nettle-3.10-2.fc41

List of Defects

Error: CPPCHECK_WARNING: [#def1]
nettle-3.10-build/nettle-3.10/arctwo.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def2]
nettle-3.10-build/nettle-3.10/blowfish-bcrypt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def3]
nettle-3.10-build/nettle-3.10/blowfish.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: COMPILER_WARNING: [#def4]
nettle-3.10-build/nettle-3.10/conftest.s: scope_hint: Assembler messages
nettle-3.10-build/nettle-3.10/conftest.s:2: Error: alignment not a power of 2

Error: COMPILER_WARNING: [#def5]
nettle-3.10-build/nettle-3.10/conftest.s: scope_hint: Assembler messages
nettle-3.10-build/nettle-3.10/conftest.s:4: Error: unknown pseudo-op: `.def'

Error: COMPILER_WARNING: [#def6]
nettle-3.10-build/nettle-3.10/conftest.s: scope_hint: Assembler messages
nettle-3.10-build/nettle-3.10/conftest.s:4: Error: unrecognized symbol type ""

Error: COMPILER_WARNING: [#def7]
nettle-3.10-build/nettle-3.10/conftest.s:5: Error: unknown pseudo-op: `.scl'

Error: COMPILER_WARNING: [#def8]
nettle-3.10-build/nettle-3.10/conftest.s:6: Error: Missing symbol name in directive

Error: COMPILER_WARNING: [#def9]
nettle-3.10-build/nettle-3.10/conftest.s:6: Error: unrecognized symbol type "32"

Error: COMPILER_WARNING: [#def10]
nettle-3.10-build/nettle-3.10/conftest.s:7: Error: unknown pseudo-op: `.endef'

Error: CPPCHECK_WARNING: [#def11]
nettle-3.10-build/nettle-3.10/der-iterator.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def12]
nettle-3.10-build/nettle-3.10/drbg-ctr-aes256.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def13]
nettle-3.10-build/nettle-3.10/dsa-gen-params.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def14]
nettle-3.10-build/nettle-3.10/eccdata.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
nettle-3.10-build/nettle-3.10/examples/hogweed-benchmark.c: scope_hint: In function ‘bench_eddsa_init’
nettle-3.10-build/nettle-3.10/examples/hogweed-benchmark.c:532:3: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(248)’
#  530|   
#  531|     ctx = xalloc (sizeof(*ctx));
#  532|->   switch (size) {
#  533|     case 255:
#  534|       ctx->sign = ed25519_sha512_sign;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
nettle-3.10-build/nettle-3.10/examples/hogweed-benchmark.c: scope_hint: In function ‘bench_curve_init’
nettle-3.10-build/nettle-3.10/examples/hogweed-benchmark.c:796:3: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(128)’
#  794|     struct curve_ctx *ctx = xalloc (sizeof (*ctx));
#  795|     knuth_lfib_init (&lfib, 17);
#  796|->   switch (size)
#  797|       {
#  798|       case 255:

Error: CPPCHECK_WARNING: [#def17]
nettle-3.10-build/nettle-3.10/examples/io.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def18]
nettle-3.10-build/nettle-3.10/examples/nettle-benchmark.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def19]
nettle-3.10-build/nettle-3.10/examples/rsa-decrypt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING (CWE-457): [#def20]
nettle-3.10-build/nettle-3.10/examples/rsa-decrypt.c:246: error[uninitvar]: Uninitialized variable: &session
#  244|     mpz_clear(x);
#  245|     
#  246|->   rsa_session_set_decrypt_key(&ctx, &session);
#  247|   
#  248|     if (!process_file(&ctx,

Error: CPPCHECK_WARNING: [#def21]
nettle-3.10-build/nettle-3.10/examples/rsa-encrypt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def22]
nettle-3.10-build/nettle-3.10/examples/rsa-keygen.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def23]
nettle-3.10-build/nettle-3.10/fat-x86_64.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def24]
nettle-3.10-build/nettle-3.10/getopt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: GCC_ANALYZER_WARNING (CWE-457): [#def25]
nettle-3.10-build/nettle-3.10/gosthash94.c: scope_hint: In function ‘gost_block_compress’
nettle-3.10-build/nettle-3.10/gosthash94.c:76:40: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘v[1]’
nettle-3.10-build/nettle-3.10/gosthash94.c:41: included_from: Included from here.
nettle-3.10-build/nettle-3.10/gosthash94.c:301:5: note: in expansion of macro ‘MD_UPDATE’
nettle-3.10-build/nettle-3.10/gosthash94.c:301:5: note: in expansion of macro ‘MD_UPDATE’
nettle-3.10-build/nettle-3.10/macros.h:207:9: note: in expansion of macro ‘COMPRESS’
nettle-3.10-build/nettle-3.10/gosthash94.c:301:5: note: in expansion of macro ‘MD_UPDATE’
nettle-3.10-build/nettle-3.10/macros.h:207:9: note: in expansion of macro ‘COMPRESS’
nettle-3.10-build/nettle-3.10/gosthash94.c:301:5: note: in expansion of macro ‘MD_UPDATE’
nettle-3.10-build/nettle-3.10/gosthash94.c:275:25: note: in expansion of macro ‘LE_READ_UINT32’
#   74|   
#   75|       /* w := u xor v */
#   76|->     w[0] = u[0] ^ v[0], w[1] = u[1] ^ v[1];
#   77|       w[2] = u[2] ^ v[2], w[3] = u[3] ^ v[3];
#   78|       w[4] = u[4] ^ v[4], w[5] = u[5] ^ v[5];

Error: CPPCHECK_WARNING: [#def26]
nettle-3.10-build/nettle-3.10/knuth-lfib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: GCC_ANALYZER_WARNING (CWE-122): [#def27]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:10: included_from: Included from here.
nettle-3.10-build/nettle-3.10/macros.h:162:8: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/macros.h:161:29: note: in definition of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
#  160|     do {						\
#  161|       unsigned increment_i = (size) - 1;		\
#  162|->     if (++(ctr)[increment_i] == 0)		\
#  163|         while (increment_i > 0			\
#  164|   	     && ++(ctr)[--increment_i] == 0 )	\

Error: GCC_ANALYZER_WARNING (CWE-122): [#def28]
nettle-3.10-build/nettle-3.10/macros.h:162:16: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/macros.h:161:29: note: in definition of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
#                                                       └─────────────────┘
#                                                                ^
#  160|     do {						\
#  161|       unsigned increment_i = (size) - 1;		\
#  162|->     if (++(ctr)[increment_i] == 0)		\
#  163|         while (increment_i > 0			\
#  164|   	     && ++(ctr)[--increment_i] == 0 )	\

Error: GCC_ANALYZER_WARNING (CWE-122): [#def29]
nettle-3.10-build/nettle-3.10/macros.h:164:14: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/macros.h:161:29: note: in definition of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
#  162|       if (++(ctr)[increment_i] == 0)		\
#  163|         while (increment_i > 0			\
#  164|-> 	     && ++(ctr)[--increment_i] == 0 )	\
#  165|   	;					\
#  166|     } while (0)

Error: GCC_ANALYZER_WARNING (CWE-122): [#def30]
nettle-3.10-build/nettle-3.10/macros.h:164:24: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/macros.h:161:29: note: in definition of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
#                                                       └─────────────────┘
#                                                                ^
#  162|       if (++(ctr)[increment_i] == 0)		\
#  163|         while (increment_i > 0			\
#  164|-> 	     && ++(ctr)[--increment_i] == 0 )	\
#  165|   	;					\
#  166|     } while (0)

Error: GCC_ANALYZER_WARNING (CWE-471): [#def31]
nettle-3.10-build/nettle-3.10/eccdata.c:43: included_from: Included from here.
nettle-3.10-build/nettle-3.10/mini-gmp.c: scope_hint: In function ‘mpn_set_str_bits’
nettle-3.10-build/nettle-3.10/mini-gmp.c:1328:20: warning[-Wanalyzer-write-to-const]: write to ‘const’ object ‘dummy_limb’
nettle-3.10-build/nettle-3.10/mini-gmp.c:44: included_from: Included from here.
nettle-3.10-build/nettle-3.10/mini-gmp.c:45: included_from: Included from here.
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.10-build/nettle-3.10/mini-gmp.c:1412:26: note: declared here
# 1326|         if (shift == 0)
# 1327|   	{
# 1328|-> 	  rp[rn++] = sp[j];
# 1329|   	  shift += bits;
# 1330|   	}

Error: GCC_ANALYZER_WARNING (CWE-471): [#def32]
nettle-3.10-build/nettle-3.10/mini-gmp.c:1333:20: warning[-Wanalyzer-write-to-const]: write to ‘const’ object ‘dummy_limb’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.10-build/nettle-3.10/mini-gmp.c:1412:26: note: declared here
# 1331|         else
# 1332|   	{
# 1333|-> 	  rp[rn-1] |= (mp_limb_t) sp[j] << shift;
# 1334|   	  shift += bits;
# 1335|   	  if (shift >= GMP_LIMB_BITS)

Error: GCC_ANALYZER_WARNING (CWE-471): [#def33]
nettle-3.10-build/nettle-3.10/mini-gmp.c:1339:26: warning[-Wanalyzer-write-to-const]: write to ‘const’ object ‘dummy_limb’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.10-build/nettle-3.10/mini-gmp.c:1412:26: note: declared here
# 1337|   	      shift -= GMP_LIMB_BITS;
# 1338|   	      if (shift > 0)
# 1339|-> 		rp[rn++] = (mp_limb_t) sp[j] >> (bits - shift);
# 1340|   	    }
# 1341|   	}

Error: CPPCHECK_WARNING (CWE-758): [#def34]
nettle-3.10-build/nettle-3.10/mini-gmp.c:1492: error[shiftTooManyBits]: Shifting 64-bit value by 64 bits is undefined behaviour
# 1490|   	{
# 1491|   	  int LOCAL_GMP_LIMB_BITS = GMP_LIMB_BITS;
# 1492|-> 	  while (x >>= LOCAL_GMP_LIMB_BITS)
# 1493|   	    {
# 1494|   	      ++ r->_mp_size;

Error: CPPCHECK_WARNING (CWE-758): [#def35]
nettle-3.10-build/nettle-3.10/mini-gmp.c:1614: error[shiftTooManyBits]: Shifting 64-bit value by 64 bits is undefined behaviour
# 1612|         n = GMP_MIN (n, 1 + (mp_size_t) (GMP_ULONG_BITS - 1) / GMP_LIMB_BITS);
# 1613|         while (--n >= 0)
# 1614|-> 	r = (r << LOCAL_GMP_LIMB_BITS) + u->_mp_d[n];
# 1615|         return r;
# 1616|       }

Error: CPPCHECK_WARNING: [#def36]
nettle-3.10-build/nettle-3.10/pgp-encode.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def37]
nettle-3.10-build/nettle-3.10/rsa-keygen.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def38]
nettle-3.10-build/nettle-3.10/sexp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def39]
nettle-3.10-build/nettle-3.10/sexp2dsa.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def40]
nettle-3.10-build/nettle-3.10/sexp2rsa.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def41]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_aead’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*aead.context_size)’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def43]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_aead’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*aead.digest_size)’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:841:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:842:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:843:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:13: included_from: Included from here.
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def44]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*armor.decode_context_size)’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def45]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_armor’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*armor.encode_context_size)’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def46]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cfb’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*cipher.block_size)’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def47]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cfb’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*cipher.context_size)’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def48]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_hash’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*hash.context_size)’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def49]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*hash.digest_size)’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def50]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_mac’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*mac.context_size)’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def51]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*mac.digest_size)’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def52]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*armor.decode_length(ascii_length) + 1)’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def53]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cipher.length + 1)’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def54]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cipher.length)’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def55]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length + (long unsigned int)*aead.block_size + 18446744073709551615)’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:841:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:842:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:843:3: note: in expansion of macro ‘ASSERT’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def56]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cfb8’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length + 1)’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:477:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:480:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:481:3: note: in expansion of macro ‘ASSERT’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def57]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length)’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def58]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*digest.length)’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def59]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(ascii_length + 1)’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def60]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(length)’
#   36|   {
#   37|     void *p = malloc(size);
#   38|->   if (size && !p)
#   39|       {
#   40|         fprintf(stderr, "Virtual memory exhausted.\n");

Error: GCC_ANALYZER_WARNING (CWE-476): [#def61]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘tstring_alloc’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:53:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘xalloc(length + 24)’
#   51|   {
#   52|     struct tstring *s = xalloc(sizeof(struct tstring) + length);
#   53|->   s->length = length;
#   54|     s->next = tstring_first;
#   55|     /* NUL-terminate, for convenience. */

Error: COMPILER_WARNING (CWE-563): [#def62]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘mark_bytes_undefined’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:144:30: warning[-Wunused-parameter]: unused parameter ‘size’
#  144 | mark_bytes_undefined (size_t size, const void *p) {}
#      |                       ~~~~~~~^~~~
#  142|   #else
#  143|   void
#  144|-> mark_bytes_undefined (size_t size, const void *p) {}
#  145|   void
#  146|   mark_bytes_defined (size_t size, const void *p) {}

Error: COMPILER_WARNING (CWE-563): [#def63]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:144:48: warning[-Wunused-parameter]: unused parameter ‘p’
#  144 | mark_bytes_undefined (size_t size, const void *p) {}
#      |                                    ~~~~~~~~~~~~^
#  142|   #else
#  143|   void
#  144|-> mark_bytes_undefined (size_t size, const void *p) {}
#  145|   void
#  146|   mark_bytes_defined (size_t size, const void *p) {}

Error: COMPILER_WARNING (CWE-563): [#def64]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘mark_bytes_defined’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:146:28: warning[-Wunused-parameter]: unused parameter ‘size’
#  146 | mark_bytes_defined (size_t size, const void *p) {}
#      |                     ~~~~~~~^~~~
#  144|   mark_bytes_undefined (size_t size, const void *p) {}
#  145|   void
#  146|-> mark_bytes_defined (size_t size, const void *p) {}
#  147|   #endif
#  148|   

Error: COMPILER_WARNING (CWE-563): [#def65]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:146:46: warning[-Wunused-parameter]: unused parameter ‘p’
#  146 | mark_bytes_defined (size_t size, const void *p) {}
#      |                                  ~~~~~~~~~~~~^
#  144|   mark_bytes_undefined (size_t size, const void *p) {}
#  145|   void
#  146|-> mark_bytes_defined (size_t size, const void *p) {}
#  147|   #endif
#  148|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def66]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cbc’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:245:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:237:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:240:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:241:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#  243|     data = xalloc(length);  
#  244|     cipher->set_encrypt_key(ctx, key->data);
#  245|->   memcpy(iv, iiv->data, cipher->block_size);
#  246|   
#  247|     cbc_encrypt(ctx, cipher->encrypt,

Error: GCC_ANALYZER_WARNING (CWE-688): [#def67]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cfb’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:308:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:298:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:301:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:302:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#  306|   
#  307|     cipher->set_encrypt_key(ctx, key->data);
#  308|->   memcpy(iv, iiv->data, cipher->block_size);
#  309|   
#  310|     cfb_encrypt(ctx, cipher->encrypt,

Error: GCC_ANALYZER_WARNING (CWE-688): [#def68]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cfb8’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:491:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:477:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:480:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:481:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#  489|   
#  490|         cipher->set_encrypt_key(ctx, key->data);
#  491|->       memcpy(iv, iiv->data, cipher->block_size);
#  492|   
#  493|         memset(data, 0x17, length + 1);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def69]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:493:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length + 1)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:477:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:480:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:481:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
#  491|         memcpy(iv, iiv->data, cipher->block_size);
#  492|   
#  493|->       memset(data, 0x17, length + 1);
#  494|         for (i = 0; i + block <= length; i += block)
#  495|   	{

Error: GCC_ANALYZER_WARNING (CWE-688): [#def70]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:521:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length + 1)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:477:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:480:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:481:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:516:7: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
#  519|         memcpy(iv, iiv->data, cipher->block_size);
#  520|   
#  521|->       memset(data2, 0x17, length + 1);
#  522|         for (i = 0; i + block <= length; i += block)
#  523|   	{

Error: GCC_ANALYZER_WARNING (CWE-688): [#def71]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:548:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:477:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:480:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:481:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#  546|   
#  547|     cipher->set_encrypt_key(ctx, key->data);
#  548|->   memcpy(iv, iiv->data, cipher->block_size);
#  549|     memcpy(data, cleartext->data, length);
#  550|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def72]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:549:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length + 1)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:477:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:480:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:481:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#  547|     cipher->set_encrypt_key(ctx, key->data);
#  548|     memcpy(iv, iiv->data, cipher->block_size);
#  549|->   memcpy(data, cleartext->data, length);
#  550|   
#  551|     cfb8_encrypt(ctx, cipher->encrypt,

Error: GCC_ANALYZER_WARNING (CWE-688): [#def73]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher_ctr’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:693:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#  691|     ASSERT (nblocks < 0x100);
#  692|   
#  693|->   memcpy (octr, ictr->data, cipher->block_size - 1);
#  694|     low = ictr->data[cipher->block_size - 1] + nblocks;
#  695|     octr[cipher->block_size - 1] = low;

Error: GCC_ANALYZER_WARNING (CWE-122): [#def74]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:695:32: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
#  693|     memcpy (octr, ictr->data, cipher->block_size - 1);
#  694|     low = ictr->data[cipher->block_size - 1] + nblocks;
#  695|->   octr[cipher->block_size - 1] = low;
#  696|   
#  697|     if (low >= 0x100)

Error: GCC_ANALYZER_WARNING (CWE-688): [#def75]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:706:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#  704|     for (i = 0; i <= length; i++)
#  705|       {
#  706|->       memcpy(ctr, ictr->data, cipher->block_size);
#  707|         memset(data, 17, length);
#  708|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def76]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:707:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
#  705|       {
#  706|         memcpy(ctr, ictr->data, cipher->block_size);
#  707|->       memset(data, 17, length);
#  708|   
#  709|         ctr_crypt(ctx, cipher->encrypt,

Error: GCC_ANALYZER_WARNING (CWE-688): [#def77]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_aead’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:854:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length + (long unsigned int)*aead.block_size + 18446744073709551615) + (sizetype)in_align’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:841:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:842:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:843:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#  852|         unsigned out_align = 3*in_align % aead->block_size;
#  853|         size_t offset;
#  854|->       memcpy (in + in_align, cleartext->data, cleartext->length);
#  855|         for (offset = 0; offset <= cleartext->length; offset += aead->block_size)
#  856|   	{

Error: GCC_ANALYZER_WARNING (CWE-688): [#def78]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:893:15: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*aead.digest_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:841:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:842:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:843:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:892:15: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
#  891|   	    {
#  892|   	      ASSERT (digest->length <= aead->digest_size);
#  893|-> 	      memset(buffer, 0, aead->digest_size);
#  894|   	      aead->digest(ctx, digest->length, buffer);
#  895|   	      if (!MEMEQ(digest->length, buffer, digest->data))

Error: GCC_ANALYZER_WARNING (CWE-688): [#def79]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_aead_message’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1016:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cipher.length)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:961:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:962:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:963:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 1014|         FAIL();
# 1015|       }
# 1016|->   memcpy (copy, cipher->data, cipher->length);
# 1017|     copy[0] ^= 4;
# 1018|     if (aead->decrypt (ctx,

Error: GCC_ANALYZER_WARNING (CWE-688): [#def80]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_hash’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1129:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*digest.length)’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 1127|       }
# 1128|   
# 1129|->   memset(buffer, 0, digest->length);
# 1130|   
# 1131|     hash->update(ctx, msg->length, msg->data);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def81]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1142:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*msg.length + 16)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1132:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1135:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1137:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 1140|     for (offset = 0; offset < 16; offset++)
# 1141|       {
# 1142|->       memset (input, 0, msg->length + 16);
# 1143|         memcpy (input + offset, msg->data, msg->length);
# 1144|         hash->update (ctx, msg->length, input + offset);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def82]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_hash_large’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1173:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(length)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1171:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 1171|     ASSERT (digest->length == hash->digest_size);
# 1172|   
# 1173|->   memset(data, c, length);
# 1174|   
# 1175|     hash->init(ctx);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def83]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_armor’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1275:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(ascii_length + 1)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1271:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1273:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 1273|     ASSERT(data_length <= armor->decode_length(ascii_length));
# 1274|     
# 1275|->   memset(buffer, 0x33, 1 + ascii_length);
# 1276|     memset(check, 0x55, 1 + data_length);
# 1277|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def84]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1276:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*armor.decode_length(ascii_length) + 1)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1271:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1273:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 1274|     
# 1275|     memset(buffer, 0x33, 1 + ascii_length);
# 1276|->   memset(check, 0x55, 1 + data_length);
# 1277|   
# 1278|     armor->encode_init(encode);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def85]
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:343:31: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:728:11: note: in expansion of macro ‘MEMEQ’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:728:11: note: in expansion of macro ‘MEMEQ’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:728:11: note: in expansion of macro ‘MEMEQ’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:13: included_from: Included from here.
/usr/include/string.h:64:12: note: argument 1 of ‘memcmp’ must be non-null
#  341|   #define H(x) (SHEX(x)->data)
#  342|   
#  343|-> #define MEMEQ(length, a, b) (!memcmp((a), (b), (length)))
#  344|   
#  345|   #define FAIL() abort()

Error: CPPCHECK_WARNING: [#def86]
nettle-3.10-build/nettle-3.10/tools/nettle-hash.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: GCC_ANALYZER_WARNING (CWE-775): [#def87]
nettle-3.10-build/nettle-3.10/tools/nettle-hash.c: scope_hint: In function ‘main’
nettle-3.10-build/nettle-3.10/tools/nettle-hash.c:226:11: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*<unknown>, "rb")’
#  224|   	  if (!f)
#  225|   	    die ("Cannot open `%s': %s\n", argv[i], strerror(errno));
#  226|-> 	  printf("%s: ", argv[i]);
#  227|   	  if (!digest_file (alg, length, raw, f))
#  228|   	    die("Reading `%s' failed: %s\n", argv[i], strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def88]
nettle-3.10-build/nettle-3.10/tools/nettle-hash.c:226:11: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*<unknown>, "rb")’
#  224|   	  if (!f)
#  225|   	    die ("Cannot open `%s': %s\n", argv[i], strerror(errno));
#  226|-> 	  printf("%s: ", argv[i]);
#  227|   	  if (!digest_file (alg, length, raw, f))
#  228|   	    die("Reading `%s' failed: %s\n", argv[i], strerror(errno));

Error: CPPCHECK_WARNING: [#def89]
nettle-3.10-build/nettle-3.10/tools/nettle-pbkdf2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def90]
nettle-3.10-build/nettle-3.10/tools/output.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def91]
nettle-3.10-build/nettle-3.10/twofish.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def92]
nettle-3.10-build/nettle-3.10/umac-l2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: GCC_ANALYZER_WARNING (CWE-457): [#def93]
nettle-3.10-build/nettle-3.10/umac64.c: scope_hint: In function ‘nettle_umac64_digest’
nettle-3.10-build/nettle-3.10/umac64.c:139:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘&tag’
nettle-3.10-build/nettle-3.10/umac64.c:36: included_from: Included from here.
#  137|     tag[1] = pad[1] ^ ctx->l3_key2[1] ^ _nettle_umac_l3 (ctx->l3_key1 + 8,
#  138|   						       ctx->l2_state + 2);
#  139|->   memcpy (digest, tag, length);
#  140|   
#  141|     /* Reinitialize */

Error: CPPCHECK_WARNING: [#def94]
nettle-3.10-build/nettle-3.10/yarrow256.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Scan Properties

analyzer-version-clang18.1.7
analyzer-version-cppcheck2.14.2
analyzer-version-gcc14.1.1
analyzer-version-gcc-analyzer14.1.1
analyzer-version-shellcheck0.10.0
enabled-pluginsclang, cppcheck, gcc, shellcheck
exit-code0
hostip-172-16-1-40.us-west-2.compute.internal
mock-configfedora-41-x86_64
project-namenettle-3.10-2.fc41
store-results-to/tmp/tmpl3w0o4ts/nettle-3.10-2.fc41.tar.xz
time-created2024-07-03 16:20:57
time-finished2024-07-03 16:22:58
toolcsmock
tool-args'/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpl3w0o4ts/nettle-3.10-2.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpl3w0o4ts/nettle-3.10-2.fc41.src.rpm'
tool-versioncsmock-3.5.3-1.el9