nftables-1.0.9-5.fc41
List of Defects
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1]
nftables-1.0.9-build/nftables-1.0.9/include/list.h:58:19: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
nftables-1.0.9-build/nftables-1.0.9/src/parser_json.c: scope_hint: In function ‘json_parse_set_stmt_list.part.0’
nftables-1.0.9-build/nftables-1.0.9/include/json.h:27: included_from: Included from here.
nftables-1.0.9-build/nftables-1.0.9/include/datatype.h:4: included_from: Included from here.
nftables-1.0.9-build/nftables-1.0.9/include/gmputil.h:60: included_from: Included from here.
nftables-1.0.9-build/nftables-1.0.9/include/utils.h:10: included_from: Included from here.
nftables-1.0.9-build/nftables-1.0.9/include/gmputil.h:59: included_from: Included from here.
# 56| {
# 57| next->prev = new;
# 58|-> new->next = next;
# 59| new->prev = prev;
# 60| prev->next = new;
Error: CLANG_WARNING: [#def2]
nftables-1.0.9-build/nftables-1.0.9/src/statement.c:17: included_from: Included from here.
nftables-1.0.9-build/nftables-1.0.9/include/rule.h:4: included_from: Included from here.
nftables-1.0.9-build/nftables-1.0.9/include/nftables.h:6: included_from: Included from here.
nftables-1.0.9-build/nftables-1.0.9/include/utils.h:134:3: warning[deadcode.DeadStores]: Value stored to 'x' is never read
# 132| }
# 133| if (!(x & 0x80000000u)) {
# 134|-> x <<= 1;
# 135| r -= 1;
# 136| }
Error: CLANG_WARNING: [#def3]
nftables-1.0.9-build/nftables-1.0.9/src/cache.c:157:2: warning[core.NullDereference]: Access to field 'next' results in a dereference of a null pointer
# 155| hash = djb_hash(handle->set.name) % NFT_CACHE_HSIZE;
# 156|
# 157|-> list_for_each_entry(obj, &filter->obj[hash].head, list) {
# 158| if (obj->family == handle->family &&
# 159| !strcmp(obj->table, handle->table.name) &&
Error: CPPCHECK_WARNING: [#def4]
nftables-1.0.9-build/nftables-1.0.9/src/cli.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def5]
nftables-1.0.9-build/nftables-1.0.9/src/datatype.c:1172:8: warning[core.UndefinedBinaryOperatorResult]: The left operand of '>' is a garbage value
# 1170| return erec;
# 1171|
# 1172|-> if (s > UINT32_MAX)
# 1173| return error(&sym->location, "value too large");
# 1174|
Error: CLANG_WARNING: [#def6]
nftables-1.0.9-build/nftables-1.0.9/src/evaluate.c:902:20: warning[deadcode.DeadStores]: Value stored to 'pctx' during its initialization is never read
# 900| static int expr_evaluate_inner(struct eval_ctx *ctx, struct expr **exprp)
# 901| {
# 902|-> struct proto_ctx *pctx = eval_proto_ctx(ctx);
# 903| const struct proto_desc *desc = NULL;
# 904| struct expr *expr = *exprp;
Error: CLANG_WARNING: [#def7]
nftables-1.0.9-build/nftables-1.0.9/src/evaluate.c:1936:7: warning[core.NullDereference]: Access to field 'type' results in a dereference of a null pointer (loaded from field 'dtype')
# 1934| }
# 1935|
# 1936|-> if (ectx.dtype->type == TYPE_VERDICT) {
# 1937| data = verdict_expr_alloc(&netlink_location, 0, NULL);
# 1938| } else {
Error: CLANG_WARNING: [#def8]
nftables-1.0.9-build/nftables-1.0.9/src/exthdr.c:82:36: warning[core.NullDereference]: Access to field 'name' results in a dereference of a null pointer (loaded from field 'desc')
# 80| nft_print(octx, " %s", expr->exthdr.tmpl->token);
# 81| } else if (expr->exthdr.op == NFT_EXTHDR_OP_SCTP) {
# 82|-> nft_print(octx, "sctp chunk %s", expr->exthdr.desc->name);
# 83| if (expr->exthdr.flags & NFT_EXTHDR_F_PRESENT)
# 84| return;
Error: CLANG_WARNING: [#def9]
nftables-1.0.9-build/nftables-1.0.9/src/json.c:1783:2: warning[core.NullDereference]: Access to field 'next' results in a dereference of a null pointer
# 1781| struct rule *rule;
# 1782|
# 1783|-> list_for_each_entry(chain, &table->chain_cache.list, cache.list) {
# 1784| if (chain->handle.family != cmd->handle.family ||
# 1785| strcmp(cmd->handle.chain.name, chain->handle.chain.name))
Error: CLANG_WARNING: [#def10]
nftables-1.0.9-build/nftables-1.0.9/src/main.c:194:3: warning[deadcode.DeadStores]: Value stored to 'i' is never read
# 192| opt->name);
# 193| if (opt->arg)
# 194|-> i += snprintf(optbuf + i, sizeof(optbuf) - i, " %s", opt->arg);
# 195|
# 196| printf("%-34s%s\n", optbuf, opt->help);
Error: CLANG_WARNING: [#def11]
nftables-1.0.9-build/nftables-1.0.9/src/mnl.c:452:3: warning[deadcode.DeadStores]: Value stored to 'ret' is never read
# 450|
# 451| /* Continue on error, make sure we get all acknowledgments */
# 452|-> ret = mnl_cb_run2(rcv_buf, ret, 0, portid,
# 453| netlink_echo_callback, &cb_data,
# 454| cb_ctl_array, MNL_ARRAY_SIZE(cb_ctl_array));
Error: CLANG_WARNING: [#def12]
nftables-1.0.9-build/nftables-1.0.9/src/monitor.c:927:33: warning[core.BitwiseShift]: Left shift overflows the capacity of 'int'
# 925| netlink_events_cache_update(monh, nlh, type);
# 926|
# 927|-> if (!(monh->monitor_flags & (1 << type)))
# 928| return ret;
# 929|
Error: CLANG_WARNING: [#def13]
nftables-1.0.9-build/nftables-1.0.9/src/netlink.c:522:17: warning[core.UndefinedBinaryOperatorResult]: The left operand of '*' is a garbage value
# 520| {
# 521| return constant_expr_alloc(loc, &invalid_type, BYTEORDER_INVALID,
# 522|-> nld->len * BITS_PER_BYTE, nld->value);
# 523| }
# 524|
Error: CLANG_WARNING: [#def14]
nftables-1.0.9-build/nftables-1.0.9/src/netlink.c:535:10: warning[core.CallAndMessage]: 1st function call argument is an uninitialized value
# 533| chain = constant_expr_alloc(loc, &string_type,
# 534| BYTEORDER_HOST_ENDIAN,
# 535|-> strlen(nld->chain) * BITS_PER_BYTE,
# 536| nld->chain);
# 537| break;
Error: CLANG_WARNING: [#def15]
nftables-1.0.9-build/nftables-1.0.9/src/netlink.c:1265:8: warning[core.NullDereference]: Dereference of null pointer
# 1263| compound_expr_add(concat, expr);
# 1264| if (set->key->etype == EXPR_CONCAT)
# 1265|-> n = list_next_entry(n, list);
# 1266| }
# 1267|
Error: CLANG_WARNING: [#def16]
nftables-1.0.9-build/nftables-1.0.9/src/nfnl_osf.c:319:3: warning[deadcode.DeadStores]: Value stored to 'pbeg' is never read
# 317| i = sizeof(f.subtype);
# 318| snprintf(f.subtype, i, "%.*s", i - 1, pbeg);
# 319|-> pbeg = pend + 1;
# 320| }
# 321|
Error: COMPILER_WARNING: [#def17]
nftables-1.0.9-build/nftables-1.0.9/src/parser_bison.c: warning: -Wno-implicit-function-declaration detected - is this intentional ?
Error: GCC_ANALYZER_WARNING (CWE-457): [#def18]
nftables-1.0.9-build/nftables-1.0.9/src/parser_bison.c: scope_hint: In function ‘nft_parse’
nftables-1.0.9-build/nftables-1.0.9/src/parser_bison.c:2209:7: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyss’
nftables-1.0.9-build/nftables-1.0.9/src/parser_bison.c:2194:9: note: in expansion of macro ‘YYCOPY’
nftables-1.0.9-build/nftables-1.0.9/src/parser_bison.c:7746:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
nftables-1.0.9-build/nftables-1.0.9/src/parser_bison.c:2209:25: note: in definition of macro ‘YYCOPY’
nftables-1.0.9-build/nftables-1.0.9/src/parser_bison.c:7746:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
nftables-1.0.9-build/nftables-1.0.9/src/parser_bison.c:2194:9: note: in expansion of macro ‘YYCOPY’
nftables-1.0.9-build/nftables-1.0.9/src/parser_bison.c:7746:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
# 2207| # if defined __GNUC__ && 1 < __GNUC__
# 2208| # define YYCOPY(Dst, Src, Count) \
# 2209|-> __builtin_memcpy (Dst, Src, YY_CAST (YYSIZE_T, (Count)) * sizeof (*(Src)))
# 2210| # else
# 2211| # define YYCOPY(Dst, Src, Count) \
Error: GCC_ANALYZER_WARNING (CWE-457): [#def19]
nftables-1.0.9-build/nftables-1.0.9/src/parser_bison.c:7876:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’
# 7874| unconditionally makes the parser a bit smaller, and it avoids a
# 7875| GCC warning that YYVAL may be used uninitialized. */
# 7876|-> yyval = yyvsp[1-yylen];
# 7877|
# 7878| /* Default location. */
Error: CLANG_WARNING: [#def20]
nftables-1.0.9-build/nftables-1.0.9/src/parser_json.c:96:3: warning[deadcode.DeadStores]: Value stored to 'sep' is never read
# 94| strcat(buf, sep);
# 95| strcat(buf, "SET_RHS");
# 96|-> sep = ", ";
# 97| }
# 98| return buf;
Error: CLANG_WARNING: [#def21]
nftables-1.0.9-build/nftables-1.0.9/src/payload.c:511:4: warning[core.CallAndMessage]: 1st function call argument is an uninitialized value
# 509| return NULL;
# 510|
# 511|-> list_add_tail(&nstmt->list, &ctx->stmt->list);
# 512| return desc_upper;
# 513| }
Error: GCC_ANALYZER_WARNING (CWE-476): [#def22]
nftables-1.0.9-build/nftables-1.0.9/src/payload.c: scope_hint: In function ‘payload_may_dependency_kill’
nftables-1.0.9-build/nftables-1.0.9/src/payload.c:897:60: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 895| * for stacked protocols if we only have protcol type matches.
# 896| */
# 897|-> if (dep->left->etype == EXPR_PAYLOAD && dep->op == OP_EQ &&
# 898| expr->payload.base == dep->left->payload.base) {
# 899| if (expr->flags & EXPR_F_PROTOCOL)
Error: CLANG_WARNING: [#def23]
nftables-1.0.9-build/nftables-1.0.9/src/rule.c:366:4: warning[deadcode.DeadStores]: Value stored to 'delim' is never read
# 364| if (set->flags & NFT_SET_TIMEOUT) {
# 365| nft_print(octx, "%stimeout", delim);
# 366|-> delim = ",";
# 367| }
# 368| nft_print(octx, "%s", opts->stmt_separator);
Error: CLANG_WARNING: [#def24]
nftables-1.0.9-build/nftables-1.0.9/src/rule.c:1417:18: warning[core.NullDereference]: Dereference of null pointer
# 1415| struct set *set, struct expr *expr, uint32_t flags)
# 1416| {
# 1417|-> expr->set_flags |= set->flags;
# 1418| if (mnl_nft_setelem_add(ctx, cmd, set, expr, flags) < 0)
# 1419| return -1;
Error: CLANG_WARNING: [#def25]
nftables-1.0.9-build/nftables-1.0.9/src/rule.c:2166:16: warning[core.NullDereference]: Dereference of null pointer
# 2164|
# 2165| nft_print(&ctx->nft->output, "table %s %s {\n",
# 2166|-> family2str(table->handle.family),
# 2167| table->handle.table.name);
# 2168|
Error: CLANG_WARNING: [#def26]
nftables-1.0.9-build/nftables-1.0.9/src/rule.c:2241:34: warning[core.NullDereference]: Dereference of null pointer
# 2239| struct output_ctx *octx)
# 2240| {
# 2241|-> const char *family = family2str(table->handle.family);
# 2242|
# 2243| if (table->has_xt_stmts)
Error: GCC_ANALYZER_WARNING (CWE-476): [#def27]
nftables-1.0.9-build/nftables-1.0.9/src/rule.c: scope_hint: In function ‘table_print_declaration’
nftables-1.0.9-build/nftables-1.0.9/src/rule.c:2243:18: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘table’
# 2241| const char *family = family2str(table->handle.family);
# 2242|
# 2243|-> if (table->has_xt_stmts)
# 2244| fprintf(octx->error_fp,
# 2245| "# Warning: table %s %s is managed by iptables-nft, do not touch!\n",
Error: COMPILER_WARNING: [#def28]
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c: warning: -Wno-implicit-function-declaration detected - is this intentional ?
Error: GCC_ANALYZER_WARNING (CWE-401): [#def29]
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c: scope_hint: In function ‘nft__scan_string’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:55:23: warning[-Wanalyzer-malloc-leak]: leak of ‘<return-value>’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7627:16: note: in expansion of macro ‘yy_scan_bytes’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.l:1244:13: note: in expansion of macro ‘yy_scan_string’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7624:17: note: in expansion of macro ‘yy_scan_string’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7627:16: note: in expansion of macro ‘yy_scan_bytes’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7639:17: note: in expansion of macro ‘yy_scan_bytes’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7657:13: note: in expansion of macro ‘yy_scan_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7585:17: note: in expansion of macro ‘yy_scan_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7585:17: note: in expansion of macro ‘yy_scan_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7595:31: note: in expansion of macro ‘yyalloc’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c: scope_hint: In function ‘nft__scan_string’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7609:9: note: in expansion of macro ‘yy_switch_to_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7272:10: note: in expansion of macro ‘yy_switch_to_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7284:9: note: in expansion of macro ‘yyensure_buffer_stack’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7530:13: note: in expansion of macro ‘yyensure_buffer_stack’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7284:9: note: in expansion of macro ‘yyensure_buffer_stack’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7285:14: note: in expansion of macro ‘YY_CURRENT_BUFFER’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7609:9: note: in expansion of macro ‘yy_switch_to_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7657:13: note: in expansion of macro ‘yy_scan_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7627:16: note: in expansion of macro ‘yy_scan_bytes’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7627:16: note: in expansion of macro ‘yy_scan_bytes’
# 53| #define nft__scan_bytes_ALREADY_DEFINED
# 54| #else
# 55|-> #define yy_scan_bytes nft__scan_bytes
# 56| #endif
# 57|
Error: GCC_ANALYZER_WARNING (CWE-401): [#def30]
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:55:23: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7627:16: note: in expansion of macro ‘yy_scan_bytes’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.l:1244:13: note: in expansion of macro ‘yy_scan_string’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7624:17: note: in expansion of macro ‘yy_scan_string’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7627:16: note: in expansion of macro ‘yy_scan_bytes’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7639:17: note: in expansion of macro ‘yy_scan_bytes’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7648:24: note: in expansion of macro ‘yyalloc’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c: scope_hint: In function ‘nft__scan_string’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7657:13: note: in expansion of macro ‘yy_scan_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7585:17: note: in expansion of macro ‘yy_scan_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7585:17: note: in expansion of macro ‘yy_scan_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7609:9: note: in expansion of macro ‘yy_switch_to_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7272:10: note: in expansion of macro ‘yy_switch_to_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7284:9: note: in expansion of macro ‘yyensure_buffer_stack’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7530:13: note: in expansion of macro ‘yyensure_buffer_stack’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7284:9: note: in expansion of macro ‘yyensure_buffer_stack’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7285:14: note: in expansion of macro ‘YY_CURRENT_BUFFER’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7609:9: note: in expansion of macro ‘yy_switch_to_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7657:13: note: in expansion of macro ‘yy_scan_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7627:16: note: in expansion of macro ‘yy_scan_bytes’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7627:16: note: in expansion of macro ‘yy_scan_bytes’
# 53| #define nft__scan_bytes_ALREADY_DEFINED
# 54| #else
# 55|-> #define yy_scan_bytes nft__scan_bytes
# 56| #endif
# 57|
Error: GCC_ANALYZER_WARNING (CWE-401): [#def31]
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c: scope_hint: In function ‘nft__create_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7348:12: warning[-Wanalyzer-malloc-leak]: leak of ‘malloc(64)’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7331:21: note: in expansion of macro ‘yy_create_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7338:31: note: in expansion of macro ‘yyalloc’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c: scope_hint: In function ‘nft__create_buffer’
# 7346| */
# 7347| b->yy_ch_buf = (char *) yyalloc( (yy_size_t) (b->yy_buf_size + 2) , yyscanner );
# 7348|-> if ( ! b->yy_ch_buf )
# 7349| YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
# 7350|
Error: GCC_ANALYZER_WARNING (CWE-476): [#def32]
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c: scope_hint: In function ‘nft__init_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7402:26: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘b’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7247:10: note: in expansion of macro ‘yyrestart’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7255:9: note: in expansion of macro ‘yyensure_buffer_stack’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7530:13: note: in expansion of macro ‘yyensure_buffer_stack’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7255:9: note: in expansion of macro ‘yyensure_buffer_stack’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7257:13: note: in expansion of macro ‘yy_create_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7331:21: note: in expansion of macro ‘yy_create_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7353:9: note: in expansion of macro ‘yy_init_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7390:17: note: in expansion of macro ‘yy_init_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7399:9: note: in expansion of macro ‘yy_flush_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7432:10: note: in expansion of macro ‘yy_flush_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7399:9: note: in expansion of macro ‘yy_flush_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7353:9: note: in expansion of macro ‘yy_init_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7257:13: note: in expansion of macro ‘yy_create_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7260:9: note: in expansion of macro ‘yy_init_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7260:9: note: in expansion of macro ‘yy_init_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7260:9: note: in expansion of macro ‘yy_init_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7390:17: note: in expansion of macro ‘yy_init_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7399:9: note: in expansion of macro ‘yy_flush_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7432:10: note: in expansion of macro ‘yy_flush_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7399:9: note: in expansion of macro ‘yy_flush_buffer’
# 7400|
# 7401| /* %if-c-only */
# 7402|-> b->yy_input_file = file;
# 7403| /* %endif */
# 7404| /* %if-c++-only */
Error: GCC_ANALYZER_WARNING (CWE-401): [#def33]
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c: scope_hint: In function ‘nft_ensure_buffer_stack’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7553:42: warning[-Wanalyzer-malloc-leak]: leak of ‘malloc(8)’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.l:958:13: note: in expansion of macro ‘yy_create_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7331:21: note: in expansion of macro ‘yy_create_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7353:9: note: in expansion of macro ‘yy_init_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7390:17: note: in expansion of macro ‘yy_init_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7399:9: note: in expansion of macro ‘yy_flush_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7432:10: note: in expansion of macro ‘yy_flush_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7399:9: note: in expansion of macro ‘yy_flush_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7353:9: note: in expansion of macro ‘yy_init_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.l:958:13: note: in expansion of macro ‘yy_create_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.l:959:9: note: in expansion of macro ‘yypush_buffer_state’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c: scope_hint: In function ‘nft_ensure_buffer_stack’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7467:6: note: in expansion of macro ‘yypush_buffer_state’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7476:9: note: in expansion of macro ‘yyensure_buffer_stack’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7530:13: note: in expansion of macro ‘yyensure_buffer_stack’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7545:66: note: in expansion of macro ‘yyalloc’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c: scope_hint: In function ‘nft_ensure_buffer_stack’
# 7551| memset(yyg->yy_buffer_stack, 0, num_to_alloc * sizeof(struct yy_buffer_state*));
# 7552|
# 7553|-> yyg->yy_buffer_stack_max = num_to_alloc;
# 7554| yyg->yy_buffer_stack_top = 0;
# 7555| return;
Error: GCC_ANALYZER_WARNING (CWE-401): [#def34]
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c: scope_hint: In function ‘nft__scan_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7655:32: warning[-Wanalyzer-malloc-leak]: leak of ‘malloc(n)’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7639:17: note: in expansion of macro ‘yy_scan_bytes’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7648:24: note: in expansion of macro ‘yyalloc’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c: scope_hint: In function ‘nft__scan_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7657:13: note: in expansion of macro ‘yy_scan_buffer’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7585:17: note: in expansion of macro ‘yy_scan_buffer’
# 7653| buf[i] = yybytes[i];
# 7654|
# 7655|-> buf[_yybytes_len] = buf[_yybytes_len+1] = YY_END_OF_BUFFER_CHAR;
# 7656|
# 7657| b = yy_scan_buffer( buf, n , yyscanner);
Error: GCC_ANALYZER_WARNING (CWE-476): [#def35]
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7894:11: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘scanner’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.l: scope_hint: In function ‘scanner_init’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.l:1253:9: note: in expansion of macro ‘yylex_init_extra’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:7975:5: note: in expansion of macro ‘yylex_init_extra’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c: scope_hint: In function ‘scanner_init’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.c:274: included_from: Included from here.
nftables-1.0.9-build/nftables-1.0.9/src/scanner.l:1253:9: note: in expansion of macro ‘yylex_init_extra’
nftables-1.0.9-build/nftables-1.0.9/src/scanner.l:1254:9: note: in expansion of macro ‘yyset_out’
# 7892| {
# 7893| struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
# 7894|-> yyout = _out_str ;
# 7895| }
# 7896|
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-51.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | nftables-1.0.9-5.fc41 |
| store-results-to | /tmp/tmpc9fmyfwm/nftables-1.0.9-5.fc41.tar.xz |
| time-created | 2024-07-03 16:21:34 |
| time-finished | 2024-07-03 16:23:30 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpc9fmyfwm/nftables-1.0.9-5.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpc9fmyfwm/nftables-1.0.9-5.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |