Fixed defects

List of Defects

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘print_hex’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:118:1: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:805:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:806:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:807:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:330:49: note: in definition of macro ‘MEMEQ’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘print_hex’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c: scope_hint: In function ‘print_hex’
#  116|       }
#  117|     printf("\n");
#  118|-> }
#  119|   
#  120|   int verbose = 0;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def2]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:818:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length + (long unsigned int)*aead.block_size + 18446744073709551615)’ where non-null expected
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:805:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:806:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:807:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#  816|         unsigned out_align = 3*in_align % aead->block_size;
#  817|         size_t offset;
#  818|->       memcpy (in + in_align, cleartext->data, cleartext->length);
#  819|         for (offset = 0; offset <= cleartext->length; offset += aead->block_size)
#  820|   	{

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:841:14: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length + (long unsigned int)*aead.block_size + 18446744073709551615) + (sizetype)in_align’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:805:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:806:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:807:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:330:49: note: in definition of macro ‘MEMEQ’
#  839|   			  out + out_align + offset, in + in_align + offset);
#  840|   
#  841|-> 	  if (!MEMEQ(cleartext->length, out + out_align, ciphertext->data))
#  842|   	    {
#  843|   	      fprintf(stderr, "aead->encrypt failed (offset = %u):\nclear: ",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:857:18: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length + (long unsigned int)*aead.block_size + 18446744073709551615) + (sizetype)in_align’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:805:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:806:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:807:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:330:49: note: in definition of macro ‘MEMEQ’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:854:15: note: in expansion of macro ‘ASSERT’
#  855|   	      memset(buffer, 0, aead->digest_size);
#  856|   	      aead->digest(ctx, digest->length, buffer);
#  857|-> 	      if (!MEMEQ(digest->length, buffer, digest->data))
#  858|   		{
#  859|   		  fprintf(stderr, "aead->digest failed (offset = %u):\n  got: ",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:8: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length + (long unsigned int)*aead.block_size + 18446744073709551615) + (sizetype)in_align’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:854:15: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:805:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:806:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:807:3: note: in expansion of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:330:49: note: in definition of macro ‘MEMEQ’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.h:336:11: note: in definition of macro ‘ASSERT’
nettle-3.9.1-build/nettle-3.9.1/testsuite/testutils.c:854:15: note: in expansion of macro ‘ASSERT’
#  334|   
#  335|   #define ASSERT(x) do {							\
#  336|->     if (!(x))								\
#  337|         {									\
#  338|   	fprintf(stderr, "Assert failed: %s:%d: %s\n", \

Error: CLANG_WARNING: [#def6]
nettle-3.9.1-build/nettle-3.9.1/umac-l2.c:149:19: warning[deadcode.DeadStores]: Although the value stored to 'yl' is used in the enclosing expression, the value is never actually read from 'yl'
#  147|   	    {
#  148|   	      state[0] = 0;
#  149|-> 	      state[1] = yl -= UMAC_P128_LO;
#  150|   	    }
#  151|   	}

Scan Properties

analyzer-version-clang	18.1.7
analyzer-version-cppcheck	2.14.2
analyzer-version-gcc	14.1.1
analyzer-version-gcc-analyzer	14.1.1
analyzer-version-shellcheck	0.10.0
diffbase-analyzer-version-clang	18.1.7
diffbase-analyzer-version-cppcheck	2.14.2
diffbase-analyzer-version-gcc	14.1.1
diffbase-analyzer-version-gcc-analyzer	14.1.1
diffbase-analyzer-version-shellcheck	0.10.0
diffbase-enabled-plugins	clang, cppcheck, gcc, shellcheck
diffbase-exit-code	0
diffbase-host	ip-172-16-1-40.us-west-2.compute.internal
diffbase-mock-config	fedora-41-x86_64
diffbase-project-name	nettle-3.10-2.fc41
diffbase-store-results-to	/tmp/tmpl3w0o4ts/nettle-3.10-2.fc41.tar.xz
diffbase-time-created	2024-07-03 16:20:57
diffbase-time-finished	2024-07-03 16:22:58
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpl3w0o4ts/nettle-3.10-2.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpl3w0o4ts/nettle-3.10-2.fc41.src.rpm'
diffbase-tool-version	csmock-3.5.3-1.el9
enabled-plugins	clang, cppcheck, gcc, shellcheck
exit-code	0
host	ip-172-16-1-40.us-west-2.compute.internal
mock-config	fedora-41-x86_64
project-name	nettle-3.9.1-6.fc40
store-results-to	/tmp/tmp9aryo7k4/nettle-3.9.1-6.fc40.tar.xz
time-created	2024-07-03 16:17:53
time-finished	2024-07-03 16:20:30
title	Fixed defects
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmp9aryo7k4/nettle-3.9.1-6.fc40.tar.xz' '--gcc-analyze' '/tmp/tmp9aryo7k4/nettle-3.9.1-6.fc40.src.rpm'
tool-version	csmock-3.5.3-1.el9