nettle-3.10-2.fc41
List of Defects
Error: CPPCHECK_WARNING: [#def1]
nettle-3.10-build/nettle-3.10/arctwo.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def2]
nettle-3.10-build/nettle-3.10/blowfish-bcrypt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def3]
nettle-3.10-build/nettle-3.10/blowfish.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING: [#def4]
nettle-3.10-build/nettle-3.10/conftest.s: scope_hint: Assembler messages
nettle-3.10-build/nettle-3.10/conftest.s:2: Error: alignment not a power of 2
Error: COMPILER_WARNING: [#def5]
nettle-3.10-build/nettle-3.10/conftest.s: scope_hint: Assembler messages
nettle-3.10-build/nettle-3.10/conftest.s:4: Error: unknown pseudo-op: `.def'
Error: COMPILER_WARNING: [#def6]
nettle-3.10-build/nettle-3.10/conftest.s: scope_hint: Assembler messages
nettle-3.10-build/nettle-3.10/conftest.s:4: Error: unrecognized symbol type ""
Error: COMPILER_WARNING: [#def7]
nettle-3.10-build/nettle-3.10/conftest.s:5: Error: unknown pseudo-op: `.scl'
Error: COMPILER_WARNING: [#def8]
nettle-3.10-build/nettle-3.10/conftest.s:6: Error: Missing symbol name in directive
Error: COMPILER_WARNING: [#def9]
nettle-3.10-build/nettle-3.10/conftest.s:6: Error: unrecognized symbol type "32"
Error: COMPILER_WARNING: [#def10]
nettle-3.10-build/nettle-3.10/conftest.s:7: Error: unknown pseudo-op: `.endef'
Error: CPPCHECK_WARNING: [#def11]
nettle-3.10-build/nettle-3.10/der-iterator.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def12]
nettle-3.10-build/nettle-3.10/drbg-ctr-aes256.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def13]
nettle-3.10-build/nettle-3.10/dsa-gen-params.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def14]
nettle-3.10-build/nettle-3.10/eccdata.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
nettle-3.10-build/nettle-3.10/examples/hogweed-benchmark.c: scope_hint: In function ‘bench_eddsa_init’
nettle-3.10-build/nettle-3.10/examples/hogweed-benchmark.c:532:3: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(248)’
# 530|
# 531| ctx = xalloc (sizeof(*ctx));
# 532|-> switch (size) {
# 533| case 255:
# 534| ctx->sign = ed25519_sha512_sign;
Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
nettle-3.10-build/nettle-3.10/examples/hogweed-benchmark.c: scope_hint: In function ‘bench_curve_init’
nettle-3.10-build/nettle-3.10/examples/hogweed-benchmark.c:796:3: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(128)’
# 794| struct curve_ctx *ctx = xalloc (sizeof (*ctx));
# 795| knuth_lfib_init (&lfib, 17);
# 796|-> switch (size)
# 797| {
# 798| case 255:
Error: CPPCHECK_WARNING: [#def17]
nettle-3.10-build/nettle-3.10/examples/io.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def18]
nettle-3.10-build/nettle-3.10/examples/nettle-benchmark.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def19]
nettle-3.10-build/nettle-3.10/examples/rsa-decrypt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def20]
nettle-3.10-build/nettle-3.10/examples/rsa-decrypt.c:246: error[uninitvar]: Uninitialized variable: &session
# 244| mpz_clear(x);
# 245|
# 246|-> rsa_session_set_decrypt_key(&ctx, &session);
# 247|
# 248| if (!process_file(&ctx,
Error: CPPCHECK_WARNING: [#def21]
nettle-3.10-build/nettle-3.10/examples/rsa-encrypt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def22]
nettle-3.10-build/nettle-3.10/examples/rsa-keygen.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def23]
nettle-3.10-build/nettle-3.10/fat-x86_64.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def24]
nettle-3.10-build/nettle-3.10/getopt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-457): [#def25]
nettle-3.10-build/nettle-3.10/gosthash94.c: scope_hint: In function ‘gost_block_compress’
nettle-3.10-build/nettle-3.10/gosthash94.c:76:40: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘v[1]’
nettle-3.10-build/nettle-3.10/gosthash94.c:41: included_from: Included from here.
nettle-3.10-build/nettle-3.10/gosthash94.c:301:5: note: in expansion of macro ‘MD_UPDATE’
nettle-3.10-build/nettle-3.10/gosthash94.c:301:5: note: in expansion of macro ‘MD_UPDATE’
nettle-3.10-build/nettle-3.10/macros.h:207:9: note: in expansion of macro ‘COMPRESS’
nettle-3.10-build/nettle-3.10/gosthash94.c:301:5: note: in expansion of macro ‘MD_UPDATE’
nettle-3.10-build/nettle-3.10/macros.h:207:9: note: in expansion of macro ‘COMPRESS’
nettle-3.10-build/nettle-3.10/gosthash94.c:301:5: note: in expansion of macro ‘MD_UPDATE’
nettle-3.10-build/nettle-3.10/gosthash94.c:275:25: note: in expansion of macro ‘LE_READ_UINT32’
# 74|
# 75| /* w := u xor v */
# 76|-> w[0] = u[0] ^ v[0], w[1] = u[1] ^ v[1];
# 77| w[2] = u[2] ^ v[2], w[3] = u[3] ^ v[3];
# 78| w[4] = u[4] ^ v[4], w[5] = u[5] ^ v[5];
Error: CPPCHECK_WARNING: [#def26]
nettle-3.10-build/nettle-3.10/knuth-lfib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-122): [#def27]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:10: included_from: Included from here.
nettle-3.10-build/nettle-3.10/macros.h:162:8: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/macros.h:161:29: note: in definition of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
# 160| do { \
# 161| unsigned increment_i = (size) - 1; \
# 162|-> if (++(ctr)[increment_i] == 0) \
# 163| while (increment_i > 0 \
# 164| && ++(ctr)[--increment_i] == 0 ) \
Error: GCC_ANALYZER_WARNING (CWE-122): [#def28]
nettle-3.10-build/nettle-3.10/macros.h:162:16: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/macros.h:161:29: note: in definition of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
# └─────────────────┘
# ^
# 160| do { \
# 161| unsigned increment_i = (size) - 1; \
# 162|-> if (++(ctr)[increment_i] == 0) \
# 163| while (increment_i > 0 \
# 164| && ++(ctr)[--increment_i] == 0 ) \
Error: GCC_ANALYZER_WARNING (CWE-122): [#def29]
nettle-3.10-build/nettle-3.10/macros.h:164:14: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/macros.h:161:29: note: in definition of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
# 162| if (++(ctr)[increment_i] == 0) \
# 163| while (increment_i > 0 \
# 164|-> && ++(ctr)[--increment_i] == 0 ) \
# 165| ; \
# 166| } while (0)
Error: GCC_ANALYZER_WARNING (CWE-122): [#def30]
nettle-3.10-build/nettle-3.10/macros.h:164:24: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/macros.h:161:29: note: in definition of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:698:5: note: in expansion of macro ‘INCREMENT’
# └─────────────────┘
# ^
# 162| if (++(ctr)[increment_i] == 0) \
# 163| while (increment_i > 0 \
# 164|-> && ++(ctr)[--increment_i] == 0 ) \
# 165| ; \
# 166| } while (0)
Error: GCC_ANALYZER_WARNING (CWE-471): [#def31]
nettle-3.10-build/nettle-3.10/eccdata.c:43: included_from: Included from here.
nettle-3.10-build/nettle-3.10/mini-gmp.c: scope_hint: In function ‘mpn_set_str_bits’
nettle-3.10-build/nettle-3.10/mini-gmp.c:1328:20: warning[-Wanalyzer-write-to-const]: write to ‘const’ object ‘dummy_limb’
nettle-3.10-build/nettle-3.10/mini-gmp.c:44: included_from: Included from here.
nettle-3.10-build/nettle-3.10/mini-gmp.c:45: included_from: Included from here.
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.10-build/nettle-3.10/mini-gmp.c:1412:26: note: declared here
# 1326| if (shift == 0)
# 1327| {
# 1328|-> rp[rn++] = sp[j];
# 1329| shift += bits;
# 1330| }
Error: GCC_ANALYZER_WARNING (CWE-471): [#def32]
nettle-3.10-build/nettle-3.10/mini-gmp.c:1333:20: warning[-Wanalyzer-write-to-const]: write to ‘const’ object ‘dummy_limb’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.10-build/nettle-3.10/mini-gmp.c:1412:26: note: declared here
# 1331| else
# 1332| {
# 1333|-> rp[rn-1] |= (mp_limb_t) sp[j] << shift;
# 1334| shift += bits;
# 1335| if (shift >= GMP_LIMB_BITS)
Error: GCC_ANALYZER_WARNING (CWE-471): [#def33]
nettle-3.10-build/nettle-3.10/mini-gmp.c:1339:26: warning[-Wanalyzer-write-to-const]: write to ‘const’ object ‘dummy_limb’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4331:26: note: in expansion of macro ‘gmp_xalloc’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.10-build/nettle-3.10/mini-gmp.c:4370:12: note: in expansion of macro ‘MPZ_REALLOC’
nettle-3.10-build/nettle-3.10/mini-gmp.c:1412:26: note: declared here
# 1337| shift -= GMP_LIMB_BITS;
# 1338| if (shift > 0)
# 1339|-> rp[rn++] = (mp_limb_t) sp[j] >> (bits - shift);
# 1340| }
# 1341| }
Error: CPPCHECK_WARNING (CWE-758): [#def34]
nettle-3.10-build/nettle-3.10/mini-gmp.c:1492: error[shiftTooManyBits]: Shifting 64-bit value by 64 bits is undefined behaviour
# 1490| {
# 1491| int LOCAL_GMP_LIMB_BITS = GMP_LIMB_BITS;
# 1492|-> while (x >>= LOCAL_GMP_LIMB_BITS)
# 1493| {
# 1494| ++ r->_mp_size;
Error: CPPCHECK_WARNING (CWE-758): [#def35]
nettle-3.10-build/nettle-3.10/mini-gmp.c:1614: error[shiftTooManyBits]: Shifting 64-bit value by 64 bits is undefined behaviour
# 1612| n = GMP_MIN (n, 1 + (mp_size_t) (GMP_ULONG_BITS - 1) / GMP_LIMB_BITS);
# 1613| while (--n >= 0)
# 1614|-> r = (r << LOCAL_GMP_LIMB_BITS) + u->_mp_d[n];
# 1615| return r;
# 1616| }
Error: CPPCHECK_WARNING: [#def36]
nettle-3.10-build/nettle-3.10/pgp-encode.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def37]
nettle-3.10-build/nettle-3.10/rsa-keygen.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def38]
nettle-3.10-build/nettle-3.10/sexp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def39]
nettle-3.10-build/nettle-3.10/sexp2dsa.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def40]
nettle-3.10-build/nettle-3.10/sexp2rsa.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def41]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_aead’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*aead.context_size)’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def43]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_aead’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*aead.digest_size)’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:841:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:842:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:843:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:13: included_from: Included from here.
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def44]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*armor.decode_context_size)’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def45]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_armor’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*armor.encode_context_size)’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def46]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cfb’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*cipher.block_size)’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def47]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cfb’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*cipher.context_size)’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def48]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_hash’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*hash.context_size)’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def49]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*hash.digest_size)’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def50]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_mac’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*mac.context_size)’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def51]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc((long unsigned int)*mac.digest_size)’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def52]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*armor.decode_length(ascii_length) + 1)’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def53]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cipher.length + 1)’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def54]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cipher.length)’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def55]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length + (long unsigned int)*aead.block_size + 18446744073709551615)’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:841:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:842:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:843:3: note: in expansion of macro ‘ASSERT’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def56]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cfb8’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length + 1)’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:477:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:480:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:481:3: note: in expansion of macro ‘ASSERT’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def57]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*cleartext.length)’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def58]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(*digest.length)’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def59]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(ascii_length + 1)’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-401): [#def60]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:38:7: warning[-Wanalyzer-malloc-leak]: leak of ‘xalloc(length)’
# 36| {
# 37| void *p = malloc(size);
# 38|-> if (size && !p)
# 39| {
# 40| fprintf(stderr, "Virtual memory exhausted.\n");
Error: GCC_ANALYZER_WARNING (CWE-476): [#def61]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘tstring_alloc’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:53:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘xalloc(length + 24)’
# 51| {
# 52| struct tstring *s = xalloc(sizeof(struct tstring) + length);
# 53|-> s->length = length;
# 54| s->next = tstring_first;
# 55| /* NUL-terminate, for convenience. */
Error: COMPILER_WARNING (CWE-563): [#def62]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘mark_bytes_undefined’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:144:30: warning[-Wunused-parameter]: unused parameter ‘size’
# 144 | mark_bytes_undefined (size_t size, const void *p) {}
# | ~~~~~~~^~~~
# 142| #else
# 143| void
# 144|-> mark_bytes_undefined (size_t size, const void *p) {}
# 145| void
# 146| mark_bytes_defined (size_t size, const void *p) {}
Error: COMPILER_WARNING (CWE-563): [#def63]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:144:48: warning[-Wunused-parameter]: unused parameter ‘p’
# 144 | mark_bytes_undefined (size_t size, const void *p) {}
# | ~~~~~~~~~~~~^
# 142| #else
# 143| void
# 144|-> mark_bytes_undefined (size_t size, const void *p) {}
# 145| void
# 146| mark_bytes_defined (size_t size, const void *p) {}
Error: COMPILER_WARNING (CWE-563): [#def64]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘mark_bytes_defined’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:146:28: warning[-Wunused-parameter]: unused parameter ‘size’
# 146 | mark_bytes_defined (size_t size, const void *p) {}
# | ~~~~~~~^~~~
# 144| mark_bytes_undefined (size_t size, const void *p) {}
# 145| void
# 146|-> mark_bytes_defined (size_t size, const void *p) {}
# 147| #endif
# 148|
Error: COMPILER_WARNING (CWE-563): [#def65]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:146:46: warning[-Wunused-parameter]: unused parameter ‘p’
# 146 | mark_bytes_defined (size_t size, const void *p) {}
# | ~~~~~~~~~~~~^
# 144| mark_bytes_undefined (size_t size, const void *p) {}
# 145| void
# 146|-> mark_bytes_defined (size_t size, const void *p) {}
# 147| #endif
# 148|
Error: GCC_ANALYZER_WARNING (CWE-688): [#def66]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cbc’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:245:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:237:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:240:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:241:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 243| data = xalloc(length);
# 244| cipher->set_encrypt_key(ctx, key->data);
# 245|-> memcpy(iv, iiv->data, cipher->block_size);
# 246|
# 247| cbc_encrypt(ctx, cipher->encrypt,
Error: GCC_ANALYZER_WARNING (CWE-688): [#def67]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cfb’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:308:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:298:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:301:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:302:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 306|
# 307| cipher->set_encrypt_key(ctx, key->data);
# 308|-> memcpy(iv, iiv->data, cipher->block_size);
# 309|
# 310| cfb_encrypt(ctx, cipher->encrypt,
Error: GCC_ANALYZER_WARNING (CWE-688): [#def68]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher_cfb8’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:491:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:477:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:480:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:481:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 489|
# 490| cipher->set_encrypt_key(ctx, key->data);
# 491|-> memcpy(iv, iiv->data, cipher->block_size);
# 492|
# 493| memset(data, 0x17, length + 1);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def69]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:493:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length + 1)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:477:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:480:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:481:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 491| memcpy(iv, iiv->data, cipher->block_size);
# 492|
# 493|-> memset(data, 0x17, length + 1);
# 494| for (i = 0; i + block <= length; i += block)
# 495| {
Error: GCC_ANALYZER_WARNING (CWE-688): [#def70]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:521:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length + 1)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:477:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:480:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:481:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:516:7: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 519| memcpy(iv, iiv->data, cipher->block_size);
# 520|
# 521|-> memset(data2, 0x17, length + 1);
# 522| for (i = 0; i + block <= length; i += block)
# 523| {
Error: GCC_ANALYZER_WARNING (CWE-688): [#def71]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:548:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:477:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:480:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:481:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 546|
# 547| cipher->set_encrypt_key(ctx, key->data);
# 548|-> memcpy(iv, iiv->data, cipher->block_size);
# 549| memcpy(data, cleartext->data, length);
# 550|
Error: GCC_ANALYZER_WARNING (CWE-688): [#def72]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:549:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length + 1)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:477:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:480:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:481:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 547| cipher->set_encrypt_key(ctx, key->data);
# 548| memcpy(iv, iiv->data, cipher->block_size);
# 549|-> memcpy(data, cleartext->data, length);
# 550|
# 551| cfb8_encrypt(ctx, cipher->encrypt,
Error: GCC_ANALYZER_WARNING (CWE-688): [#def73]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_cipher_ctr’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:693:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 691| ASSERT (nblocks < 0x100);
# 692|
# 693|-> memcpy (octr, ictr->data, cipher->block_size - 1);
# 694| low = ictr->data[cipher->block_size - 1] + nblocks;
# 695| octr[cipher->block_size - 1] = low;
Error: GCC_ANALYZER_WARNING (CWE-122): [#def74]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:695:32: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
# 693| memcpy (octr, ictr->data, cipher->block_size - 1);
# 694| low = ictr->data[cipher->block_size - 1] + nblocks;
# 695|-> octr[cipher->block_size - 1] = low;
# 696|
# 697| if (low >= 0x100)
Error: GCC_ANALYZER_WARNING (CWE-688): [#def75]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:706:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 704| for (i = 0; i <= length; i++)
# 705| {
# 706|-> memcpy(ctr, ictr->data, cipher->block_size);
# 707| memset(data, 17, length);
# 708|
Error: GCC_ANALYZER_WARNING (CWE-688): [#def76]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:707:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 705| {
# 706| memcpy(ctr, ictr->data, cipher->block_size);
# 707|-> memset(data, 17, length);
# 708|
# 709| ctr_crypt(ctx, cipher->encrypt,
Error: GCC_ANALYZER_WARNING (CWE-688): [#def77]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_aead’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:854:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cleartext.length + (long unsigned int)*aead.block_size + 18446744073709551615) + (sizetype)in_align’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:841:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:842:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:843:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 852| unsigned out_align = 3*in_align % aead->block_size;
# 853| size_t offset;
# 854|-> memcpy (in + in_align, cleartext->data, cleartext->length);
# 855| for (offset = 0; offset <= cleartext->length; offset += aead->block_size)
# 856| {
Error: GCC_ANALYZER_WARNING (CWE-688): [#def78]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:893:15: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*aead.digest_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:841:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:842:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:843:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:892:15: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 891| {
# 892| ASSERT (digest->length <= aead->digest_size);
# 893|-> memset(buffer, 0, aead->digest_size);
# 894| aead->digest(ctx, digest->length, buffer);
# 895| if (!MEMEQ(digest->length, buffer, digest->data))
Error: GCC_ANALYZER_WARNING (CWE-688): [#def79]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_aead_message’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1016:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*cipher.length)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:961:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:962:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:963:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 1014| FAIL();
# 1015| }
# 1016|-> memcpy (copy, cipher->data, cipher->length);
# 1017| copy[0] ^= 4;
# 1018| if (aead->decrypt (ctx,
Error: GCC_ANALYZER_WARNING (CWE-688): [#def80]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_hash’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1129:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*digest.length)’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 1127| }
# 1128|
# 1129|-> memset(buffer, 0, digest->length);
# 1130|
# 1131| hash->update(ctx, msg->length, msg->data);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def81]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1142:7: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*msg.length + 16)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1132:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1135:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1137:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 1140| for (offset = 0; offset < 16; offset++)
# 1141| {
# 1142|-> memset (input, 0, msg->length + 16);
# 1143| memcpy (input + offset, msg->data, msg->length);
# 1144| hash->update (ctx, msg->length, input + offset);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def82]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_hash_large’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1173:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(length)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1171:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 1171| ASSERT (digest->length == hash->digest_size);
# 1172|
# 1173|-> memset(data, c, length);
# 1174|
# 1175| hash->init(ctx);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def83]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c: scope_hint: In function ‘test_armor’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1275:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(ascii_length + 1)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1271:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1273:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 1273| ASSERT(data_length <= armor->decode_length(ascii_length));
# 1274|
# 1275|-> memset(buffer, 0x33, 1 + ascii_length);
# 1276| memset(check, 0x55, 1 + data_length);
# 1277|
Error: GCC_ANALYZER_WARNING (CWE-688): [#def84]
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1276:3: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc(*armor.decode_length(ascii_length) + 1)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1271:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:1273:3: note: in expansion of macro ‘ASSERT’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 1274|
# 1275| memset(buffer, 0x33, 1 + ascii_length);
# 1276|-> memset(check, 0x55, 1 + data_length);
# 1277|
# 1278| armor->encode_init(encode);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def85]
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:343:31: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xalloc((long unsigned int)*cipher.block_size)’ where non-null expected
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:728:11: note: in expansion of macro ‘MEMEQ’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:683:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:686:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:687:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:691:3: note: in expansion of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:728:11: note: in expansion of macro ‘MEMEQ’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:349:11: note: in definition of macro ‘ASSERT’
nettle-3.10-build/nettle-3.10/testsuite/testutils.c:728:11: note: in expansion of macro ‘MEMEQ’
nettle-3.10-build/nettle-3.10/testsuite/testutils.h:13: included_from: Included from here.
/usr/include/string.h:64:12: note: argument 1 of ‘memcmp’ must be non-null
# 341| #define H(x) (SHEX(x)->data)
# 342|
# 343|-> #define MEMEQ(length, a, b) (!memcmp((a), (b), (length)))
# 344|
# 345| #define FAIL() abort()
Error: CPPCHECK_WARNING: [#def86]
nettle-3.10-build/nettle-3.10/tools/nettle-hash.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-775): [#def87]
nettle-3.10-build/nettle-3.10/tools/nettle-hash.c: scope_hint: In function ‘main’
nettle-3.10-build/nettle-3.10/tools/nettle-hash.c:226:11: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*<unknown>, "rb")’
# 224| if (!f)
# 225| die ("Cannot open `%s': %s\n", argv[i], strerror(errno));
# 226|-> printf("%s: ", argv[i]);
# 227| if (!digest_file (alg, length, raw, f))
# 228| die("Reading `%s' failed: %s\n", argv[i], strerror(errno));
Error: GCC_ANALYZER_WARNING (CWE-401): [#def88]
nettle-3.10-build/nettle-3.10/tools/nettle-hash.c:226:11: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*<unknown>, "rb")’
# 224| if (!f)
# 225| die ("Cannot open `%s': %s\n", argv[i], strerror(errno));
# 226|-> printf("%s: ", argv[i]);
# 227| if (!digest_file (alg, length, raw, f))
# 228| die("Reading `%s' failed: %s\n", argv[i], strerror(errno));
Error: CPPCHECK_WARNING: [#def89]
nettle-3.10-build/nettle-3.10/tools/nettle-pbkdf2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def90]
nettle-3.10-build/nettle-3.10/tools/output.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def91]
nettle-3.10-build/nettle-3.10/twofish.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def92]
nettle-3.10-build/nettle-3.10/umac-l2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-457): [#def93]
nettle-3.10-build/nettle-3.10/umac64.c: scope_hint: In function ‘nettle_umac64_digest’
nettle-3.10-build/nettle-3.10/umac64.c:139:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘&tag’
nettle-3.10-build/nettle-3.10/umac64.c:36: included_from: Included from here.
# 137| tag[1] = pad[1] ^ ctx->l3_key2[1] ^ _nettle_umac_l3 (ctx->l3_key1 + 8,
# 138| ctx->l2_state + 2);
# 139|-> memcpy (digest, tag, length);
# 140|
# 141| /* Reinitialize */
Error: CPPCHECK_WARNING: [#def94]
nettle-3.10-build/nettle-3.10/yarrow256.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-40.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | nettle-3.10-2.fc41 |
| store-results-to | /tmp/tmpl3w0o4ts/nettle-3.10-2.fc41.tar.xz |
| time-created | 2024-07-03 16:20:57 |
| time-finished | 2024-07-03 16:22:58 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpl3w0o4ts/nettle-3.10-2.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpl3w0o4ts/nettle-3.10-2.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |