", buff);
# 1125| opts->filename = strdup(path);
# 1126| printf("Using %s as output filename\n\n", opts->filename);
Error: COMPILER_WARNING: [#def147]
lirc-0.10.0-build/lirc-0.10.0/tools/irrecord-ui.cpp: scope_hint: In function ‘get_name(ir_remote*, opts*)’
lirc-0.10.0-build/lirc-0.10.0/tools/irrecord-ui.cpp:1129:33: warning[-Wformat-truncation=]: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size 250
# 1129 | "cp -p %s %s", path, opts->backupfile);
# | ^~ ~~~~
/usr/include/bits/stdio2.h:68:35: note: ‘__snprintf_chk’ output 8 or more bytes (assuming 263) into a destination of size 256
# 68 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 69 | __glibc_objsize (__s), __fmt,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 70 | __va_arg_pack ());
# | ~~~~~~~~~~~~~~~~~
# 1127| if (opts->update && access(opts->filename, F_OK) == 0) {
# 1128| snprintf(buff, sizeof(buff),
# 1129|-> "cp -p %s %s", path, opts->backupfile);
# 1130| if (system(buff) != 0)
# 1131| printf("Warning: Cannot create backup file.\n");
Error: CPPCHECK_WARNING: [#def148]
lirc-0.10.0-build/lirc-0.10.0/tools/irsend.cpp: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-120): [#def149]
lirc-0.10.0-build/lirc-0.10.0/tools/irsend.cpp:75: error[invalidScanfFormatWidth]: Width 32 given in format string (no. 3) is larger than destination buffer 'keysym[32]', use %31s to prevent overflowing it.
# 73| int r;
# 74|
# 75|-> r = sscanf(code, "%x %x %32s %64s %32s",
# 76| &scancode, &repeat, keysym, remote, trash);
# 77| if (r != 4) {
Error: CPPCHECK_WARNING (CWE-120): [#def150]
lirc-0.10.0-build/lirc-0.10.0/tools/irsend.cpp:75: error[invalidScanfFormatWidth]: Width 32 given in format string (no. 5) is larger than destination buffer 'trash[32]', use %31s to prevent overflowing it.
# 73| int r;
# 74|
# 75|-> r = sscanf(code, "%x %x %32s %64s %32s",
# 76| &scancode, &repeat, keysym, remote, trash);
# 77| if (r != 4) {
Error: CPPCHECK_WARNING (CWE-120): [#def151]
lirc-0.10.0-build/lirc-0.10.0/tools/irsend.cpp:75: error[invalidScanfFormatWidth]: Width 64 given in format string (no. 4) is larger than destination buffer 'remote[64]', use %63s to prevent overflowing it.
# 73| int r;
# 74|
# 75|-> r = sscanf(code, "%x %x %32s %64s %32s",
# 76| &scancode, &repeat, keysym, remote, trash);
# 77| if (r != 4) {
Error: CLANG_WARNING: [#def152]
lirc-0.10.0-build/lirc-0.10.0/tools/irsend.cpp:143:6: warning[unix.Malloc]: Potential leak of memory pointed to by 'address'
# 141| val = strtoul(p + 1, &end, 10);
# 142| if (!(*(p + 1)) || *end || val < 1 || val > USHRT_MAX) {
# 143|-> fprintf(stderr, "%s: invalid port number: %s\n", prog, p + 1);
# 144| return EXIT_FAILURE;
# 145| }
Error: COMPILER_WARNING: [#def153]
lirc-0.10.0-build/lirc-0.10.0/tools/irsend.cpp: scope_hint: In function ‘main’
lirc-0.10.0-build/lirc-0.10.0/tools/irsend.cpp:191:45: warning[-Wformat-overflow=]: ‘%s’ directive writing up to 253 bytes into a region of size between 3 and 256
# 191 | sprintf(buffer, "%s %s", directive, code);
# | ^~
/usr/include/bits/stdio2.h:30:34: note: ‘__sprintf_chk’ output between 2 and 508 bytes into a destination of size 257
# 30 | return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,
# | ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 31 | __glibc_objsize (__s), __fmt,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 32 | __va_arg_pack ());
# | ~~~~~~~~~~~~~~~~~
# 189| code = argv[optind++];
# 190| if (strlen(directive) + strlen(code) + 2 < PACKET_SIZE) {
# 191|-> sprintf(buffer, "%s %s", directive, code);
# 192| } else {
# 193| fprintf(stderr, "%s: input too long\n", prog);
Error: CPPCHECK_WARNING: [#def154]
lirc-0.10.0-build/lirc-0.10.0/tools/irsimreceive.cpp: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING: [#def155]
lirc-0.10.0-build/lirc-0.10.0/tools/irsimreceive.cpp: scope_hint: In function ‘main’
lirc-0.10.0-build/lirc-0.10.0/tools/irsimreceive.cpp:107:16: warning[-Wstringop-truncation]: ‘strncpy’ specified bound 64 equals destination size
# 107 | strncpy(option.value, path, sizeof(option.value));
# | ^
# 105| }
# 106| strcpy(option.key, "set-infile");
# 107|-> strncpy(option.value, path, sizeof(option.value));
# 108| r = curr_driver->drvctl_func(DRVCTL_SET_OPTION, (void*)&option);
# 109| if (r != 0) {
Error: COMPILER_WARNING: [#def156]
lirc-0.10.0-build/lirc-0.10.0/tools/irsimsend.cpp: scope_hint: In function ‘send_code(ir_remote*, ir_ncode*)’
lirc-0.10.0-build/lirc-0.10.0/tools/irsimsend.cpp:202:16: warning[-Wstringop-truncation]: ‘strncpy’ specified bound 32 equals destination size
# 202 | strncpy(last_code, code->name, sizeof(last_code));
# | ^
# 200| send_ir_ncode(remote, code, 0);
# 201| repeat_remote = NULL;
# 202|-> strncpy(last_code, code->name, sizeof(last_code));
# 203| }
# 204|
Error: CPPCHECK_WARNING (CWE-120): [#def157]
lirc-0.10.0-build/lirc-0.10.0/tools/irsimsend.cpp:249: error[invalidScanfFormatWidth]: Width 32 given in format string (no. 1) is larger than destination buffer 'keysym[32]', use %31s to prevent overflowing it.
# 247| s = fgets(line, sizeof(line), f);
# 248| while (s != NULL) {
# 249|-> r = sscanf(line, "%*x %*x %32s %*s", keysym);
# 250| if (r != 1)
# 251| r = sscanf(line, "%32s", keysym);
Error: CPPCHECK_WARNING (CWE-120): [#def158]
lirc-0.10.0-build/lirc-0.10.0/tools/irsimsend.cpp:251: error[invalidScanfFormatWidth]: Width 32 given in format string (no. 1) is larger than destination buffer 'keysym[32]', use %31s to prevent overflowing it.
# 249| r = sscanf(line, "%*x %*x %32s %*s", keysym);
# 250| if (r != 1)
# 251|-> r = sscanf(line, "%32s", keysym);
# 252| if (r != 1) {
# 253| printf("Cannot parse line: %s\n", line);
Error: CPPCHECK_WARNING: [#def159]
lirc-0.10.0-build/lirc-0.10.0/tools/irxevent.cpp: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def160]
lirc-0.10.0-build/lirc-0.10.0/tools/lirc-lsplugins.cpp: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def161]
lirc-0.10.0-build/lirc-0.10.0/tools/lirc-lsplugins.cpp:356:14: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 354| what = ((*drivers)->features & CAN_SEND) ? "yes" : "no";
# 355| line->can_send = what;
# 356|-> can_list = strcmp((*drivers)->device_hint, "drvctl") == 0;
# 357| snprintf(buf, sizeof(buf), "-%c%c%c",
# 358| get(CAN_ANY, 'a', *drivers),
Error: CLANG_WARNING: [#def162]
lirc-0.10.0-build/lirc-0.10.0/tools/lirc-lsplugins.cpp:368:1: warning[unix.Malloc]: Potential leak of memory pointed to by 'line'
# 366| line = line_new(path);
# 367| }
# 368|-> }
# 369|
# 370|
Error: CLANG_WARNING: [#def163]
lirc-0.10.0-build/lirc-0.10.0/tools/lirc-lsplugins.cpp:393:11: warning[unix.Malloc]: Potential leak of memory pointed to by 'line'
# 391| line->flags = "E--";
# 392| } else if (opt_listerrors) {
# 393|-> return NULL;
# 394| }
# 395| } else {
Error: CPPCHECK_WARNING: [#def164]
lirc-0.10.0-build/lirc-0.10.0/tools/lirc-lsremotes.cpp: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING: [#def165]
lirc-0.10.0-build/lirc-0.10.0/tools/lirc-lsremotes.cpp: scope_hint: In function ‘get_photo(char const*, char*, long)’
lirc-0.10.0-build/lirc-0.10.0/tools/lirc-lsremotes.cpp:91:16: warning[-Wstringop-truncation]: ‘strncpy’ specified bound 256 equals destination size
# 91 | strncpy(try_buff, path, sizeof(try_buff));
# | ^
# 89|
# 90| strcpy(buff, "no_photo");
# 91|-> strncpy(try_buff, path, sizeof(try_buff));
# 92| last = strstr(try_buff, ".lircd.conf");
# 93| if (last == NULL) {
Error: COMPILER_WARNING: [#def166]
lirc-0.10.0-build/lirc-0.10.0/tools/lirc-lsremotes.cpp: scope_hint: In function ‘print_remotes(char const*)’
lirc-0.10.0-build/lirc-0.10.0/tools/lirc-lsremotes.cpp:126:16: warning[-Wstringop-truncation]: ‘strncpy’ specified bound 256 equals destination size
# 126 | strncpy(my_path, path, sizeof(my_path));
# | ^
# 124| const char* timing;
# 125|
# 126|-> strncpy(my_path, path, sizeof(my_path));
# 127| base = basename(my_path);
# 128| dir = dirname(my_path);
Error: COMPILER_WARNING: [#def167]
lirc-0.10.0-build/lirc-0.10.0/tools/lirc-lsremotes.cpp:142:24: warning[-Wstringop-truncation]: ‘strncpy’ specified bound 256 equals destination size
# 142 | strncpy(photo, path, sizeof(photo));
# | ^
# 140| timing = r->pzero != 0 || r->pzero != 0 || is_raw(r) ?
# 141| "timing" : "no_timing";
# 142|-> strncpy(photo, path, sizeof(photo));
# 143| get_photo(path, photo, sizeof(photo));
# 144| get_lircmd(path, lircmd, sizeof(lircmd));
Error: COMPILER_WARNING: [#def168]
lirc-0.10.0-build/lirc-0.10.0/tools/lirc-lsremotes.cpp: scope_hint: In function ‘listdir(char const*) [clone .part.0]’
lirc-0.10.0-build/lirc-0.10.0/tools/lirc-lsremotes.cpp:215:58: warning[-Wformat-truncation=]: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size between 0 and 511
# 215 | snprintf(filepath, sizeof(filepath), "%s/%s",
# | ^~
/usr/include/bits/stdio2.h:68:35: note: ‘__snprintf_chk’ output between 2 and 768 bytes into a destination of size 512
# 68 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 69 | __glibc_objsize (__s), __fmt,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 70 | __va_arg_pack ());
# | ~~~~~~~~~~~~~~~~~
# 213| size = scandir(dirpath, &namelist, isfile, alphasort);
# 214| for (i = 0; i < size; i += 1) {
# 215|-> snprintf(filepath, sizeof(filepath), "%s/%s",
# 216| dirpath, namelist[i]->d_name);
# 217| free(namelist[i]);
Error: CPPCHECK_WARNING: [#def169]
lirc-0.10.0-build/lirc-0.10.0/tools/mode2.cpp: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def170]
lirc-0.10.0-build/lirc-0.10.0/tools/xmode2.cpp: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-49.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | lirc-0.10.0-43.fc41 |
| store-results-to | /tmp/tmpq2v0orjr/lirc-0.10.0-43.fc41.tar.xz |
| time-created | 2024-07-03 16:09:15 |
| time-finished | 2024-07-03 16:11:30 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpq2v0orjr/lirc-0.10.0-43.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpq2v0orjr/lirc-0.10.0-43.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |