openssl-3.2.2-3.fc41
List of Defects
Error: CPPCHECK_WARNING: [#def1]
openssl-3.2.2-build/openssl-3.2.2/apps/ca.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def2]
openssl-3.2.2-build/openssl-3.2.2/apps/ca.c:1054:9: warning[deadcode.DeadStores]: Value stored to 'outdirlen' is never read
# 1052| }
# 1053|
# 1054|-> outdirlen = OPENSSL_strlcpy(new_cert, outdir, sizeof(new_cert));
# 1055| #ifndef OPENSSL_SYS_VMS
# 1056| outdirlen = OPENSSL_strlcat(new_cert, "/", sizeof(new_cert));
Error: CPPCHECK_WARNING: [#def3]
openssl-3.2.2-build/openssl-3.2.2/apps/ciphers.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def4]
openssl-3.2.2-build/openssl-3.2.2/apps/cmp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def5]
openssl-3.2.2-build/openssl-3.2.2/apps/cms.c:718:5: warning[deadcode.DeadStores]: Value stored to 'argc' is never read
# 716|
# 717| /* Remaining args are files to process. */
# 718|-> argc = opt_num_rest();
# 719| argv = opt_rest();
# 720|
Error: CPPCHECK_WARNING: [#def6]
openssl-3.2.2-build/openssl-3.2.2/apps/crl.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def7]
openssl-3.2.2-build/openssl-3.2.2/apps/dsaparam.c:239:13: warning[deadcode.DeadStores]: Value stored to 'i' is never read
# 237| assert(private);
# 238| if (outformat == FORMAT_ASN1)
# 239|-> i = i2d_PrivateKey_bio(out, pkey);
# 240| else
# 241| i = PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, NULL);
Error: CLANG_WARNING: [#def8]
openssl-3.2.2-build/openssl-3.2.2/apps/dsaparam.c:241:13: warning[deadcode.DeadStores]: Value stored to 'i' is never read
# 239| i = i2d_PrivateKey_bio(out, pkey);
# 240| else
# 241|-> i = PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, NULL);
# 242| }
# 243| ret = 0;
Error: CPPCHECK_WARNING: [#def9]
openssl-3.2.2-build/openssl-3.2.2/apps/enc.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def10]
openssl-3.2.2-build/openssl-3.2.2/apps/engine.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def11]
openssl-3.2.2-build/openssl-3.2.2/apps/engine.c:364:5: warning[deadcode.DeadStores]: Value stored to 'argc' is never read
# 362|
# 363| /* Any remaining arguments are engine names. */
# 364|-> argc = opt_num_rest();
# 365| argv = opt_rest();
# 366| for ( ; *argv; argv++) {
Error: CLANG_WARNING: [#def12]
openssl-3.2.2-build/openssl-3.2.2/apps/fipsinstall.c:359:17: warning[deadcode.DeadStores]: Value stored to 'section_name' during its initialization is never read
# 357| {
# 358| int ret = 1, verify = 0, gotkey = 0, gotdigest = 0, pedantic = 0;
# 359|-> const char *section_name = "fips_sect";
# 360| const char *mac_name = "HMAC";
# 361| const char *prov_name = "fips";
Error: CLANG_WARNING: [#def13]
openssl-3.2.2-build/openssl-3.2.2/apps/fipsinstall.c:360:17: warning[deadcode.DeadStores]: Value stored to 'mac_name' during its initialization is never read
# 358| int ret = 1, verify = 0, gotkey = 0, gotdigest = 0, pedantic = 0;
# 359| const char *section_name = "fips_sect";
# 360|-> const char *mac_name = "HMAC";
# 361| const char *prov_name = "fips";
# 362| BIO *module_bio = NULL, *mem_bio = NULL, *fout = NULL;
Error: CLANG_WARNING: [#def14]
openssl-3.2.2-build/openssl-3.2.2/apps/fipsinstall.c:361:17: warning[deadcode.DeadStores]: Value stored to 'prov_name' during its initialization is never read
# 359| const char *section_name = "fips_sect";
# 360| const char *mac_name = "HMAC";
# 361|-> const char *prov_name = "fips";
# 362| BIO *module_bio = NULL, *mem_bio = NULL, *fout = NULL;
# 363| char *in_fname = NULL, *out_fname = NULL, *prog;
Error: CPPCHECK_WARNING: [#def15]
openssl-3.2.2-build/openssl-3.2.2/apps/genpkey.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def16]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/app_params.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def17]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/app_params.c:69:9: warning[deadcode.DeadStores]: Value stored to 'bufsz' is never read
# 67| if (printed_len > 0) {
# 68| buf += printed_len;
# 69|-> bufsz -= printed_len;
# 70| }
# 71| *buf = '\0';
Error: CLANG_WARNING: [#def18]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/app_provider.c:70:15: warning[deadcode.DeadStores]: Value stored to 'given' during its initialization is never read
# 68| int opt_provider(int opt)
# 69| {
# 70|-> const int given = provider_option_given;
# 71|
# 72| provider_option_given = 1;
Error: CPPCHECK_WARNING: [#def19]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/app_x509.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def20]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/apps.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def21]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/apps.c:1573:9: warning[deadcode.DeadStores]: Value stored to 'j' is never read
# 1571| } else {
# 1572| #ifndef OPENSSL_SYS_VMS
# 1573|-> j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", serialfile, suffix);
# 1574| #else
# 1575| j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", serialfile, suffix);
Error: CLANG_WARNING: [#def22]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/apps.c:1617:5: warning[deadcode.DeadStores]: Value stored to 'j' is never read
# 1615| }
# 1616| #ifndef OPENSSL_SYS_VMS
# 1617|-> j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", serialfile, new_suffix);
# 1618| j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", serialfile, old_suffix);
# 1619| #else
Error: CLANG_WARNING: [#def23]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/apps.c:1618:5: warning[deadcode.DeadStores]: Value stored to 'j' is never read
# 1616| #ifndef OPENSSL_SYS_VMS
# 1617| j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", serialfile, new_suffix);
# 1618|-> j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", serialfile, old_suffix);
# 1619| #else
# 1620| j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", serialfile, new_suffix);
Error: CLANG_WARNING: [#def24]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/apps.c:1773:5: warning[deadcode.DeadStores]: Value stored to 'j' is never read
# 1771| }
# 1772| #ifndef OPENSSL_SYS_VMS
# 1773|-> j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr", dbfile);
# 1774| j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.attr.%s", dbfile, suffix);
# 1775| j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", dbfile, suffix);
Error: CLANG_WARNING: [#def25]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/apps.c:1774:5: warning[deadcode.DeadStores]: Value stored to 'j' is never read
# 1772| #ifndef OPENSSL_SYS_VMS
# 1773| j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr", dbfile);
# 1774|-> j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.attr.%s", dbfile, suffix);
# 1775| j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", dbfile, suffix);
# 1776| #else
Error: CLANG_WARNING: [#def26]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/apps.c:1775:5: warning[deadcode.DeadStores]: Value stored to 'j' is never read
# 1773| j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr", dbfile);
# 1774| j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.attr.%s", dbfile, suffix);
# 1775|-> j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", dbfile, suffix);
# 1776| #else
# 1777| j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s-attr", dbfile);
Error: CLANG_WARNING: [#def27]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/apps.c:1823:5: warning[deadcode.DeadStores]: Value stored to 'j' is never read
# 1821| }
# 1822| #ifndef OPENSSL_SYS_VMS
# 1823|-> j = BIO_snprintf(buf[4], sizeof(buf[4]), "%s.attr", dbfile);
# 1824| j = BIO_snprintf(buf[3], sizeof(buf[3]), "%s.attr.%s", dbfile, old_suffix);
# 1825| j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr.%s", dbfile, new_suffix);
Error: CLANG_WARNING: [#def28]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/apps.c:1824:5: warning[deadcode.DeadStores]: Value stored to 'j' is never read
# 1822| #ifndef OPENSSL_SYS_VMS
# 1823| j = BIO_snprintf(buf[4], sizeof(buf[4]), "%s.attr", dbfile);
# 1824|-> j = BIO_snprintf(buf[3], sizeof(buf[3]), "%s.attr.%s", dbfile, old_suffix);
# 1825| j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr.%s", dbfile, new_suffix);
# 1826| j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", dbfile, old_suffix);
Error: CLANG_WARNING: [#def29]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/apps.c:1825:5: warning[deadcode.DeadStores]: Value stored to 'j' is never read
# 1823| j = BIO_snprintf(buf[4], sizeof(buf[4]), "%s.attr", dbfile);
# 1824| j = BIO_snprintf(buf[3], sizeof(buf[3]), "%s.attr.%s", dbfile, old_suffix);
# 1825|-> j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr.%s", dbfile, new_suffix);
# 1826| j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", dbfile, old_suffix);
# 1827| j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", dbfile, new_suffix);
Error: CLANG_WARNING: [#def30]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/apps.c:1826:5: warning[deadcode.DeadStores]: Value stored to 'j' is never read
# 1824| j = BIO_snprintf(buf[3], sizeof(buf[3]), "%s.attr.%s", dbfile, old_suffix);
# 1825| j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr.%s", dbfile, new_suffix);
# 1826|-> j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", dbfile, old_suffix);
# 1827| j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", dbfile, new_suffix);
# 1828| #else
Error: CLANG_WARNING: [#def31]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/apps.c:1827:5: warning[deadcode.DeadStores]: Value stored to 'j' is never read
# 1825| j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr.%s", dbfile, new_suffix);
# 1826| j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", dbfile, old_suffix);
# 1827|-> j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", dbfile, new_suffix);
# 1828| #else
# 1829| j = BIO_snprintf(buf[4], sizeof(buf[4]), "%s-attr", dbfile);
Error: CLANG_WARNING: [#def32]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/apps.c:3363:11: warning[deadcode.DeadStores]: Value stored to 'opt' during its initialization is never read
# 3361| size_t sz = (size_t)sk_OPENSSL_STRING_num(opts);
# 3362| size_t params_n;
# 3363|-> char *opt = "", *stmp, *vtmp = NULL;
# 3364| int found = 1;
# 3365|
Error: CPPCHECK_WARNING: [#def33]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/apps_ui.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def34]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/cmp_mock_srv.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def35]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/http_server.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def36]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/opt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def37]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/s_cb.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def38]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/s_cb.c:1241:10: warning[deadcode.DeadStores]: Although the value stored to 'mdpth' is used in the enclosing expression, the value is never actually read from 'mdpth'
# 1239| }
# 1240|
# 1241|-> if ((mdpth = SSL_get0_dane_authority(s, NULL, &mspki)) >= 0) {
# 1242| uint8_t usage, selector, mtype;
# 1243| const unsigned char *data = NULL;
Error: CPPCHECK_WARNING: [#def39]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/s_socket.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def40]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/s_socket.c:185:21: warning[core.NullDereference]: Dereference of null pointer (loaded from variable 'ba_ret')
# 183| /* Save the address */
# 184| if (tfo || !doconn)
# 185|-> *ba_ret = BIO_ADDR_dup(BIO_ADDRINFO_address(ai));
# 186|
# 187| /* Success, don't try any more addresses */
Error: CPPCHECK_WARNING: [#def41]
openssl-3.2.2-build/openssl-3.2.2/apps/lib/tlssrp_depr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def42]
openssl-3.2.2-build/openssl-3.2.2/apps/list.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def43]
openssl-3.2.2-build/openssl-3.2.2/apps/ocsp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def44]
openssl-3.2.2-build/openssl-3.2.2/apps/openssl.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def45]
openssl-3.2.2-build/openssl-3.2.2/apps/passwd.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def46]
openssl-3.2.2-build/openssl-3.2.2/apps/passwd.c:189:5: warning[deadcode.DeadStores]: Value stored to 'argc' is never read
# 187|
# 188| /* All remaining arguments are the password text */
# 189|-> argc = opt_num_rest();
# 190| argv = opt_rest();
# 191| if (*argv != NULL) {
Error: CLANG_WARNING: [#def47]
openssl-3.2.2-build/openssl-3.2.2/apps/passwd.c:194:9: warning[deadcode.DeadStores]: Value stored to 'pw_source_defined' is never read
# 192| if (pw_source_defined)
# 193| goto opthelp;
# 194|-> pw_source_defined = 1;
# 195| passwds = argv;
# 196| }
Error: CPPCHECK_WARNING: [#def48]
openssl-3.2.2-build/openssl-3.2.2/apps/pkcs12.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def49]
openssl-3.2.2-build/openssl-3.2.2/apps/pkcs7.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def50]
openssl-3.2.2-build/openssl-3.2.2/apps/pkeyutl.c:501:9: warning[core.CallAndMessage]: 3rd function call argument is an uninitialized value
# 499| BIO_dump(out, (char *)buf_out, buf_outlen);
# 500| } else {
# 501|-> BIO_write(out, buf_out, buf_outlen);
# 502| }
# 503|
Error: CPPCHECK_WARNING: [#def51]
openssl-3.2.2-build/openssl-3.2.2/apps/rehash.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def52]
openssl-3.2.2-build/openssl-3.2.2/apps/rehash.c:550:5: warning[deadcode.DeadStores]: Value stored to 'argc' is never read
# 548|
# 549| /* Optional arguments are directories to scan. */
# 550|-> argc = opt_num_rest();
# 551| argv = opt_rest();
# 552|
Error: CPPCHECK_WARNING: [#def53]
openssl-3.2.2-build/openssl-3.2.2/apps/req.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def54]
openssl-3.2.2-build/openssl-3.2.2/apps/s_client.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def55]
openssl-3.2.2-build/openssl-3.2.2/apps/s_client.c:1586:9: warning[deadcode.DeadStores]: Value stored to 'connect_type' is never read
# 1584| goto opthelp;
# 1585| }
# 1586|-> connect_type = use_inet;
# 1587| freeandcopy(&connectstr, *opt_rest());
# 1588| } else if (!opt_check_rest_arg(NULL)) {
Error: CLANG_WARNING: [#def56]
openssl-3.2.2-build/openssl-3.2.2/apps/s_client.c:2325:5: warning[deadcode.DeadStores]: Value stored to 'tty_on' is never read
# 2323| read_tty = 1;
# 2324| write_tty = 0;
# 2325|-> tty_on = 0;
# 2326| read_ssl = 1;
# 2327| write_ssl = 1;
Error: CPPCHECK_WARNING: [#def57]
openssl-3.2.2-build/openssl-3.2.2/apps/s_server.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def58]
openssl-3.2.2-build/openssl-3.2.2/apps/s_server.c:2751:17: warning[deadcode.DeadStores]: Although the value stored to 'k' is used in the enclosing expression, the value is never actually read from 'k'
# 2749| ebcdic2ascii(buf, buf, i);
# 2750| #endif
# 2751|-> l = k = 0;
# 2752| for (;;) {
# 2753| /* should do a select for the write */
Error: CPPCHECK_WARNING: [#def59]
openssl-3.2.2-build/openssl-3.2.2/apps/s_time.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def60]
openssl-3.2.2-build/openssl-3.2.2/apps/s_time.c:313:5: warning[deadcode.DeadStores]: Value stored to 'i' is never read
# 311| totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
# 312|
# 313|-> i = (int)((long)time(NULL) - finishtime + maxtime);
# 314| printf
# 315| ("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
Error: CLANG_WARNING: [#def61]
openssl-3.2.2-build/openssl-3.2.2/apps/s_time.c:341:17: warning[deadcode.DeadStores]: Although the value stored to 'i' is used in the enclosing expression, the value is never actually read from 'i'
# 339| if (buf_len <= 0 || SSL_write(scon, buf, buf_len) <= 0)
# 340| goto end;
# 341|-> while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
# 342| continue;
# 343| }
Error: CLANG_WARNING: [#def62]
openssl-3.2.2-build/openssl-3.2.2/apps/speed.c:810:17: warning[deadcode.DeadStores]: Value stored to 'rc' is never read
# 808| if (rc != 1) {
# 809| /* reset iv in case of counter overflow */
# 810|-> rc = EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
# 811| }
# 812| }
Error: CLANG_WARNING: [#def63]
openssl-3.2.2-build/openssl-3.2.2/apps/speed.c:818:17: warning[deadcode.DeadStores]: Value stored to 'rc' is never read
# 816| if (rc != 1) {
# 817| /* reset iv in case of counter overflow */
# 818|-> rc = EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
# 819| }
# 820| }
Error: CLANG_WARNING: [#def64]
openssl-3.2.2-build/openssl-3.2.2/apps/speed.c:2907:13: warning[deadcode.DeadStores]: Value stored to 'op_count' is never read
# 2905| "RSA sign setup failure. No RSA sign will be done.\n");
# 2906| ERR_print_errors(bio_err);
# 2907|-> op_count = 1;
# 2908| } else {
# 2909| pkey_print_message("private", "rsa sign",
Error: CLANG_WARNING: [#def65]
openssl-3.2.2-build/openssl-3.2.2/apps/speed.c:2920:13: warning[deadcode.DeadStores]: Value stored to 'op_count' is never read
# 2918| count, rsa_keys[testnum].bits, d);
# 2919| rsa_results[testnum][0] = (double)count / d;
# 2920|-> op_count = count;
# 2921| }
# 2922|
Error: CLANG_WARNING: [#def66]
openssl-3.2.2-build/openssl-3.2.2/apps/speed.c:2967:13: warning[deadcode.DeadStores]: Value stored to 'op_count' is never read
# 2965| "RSA encrypt setup failure. No RSA encrypt will be done.\n");
# 2966| ERR_print_errors(bio_err);
# 2967|-> op_count = 1;
# 2968| } else {
# 2969| pkey_print_message("private", "rsa encrypt",
Error: CLANG_WARNING: [#def67]
openssl-3.2.2-build/openssl-3.2.2/apps/speed.c:2980:13: warning[deadcode.DeadStores]: Value stored to 'op_count' is never read
# 2978| count, rsa_keys[testnum].bits, d);
# 2979| rsa_results[testnum][2] = (double)count / d;
# 2980|-> op_count = count;
# 2981| }
# 2982|
Error: CLANG_WARNING: [#def68]
openssl-3.2.2-build/openssl-3.2.2/apps/speed.c:3854:13: warning[deadcode.DeadStores]: Value stored to 'op_count' is never read
# 3852| kem_name, d);
# 3853| kems_results[testnum][0] = (double)count / d;
# 3854|-> op_count = count;
# 3855| kskey_print_message(kem_name, "encaps", seconds.kem);
# 3856| Time_F(START);
Error: CLANG_WARNING: [#def69]
openssl-3.2.2-build/openssl-3.2.2/apps/speed.c:3865:13: warning[deadcode.DeadStores]: Value stored to 'op_count' is never read
# 3863| kem_name, d);
# 3864| kems_results[testnum][1] = (double)count / d;
# 3865|-> op_count = count;
# 3866| kskey_print_message(kem_name, "decaps", seconds.kem);
# 3867| Time_F(START);
Error: CLANG_WARNING: [#def70]
openssl-3.2.2-build/openssl-3.2.2/apps/speed.c:4034:13: warning[deadcode.DeadStores]: Value stored to 'op_count' is never read
# 4032| sig_name, d);
# 4033| sigs_results[testnum][0] = (double)count / d;
# 4034|-> op_count = count;
# 4035| kskey_print_message(sig_name, "signs", seconds.sig);
# 4036| Time_F(START);
Error: CLANG_WARNING: [#def71]
openssl-3.2.2-build/openssl-3.2.2/apps/speed.c:4045:13: warning[deadcode.DeadStores]: Value stored to 'op_count' is never read
# 4043| sig_name, d);
# 4044| sigs_results[testnum][1] = (double)count / d;
# 4045|-> op_count = count;
# 4046|
# 4047| kskey_print_message(sig_name, "verify", seconds.sig);
Error: CLANG_WARNING: [#def72]
openssl-3.2.2-build/openssl-3.2.2/apps/speed.c:4270:5: warning[deadcode.DeadStores]: Value stored to 'ret' is never read
# 4268| kems_results[k][0], kems_results[k][1], kems_results[k][2]);
# 4269| }
# 4270|-> ret = 0;
# 4271|
# 4272| testnum = 1;
Error: GCC_ANALYZER_WARNING (CWE-775): [#def73]
openssl-3.2.2-build/openssl-3.2.2/apps/speed.c: scope_hint: In function 'do_multi'
openssl-3.2.2-build/openssl-3.2.2/apps/speed.c:4500:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup(fd[1])'
# 4498| close(fd[0]);
# 4499| close(1);
# 4500|-> if (dup(fd[1]) == -1) {
# 4501| BIO_printf(bio_err, "dup failed\n");
# 4502| exit(1);
Error: CPPCHECK_WARNING: [#def74]
openssl-3.2.2-build/openssl-3.2.2/apps/srp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def75]
openssl-3.2.2-build/openssl-3.2.2/apps/srp.c:513:30: warning[deadcode.DeadStores]: Although the value stored to 'user_gN' is used in the enclosing expression, the value is never actually read from 'user_gN'
# 511| "Verifying password for user \"%s\"\n",
# 512| user);
# 513|-> if ((user_gN =
# 514| get_index(db, row[DB_srpgN], DB_SRP_INDEX)) >= 0)
# 515| irow =
Error: CPPCHECK_WARNING: [#def76]
openssl-3.2.2-build/openssl-3.2.2/apps/version.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def77]
openssl-3.2.2-build/openssl-3.2.2/crypto/aes/aes_ige.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def78]
openssl-3.2.2-build/openssl-3.2.2/crypto/aria/aria.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def79]
openssl-3.2.2-build/openssl-3.2.2/crypto/aria/aria.c:596:10: warning[core.uninitialized.Assign]: Assigned value is garbage or undefined
# 594| reg3 = w1[3];
# 595|
# 596|-> reg0 ^= ck[4];
# 597| reg1 ^= ck[5];
# 598| reg2 ^= ck[6];
Error: CPPCHECK_WARNING: [#def80]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/a_bitstr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-562): [#def81]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/a_d2i_fp.c:53: error[returnDanglingLifetime]: Returning pointer to local variable 'p' that will be invalid when returning.
# 51| err:
# 52| BUF_MEM_free(b);
# 53|-> return ret;
# 54| }
# 55|
Error: CPPCHECK_WARNING (CWE-562): [#def82]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/a_dup.c:38: error[returnDanglingLifetime]: Returning pointer to local variable 'p2' that will be invalid when returning.
# 36| ret = d2i(NULL, &p2, i);
# 37| OPENSSL_free(b);
# 38|-> return ret;
# 39| }
# 40|
Error: CPPCHECK_WARNING: [#def83]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/a_int.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def84]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/a_mbstr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def85]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/a_object.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def86]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/a_object.c:162:24: warning[core.uninitialized.Assign]: Assigned value is garbage or undefined
# 160| while (--i > 0)
# 161| out[len++] = tmp[i] | 0x80;
# 162|-> out[len++] = tmp[0];
# 163| } else
# 164| len += i;
Error: CPPCHECK_WARNING: [#def87]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/a_print.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def88]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/a_sign.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def89]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/a_strex.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def90]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/a_strnid.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def91]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/a_time.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def92]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/a_utf8.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def93]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/a_verify.c:71:5: warning[deadcode.DeadStores]: Value stored to 'ret' is never read
# 69| goto err;
# 70| }
# 71|-> ret = -1;
# 72|
# 73| if (EVP_VerifyFinal(ctx, (unsigned char *)signature->data,
Error: CPPCHECK_WARNING: [#def94]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/ameth_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def95]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/ameth_lib.c: scope_hint: In function 'EVP_PKEY_asn1_find_str'
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/ameth_lib.c:133:18: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
# 131| for (i = EVP_PKEY_asn1_get_count(); i-- > 0; ) {
# 132| ameth = EVP_PKEY_asn1_get0(i);
# 133|-> if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
# 134| continue;
# 135| if ((int)strlen(ameth->pem_str) == len
Error: CPPCHECK_WARNING: [#def96]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/asn1_gen.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def97]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/asn1_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def98]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/asn1_parse.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def99]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/asn_mime.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def100]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/asn_mime.c:619:5: warning[deadcode.DeadStores]: Value stored to 'state' is never read
# 617| blen = strlen(bound);
# 618| part = 0;
# 619|-> state = 0;
# 620| first = 1;
# 621| parts = sk_BIO_new_null();
Error: CLANG_WARNING: [#def101]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/asn_mime.c:693:13: warning[deadcode.DeadStores]: Although the value stored to 'len' is used in the enclosing expression, the value is never actually read from 'len'
# 691| if (headers == NULL)
# 692| return NULL;
# 693|-> while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
# 694| /* If whitespace at line start then continuation line */
# 695| if (mhdr && ossl_isspace(linebuf[0]))
Error: GCC_ANALYZER_WARNING (CWE-476): [#def102]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/asn_mime.c: scope_hint: In function 'mime_hdr_addparam'
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/asn_mime.c:911:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 'mhdr'
openssl-3.2.2-build/openssl-3.2.2/include/internal/e_os.h:17: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/internal/common.h:18: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/internal/cryptlib.h:21: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/asn_mime.c:12: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/asn_mime.c:906:14: note: in expansion of macro 'OPENSSL_malloc'
# 909| mparam->param_name = tmpname;
# 910| mparam->param_value = tmpval;
# 911|-> if (!sk_MIME_PARAM_push(mhdr->params, mparam))
# 912| goto err;
# 913| return 1;
Error: CPPCHECK_WARNING: [#def103]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/asn_moid.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def104]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/bio_asn1.c:167:5: warning[deadcode.DeadStores]: Value stored to 'ret' is never read
# 165|
# 166| wrlen = 0;
# 167|-> ret = -1;
# 168|
# 169| for (;;) {
Error: CPPCHECK_WARNING: [#def105]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/d2i_pr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def106]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/f_int.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def107]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/f_string.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def108]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/f_string.c:116:28: warning[core.NullDereference]: Array access (from variable 's') results in a null pointer dereference
# 114| return 0;
# 115| }
# 116|-> s[num + j] <<= 4;
# 117| s[num + j] |= m;
# 118| }
Error: CPPCHECK_WARNING: [#def109]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/t_pkey.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def110]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/tasn_dec.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def111]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/tasn_dec.c:261:13: warning[core.NullDereference]: Access to field 'asn1_ex_d2i_ex' results in a dereference of a null pointer (loaded from variable 'ef')
# 259| /* Use new style d2i */
# 260| ef = it->funcs;
# 261|-> if (ef->asn1_ex_d2i_ex != NULL)
# 262| return ef->asn1_ex_d2i_ex(pval, in, len, it, tag, aclass, opt, ctx,
# 263| libctx, propq);
Error: CPPCHECK_WARNING: [#def112]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/tasn_enc.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def113]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/tasn_enc.c:144:16: warning[core.NullDereference]: Access to field 'asn1_ex_i2d' results in a dereference of a null pointer (loaded from variable 'ef')
# 142| /* If new style i2d it does all the work */
# 143| ef = it->funcs;
# 144|-> return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
# 145|
# 146| case ASN1_ITYPE_NDEF_SEQUENCE:
Error: CPPCHECK_WARNING: [#def114]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/tasn_prn.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def115]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/x_algor.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def116]
openssl-3.2.2-build/openssl-3.2.2/crypto/asn1/x_long.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def117]
openssl-3.2.2-build/openssl-3.2.2/crypto/async/async.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def118]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_cfb64.c:78:5: warning[deadcode.DeadStores]: Value stored to 'v0' is never read
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def119]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_cfb64.c:78:10: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def120]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_cfb64.c:78:31: warning[deadcode.DeadStores]: Although the value stored to 't' is used in the enclosing expression, the value is never actually read from 't'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def121]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_cfb64.c:78:35: warning[deadcode.DeadStores]: Although the value stored to 'c' is used in the enclosing expression, the value is never actually read from 'c'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def122]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_cfb64.c:78:39: warning[deadcode.DeadStores]: Although the value stored to 'cc' is used in the enclosing expression, the value is never actually read from 'cc'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def123]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_ecb.c:48:5: warning[deadcode.DeadStores]: Value stored to 'l' is never read
# 46| l = d[1];
# 47| l2n(l, out);
# 48|-> l = d[0] = d[1] = 0;
# 49| }
Error: CLANG_WARNING: [#def124]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_enc.c:179:5: warning[deadcode.DeadStores]: Value stored to 'tin0' is never read
# 177| l2n(xor1, ivec);
# 178| }
# 179|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 180| tin[0] = tin[1] = 0;
# 181| }
Error: CLANG_WARNING: [#def125]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_enc.c:179:12: warning[deadcode.DeadStores]: Although the value stored to 'tin1' is used in the enclosing expression, the value is never actually read from 'tin1'
# 177| l2n(xor1, ivec);
# 178| }
# 179|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 180| tin[0] = tin[1] = 0;
# 181| }
Error: CLANG_WARNING: [#def126]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_enc.c:179:19: warning[deadcode.DeadStores]: Although the value stored to 'tout0' is used in the enclosing expression, the value is never actually read from 'tout0'
# 177| l2n(xor1, ivec);
# 178| }
# 179|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 180| tin[0] = tin[1] = 0;
# 181| }
Error: CLANG_WARNING: [#def127]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_enc.c:179:27: warning[deadcode.DeadStores]: Although the value stored to 'tout1' is used in the enclosing expression, the value is never actually read from 'tout1'
# 177| l2n(xor1, ivec);
# 178| }
# 179|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 180| tin[0] = tin[1] = 0;
# 181| }
Error: CLANG_WARNING: [#def128]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_enc.c:179:35: warning[deadcode.DeadStores]: Although the value stored to 'xor0' is used in the enclosing expression, the value is never actually read from 'xor0'
# 177| l2n(xor1, ivec);
# 178| }
# 179|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 180| tin[0] = tin[1] = 0;
# 181| }
Error: CLANG_WARNING: [#def129]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_enc.c:179:42: warning[deadcode.DeadStores]: Although the value stored to 'xor1' is used in the enclosing expression, the value is never actually read from 'xor1'
# 177| l2n(xor1, ivec);
# 178| }
# 179|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 180| tin[0] = tin[1] = 0;
# 181| }
Error: CLANG_WARNING: [#def130]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_ofb64.c:65:5: warning[deadcode.DeadStores]: Value stored to 't' is never read
# 63| l2n(v1, iv);
# 64| }
# 65|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 66| *num = n;
# 67| }
Error: CLANG_WARNING: [#def131]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_ofb64.c:65:9: warning[deadcode.DeadStores]: Although the value stored to 'v0' is used in the enclosing expression, the value is never actually read from 'v0'
# 63| l2n(v1, iv);
# 64| }
# 65|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 66| *num = n;
# 67| }
Error: CLANG_WARNING: [#def132]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_ofb64.c:65:14: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 63| l2n(v1, iv);
# 64| }
# 65|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 66| *num = n;
# 67| }
Error: CPPCHECK_WARNING: [#def133]
openssl-3.2.2-build/openssl-3.2.2/crypto/bf/bf_skey.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def134]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bf_buff.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def135]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bf_lbuf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def136]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bf_nbio.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def137]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bf_prefix.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def138]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bf_readbuff.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def139]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bio_addr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def140]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bio_dump.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def141]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bio_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def142]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bio_print.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def143]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bio_sock.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def144]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bio_sock2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def145]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bss_acpt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def146]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bss_acpt.c:271:13: warning[deadcode.DeadStores]: Value stored to 's' is never read
# 269| BIO_ADDR_service_string(&c->cache_accepting_addr, 1);
# 270| c->state = ACPT_S_ACCEPT;
# 271|-> s = -1;
# 272| ret = 1;
# 273| goto end;
Error: CPPCHECK_WARNING: [#def147]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bss_bio.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def148]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bss_conn.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def149]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bss_dgram.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def150]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bss_dgram.c:570:9: warning[deadcode.DeadStores]: Value stored to 'num' is never read
# 568| switch (cmd) {
# 569| case BIO_CTRL_RESET:
# 570|-> num = 0;
# 571| ret = 0;
# 572| break;
Error: CLANG_WARNING: [#def151]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bss_dgram.c:664:18: warning[deadcode.DeadStores]: Although the value stored to 'ret' is used in the enclosing expression, the value is never actually read from 'ret'
# 662| switch (addr.sa.sa_family) {
# 663| case AF_INET:
# 664|-> if ((ret =
# 665| getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val,
# 666| &sockopt_len)) < 0 || sockopt_val < 0) {
Error: CLANG_WARNING: [#def152]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bss_dgram.c:679:18: warning[deadcode.DeadStores]: Although the value stored to 'ret' is used in the enclosing expression, the value is never actually read from 'ret'
# 677| # if OPENSSL_USE_IPV6 && defined(IPV6_MTU)
# 678| case AF_INET6:
# 679|-> if ((ret =
# 680| getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU,
# 681| (void *)&sockopt_val, &sockopt_len)) < 0
Error: CPPCHECK_WARNING: [#def153]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bss_dgram_pair.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def154]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bss_mem.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def155]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/asm/x86_64-gcc.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def156]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_blind.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-465): [#def157]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_blind.c: scope_hint: In function 'BN_BLINDING_update'
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_blind.c:106:12: warning[-Wanalyzer-deref-before-check]: check of 'b' for NULL after already dereferencing it
# 104| !(b->flags & BN_BLINDING_NO_RECREATE)) {
# 105| /* re-create blinding parameters */
# 106|-> if (!BN_BLINDING_create_param(b, NULL, NULL, ctx, NULL, NULL))
# 107| goto err;
# 108| } else if (!(b->flags & BN_BLINDING_NO_UPDATE)) {
Error: CPPCHECK_WARNING: [#def158]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_conv.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def159]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_conv.c:165:5: warning[deadcode.DeadStores]: Value stored to 'm' is never read
# 163|
# 164| j = i; /* least significant 'hex' */
# 165|-> m = 0;
# 166| h = 0;
# 167| while (j > 0) {
Error: CPPCHECK_WARNING: [#def160]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_ctx.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def161]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_div.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def162]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_exp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def163]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_exp.c:243:5: warning[deadcode.DeadStores]: Value stored to 'wend' is never read
# 241| * buffer. */
# 242| wstart = bits - 1; /* The top bit of the window */
# 243|-> wend = 0; /* The bottom bit of the window */
# 244|
# 245| if (r == p) {
Error: CLANG_WARNING: [#def164]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_exp.c:396:5: warning[deadcode.DeadStores]: Value stored to 'wend' is never read
# 394| * buffer. */
# 395| wstart = bits - 1; /* The top bit of the window */
# 396|-> wend = 0; /* The bottom bit of the window */
# 397|
# 398| #if 1 /* by Shay Gueron's suggestion */
Error: CLANG_WARNING: [#def165]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_exp.c:1375:5: warning[deadcode.DeadStores]: Value stored to 'wend' is never read
# 1373| * buffer. */
# 1374| wstart = bits - 1; /* The top bit of the window */
# 1375|-> wend = 0; /* The bottom bit of the window */
# 1376|
# 1377| if (r == p) {
Error: CLANG_WARNING: [#def166]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_exp2.c:178:18: warning[core.CallAndMessage]: 3rd function call argument is an uninitialized value
# 176| if (wvalue1 && b == wpos1) {
# 177| /* wvalue1 is odd and < 2^window1 */
# 178|-> if (!BN_mod_mul_montgomery(r, r, val1[wvalue1 >> 1], mont, ctx))
# 179| goto err;
# 180| wvalue1 = 0;
Error: CLANG_WARNING: [#def167]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_exp2.c:186:18: warning[core.CallAndMessage]: 3rd function call argument is an uninitialized value
# 184| if (wvalue2 && b == wpos2) {
# 185| /* wvalue2 is odd and < 2^window2 */
# 186|-> if (!BN_mod_mul_montgomery(r, r, val2[wvalue2 >> 1], mont, ctx))
# 187| goto err;
# 188| wvalue2 = 0;
Error: CPPCHECK_WARNING: [#def168]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_gcd.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def169]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-758): [#def170]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_lib.c:45: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 43| mult = sizeof(int) * 8 - 1;
# 44| bn_limit_bits = mult;
# 45|-> bn_limit_num = 1 << mult;
# 46| }
# 47| if (high >= 0) {
Error: CPPCHECK_WARNING (CWE-758): [#def171]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_lib.c:51: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 49| high = sizeof(int) * 8 - 1;
# 50| bn_limit_bits_high = high;
# 51|-> bn_limit_num_high = 1 << high;
# 52| }
# 53| if (low >= 0) {
Error: CPPCHECK_WARNING (CWE-758): [#def172]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_lib.c:57: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 55| low = sizeof(int) * 8 - 1;
# 56| bn_limit_bits_low = low;
# 57|-> bn_limit_num_low = 1 << low;
# 58| }
# 59| if (mont >= 0) {
Error: CPPCHECK_WARNING (CWE-758): [#def173]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_lib.c:63: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 61| mont = sizeof(int) * 8 - 1;
# 62| bn_limit_bits_mont = mont;
# 63|-> bn_limit_num_mont = 1 << mont;
# 64| }
# 65| }
Error: GCC_ANALYZER_WARNING (CWE-465): [#def174]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_lib.c: scope_hint: In function 'BN_set_bit'
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_lib.c:800:12: warning[-Wanalyzer-deref-before-check]: check of 'a' for NULL after already dereferencing it
# 798| j = n % BN_BITS2;
# 799| if (a->top <= i) {
# 800|-> if (bn_wexpand(a, i + 1) == NULL)
# 801| return 0;
# 802| for (k = a->top; k < i + 1; k++)
Error: CPPCHECK_WARNING: [#def175]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_mod.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def176]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_mod.c:75:25: warning[core.UndefinedBinaryOperatorResult]: The left operand of '&' is a garbage value
# 73| for (i = 0, ai = 0, bi = 0, carry = 0; i < mtop;) {
# 74| mask = (BN_ULONG)0 - ((i - a->top) >> (8 * sizeof(i) - 1));
# 75|-> temp = ((ap[ai] & mask) + carry) & BN_MASK2;
# 76| carry = (temp < carry);
# 77|
Error: CLANG_WARNING: [#def177]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_mod.c:79:26: warning[core.UndefinedBinaryOperatorResult]: The left operand of '&' is a garbage value
# 77|
# 78| mask = (BN_ULONG)0 - ((i - b->top) >> (8 * sizeof(i) - 1));
# 79|-> tp[i] = ((bp[bi] & mask) + temp) & BN_MASK2;
# 80| carry += (tp[i] < temp);
# 81|
Error: CPPCHECK_WARNING: [#def178]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_mont.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def179]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_mpi.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def180]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_mul.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def181]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_nist.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-786): [#def182]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_nist.c:599: error[negativeIndex]: Array 'buf.bn[4]' accessed at index -3, which is out of bounds.
# 597| BN_ULONG t_d[BN_NIST_224_TOP];
# 598|
# 599|-> nist_set_224(t_d, buf.bn, 10, 9, 8, 7, 0, 0, 0);
# 600| carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
# 601| nist_set_224(t_d, buf.bn, 0, 13, 12, 11, 0, 0, 0);
Error: CPPCHECK_WARNING (CWE-786): [#def183]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_nist.c:601: error[negativeIndex]: Array 'buf.bn[4]' accessed at index -3, which is out of bounds.
# 599| nist_set_224(t_d, buf.bn, 10, 9, 8, 7, 0, 0, 0);
# 600| carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
# 601|-> nist_set_224(t_d, buf.bn, 0, 13, 12, 11, 0, 0, 0);
# 602| carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
# 603| nist_set_224(t_d, buf.bn, 13, 12, 11, 10, 9, 8, 7);
Error: CPPCHECK_WARNING (CWE-786): [#def184]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_nist.c:605: error[negativeIndex]: Array 'buf.bn[4]' accessed at index -3, which is out of bounds.
# 603| nist_set_224(t_d, buf.bn, 13, 12, 11, 10, 9, 8, 7);
# 604| carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
# 605|-> nist_set_224(t_d, buf.bn, 0, 0, 0, 0, 13, 12, 11);
# 606| carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
# 607|
Error: CLANG_WARNING: [#def185]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_nist.c:606:9: warning[deadcode.DeadStores]: Value stored to 'carry' is never read
# 604| carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
# 605| nist_set_224(t_d, buf.bn, 0, 0, 0, 0, 13, 12, 11);
# 606|-> carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
# 607|
# 608| # if BN_BITS2==64
Error: CLANG_WARNING: [#def186]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_nist.c:615:9: warning[deadcode.DeadStores]: Value stored to 'carry' is never read
# 613| adjust = bn_sub_words;
# 614| if (carry > 0) {
# 615|-> carry =
# 616| (int)bn_sub_words(r_d, r_d, _nist_p_224[carry - 1],
# 617| BN_NIST_224_TOP);
Error: CPPCHECK_WARNING: [#def187]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_prime.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def188]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_rand.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def189]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_rsa_fips186_4.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def190]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_sqr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def191]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_sqrt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def192]
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/rsaz_exp_x2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def193]
openssl-3.2.2-build/openssl-3.2.2/crypto/bsearch.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def194]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_cfb64.c:78:5: warning[deadcode.DeadStores]: Value stored to 'v0' is never read
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def195]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_cfb64.c:78:10: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def196]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_cfb64.c:78:31: warning[deadcode.DeadStores]: Although the value stored to 't' is used in the enclosing expression, the value is never actually read from 't'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def197]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_cfb64.c:78:35: warning[deadcode.DeadStores]: Although the value stored to 'c' is used in the enclosing expression, the value is never actually read from 'c'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def198]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_cfb64.c:78:39: warning[deadcode.DeadStores]: Although the value stored to 'cc' is used in the enclosing expression, the value is never actually read from 'cc'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def199]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_ecb.c:37:5: warning[deadcode.DeadStores]: Value stored to 'l' is never read
# 35| l = d[1];
# 36| l2n(l, out);
# 37|-> l = d[0] = d[1] = 0;
# 38| }
Error: CLANG_WARNING: [#def200]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_enc.c:155:5: warning[deadcode.DeadStores]: Value stored to 'tin0' is never read
# 153| l2n(xor1, iv);
# 154| }
# 155|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 156| tin[0] = tin[1] = 0;
# 157| }
Error: CLANG_WARNING: [#def201]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_enc.c:155:12: warning[deadcode.DeadStores]: Although the value stored to 'tin1' is used in the enclosing expression, the value is never actually read from 'tin1'
# 153| l2n(xor1, iv);
# 154| }
# 155|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 156| tin[0] = tin[1] = 0;
# 157| }
Error: CLANG_WARNING: [#def202]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_enc.c:155:19: warning[deadcode.DeadStores]: Although the value stored to 'tout0' is used in the enclosing expression, the value is never actually read from 'tout0'
# 153| l2n(xor1, iv);
# 154| }
# 155|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 156| tin[0] = tin[1] = 0;
# 157| }
Error: CLANG_WARNING: [#def203]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_enc.c:155:27: warning[deadcode.DeadStores]: Although the value stored to 'tout1' is used in the enclosing expression, the value is never actually read from 'tout1'
# 153| l2n(xor1, iv);
# 154| }
# 155|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 156| tin[0] = tin[1] = 0;
# 157| }
Error: CLANG_WARNING: [#def204]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_enc.c:155:35: warning[deadcode.DeadStores]: Although the value stored to 'xor0' is used in the enclosing expression, the value is never actually read from 'xor0'
# 153| l2n(xor1, iv);
# 154| }
# 155|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 156| tin[0] = tin[1] = 0;
# 157| }
Error: CLANG_WARNING: [#def205]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_enc.c:155:42: warning[deadcode.DeadStores]: Although the value stored to 'xor1' is used in the enclosing expression, the value is never actually read from 'xor1'
# 153| l2n(xor1, iv);
# 154| }
# 155|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 156| tin[0] = tin[1] = 0;
# 157| }
Error: CLANG_WARNING: [#def206]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_ofb64.c:65:5: warning[deadcode.DeadStores]: Value stored to 't' is never read
# 63| l2n(v1, iv);
# 64| }
# 65|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 66| *num = n;
# 67| }
Error: CLANG_WARNING: [#def207]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_ofb64.c:65:9: warning[deadcode.DeadStores]: Although the value stored to 'v0' is used in the enclosing expression, the value is never actually read from 'v0'
# 63| l2n(v1, iv);
# 64| }
# 65|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 66| *num = n;
# 67| }
Error: CLANG_WARNING: [#def208]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_ofb64.c:65:14: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 63| l2n(v1, iv);
# 64| }
# 65|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 66| *num = n;
# 67| }
Error: CPPCHECK_WARNING: [#def209]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_skey.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-457): [#def210]
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_skey.c: scope_hint: In function 'CAST_set_key'
openssl-3.2.2-build/openssl-3.2.2/crypto/cast/c_skey.c:122:35: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'k[<unknown>]'
# 120| for (i = 0; i < 16; i++) {
# 121| key->data[i * 2] = k[i];
# 122|-> key->data[i * 2 + 1] = ((k[i + 16]) + 16) & 0x1f;
# 123| }
# 124| }
Error: CPPCHECK_WARNING: [#def211]
openssl-3.2.2-build/openssl-3.2.2/crypto/cmac/cmac.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def212]
openssl-3.2.2-build/openssl-3.2.2/crypto/cmp/cmp_client.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def213]
openssl-3.2.2-build/openssl-3.2.2/crypto/cmp/cmp_ctx.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def214]
openssl-3.2.2-build/openssl-3.2.2/crypto/cmp/cmp_ctx.c:364:9: warning[deadcode.DeadStores]: Value stored to 'level_str' is never read
# 362| file = "(unset file name)";
# 363| if (level_str == NULL)
# 364|-> level_str = "(unset level string)";
# 365|
# 366| #ifndef OPENSSL_NO_TRACE
Error: CPPCHECK_WARNING: [#def215]
openssl-3.2.2-build/openssl-3.2.2/crypto/cmp/cmp_genm.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def216]
openssl-3.2.2-build/openssl-3.2.2/crypto/cmp/cmp_hdr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def217]
openssl-3.2.2-build/openssl-3.2.2/crypto/cmp/cmp_protect.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def218]
openssl-3.2.2-build/openssl-3.2.2/crypto/cmp/cmp_server.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def219]
openssl-3.2.2-build/openssl-3.2.2/crypto/cmp/cmp_status.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def220]
openssl-3.2.2-build/openssl-3.2.2/crypto/cmp/cmp_util.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def221]
openssl-3.2.2-build/openssl-3.2.2/crypto/cmp/cmp_vfy.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def222]
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_ec.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def223]
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_enc.c:173:13: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 171| }
# 172| if ((EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)) {
# 173|-> memcpy(aparams.iv, piv, ivlen);
# 174| aparams.iv_len = ivlen;
# 175| aparams.tag_len = EVP_CIPHER_CTX_get_tag_length(ctx);
Error: CPPCHECK_WARNING: [#def224]
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_env.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def225]
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_env.c: scope_hint: In function 'cms_RecipientInfo_ktri_encrypt'
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_env.c:551:9: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_env.c:17: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_env.c:545:13: note: in expansion of macro 'FIPS_mode'
# 549| }
# 550|
# 551|-> if (EVP_PKEY_encrypt(pctx, NULL, &eklen, ec->key, ec->keylen) <= 0)
# 552| goto err;
# 553|
Error: CLANG_WARNING: [#def226]
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_ess.c:221:44: warning[core.NullDereference]: Access to field 'digestAlgorithm' results in a dereference of a null pointer (loaded from variable 'si')
# 219| unsigned char *dig, unsigned int *diglen)
# 220| {
# 221|-> const EVP_MD *md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
# 222|
# 223| if (md == NULL)
Error: GCC_ANALYZER_WARNING (CWE-476): [#def227]
openssl-3.2.2-build/openssl-3.2.2/include/openssl/pem.h:22: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_ess.c:12: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_ess.c: scope_hint: In function 'cms_msgSigDigest'
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_ess.c:221:46: warning[-Wanalyzer-null-dereference]: dereference of NULL 'si'
openssl-3.2.2-build/openssl-3.2.2/include/openssl/evp.h:531:65: note: in definition of macro 'EVP_get_digestbynid'
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_ess.c:221:24: note: in expansion of macro 'EVP_get_digestbyobj'
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_ess.c:16: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_ess.c:272:9: note: in expansion of macro 'sk_CMS_SignerInfo_num'
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_ess.c:305:14: note: in expansion of macro 'sk_CMS_SignerInfo_num'
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_ess.c:310:10: note: in expansion of macro 'sk_CMS_SignerInfo_value'
openssl-3.2.2-build/openssl-3.2.2/include/openssl/evp.h:531:65: note: in definition of macro 'EVP_get_digestbynid'
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_ess.c:221:24: note: in expansion of macro 'EVP_get_digestbyobj'
# 219| unsigned char *dig, unsigned int *diglen)
# 220| {
# 221|-> const EVP_MD *md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
# 222|
# 223| if (md == NULL)
Error: CPPCHECK_WARNING: [#def228]
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_kari.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def229]
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_pwri.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def230]
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_pwri.c:67:9: warning[deadcode.DeadStores]: Value stored to 'pbe_nid' is never read
# 65|
# 66| if (pbe_nid <= 0)
# 67|-> pbe_nid = NID_id_pbkdf2;
# 68|
# 69| /* Get from enveloped data */
Error: CPPCHECK_WARNING: [#def231]
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_rsa.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def232]
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_sd.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def233]
openssl-3.2.2-build/openssl-3.2.2/crypto/cms/cms_smime.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def234]
openssl-3.2.2-build/openssl-3.2.2/crypto/comp/c_zlib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def235]
openssl-3.2.2-build/openssl-3.2.2/crypto/conf/conf_api.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def236]
openssl-3.2.2-build/openssl-3.2.2/crypto/conf/conf_def.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def237]
openssl-3.2.2-build/openssl-3.2.2/crypto/conf/conf_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def238]
openssl-3.2.2-build/openssl-3.2.2/crypto/conf/conf_mod.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def239]
openssl-3.2.2-build/openssl-3.2.2/crypto/conf/conf_mod.c:632:18: warning[deadcode.DeadStores]: Value stored to 'sep' during its initialization is never read
# 630| {
# 631| const char *t;
# 632|-> char *file, *sep = "";
# 633| size_t size;
# 634|
Error: CPPCHECK_WARNING: [#def240]
openssl-3.2.2-build/openssl-3.2.2/crypto/context.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-1164): [#def241]
openssl-3.2.2-build/openssl-3.2.2/crypto/context.c:30:13: warning[-Wunused-function]: 'read_kernel_fips_flag' defined but not used
# 30 | static void read_kernel_fips_flag(void)
# | ^~~~~~~~~~~~~~~~~~~~~
# 28| static int kernel_fips_flag;
# 29|
# 30|-> static void read_kernel_fips_flag(void)
# 31| {
# 32| char buf[2] = "0";
Error: CPPCHECK_WARNING: [#def242]
openssl-3.2.2-build/openssl-3.2.2/crypto/core_namemap.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def243]
openssl-3.2.2-build/openssl-3.2.2/crypto/core_namemap.c:327:13: warning[deadcode.DeadStores]: Value stored to 'l' is never read
# 325| q = p + l;
# 326| } else {
# 327|-> l = q - p; /* offset to the next separator */
# 328| *q++ = '\0';
# 329| }
Error: CLANG_WARNING: [#def244]
openssl-3.2.2-build/openssl-3.2.2/crypto/core_namemap.c:406:9: warning[deadcode.DeadStores]: Value stored to 'num' is never read
# 404| }
# 405| if (pem_name != NULL)
# 406|-> num = ossl_namemap_add_name(arg, num, pem_name);
# 407| }
# 408|
Error: CPPCHECK_WARNING: [#def245]
openssl-3.2.2-build/openssl-3.2.2/crypto/ct/ct_oct.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def246]
openssl-3.2.2-build/openssl-3.2.2/crypto/ct/ct_sct_ctx.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def247]
openssl-3.2.2-build/openssl-3.2.2/crypto/ct/ct_vfy.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def248]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cbc_cksm.c:49:5: warning[deadcode.DeadStores]: Value stored to 'tout0' is never read
# 47| l2c(tout1, out);
# 48| }
# 49|-> tout0 = tin0 = tin1 = tin[0] = tin[1] = 0;
# 50| /*
# 51| * Transform the data in tout1 so that it will match the return value
Error: CLANG_WARNING: [#def249]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cbc_cksm.c:49:13: warning[deadcode.DeadStores]: Although the value stored to 'tin0' is used in the enclosing expression, the value is never actually read from 'tin0'
# 47| l2c(tout1, out);
# 48| }
# 49|-> tout0 = tin0 = tin1 = tin[0] = tin[1] = 0;
# 50| /*
# 51| * Transform the data in tout1 so that it will match the return value
Error: CLANG_WARNING: [#def250]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cbc_cksm.c:49:20: warning[deadcode.DeadStores]: Although the value stored to 'tin1' is used in the enclosing expression, the value is never actually read from 'tin1'
# 47| l2c(tout1, out);
# 48| }
# 49|-> tout0 = tin0 = tin1 = tin[0] = tin[1] = 0;
# 50| /*
# 51| * Transform the data in tout1 so that it will match the return value
Error: CLANG_WARNING: [#def251]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb64ede.c:82:5: warning[deadcode.DeadStores]: Value stored to 'v0' is never read
# 80| }
# 81| }
# 82|-> v0 = v1 = ti[0] = ti[1] = c = cc = 0;
# 83| *num = n;
# 84| }
Error: CLANG_WARNING: [#def252]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb64ede.c:82:10: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 80| }
# 81| }
# 82|-> v0 = v1 = ti[0] = ti[1] = c = cc = 0;
# 83| *num = n;
# 84| }
Error: CLANG_WARNING: [#def253]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb64ede.c:82:31: warning[deadcode.DeadStores]: Although the value stored to 'c' is used in the enclosing expression, the value is never actually read from 'c'
# 80| }
# 81| }
# 82|-> v0 = v1 = ti[0] = ti[1] = c = cc = 0;
# 83| *num = n;
# 84| }
Error: CLANG_WARNING: [#def254]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb64ede.c:82:35: warning[deadcode.DeadStores]: Although the value stored to 'cc' is used in the enclosing expression, the value is never actually read from 'cc'
# 80| }
# 81| }
# 82|-> v0 = v1 = ti[0] = ti[1] = c = cc = 0;
# 83| *num = n;
# 84| }
Error: CLANG_WARNING: [#def255]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb64ede.c:194:5: warning[deadcode.DeadStores]: Value stored to 'v0' is never read
# 192| l2c(v0, iv);
# 193| l2c(v1, iv);
# 194|-> v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
# 195| }
Error: CLANG_WARNING: [#def256]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb64ede.c:194:10: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 192| l2c(v0, iv);
# 193| l2c(v1, iv);
# 194|-> v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
# 195| }
Error: CLANG_WARNING: [#def257]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb64ede.c:194:15: warning[deadcode.DeadStores]: Although the value stored to 'd0' is used in the enclosing expression, the value is never actually read from 'd0'
# 192| l2c(v0, iv);
# 193| l2c(v1, iv);
# 194|-> v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
# 195| }
Error: CLANG_WARNING: [#def258]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb64ede.c:194:20: warning[deadcode.DeadStores]: Although the value stored to 'd1' is used in the enclosing expression, the value is never actually read from 'd1'
# 192| l2c(v0, iv);
# 193| l2c(v1, iv);
# 194|-> v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
# 195| }
Error: CLANG_WARNING: [#def259]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb64enc.c:77:5: warning[deadcode.DeadStores]: Value stored to 'v0' is never read
# 75| }
# 76| }
# 77|-> v0 = v1 = ti[0] = ti[1] = c = cc = 0;
# 78| *num = n;
# 79| }
Error: CLANG_WARNING: [#def260]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb64enc.c:77:10: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 75| }
# 76| }
# 77|-> v0 = v1 = ti[0] = ti[1] = c = cc = 0;
# 78| *num = n;
# 79| }
Error: CLANG_WARNING: [#def261]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb64enc.c:77:31: warning[deadcode.DeadStores]: Although the value stored to 'c' is used in the enclosing expression, the value is never actually read from 'c'
# 75| }
# 76| }
# 77|-> v0 = v1 = ti[0] = ti[1] = c = cc = 0;
# 78| *num = n;
# 79| }
Error: CLANG_WARNING: [#def262]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb64enc.c:77:35: warning[deadcode.DeadStores]: Although the value stored to 'cc' is used in the enclosing expression, the value is never actually read from 'cc'
# 75| }
# 76| }
# 77|-> v0 = v1 = ti[0] = ti[1] = c = cc = 0;
# 78| *num = n;
# 79| }
Error: CLANG_WARNING: [#def263]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb_enc.c:155:5: warning[deadcode.DeadStores]: Value stored to 'v0' is never read
# 153| l2c(v0, iv);
# 154| l2c(v1, iv);
# 155|-> v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
# 156| }
Error: CLANG_WARNING: [#def264]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb_enc.c:155:10: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 153| l2c(v0, iv);
# 154| l2c(v1, iv);
# 155|-> v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
# 156| }
Error: CLANG_WARNING: [#def265]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb_enc.c:155:15: warning[deadcode.DeadStores]: Although the value stored to 'd0' is used in the enclosing expression, the value is never actually read from 'd0'
# 153| l2c(v0, iv);
# 154| l2c(v1, iv);
# 155|-> v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
# 156| }
Error: CLANG_WARNING: [#def266]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cfb_enc.c:155:20: warning[deadcode.DeadStores]: Although the value stored to 'd1' is used in the enclosing expression, the value is never actually read from 'd1'
# 153| l2c(v0, iv);
# 154| l2c(v1, iv);
# 155|-> v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
# 156| }
Error: CLANG_WARNING: [#def267]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/des_enc.c:88:5: warning[deadcode.DeadStores]: Value stored to 'l' is never read
# 86| data[0] = l;
# 87| data[1] = r;
# 88|-> l = r = t = u = 0;
# 89| }
# 90|
Error: CLANG_WARNING: [#def268]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/des_enc.c:88:9: warning[deadcode.DeadStores]: Although the value stored to 'r' is used in the enclosing expression, the value is never actually read from 'r'
# 86| data[0] = l;
# 87| data[1] = r;
# 88|-> l = r = t = u = 0;
# 89| }
# 90|
Error: CLANG_WARNING: [#def269]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/des_enc.c:88:13: warning[deadcode.DeadStores]: Although the value stored to 't' is used in the enclosing expression, the value is never actually read from 't'
# 86| data[0] = l;
# 87| data[1] = r;
# 88|-> l = r = t = u = 0;
# 89| }
# 90|
Error: CLANG_WARNING: [#def270]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/des_enc.c:88:17: warning[deadcode.DeadStores]: Although the value stored to 'u' is used in the enclosing expression, the value is never actually read from 'u'
# 86| data[0] = l;
# 87| data[1] = r;
# 88|-> l = r = t = u = 0;
# 89| }
# 90|
Error: CLANG_WARNING: [#def271]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/des_enc.c:152:5: warning[deadcode.DeadStores]: Value stored to 'l' is never read
# 150| data[0] = ROTATE(l, 3) & 0xffffffffL;
# 151| data[1] = ROTATE(r, 3) & 0xffffffffL;
# 152|-> l = r = t = u = 0;
# 153| }
# 154|
Error: CLANG_WARNING: [#def272]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/des_enc.c:152:9: warning[deadcode.DeadStores]: Although the value stored to 'r' is used in the enclosing expression, the value is never actually read from 'r'
# 150| data[0] = ROTATE(l, 3) & 0xffffffffL;
# 151| data[1] = ROTATE(r, 3) & 0xffffffffL;
# 152|-> l = r = t = u = 0;
# 153| }
# 154|
Error: CLANG_WARNING: [#def273]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/des_enc.c:152:13: warning[deadcode.DeadStores]: Although the value stored to 't' is used in the enclosing expression, the value is never actually read from 't'
# 150| data[0] = ROTATE(l, 3) & 0xffffffffL;
# 151| data[1] = ROTATE(r, 3) & 0xffffffffL;
# 152|-> l = r = t = u = 0;
# 153| }
# 154|
Error: CLANG_WARNING: [#def274]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/des_enc.c:152:17: warning[deadcode.DeadStores]: Although the value stored to 'u' is used in the enclosing expression, the value is never actually read from 'u'
# 150| data[0] = ROTATE(l, 3) & 0xffffffffL;
# 151| data[1] = ROTATE(r, 3) & 0xffffffffL;
# 152|-> l = r = t = u = 0;
# 153| }
# 154|
Error: CLANG_WARNING: [#def275]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/des_enc.c:301:5: warning[deadcode.DeadStores]: Value stored to 'tin0' is never read
# 299| l2c(xor1, iv);
# 300| }
# 301|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 302| tin[0] = tin[1] = 0;
# 303| }
Error: CLANG_WARNING: [#def276]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/des_enc.c:301:12: warning[deadcode.DeadStores]: Although the value stored to 'tin1' is used in the enclosing expression, the value is never actually read from 'tin1'
# 299| l2c(xor1, iv);
# 300| }
# 301|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 302| tin[0] = tin[1] = 0;
# 303| }
Error: CLANG_WARNING: [#def277]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/des_enc.c:301:19: warning[deadcode.DeadStores]: Although the value stored to 'tout0' is used in the enclosing expression, the value is never actually read from 'tout0'
# 299| l2c(xor1, iv);
# 300| }
# 301|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 302| tin[0] = tin[1] = 0;
# 303| }
Error: CLANG_WARNING: [#def278]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/des_enc.c:301:27: warning[deadcode.DeadStores]: Although the value stored to 'tout1' is used in the enclosing expression, the value is never actually read from 'tout1'
# 299| l2c(xor1, iv);
# 300| }
# 301|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 302| tin[0] = tin[1] = 0;
# 303| }
Error: CLANG_WARNING: [#def279]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/des_enc.c:301:35: warning[deadcode.DeadStores]: Although the value stored to 'xor0' is used in the enclosing expression, the value is never actually read from 'xor0'
# 299| l2c(xor1, iv);
# 300| }
# 301|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 302| tin[0] = tin[1] = 0;
# 303| }
Error: CLANG_WARNING: [#def280]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/des_enc.c:301:42: warning[deadcode.DeadStores]: Although the value stored to 'xor1' is used in the enclosing expression, the value is never actually read from 'xor1'
# 299| l2c(xor1, iv);
# 300| }
# 301|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 302| tin[0] = tin[1] = 0;
# 303| }
Error: CLANG_WARNING: [#def281]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ecb_enc.c:53:5: warning[deadcode.DeadStores]: Value stored to 'l' is never read
# 51| l = ll[1];
# 52| l2c(l, out);
# 53|-> l = ll[0] = ll[1] = 0;
# 54| }
Error: CPPCHECK_WARNING: [#def282]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/fcrypt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def283]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/cbc_enc.c:18: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ncbc_enc.c:104:5: warning[deadcode.DeadStores]: Value stored to 'tin0' is never read
# 102| #endif
# 103| }
# 104|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 105| tin[0] = tin[1] = 0;
# 106| }
Error: CLANG_WARNING: [#def284]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ncbc_enc.c:104:12: warning[deadcode.DeadStores]: Although the value stored to 'tin1' is used in the enclosing expression, the value is never actually read from 'tin1'
# 102| #endif
# 103| }
# 104|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 105| tin[0] = tin[1] = 0;
# 106| }
Error: CLANG_WARNING: [#def285]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ncbc_enc.c:104:19: warning[deadcode.DeadStores]: Although the value stored to 'tout0' is used in the enclosing expression, the value is never actually read from 'tout0'
# 102| #endif
# 103| }
# 104|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 105| tin[0] = tin[1] = 0;
# 106| }
Error: CLANG_WARNING: [#def286]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ncbc_enc.c:104:27: warning[deadcode.DeadStores]: Although the value stored to 'tout1' is used in the enclosing expression, the value is never actually read from 'tout1'
# 102| #endif
# 103| }
# 104|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 105| tin[0] = tin[1] = 0;
# 106| }
Error: CLANG_WARNING: [#def287]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ncbc_enc.c:104:35: warning[deadcode.DeadStores]: Although the value stored to 'xor0' is used in the enclosing expression, the value is never actually read from 'xor0'
# 102| #endif
# 103| }
# 104|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 105| tin[0] = tin[1] = 0;
# 106| }
Error: CLANG_WARNING: [#def288]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ncbc_enc.c:104:42: warning[deadcode.DeadStores]: Although the value stored to 'xor1' is used in the enclosing expression, the value is never actually read from 'xor1'
# 102| #endif
# 103| }
# 104|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 105| tin[0] = tin[1] = 0;
# 106| }
Error: CLANG_WARNING: [#def289]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ofb64ede.c:66:5: warning[deadcode.DeadStores]: Value stored to 'v0' is never read
# 64| l2c(v1, iv);
# 65| }
# 66|-> v0 = v1 = ti[0] = ti[1] = 0;
# 67| *num = n;
# 68| }
Error: CLANG_WARNING: [#def290]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ofb64ede.c:66:10: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 64| l2c(v1, iv);
# 65| }
# 66|-> v0 = v1 = ti[0] = ti[1] = 0;
# 67| *num = n;
# 68| }
Error: CLANG_WARNING: [#def291]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ofb64enc.c:64:5: warning[deadcode.DeadStores]: Value stored to 't' is never read
# 62| l2c(v1, iv);
# 63| }
# 64|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 65| *num = n;
# 66| }
Error: CLANG_WARNING: [#def292]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ofb64enc.c:64:9: warning[deadcode.DeadStores]: Although the value stored to 'v0' is used in the enclosing expression, the value is never actually read from 'v0'
# 62| l2c(v1, iv);
# 63| }
# 64|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 65| *num = n;
# 66| }
Error: CLANG_WARNING: [#def293]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ofb64enc.c:64:14: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 62| l2c(v1, iv);
# 63| }
# 64|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 65| *num = n;
# 66| }
Error: CLANG_WARNING: [#def294]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ofb_enc.c:87:5: warning[deadcode.DeadStores]: Value stored to 'v0' is never read
# 85| l2c(v0, iv);
# 86| l2c(v1, iv);
# 87|-> v0 = v1 = d0 = d1 = ti[0] = ti[1] = vv0 = vv1 = 0;
# 88| }
Error: CLANG_WARNING: [#def295]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ofb_enc.c:87:10: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 85| l2c(v0, iv);
# 86| l2c(v1, iv);
# 87|-> v0 = v1 = d0 = d1 = ti[0] = ti[1] = vv0 = vv1 = 0;
# 88| }
Error: CLANG_WARNING: [#def296]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ofb_enc.c:87:15: warning[deadcode.DeadStores]: Although the value stored to 'd0' is used in the enclosing expression, the value is never actually read from 'd0'
# 85| l2c(v0, iv);
# 86| l2c(v1, iv);
# 87|-> v0 = v1 = d0 = d1 = ti[0] = ti[1] = vv0 = vv1 = 0;
# 88| }
Error: CLANG_WARNING: [#def297]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ofb_enc.c:87:20: warning[deadcode.DeadStores]: Although the value stored to 'd1' is used in the enclosing expression, the value is never actually read from 'd1'
# 85| l2c(v0, iv);
# 86| l2c(v1, iv);
# 87|-> v0 = v1 = d0 = d1 = ti[0] = ti[1] = vv0 = vv1 = 0;
# 88| }
Error: CLANG_WARNING: [#def298]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ofb_enc.c:87:41: warning[deadcode.DeadStores]: Although the value stored to 'vv0' is used in the enclosing expression, the value is never actually read from 'vv0'
# 85| l2c(v0, iv);
# 86| l2c(v1, iv);
# 87|-> v0 = v1 = d0 = d1 = ti[0] = ti[1] = vv0 = vv1 = 0;
# 88| }
Error: CLANG_WARNING: [#def299]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/ofb_enc.c:87:47: warning[deadcode.DeadStores]: Although the value stored to 'vv1' is used in the enclosing expression, the value is never actually read from 'vv1'
# 85| l2c(v0, iv);
# 86| l2c(v1, iv);
# 87|-> v0 = v1 = d0 = d1 = ti[0] = ti[1] = vv0 = vv1 = 0;
# 88| }
Error: CLANG_WARNING: [#def300]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/pcbc_enc.c:71:5: warning[deadcode.DeadStores]: Value stored to 'sin0' is never read
# 69| }
# 70| tin[0] = tin[1] = 0;
# 71|-> sin0 = sin1 = xor0 = xor1 = tout0 = tout1 = 0;
# 72| }
Error: CLANG_WARNING: [#def301]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/pcbc_enc.c:71:12: warning[deadcode.DeadStores]: Although the value stored to 'sin1' is used in the enclosing expression, the value is never actually read from 'sin1'
# 69| }
# 70| tin[0] = tin[1] = 0;
# 71|-> sin0 = sin1 = xor0 = xor1 = tout0 = tout1 = 0;
# 72| }
Error: CLANG_WARNING: [#def302]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/pcbc_enc.c:71:19: warning[deadcode.DeadStores]: Although the value stored to 'xor0' is used in the enclosing expression, the value is never actually read from 'xor0'
# 69| }
# 70| tin[0] = tin[1] = 0;
# 71|-> sin0 = sin1 = xor0 = xor1 = tout0 = tout1 = 0;
# 72| }
Error: CLANG_WARNING: [#def303]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/pcbc_enc.c:71:26: warning[deadcode.DeadStores]: Although the value stored to 'xor1' is used in the enclosing expression, the value is never actually read from 'xor1'
# 69| }
# 70| tin[0] = tin[1] = 0;
# 71|-> sin0 = sin1 = xor0 = xor1 = tout0 = tout1 = 0;
# 72| }
Error: CLANG_WARNING: [#def304]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/pcbc_enc.c:71:33: warning[deadcode.DeadStores]: Although the value stored to 'tout0' is used in the enclosing expression, the value is never actually read from 'tout0'
# 69| }
# 70| tin[0] = tin[1] = 0;
# 71|-> sin0 = sin1 = xor0 = xor1 = tout0 = tout1 = 0;
# 72| }
Error: CLANG_WARNING: [#def305]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/pcbc_enc.c:71:41: warning[deadcode.DeadStores]: Although the value stored to 'tout1' is used in the enclosing expression, the value is never actually read from 'tout1'
# 69| }
# 70| tin[0] = tin[1] = 0;
# 71|-> sin0 = sin1 = xor0 = xor1 = tout0 = tout1 = 0;
# 72| }
Error: CLANG_WARNING: [#def306]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/xcbc_enc.c:106:5: warning[deadcode.DeadStores]: Value stored to 'tin0' is never read
# 104| l2c(xor1, iv);
# 105| }
# 106|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 107| inW0 = inW1 = outW0 = outW1 = 0;
# 108| tin[0] = tin[1] = 0;
Error: CLANG_WARNING: [#def307]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/xcbc_enc.c:106:12: warning[deadcode.DeadStores]: Although the value stored to 'tin1' is used in the enclosing expression, the value is never actually read from 'tin1'
# 104| l2c(xor1, iv);
# 105| }
# 106|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 107| inW0 = inW1 = outW0 = outW1 = 0;
# 108| tin[0] = tin[1] = 0;
Error: CLANG_WARNING: [#def308]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/xcbc_enc.c:106:19: warning[deadcode.DeadStores]: Although the value stored to 'tout0' is used in the enclosing expression, the value is never actually read from 'tout0'
# 104| l2c(xor1, iv);
# 105| }
# 106|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 107| inW0 = inW1 = outW0 = outW1 = 0;
# 108| tin[0] = tin[1] = 0;
Error: CLANG_WARNING: [#def309]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/xcbc_enc.c:106:27: warning[deadcode.DeadStores]: Although the value stored to 'tout1' is used in the enclosing expression, the value is never actually read from 'tout1'
# 104| l2c(xor1, iv);
# 105| }
# 106|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 107| inW0 = inW1 = outW0 = outW1 = 0;
# 108| tin[0] = tin[1] = 0;
Error: CLANG_WARNING: [#def310]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/xcbc_enc.c:106:35: warning[deadcode.DeadStores]: Although the value stored to 'xor0' is used in the enclosing expression, the value is never actually read from 'xor0'
# 104| l2c(xor1, iv);
# 105| }
# 106|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 107| inW0 = inW1 = outW0 = outW1 = 0;
# 108| tin[0] = tin[1] = 0;
Error: CLANG_WARNING: [#def311]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/xcbc_enc.c:106:42: warning[deadcode.DeadStores]: Although the value stored to 'xor1' is used in the enclosing expression, the value is never actually read from 'xor1'
# 104| l2c(xor1, iv);
# 105| }
# 106|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 107| inW0 = inW1 = outW0 = outW1 = 0;
# 108| tin[0] = tin[1] = 0;
Error: CLANG_WARNING: [#def312]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/xcbc_enc.c:107:5: warning[deadcode.DeadStores]: Value stored to 'inW0' is never read
# 105| }
# 106| tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 107|-> inW0 = inW1 = outW0 = outW1 = 0;
# 108| tin[0] = tin[1] = 0;
# 109| }
Error: CLANG_WARNING: [#def313]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/xcbc_enc.c:107:12: warning[deadcode.DeadStores]: Although the value stored to 'inW1' is used in the enclosing expression, the value is never actually read from 'inW1'
# 105| }
# 106| tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 107|-> inW0 = inW1 = outW0 = outW1 = 0;
# 108| tin[0] = tin[1] = 0;
# 109| }
Error: CLANG_WARNING: [#def314]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/xcbc_enc.c:107:19: warning[deadcode.DeadStores]: Although the value stored to 'outW0' is used in the enclosing expression, the value is never actually read from 'outW0'
# 105| }
# 106| tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 107|-> inW0 = inW1 = outW0 = outW1 = 0;
# 108| tin[0] = tin[1] = 0;
# 109| }
Error: CLANG_WARNING: [#def315]
openssl-3.2.2-build/openssl-3.2.2/crypto/des/xcbc_enc.c:107:27: warning[deadcode.DeadStores]: Although the value stored to 'outW1' is used in the enclosing expression, the value is never actually read from 'outW1'
# 105| }
# 106| tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 107|-> inW0 = inW1 = outW0 = outW1 = 0;
# 108| tin[0] = tin[1] = 0;
# 109| }
Error: CPPCHECK_WARNING: [#def316]
openssl-3.2.2-build/openssl-3.2.2/crypto/dh/dh_check.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def317]
openssl-3.2.2-build/openssl-3.2.2/crypto/dh/dh_key.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def318]
openssl-3.2.2-build/openssl-3.2.2/crypto/dh/dh_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def319]
openssl-3.2.2-build/openssl-3.2.2/crypto/dh/dh_pmeth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def320]
openssl-3.2.2-build/openssl-3.2.2/crypto/dsa/dsa_ameth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def321]
openssl-3.2.2-build/openssl-3.2.2/crypto/dsa/dsa_key.c:191:5: warning[deadcode.DeadStores]: Value stored to 'ok' is never read
# 189| dsa->pub_key = pub_key;
# 190|
# 191|-> ok = 1;
# 192| #ifdef FIPS_MODULE
# 193| {
Error: CPPCHECK_WARNING: [#def322]
openssl-3.2.2-build/openssl-3.2.2/crypto/dsa/dsa_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def323]
openssl-3.2.2-build/openssl-3.2.2/crypto/dsa/dsa_sign.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def324]
openssl-3.2.2-build/openssl-3.2.2/crypto/dsa/dsa_sign.c: scope_hint: In function 'i2d_DSA_SIG'
openssl-3.2.2-build/openssl-3.2.2/crypto/dsa/dsa_sign.c:108:42: warning[-Wanalyzer-null-dereference]: dereference of NULL 'buf'
# 106| if (ppout != NULL) {
# 107| if (*ppout == NULL) {
# 108|-> *ppout = (unsigned char *)buf->data;
# 109| buf->data = NULL;
# 110| BUF_MEM_free(buf);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def325]
openssl-3.2.2-build/openssl-3.2.2/crypto/dsa/dsa_sign.c: scope_hint: In function 'DSA_verify'
openssl-3.2.2-build/openssl-3.2.2/crypto/dsa/dsa_sign.c:210:29: warning[-Wanalyzer-null-argument]: use of NULL 'der' where non-null expected
openssl-3.2.2-build/openssl-3.2.2/include/internal/common.h:15: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/internal/cryptlib.h:21: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/crypto/dsa/dsa_sign.c:17: included_from: Included from here.
/usr/include/string.h:64:12: note: argument 2 of 'memcmp' must be non-null
# 208| /* Ensure signature uses DER and doesn't have trailing garbage */
# 209| derlen = i2d_DSA_SIG(s, &der);
# 210|-> if (derlen != siglen || memcmp(sigbuf, der, derlen))
# 211| goto err;
# 212| ret = DSA_do_verify(dgst, dgst_len, s, dsa);
Error: CPPCHECK_WARNING: [#def326]
openssl-3.2.2-build/openssl-3.2.2/crypto/dso/dso_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def327]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def328]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:4670:5: warning[deadcode.DeadStores]: Value stored to 's23' is never read
# 4668| s15 += s23 * 136657;
# 4669| s16 -= s23 * 683901;
# 4670|-> s23 = 0;
# 4671|
# 4672| s10 += s22 * 666643;
Error: CLANG_WARNING: [#def329]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:4678:5: warning[deadcode.DeadStores]: Value stored to 's22' is never read
# 4676| s14 += s22 * 136657;
# 4677| s15 -= s22 * 683901;
# 4678|-> s22 = 0;
# 4679|
# 4680| s9 += s21 * 666643;
Error: CLANG_WARNING: [#def330]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:4686:5: warning[deadcode.DeadStores]: Value stored to 's21' is never read
# 4684| s13 += s21 * 136657;
# 4685| s14 -= s21 * 683901;
# 4686|-> s21 = 0;
# 4687|
# 4688| s8 += s20 * 666643;
Error: CLANG_WARNING: [#def331]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:4694:5: warning[deadcode.DeadStores]: Value stored to 's20' is never read
# 4692| s12 += s20 * 136657;
# 4693| s13 -= s20 * 683901;
# 4694|-> s20 = 0;
# 4695|
# 4696| s7 += s19 * 666643;
Error: CLANG_WARNING: [#def332]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:4702:5: warning[deadcode.DeadStores]: Value stored to 's19' is never read
# 4700| s11 += s19 * 136657;
# 4701| s12 -= s19 * 683901;
# 4702|-> s19 = 0;
# 4703|
# 4704| s6 += s18 * 666643;
Error: CLANG_WARNING: [#def333]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:4710:5: warning[deadcode.DeadStores]: Value stored to 's18' is never read
# 4708| s10 += s18 * 136657;
# 4709| s11 -= s18 * 683901;
# 4710|-> s18 = 0;
# 4711|
# 4712| carry6 = (s6 + (1 << 20)) >> 21;
Error: CLANG_WARNING: [#def334]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:4753:5: warning[deadcode.DeadStores]: Value stored to 's17' is never read
# 4751| s9 += s17 * 136657;
# 4752| s10 -= s17 * 683901;
# 4753|-> s17 = 0;
# 4754|
# 4755| s4 += s16 * 666643;
Error: CLANG_WARNING: [#def335]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:4761:5: warning[deadcode.DeadStores]: Value stored to 's16' is never read
# 4759| s8 += s16 * 136657;
# 4760| s9 -= s16 * 683901;
# 4761|-> s16 = 0;
# 4762|
# 4763| s3 += s15 * 666643;
Error: CLANG_WARNING: [#def336]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:4769:5: warning[deadcode.DeadStores]: Value stored to 's15' is never read
# 4767| s7 += s15 * 136657;
# 4768| s8 -= s15 * 683901;
# 4769|-> s15 = 0;
# 4770|
# 4771| s2 += s14 * 666643;
Error: CLANG_WARNING: [#def337]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:4777:5: warning[deadcode.DeadStores]: Value stored to 's14' is never read
# 4775| s6 += s14 * 136657;
# 4776| s7 -= s14 * 683901;
# 4777|-> s14 = 0;
# 4778|
# 4779| s1 += s13 * 666643;
Error: CLANG_WARNING: [#def338]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:4785:5: warning[deadcode.DeadStores]: Value stored to 's13' is never read
# 4783| s5 += s13 * 136657;
# 4784| s6 -= s13 * 683901;
# 4785|-> s13 = 0;
# 4786|
# 4787| s0 += s12 * 666643;
Error: CLANG_WARNING: [#def339]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:4884:5: warning[deadcode.DeadStores]: Value stored to 's12' is never read
# 4882| s4 += s12 * 136657;
# 4883| s5 -= s12 * 683901;
# 4884|-> s12 = 0;
# 4885|
# 4886| carry0 = s0 >> 21;
Error: CLANG_WARNING: [#def340]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:5153:5: warning[deadcode.DeadStores]: Value stored to 's23' is never read
# 5151| s15 += s23 * 136657;
# 5152| s16 -= s23 * 683901;
# 5153|-> s23 = 0;
# 5154|
# 5155| s10 += s22 * 666643;
Error: CLANG_WARNING: [#def341]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:5161:5: warning[deadcode.DeadStores]: Value stored to 's22' is never read
# 5159| s14 += s22 * 136657;
# 5160| s15 -= s22 * 683901;
# 5161|-> s22 = 0;
# 5162|
# 5163| s9 += s21 * 666643;
Error: CLANG_WARNING: [#def342]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:5169:5: warning[deadcode.DeadStores]: Value stored to 's21' is never read
# 5167| s13 += s21 * 136657;
# 5168| s14 -= s21 * 683901;
# 5169|-> s21 = 0;
# 5170|
# 5171| s8 += s20 * 666643;
Error: CLANG_WARNING: [#def343]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:5177:5: warning[deadcode.DeadStores]: Value stored to 's20' is never read
# 5175| s12 += s20 * 136657;
# 5176| s13 -= s20 * 683901;
# 5177|-> s20 = 0;
# 5178|
# 5179| s7 += s19 * 666643;
Error: CLANG_WARNING: [#def344]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:5185:5: warning[deadcode.DeadStores]: Value stored to 's19' is never read
# 5183| s11 += s19 * 136657;
# 5184| s12 -= s19 * 683901;
# 5185|-> s19 = 0;
# 5186|
# 5187| s6 += s18 * 666643;
Error: CLANG_WARNING: [#def345]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:5193:5: warning[deadcode.DeadStores]: Value stored to 's18' is never read
# 5191| s10 += s18 * 136657;
# 5192| s11 -= s18 * 683901;
# 5193|-> s18 = 0;
# 5194|
# 5195| carry6 = (s6 + (1 << 20)) >> 21;
Error: CLANG_WARNING: [#def346]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:5236:5: warning[deadcode.DeadStores]: Value stored to 's17' is never read
# 5234| s9 += s17 * 136657;
# 5235| s10 -= s17 * 683901;
# 5236|-> s17 = 0;
# 5237|
# 5238| s4 += s16 * 666643;
Error: CLANG_WARNING: [#def347]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:5244:5: warning[deadcode.DeadStores]: Value stored to 's16' is never read
# 5242| s8 += s16 * 136657;
# 5243| s9 -= s16 * 683901;
# 5244|-> s16 = 0;
# 5245|
# 5246| s3 += s15 * 666643;
Error: CLANG_WARNING: [#def348]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:5252:5: warning[deadcode.DeadStores]: Value stored to 's15' is never read
# 5250| s7 += s15 * 136657;
# 5251| s8 -= s15 * 683901;
# 5252|-> s15 = 0;
# 5253|
# 5254| s2 += s14 * 666643;
Error: CLANG_WARNING: [#def349]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:5260:5: warning[deadcode.DeadStores]: Value stored to 's14' is never read
# 5258| s6 += s14 * 136657;
# 5259| s7 -= s14 * 683901;
# 5260|-> s14 = 0;
# 5261|
# 5262| s1 += s13 * 666643;
Error: CLANG_WARNING: [#def350]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:5268:5: warning[deadcode.DeadStores]: Value stored to 's13' is never read
# 5266| s5 += s13 * 136657;
# 5267| s6 -= s13 * 683901;
# 5268|-> s13 = 0;
# 5269|
# 5270| s0 += s12 * 666643;
Error: CLANG_WARNING: [#def351]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve25519.c:5367:5: warning[deadcode.DeadStores]: Value stored to 's12' is never read
# 5365| s4 += s12 * 136657;
# 5366| s5 -= s12 * 683901;
# 5367|-> s12 = 0;
# 5368|
# 5369| carry0 = s0 >> 21;
Error: GCC_ANALYZER_WARNING (CWE-457): [#def352]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve448/arch_64/f_impl.h:49:27: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'd[0].limb[7]'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve448/curve448.c: scope_hint: In function 'point_double_internal'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve448/curve448.c:68:5: note: in expansion of macro 'gf_add_nr'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve448/arch_64/f_impl.h: scope_hint: In function 'point_double_internal'
# 47| {
# 48| uint64_t mask = (1ULL << 56) - 1;
# 49|-> uint64_t tmp = a->limb[NLIMBS - 1] >> 56;
# 50| unsigned int i;
# 51|
Error: CPPCHECK_WARNING: [#def353]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve448/curve448.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def354]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve448/eddsa.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def355]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/curve448/scalar.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def356]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ec_ameth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def357]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ec_asn1.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def358]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ec_asn1.c: scope_hint: In function 'i2d_ECDSA_SIG'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ec_asn1.c:1280:42: warning[-Wanalyzer-null-dereference]: dereference of NULL 'buf'
# 1278| if (ppout != NULL) {
# 1279| if (*ppout == NULL) {
# 1280|-> *ppout = (unsigned char *)buf->data;
# 1281| buf->data = NULL;
# 1282| BUF_MEM_free(buf);
Error: CPPCHECK_WARNING: [#def359]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ec_backend.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def360]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ec_key.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def361]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ec_kmeth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def362]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ec_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-563): [#def363]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ec_lib.c: scope_hint: In function 'EC_GROUP_new_from_params'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ec_lib.c:1556:9: warning[-Wunused-variable]: unused variable 'encoding_flag'
# 1556 | int encoding_flag = -1;
# | ^~~~~~~~~~~~~
# 1554| BN_CTX *bnctx = NULL;
# 1555| const unsigned char *buf = NULL;
# 1556|-> int encoding_flag = -1;
# 1557| #endif
# 1558|
Error: CPPCHECK_WARNING: [#def364]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ec_mult.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def365]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ec_mult.c:574:17: warning[deadcode.DeadStores]: Value stored to 'numblocks' is never read
# 572| */
# 573|
# 574|-> numblocks = 1;
# 575| totalnum = num + 1; /* don't use wNAF splitting */
# 576| wNAF[num] = tmp_wNAF;
Error: CPPCHECK_WARNING: [#def366]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ec_pmeth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def367]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecdsa_ossl.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def368]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/eck_prn.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def369]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nist.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def370]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistp224.c:1565:13: warning[deadcode.DeadStores]: Value stored to 'num_bytes' is never read
# 1563| goto err;
# 1564| }
# 1565|-> num_bytes = BN_bn2lebinpad(tmp_scalar, g_secret, sizeof(g_secret));
# 1566| } else {
# 1567| num_bytes = BN_bn2lebinpad(scalar, g_secret, sizeof(g_secret));
Error: CLANG_WARNING: [#def371]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistp224.c:1567:13: warning[deadcode.DeadStores]: Value stored to 'num_bytes' is never read
# 1565| num_bytes = BN_bn2lebinpad(tmp_scalar, g_secret, sizeof(g_secret));
# 1566| } else {
# 1567|-> num_bytes = BN_bn2lebinpad(scalar, g_secret, sizeof(g_secret));
# 1568| }
# 1569| /* do the multiplication with generator precomputation */
Error: CLANG_WARNING: [#def372]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistp256.c:2183:13: warning[deadcode.DeadStores]: Value stored to 'num_bytes' is never read
# 2181| goto err;
# 2182| }
# 2183|-> num_bytes = BN_bn2lebinpad(tmp_scalar, g_secret, sizeof(g_secret));
# 2184| } else {
# 2185| num_bytes = BN_bn2lebinpad(scalar, g_secret, sizeof(g_secret));
Error: CLANG_WARNING: [#def373]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistp256.c:2185:13: warning[deadcode.DeadStores]: Value stored to 'num_bytes' is never read
# 2183| num_bytes = BN_bn2lebinpad(tmp_scalar, g_secret, sizeof(g_secret));
# 2184| } else {
# 2185|-> num_bytes = BN_bn2lebinpad(scalar, g_secret, sizeof(g_secret));
# 2186| }
# 2187| /* do the multiplication with generator precomputation */
Error: GCC_ANALYZER_WARNING (CWE-457): [#def374]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistp384.c: scope_hint: In function 'felem_square_ref'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistp384.c:380:40: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'inx2[1]'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistp384.c:731:5: note: in expansion of macro 'felem_square'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistp384.c: scope_hint: In function 'felem_square_ref'
# 378| out[0] = ((uint128_t) in[0]) * in[0];
# 379|
# 380|-> out[1] = ((uint128_t) in[0]) * inx2[1];
# 381|
# 382| out[2] = ((uint128_t) in[0]) * inx2[2]
Error: CLANG_WARNING: [#def375]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistp384.c:1857:13: warning[deadcode.DeadStores]: Value stored to 'num_bytes' is never read
# 1855| goto err;
# 1856| }
# 1857|-> num_bytes = BN_bn2lebinpad(tmp_scalar, g_secret, sizeof(g_secret));
# 1858| } else {
# 1859| num_bytes = BN_bn2lebinpad(scalar, g_secret, sizeof(g_secret));
Error: CLANG_WARNING: [#def376]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistp384.c:1859:13: warning[deadcode.DeadStores]: Value stored to 'num_bytes' is never read
# 1857| num_bytes = BN_bn2lebinpad(tmp_scalar, g_secret, sizeof(g_secret));
# 1858| } else {
# 1859|-> num_bytes = BN_bn2lebinpad(scalar, g_secret, sizeof(g_secret));
# 1860| }
# 1861| /* do the multiplication with generator precomputation */
Error: CLANG_WARNING: [#def377]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistp521.c:2071:13: warning[deadcode.DeadStores]: Value stored to 'num_bytes' is never read
# 2069| goto err;
# 2070| }
# 2071|-> num_bytes = BN_bn2lebinpad(tmp_scalar, g_secret, sizeof(g_secret));
# 2072| } else {
# 2073| num_bytes = BN_bn2lebinpad(scalar, g_secret, sizeof(g_secret));
Error: CLANG_WARNING: [#def378]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistp521.c:2073:13: warning[deadcode.DeadStores]: Value stored to 'num_bytes' is never read
# 2071| num_bytes = BN_bn2lebinpad(tmp_scalar, g_secret, sizeof(g_secret));
# 2072| } else {
# 2073|-> num_bytes = BN_bn2lebinpad(scalar, g_secret, sizeof(g_secret));
# 2074| }
# 2075| /* do the multiplication with generator precomputation */
Error: CPPCHECK_WARNING: [#def379]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-823): [#def380]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:179: error[arrayIndexOutOfBounds]: Array 'dst[4]' accessed at index 4, which is out of bounds.
# 177| dst[3] = (src[3] & mask1) ^ (dst[3] & mask2);
# 178| if (P256_LIMBS == 8) {
# 179|-> dst[4] = (src[4] & mask1) ^ (dst[4] & mask2);
# 180| dst[5] = (src[5] & mask1) ^ (dst[5] & mask2);
# 181| dst[6] = (src[6] & mask1) ^ (dst[6] & mask2);
Error: CPPCHECK_WARNING (CWE-823): [#def381]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:179: error[arrayIndexOutOfBounds]: Array 'src[4]' accessed at index 4, which is out of bounds.
# 177| dst[3] = (src[3] & mask1) ^ (dst[3] & mask2);
# 178| if (P256_LIMBS == 8) {
# 179|-> dst[4] = (src[4] & mask1) ^ (dst[4] & mask2);
# 180| dst[5] = (src[5] & mask1) ^ (dst[5] & mask2);
# 181| dst[6] = (src[6] & mask1) ^ (dst[6] & mask2);
Error: CPPCHECK_WARNING (CWE-823): [#def382]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:180: error[arrayIndexOutOfBounds]: Array 'dst[4]' accessed at index 5, which is out of bounds.
# 178| if (P256_LIMBS == 8) {
# 179| dst[4] = (src[4] & mask1) ^ (dst[4] & mask2);
# 180|-> dst[5] = (src[5] & mask1) ^ (dst[5] & mask2);
# 181| dst[6] = (src[6] & mask1) ^ (dst[6] & mask2);
# 182| dst[7] = (src[7] & mask1) ^ (dst[7] & mask2);
Error: CPPCHECK_WARNING (CWE-823): [#def383]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:180: error[arrayIndexOutOfBounds]: Array 'src[4]' accessed at index 5, which is out of bounds.
# 178| if (P256_LIMBS == 8) {
# 179| dst[4] = (src[4] & mask1) ^ (dst[4] & mask2);
# 180|-> dst[5] = (src[5] & mask1) ^ (dst[5] & mask2);
# 181| dst[6] = (src[6] & mask1) ^ (dst[6] & mask2);
# 182| dst[7] = (src[7] & mask1) ^ (dst[7] & mask2);
Error: CPPCHECK_WARNING (CWE-823): [#def384]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:181: error[arrayIndexOutOfBounds]: Array 'dst[4]' accessed at index 6, which is out of bounds.
# 179| dst[4] = (src[4] & mask1) ^ (dst[4] & mask2);
# 180| dst[5] = (src[5] & mask1) ^ (dst[5] & mask2);
# 181|-> dst[6] = (src[6] & mask1) ^ (dst[6] & mask2);
# 182| dst[7] = (src[7] & mask1) ^ (dst[7] & mask2);
# 183| }
Error: CPPCHECK_WARNING (CWE-823): [#def385]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:181: error[arrayIndexOutOfBounds]: Array 'src[4]' accessed at index 6, which is out of bounds.
# 179| dst[4] = (src[4] & mask1) ^ (dst[4] & mask2);
# 180| dst[5] = (src[5] & mask1) ^ (dst[5] & mask2);
# 181|-> dst[6] = (src[6] & mask1) ^ (dst[6] & mask2);
# 182| dst[7] = (src[7] & mask1) ^ (dst[7] & mask2);
# 183| }
Error: CPPCHECK_WARNING (CWE-823): [#def386]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:182: error[arrayIndexOutOfBounds]: Array 'dst[4]' accessed at index 7, which is out of bounds.
# 180| dst[5] = (src[5] & mask1) ^ (dst[5] & mask2);
# 181| dst[6] = (src[6] & mask1) ^ (dst[6] & mask2);
# 182|-> dst[7] = (src[7] & mask1) ^ (dst[7] & mask2);
# 183| }
# 184| }
Error: CPPCHECK_WARNING (CWE-823): [#def387]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:182: error[arrayIndexOutOfBounds]: Array 'src[4]' accessed at index 7, which is out of bounds.
# 180| dst[5] = (src[5] & mask1) ^ (dst[5] & mask2);
# 181| dst[6] = (src[6] & mask1) ^ (dst[6] & mask2);
# 182|-> dst[7] = (src[7] & mask1) ^ (dst[7] & mask2);
# 183| }
# 184| }
Error: CPPCHECK_WARNING (CWE-823): [#def388]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:204: error[arrayIndexOutOfBounds]: Array 'a[4]' accessed at index 4, which is out of bounds.
# 202| res |= a[3] ^ b[3];
# 203| if (P256_LIMBS == 8) {
# 204|-> res |= a[4] ^ b[4];
# 205| res |= a[5] ^ b[5];
# 206| res |= a[6] ^ b[6];
Error: CPPCHECK_WARNING (CWE-823): [#def389]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:204: error[arrayIndexOutOfBounds]: Array 'b[4]' accessed at index 4, which is out of bounds.
# 202| res |= a[3] ^ b[3];
# 203| if (P256_LIMBS == 8) {
# 204|-> res |= a[4] ^ b[4];
# 205| res |= a[5] ^ b[5];
# 206| res |= a[6] ^ b[6];
Error: CPPCHECK_WARNING (CWE-823): [#def390]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:205: error[arrayIndexOutOfBounds]: Array 'a[4]' accessed at index 5, which is out of bounds.
# 203| if (P256_LIMBS == 8) {
# 204| res |= a[4] ^ b[4];
# 205|-> res |= a[5] ^ b[5];
# 206| res |= a[6] ^ b[6];
# 207| res |= a[7] ^ b[7];
Error: CPPCHECK_WARNING (CWE-823): [#def391]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:205: error[arrayIndexOutOfBounds]: Array 'b[4]' accessed at index 5, which is out of bounds.
# 203| if (P256_LIMBS == 8) {
# 204| res |= a[4] ^ b[4];
# 205|-> res |= a[5] ^ b[5];
# 206| res |= a[6] ^ b[6];
# 207| res |= a[7] ^ b[7];
Error: CPPCHECK_WARNING (CWE-823): [#def392]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:206: error[arrayIndexOutOfBounds]: Array 'a[4]' accessed at index 6, which is out of bounds.
# 204| res |= a[4] ^ b[4];
# 205| res |= a[5] ^ b[5];
# 206|-> res |= a[6] ^ b[6];
# 207| res |= a[7] ^ b[7];
# 208| }
Error: CPPCHECK_WARNING (CWE-823): [#def393]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:206: error[arrayIndexOutOfBounds]: Array 'b[4]' accessed at index 6, which is out of bounds.
# 204| res |= a[4] ^ b[4];
# 205| res |= a[5] ^ b[5];
# 206|-> res |= a[6] ^ b[6];
# 207| res |= a[7] ^ b[7];
# 208| }
Error: CPPCHECK_WARNING (CWE-823): [#def394]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:207: error[arrayIndexOutOfBounds]: Array 'a[4]' accessed at index 7, which is out of bounds.
# 205| res |= a[5] ^ b[5];
# 206| res |= a[6] ^ b[6];
# 207|-> res |= a[7] ^ b[7];
# 208| }
# 209|
Error: CPPCHECK_WARNING (CWE-823): [#def395]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:207: error[arrayIndexOutOfBounds]: Array 'b[4]' accessed at index 7, which is out of bounds.
# 205| res |= a[5] ^ b[5];
# 206| res |= a[6] ^ b[6];
# 207|-> res |= a[7] ^ b[7];
# 208| }
# 209|
Error: CPPCHECK_WARNING (CWE-823): [#def396]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:224: error[arrayIndexOutOfBounds]: Array 'ONE[4]' accessed at index 4, which is out of bounds.
# 222| res |= a[3] ^ ONE[3];
# 223| if (P256_LIMBS == 8) {
# 224|-> res |= a[4] ^ ONE[4];
# 225| res |= a[5] ^ ONE[5];
# 226| res |= a[6] ^ ONE[6];
Error: CPPCHECK_WARNING (CWE-823): [#def397]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:225: error[arrayIndexOutOfBounds]: Array 'ONE[4]' accessed at index 5, which is out of bounds.
# 223| if (P256_LIMBS == 8) {
# 224| res |= a[4] ^ ONE[4];
# 225|-> res |= a[5] ^ ONE[5];
# 226| res |= a[6] ^ ONE[6];
# 227| /*
Error: CPPCHECK_WARNING (CWE-823): [#def398]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:226: error[arrayIndexOutOfBounds]: Array 'ONE[4]' accessed at index 6, which is out of bounds.
# 224| res |= a[4] ^ ONE[4];
# 225| res |= a[5] ^ ONE[5];
# 226|-> res |= a[6] ^ ONE[6];
# 227| /*
# 228| * no check for a[7] (being zero) on 32-bit platforms,
Error: GCC_ANALYZER_WARNING (CWE-121): [#def399]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c: scope_hint: In function 'ecp_nistz256_points_mul'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1032:30: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1032:30: note: write of 1 byte to beyond the end of 'p_str'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1032:30: note: valid subscripts for 'p_str' are '[0]' to '[32]'
# +---------------------------------+
# |
# | [0] | ... | [32] || |
# |~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~||~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~|
# | |
# 1030|
# 1031| p_str[i + 0] = (unsigned char)d;
# 1032|-> p_str[i + 1] = (unsigned char)(d >> 8);
# 1033| p_str[i + 2] = (unsigned char)(d >> 16);
# 1034| p_str[i + 3] = (unsigned char)(d >>= 24);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def400]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1033:30: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1033:30: note: write of 1 byte to beyond the end of 'p_str'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1033:30: note: valid subscripts for 'p_str' are '[0]' to '[32]'
# +---------------------------------+
# |
# | [0] | ... | [32] | | |
# |~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~||||~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~|
# | | |
# 1031| p_str[i + 0] = (unsigned char)d;
# 1032| p_str[i + 1] = (unsigned char)(d >> 8);
# 1033|-> p_str[i + 2] = (unsigned char)(d >> 16);
# 1034| p_str[i + 3] = (unsigned char)(d >>= 24);
# 1035| if (BN_BYTES == 8) {
Error: GCC_ANALYZER_WARNING (CWE-121): [#def401]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1034:30: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1034:30: note: write of 1 byte to beyond the end of 'p_str'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1034:30: note: valid subscripts for 'p_str' are '[0]' to '[32]'
# +---------------------------------+
# |
# | [0] | ... | [32] | | |
# |~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~||||~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~|
# | | |
# 1032| p_str[i + 1] = (unsigned char)(d >> 8);
# 1033| p_str[i + 2] = (unsigned char)(d >> 16);
# 1034|-> p_str[i + 3] = (unsigned char)(d >>= 24);
# 1035| if (BN_BYTES == 8) {
# 1036| d >>= 8;
Error: GCC_ANALYZER_WARNING (CWE-121): [#def402]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1037:34: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1037:34: note: write of 1 byte to beyond the end of 'p_str'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1037:34: note: valid subscripts for 'p_str' are '[0]' to '[32]'
# +---------------------------------+
# |
# | [0] | ... | [32] | | |
# |~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~||||~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~|
# | | |
# 1035| if (BN_BYTES == 8) {
# 1036| d >>= 8;
# 1037|-> p_str[i + 4] = (unsigned char)d;
# 1038| p_str[i + 5] = (unsigned char)(d >> 8);
# 1039| p_str[i + 6] = (unsigned char)(d >> 16);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def403]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1038:34: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1038:34: note: write of 1 byte to beyond the end of 'p_str'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1038:34: note: valid subscripts for 'p_str' are '[0]' to '[32]'
# +---------------------------------+
# |
# | [0] | ... | [32] | | |
# |~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~||||~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~|
# | | |
# 1036| d >>= 8;
# 1037| p_str[i + 4] = (unsigned char)d;
# 1038|-> p_str[i + 5] = (unsigned char)(d >> 8);
# 1039| p_str[i + 6] = (unsigned char)(d >> 16);
# 1040| p_str[i + 7] = (unsigned char)(d >> 24);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def404]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1039:34: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1039:34: note: write of 1 byte to beyond the end of 'p_str'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1039:34: note: valid subscripts for 'p_str' are '[0]' to '[32]'
# +---------------------------------+
# |
# | [0] | ... | [32] | | |
# |~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~||||~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~|
# | | |
# 1037| p_str[i + 4] = (unsigned char)d;
# 1038| p_str[i + 5] = (unsigned char)(d >> 8);
# 1039|-> p_str[i + 6] = (unsigned char)(d >> 16);
# 1040| p_str[i + 7] = (unsigned char)(d >> 24);
# 1041| }
Error: GCC_ANALYZER_WARNING (CWE-121): [#def405]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1040:34: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1040:34: note: write of 1 byte to beyond the end of 'p_str'
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1040:34: note: valid subscripts for 'p_str' are '[0]' to '[32]'
# +---------------------------------+
# |
# | [0] | ... | [32] | | |
# |~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~||||~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~|
# | | |
# 1038| p_str[i + 5] = (unsigned char)(d >> 8);
# 1039| p_str[i + 6] = (unsigned char)(d >> 16);
# 1040|-> p_str[i + 7] = (unsigned char)(d >> 24);
# 1041| }
# 1042| }
Error: CPPCHECK_WARNING (CWE-823): [#def406]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1067: error[arrayIndexOutOfBounds]: Array 'p.p.X[4]' accessed at index 4, which is out of bounds.
# 1065| p.p.Y[0] | p.p.Y[1] | p.p.Y[2] | p.p.Y[3]);
# 1066| if (P256_LIMBS == 8)
# 1067|-> infty |= (p.p.X[4] | p.p.X[5] | p.p.X[6] | p.p.X[7] |
# 1068| p.p.Y[4] | p.p.Y[5] | p.p.Y[6] | p.p.Y[7]);
# 1069|
Error: CPPCHECK_WARNING (CWE-823): [#def407]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1067: error[arrayIndexOutOfBounds]: Array 'p.p.X[4]' accessed at index 5, which is out of bounds.
# 1065| p.p.Y[0] | p.p.Y[1] | p.p.Y[2] | p.p.Y[3]);
# 1066| if (P256_LIMBS == 8)
# 1067|-> infty |= (p.p.X[4] | p.p.X[5] | p.p.X[6] | p.p.X[7] |
# 1068| p.p.Y[4] | p.p.Y[5] | p.p.Y[6] | p.p.Y[7]);
# 1069|
Error: CPPCHECK_WARNING (CWE-823): [#def408]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1067: error[arrayIndexOutOfBounds]: Array 'p.p.X[4]' accessed at index 6, which is out of bounds.
# 1065| p.p.Y[0] | p.p.Y[1] | p.p.Y[2] | p.p.Y[3]);
# 1066| if (P256_LIMBS == 8)
# 1067|-> infty |= (p.p.X[4] | p.p.X[5] | p.p.X[6] | p.p.X[7] |
# 1068| p.p.Y[4] | p.p.Y[5] | p.p.Y[6] | p.p.Y[7]);
# 1069|
Error: CPPCHECK_WARNING (CWE-823): [#def409]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1067: error[arrayIndexOutOfBounds]: Array 'p.p.X[4]' accessed at index 7, which is out of bounds.
# 1065| p.p.Y[0] | p.p.Y[1] | p.p.Y[2] | p.p.Y[3]);
# 1066| if (P256_LIMBS == 8)
# 1067|-> infty |= (p.p.X[4] | p.p.X[5] | p.p.X[6] | p.p.X[7] |
# 1068| p.p.Y[4] | p.p.Y[5] | p.p.Y[6] | p.p.Y[7]);
# 1069|
Error: CPPCHECK_WARNING (CWE-823): [#def410]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1068: error[arrayIndexOutOfBounds]: Array 'p.p.Y[4]' accessed at index 4, which is out of bounds.
# 1066| if (P256_LIMBS == 8)
# 1067| infty |= (p.p.X[4] | p.p.X[5] | p.p.X[6] | p.p.X[7] |
# 1068|-> p.p.Y[4] | p.p.Y[5] | p.p.Y[6] | p.p.Y[7]);
# 1069|
# 1070| infty = 0 - is_zero(infty);
Error: CPPCHECK_WARNING (CWE-823): [#def411]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1068: error[arrayIndexOutOfBounds]: Array 'p.p.Y[4]' accessed at index 5, which is out of bounds.
# 1066| if (P256_LIMBS == 8)
# 1067| infty |= (p.p.X[4] | p.p.X[5] | p.p.X[6] | p.p.X[7] |
# 1068|-> p.p.Y[4] | p.p.Y[5] | p.p.Y[6] | p.p.Y[7]);
# 1069|
# 1070| infty = 0 - is_zero(infty);
Error: CPPCHECK_WARNING (CWE-823): [#def412]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1068: error[arrayIndexOutOfBounds]: Array 'p.p.Y[4]' accessed at index 6, which is out of bounds.
# 1066| if (P256_LIMBS == 8)
# 1067| infty |= (p.p.X[4] | p.p.X[5] | p.p.X[6] | p.p.X[7] |
# 1068|-> p.p.Y[4] | p.p.Y[5] | p.p.Y[6] | p.p.Y[7]);
# 1069|
# 1070| infty = 0 - is_zero(infty);
Error: CPPCHECK_WARNING (CWE-823): [#def413]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1068: error[arrayIndexOutOfBounds]: Array 'p.p.Y[4]' accessed at index 7, which is out of bounds.
# 1066| if (P256_LIMBS == 8)
# 1067| infty |= (p.p.X[4] | p.p.X[5] | p.p.X[6] | p.p.X[7] |
# 1068|-> p.p.Y[4] | p.p.Y[5] | p.p.Y[6] | p.p.Y[7]);
# 1069|
# 1070| infty = 0 - is_zero(infty);
Error: CPPCHECK_WARNING (CWE-823): [#def414]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1078: error[arrayIndexOutOfBounds]: Array 'ONE[4]' accessed at index 4, which is out of bounds.
# 1076| p.p.Z[3] = ONE[3] & infty;
# 1077| if (P256_LIMBS == 8) {
# 1078|-> p.p.Z[4] = ONE[4] & infty;
# 1079| p.p.Z[5] = ONE[5] & infty;
# 1080| p.p.Z[6] = ONE[6] & infty;
Error: CPPCHECK_WARNING (CWE-823): [#def415]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1078: error[arrayIndexOutOfBounds]: Array 'p.p.Z[4]' accessed at index 4, which is out of bounds.
# 1076| p.p.Z[3] = ONE[3] & infty;
# 1077| if (P256_LIMBS == 8) {
# 1078|-> p.p.Z[4] = ONE[4] & infty;
# 1079| p.p.Z[5] = ONE[5] & infty;
# 1080| p.p.Z[6] = ONE[6] & infty;
Error: CPPCHECK_WARNING (CWE-823): [#def416]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1079: error[arrayIndexOutOfBounds]: Array 'ONE[4]' accessed at index 5, which is out of bounds.
# 1077| if (P256_LIMBS == 8) {
# 1078| p.p.Z[4] = ONE[4] & infty;
# 1079|-> p.p.Z[5] = ONE[5] & infty;
# 1080| p.p.Z[6] = ONE[6] & infty;
# 1081| p.p.Z[7] = ONE[7] & infty;
Error: CPPCHECK_WARNING (CWE-823): [#def417]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1079: error[arrayIndexOutOfBounds]: Array 'p.p.Z[4]' accessed at index 5, which is out of bounds.
# 1077| if (P256_LIMBS == 8) {
# 1078| p.p.Z[4] = ONE[4] & infty;
# 1079|-> p.p.Z[5] = ONE[5] & infty;
# 1080| p.p.Z[6] = ONE[6] & infty;
# 1081| p.p.Z[7] = ONE[7] & infty;
Error: CPPCHECK_WARNING (CWE-823): [#def418]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1080: error[arrayIndexOutOfBounds]: Array 'ONE[4]' accessed at index 6, which is out of bounds.
# 1078| p.p.Z[4] = ONE[4] & infty;
# 1079| p.p.Z[5] = ONE[5] & infty;
# 1080|-> p.p.Z[6] = ONE[6] & infty;
# 1081| p.p.Z[7] = ONE[7] & infty;
# 1082| }
Error: CPPCHECK_WARNING (CWE-823): [#def419]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1080: error[arrayIndexOutOfBounds]: Array 'p.p.Z[4]' accessed at index 6, which is out of bounds.
# 1078| p.p.Z[4] = ONE[4] & infty;
# 1079| p.p.Z[5] = ONE[5] & infty;
# 1080|-> p.p.Z[6] = ONE[6] & infty;
# 1081| p.p.Z[7] = ONE[7] & infty;
# 1082| }
Error: CPPCHECK_WARNING (CWE-823): [#def420]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1081: error[arrayIndexOutOfBounds]: Array 'ONE[4]' accessed at index 7, which is out of bounds.
# 1079| p.p.Z[5] = ONE[5] & infty;
# 1080| p.p.Z[6] = ONE[6] & infty;
# 1081|-> p.p.Z[7] = ONE[7] & infty;
# 1082| }
# 1083|
Error: CPPCHECK_WARNING (CWE-823): [#def421]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_nistz256.c:1081: error[arrayIndexOutOfBounds]: Array 'p.p.Z[4]' accessed at index 7, which is out of bounds.
# 1079| p.p.Z[5] = ONE[5] & infty;
# 1080| p.p.Z[6] = ONE[6] & infty;
# 1081|-> p.p.Z[7] = ONE[7] & infty;
# 1082| }
# 1083|
Error: CPPCHECK_WARNING: [#def422]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_oct.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def423]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecp_smpl.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def424]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecx_backend.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def425]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecx_key.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def426]
openssl-3.2.2-build/openssl-3.2.2/crypto/ec/ecx_meth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def427]
openssl-3.2.2-build/openssl-3.2.2/crypto/encode_decode/decoder_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def428]
openssl-3.2.2-build/openssl-3.2.2/crypto/encode_decode/decoder_lib.c:718:10: warning[deadcode.DeadStores]: Value stored to 'bio' during its initialization is never read
# 716| OSSL_DECODER *decoder = NULL;
# 717| OSSL_CORE_BIO *cbio = NULL;
# 718|-> BIO *bio = data->bio;
# 719| long loc;
# 720| size_t i;
Error: CLANG_WARNING: [#def429]
openssl-3.2.2-build/openssl-3.2.2/crypto/encode_decode/decoder_lib.c:828:9: warning[deadcode.DeadStores]: Value stored to 'trace_data_structure' is never read
# 826| * too special knowledge.
# 827| */
# 828|-> trace_data_structure = data_structure;
# 829| if (data_type != NULL && data_structure != NULL
# 830| && OPENSSL_strcasecmp(data_structure, "type-specific") == 0)
Error: GCC_ANALYZER_WARNING (CWE-476): [#def430]
openssl-3.2.2-build/openssl-3.2.2/crypto/encode_decode/decoder_lib.c:1000:25: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/crypto/encode_decode/decoder_lib.c:851:16: note: in expansion of macro 'BIO_tell'
# 998| new_data.flag_input_structure_checked
# 999| = data->flag_input_structure_checked;
# 1000|-> ok = new_decoder->decode(new_decoderctx, cbio,
# 1001| new_data.ctx->selection,
# 1002| decoder_process, &new_data,
Error: GCC_ANALYZER_WARNING (CWE-476): [#def431]
openssl-3.2.2-build/openssl-3.2.2/crypto/encode_decode/decoder_lib.c: scope_hint: In function 'decoder_process'
openssl-3.2.2-build/openssl-3.2.2/crypto/encode_decode/decoder_lib.c:1000:25: warning[-Wanalyzer-null-dereference]: dereference of NULL 'decoder'
openssl-3.2.2-build/openssl-3.2.2/crypto/encode_decode/decoder_lib.c:11: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/crypto/encode_decode/decoder_lib.c:851:16: note: in expansion of macro 'BIO_tell'
# 998| new_data.flag_input_structure_checked
# 999| = data->flag_input_structure_checked;
# 1000|-> ok = new_decoder->decode(new_decoderctx, cbio,
# 1001| new_data.ctx->selection,
# 1002| decoder_process, &new_data,
Error: CPPCHECK_WARNING: [#def432]
openssl-3.2.2-build/openssl-3.2.2/crypto/encode_decode/decoder_meth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def433]
openssl-3.2.2-build/openssl-3.2.2/crypto/encode_decode/decoder_pkey.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def434]
openssl-3.2.2-build/openssl-3.2.2/crypto/encode_decode/encoder_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def435]
openssl-3.2.2-build/openssl-3.2.2/crypto/encode_decode/encoder_lib.c:637:22: warning[core.NullDereference]: Access to field 'encode' results in a dereference of a null pointer (loaded from variable 'current_encoder')
# 635| ok = (cbio = ossl_core_bio_new_from_bio(current_out)) != NULL;
# 636| if (ok) {
# 637|-> ok = current_encoder->encode(current_encoder_ctx, cbio,
# 638| original_data, current_abstract,
# 639| data->ctx->selection,
Error: CPPCHECK_WARNING: [#def436]
openssl-3.2.2-build/openssl-3.2.2/crypto/encode_decode/encoder_pkey.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def437]
openssl-3.2.2-build/openssl-3.2.2/crypto/engine/eng_cnf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def438]
openssl-3.2.2-build/openssl-3.2.2/crypto/engine/eng_ctrl.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def439]
openssl-3.2.2-build/openssl-3.2.2/crypto/engine/eng_dyn.c:222:13: warning[deadcode.DeadStores]: Value stored to 'new_idx' is never read
# 220| /* Good, someone didn't beat us to it */
# 221| dynamic_ex_data_idx = new_idx;
# 222|-> new_idx = -1;
# 223| }
# 224| CRYPTO_THREAD_unlock(global_engine_lock);
Error: CPPCHECK_WARNING: [#def440]
openssl-3.2.2-build/openssl-3.2.2/crypto/engine/eng_fat.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def441]
openssl-3.2.2-build/openssl-3.2.2/crypto/engine/eng_init.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def442]
openssl-3.2.2-build/openssl-3.2.2/crypto/engine/eng_list.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def443]
openssl-3.2.2-build/openssl-3.2.2/crypto/err/err.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def444]
openssl-3.2.2-build/openssl-3.2.2/crypto/err/err_blocks.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def445]
openssl-3.2.2-build/openssl-3.2.2/crypto/err/err_prn.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def446]
openssl-3.2.2-build/openssl-3.2.2/crypto/err/err_save.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def447]
openssl-3.2.2-build/openssl-3.2.2/crypto/ess/ess_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def448]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/bio_b64.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def449]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/bio_enc.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def450]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/bio_ok.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-835): [#def451]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/bio_ok.c: scope_hint: In function 'ok_ctrl'
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/bio_ok.c:361:19: warning[-Wanalyzer-infinite-loop]: infinite loop
# 359| return 0;
# 360|
# 361|-> while (ctx->blockout) {
# 362| i = ok_write(b, NULL, 0);
# 363| if (i < 0) {
Error: CPPCHECK_WARNING: [#def452]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/ctrl_params_translate.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-562): [#def453]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/ctrl_params_translate.c:1163: error[autoVariables]: Address of local auto-variable assigned to a function parameter.
# 1161| */
# 1162| p2 = ctx->name_buf;
# 1163|-> ctx->p2 = &p2;
# 1164| ctx->sz = sizeof(ctx->name_buf);
# 1165| }
Error: CLANG_WARNING: [#def454]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/ctrl_params_translate.c:1489:13: warning[deadcode.DeadStores]: Value stored to 'ret' is never read
# 1487| return 0;
# 1488| if (state == POST_CTRL_TO_PARAMS)
# 1489|-> ret = str_value_map[i].id;
# 1490| else
# 1491| ctx->p1 = str_value_map[i].id;
Error: CPPCHECK_WARNING: [#def455]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/digest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def456]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def457]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def458]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:184: error[legacyUninitvar]: Uninitialized variable: blocks[0].c
# 182|
# 183| /* ask for IVs in bulk */
# 184|-> if (RAND_bytes((IVs = blocks[0].c), 16 * x4) <= 0)
# 185| return 0;
# 186|
Error: GCC_ANALYZER_WARNING (CWE-121): [#def459]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c: scope_hint: In function 'tls1_1_multi_block_encrypt'
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:208:23: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:208:23: note: write of 8 bytes to beyond the end of 'ciph_d'
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:208:23: note: valid subscripts for 'ciph_d' are '[0]' to '[7]'
# +------------------------------------------+
# |
# | [0] | ... | [7] || |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||~~~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~~~|
# | |
# 206|
# 207| for (i = 1; i < x4; i++) {
# 208|-> ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
# 209| ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 210| memcpy(ciph_d[i].out - 16, IVs, 16);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def460]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:208:39: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:208:39: note: write of 8 bytes to beyond the end of 'hash_d'
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:208:39: note: valid subscripts for 'hash_d' are '[0]' to '[7]'
# +------------------------------------------+
# |
# | [0] | ... | [7] || |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||~~~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~~~|
# | |
# 206|
# 207| for (i = 1; i < x4; i++) {
# 208|-> ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
# 209| ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 210| memcpy(ciph_d[i].out - 16, IVs, 16);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def461]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:209:23: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:209:23: note: write of 8 bytes to beyond the end of 'ciph_d'
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:209:23: note: valid subscripts for 'ciph_d' are '[0]' to '[7]'
# +------------------------------------+
# |
# | [0] | ... | [7] | | |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||||~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~|
# | | |
# 207| for (i = 1; i < x4; i++) {
# 208| ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
# 209|-> ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 210| memcpy(ciph_d[i].out - 16, IVs, 16);
# 211| memcpy(ciph_d[i].iv, IVs, 16);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def462]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:211:9: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:211:9: note: write of 16 bytes to beyond the end of 'ciph_d'
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:211:9: note: valid subscripts for 'ciph_d' are '[0]' to '[7]'
# +-------------------------------+
# |
# | [0] | ... | [7] | | |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||||~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~|
# | | |
# 209| ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 210| memcpy(ciph_d[i].out - 16, IVs, 16);
# 211|-> memcpy(ciph_d[i].iv, IVs, 16);
# 212| IVs += 16;
# 213| }
Error: CPPCHECK_WARNING (CWE-758): [#def463]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:715: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 713| c = p[j];
# 714| cmask =
# 715|-> ((int)(j - off - SHA_DIGEST_LENGTH)) >> (sizeof(int) *
# 716| 8 - 1);
# 717| res |= (c ^ pad) & ~cmask; /* ... and padding */
Error: CPPCHECK_WARNING (CWE-758): [#def464]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha1.c:718: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 716| 8 - 1);
# 717| res |= (c ^ pad) & ~cmask; /* ... and padding */
# 718|-> cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1);
# 719| res |= (c ^ pmac->c[i]) & cmask;
# 720| i += 1 & cmask;
Error: CPPCHECK_WARNING: [#def465]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def466]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:178: error[legacyUninitvar]: Uninitialized variable: blocks[0].c
# 176|
# 177| /* ask for IVs in bulk */
# 178|-> if (RAND_bytes((IVs = blocks[0].c), 16 * x4) <= 0)
# 179| return 0;
# 180|
Error: GCC_ANALYZER_WARNING (CWE-121): [#def467]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c: scope_hint: In function 'tls1_1_multi_block_encrypt'
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:203:23: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:203:23: note: write of 8 bytes to beyond the end of 'ciph_d'
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:203:23: note: valid subscripts for 'ciph_d' are '[0]' to '[7]'
# +------------------------------------------+
# |
# | [0] | ... | [7] || |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||~~~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~~~|
# | |
# 201|
# 202| for (i = 1; i < x4; i++) {
# 203|-> ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
# 204| ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 205| memcpy(ciph_d[i].out - 16, IVs, 16);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def468]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:203:39: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:203:39: note: write of 8 bytes to beyond the end of 'hash_d'
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:203:39: note: valid subscripts for 'hash_d' are '[0]' to '[7]'
# +------------------------------------------+
# |
# | [0] | ... | [7] || |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||~~~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~~~|
# | |
# 201|
# 202| for (i = 1; i < x4; i++) {
# 203|-> ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
# 204| ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 205| memcpy(ciph_d[i].out - 16, IVs, 16);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def469]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:204:23: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:204:23: note: write of 8 bytes to beyond the end of 'ciph_d'
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:204:23: note: valid subscripts for 'ciph_d' are '[0]' to '[7]'
# +------------------------------------+
# |
# | [0] | ... | [7] | | |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||||~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~|
# | | |
# 202| for (i = 1; i < x4; i++) {
# 203| ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
# 204|-> ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 205| memcpy(ciph_d[i].out - 16, IVs, 16);
# 206| memcpy(ciph_d[i].iv, IVs, 16);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def470]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:206:9: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:206:9: note: write of 16 bytes to beyond the end of 'ciph_d'
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:206:9: note: valid subscripts for 'ciph_d' are '[0]' to '[7]'
# +-------------------------------+
# |
# | [0] | ... | [7] | | |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||||~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~|
# | | |
# 204| ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 205| memcpy(ciph_d[i].out - 16, IVs, 16);
# 206|-> memcpy(ciph_d[i].iv, IVs, 16);
# 207| IVs += 16;
# 208| }
Error: CPPCHECK_WARNING (CWE-758): [#def471]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:713: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 711| c = p[j];
# 712| cmask =
# 713|-> ((int)(j - off - SHA256_DIGEST_LENGTH)) >>
# 714| (sizeof(int) * 8 - 1);
# 715| res |= (c ^ pad) & ~cmask; /* ... and padding */
Error: CPPCHECK_WARNING (CWE-758): [#def472]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aes_cbc_hmac_sha256.c:716: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 714| (sizeof(int) * 8 - 1);
# 715| res |= (c ^ pad) & ~cmask; /* ... and padding */
# 716|-> cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1);
# 717| res |= (c ^ pmac->c[i]) & cmask;
# 718| i += 1 & cmask;
Error: CPPCHECK_WARNING: [#def473]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_aria.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def474]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_chacha20_poly1305.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def475]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/e_rc4_hmac_md5.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def476]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/encode.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def477]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/evp_cnf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def478]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/evp_enc.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-758): [#def479]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/evp_enc.c:31: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 29| #include "evp_local.h"
# 30|
# 31|-> OSSL_SAFE_MATH_SIGNED(int, int)
# 32|
# 33| int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx)
Error: CPPCHECK_WARNING: [#def480]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/evp_fetch.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def481]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/evp_key.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def482]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/evp_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def483]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/evp_pbe.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def484]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/evp_pkey.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def485]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/evp_rand.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def486]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/keymgmt_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def487]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/keymgmt_lib.c:118:13: warning[core.NullDereference]: Access to field 'name_id' results in a dereference of a null pointer (loaded from field 'keymgmt')
# 116| */
# 117| if (pk->keymgmt == keymgmt
# 118|-> || (pk->keymgmt->name_id == keymgmt->name_id
# 119| && pk->keymgmt->prov == keymgmt->prov))
# 120| return pk->keydata;
Error: CPPCHECK_WARNING: [#def488]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/m_sigver.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def489]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/m_sigver.c:525:17: warning[core.NullDereference]: Access to field 'digest_custom' results in a dereference of a null pointer (loaded from field 'pmeth')
# 523| /* do_sigver_init() checked that |digest_custom| is non-NULL */
# 524| if (pctx->flag_call_digest_custom
# 525|-> && !ctx->pctx->pmeth->digest_custom(ctx->pctx, ctx))
# 526| return 0;
# 527| pctx->flag_call_digest_custom = 0;
Error: CLANG_WARNING: [#def490]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/m_sigver.c:560:17: warning[core.NullDereference]: Access to field 'digest_custom' results in a dereference of a null pointer (loaded from field 'pmeth')
# 558| /* do_sigver_init() checked that |digest_custom| is non-NULL */
# 559| if (pctx->flag_call_digest_custom
# 560|-> && !ctx->pctx->pmeth->digest_custom(ctx->pctx, ctx))
# 561| return 0;
# 562| pctx->flag_call_digest_custom = 0;
Error: CLANG_WARNING: [#def491]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/m_sigver.c:608:9: warning[core.NullDereference]: Access to field 'digest_sign_final' results in a dereference of a null pointer (loaded from field 'signature')
# 606| return r;
# 607| #else
# 608|-> r = pctx->op.sig.signature->digest_sign_final(pctx->op.sig.algctx,
# 609| sigret, siglen,
# 610| sigret == NULL ? 0 : *siglen);
Error: CLANG_WARNING: [#def492]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/m_sigver.c:714:13: warning[core.NullDereference]: Access to field 'pmeth' results in a dereference of a null pointer (loaded from field 'pctx')
# 712| } else {
# 713| /* legacy */
# 714|-> if (ctx->pctx->pmeth != NULL && ctx->pctx->pmeth->digestsign != NULL)
# 715| return ctx->pctx->pmeth->digestsign(ctx, sigret, siglen, tbs, tbslen);
# 716| }
Error: CLANG_WARNING: [#def493]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/m_sigver.c:835:13: warning[core.NullDereference]: Access to field 'pmeth' results in a dereference of a null pointer (loaded from field 'pctx')
# 833| } else {
# 834| /* legacy */
# 835|-> if (ctx->pctx->pmeth != NULL && ctx->pctx->pmeth->digestverify != NULL)
# 836| return ctx->pctx->pmeth->digestverify(ctx, sigret, siglen, tbs, tbslen);
# 837| }
Error: CPPCHECK_WARNING: [#def494]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/mac_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def495]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/p5_crpt2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def496]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/p_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def497]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/p_seal.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def498]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/pbe_scrypt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def499]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/pmeth_gn.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def500]
openssl-3.2.2-build/openssl-3.2.2/crypto/evp/pmeth_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def501]
openssl-3.2.2-build/openssl-3.2.2/crypto/ex_data.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def502]
openssl-3.2.2-build/openssl-3.2.2/crypto/ffc/ffc_params.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def503]
openssl-3.2.2-build/openssl-3.2.2/crypto/ffc/ffc_params_generate.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def504]
openssl-3.2.2-build/openssl-3.2.2/crypto/ffc/ffc_params_validate.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def505]
openssl-3.2.2-build/openssl-3.2.2/crypto/hmac/hmac.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def506]
openssl-3.2.2-build/openssl-3.2.2/crypto/hpke/hpke.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def507]
openssl-3.2.2-build/openssl-3.2.2/crypto/hpke/hpke_util.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def508]
openssl-3.2.2-build/openssl-3.2.2/crypto/http/http_client.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def509]
openssl-3.2.2-build/openssl-3.2.2/crypto/http/http_client.c:738:17: warning[deadcode.DeadStores]: Value stored to 'got_text' is never read
# 736| }
# 737| if (OPENSSL_strcasecmp(key, "Content-Type") == 0) {
# 738|-> got_text = OPENSSL_strncasecmp(value, "text/", 5) == 0;
# 739| if (rctx->state == OHS_HEADERS
# 740| && rctx->expected_ct != NULL) {
Error: CLANG_WARNING: [#def510]
openssl-3.2.2-build/openssl-3.2.2/crypto/http/http_lib.c:87:23: warning[deadcode.DeadStores]: Although the value stored to 'host' is used in the enclosing expression, the value is never actually read from 'host'
# 85|
# 86| /* parse optional "userinfo@" */
# 87|-> user = user_end = host = p;
# 88| host = strchr(p, '@');
# 89| if (host != NULL)
Error: CPPCHECK_WARNING: [#def511]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_cbc.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def512]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_cbc.c:92:5: warning[deadcode.DeadStores]: Value stored to 'tin0' is never read
# 90| l2n(xor1, iv);
# 91| }
# 92|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 93| tin[0] = tin[1] = 0;
# 94| }
Error: CLANG_WARNING: [#def513]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_cbc.c:92:12: warning[deadcode.DeadStores]: Although the value stored to 'tin1' is used in the enclosing expression, the value is never actually read from 'tin1'
# 90| l2n(xor1, iv);
# 91| }
# 92|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 93| tin[0] = tin[1] = 0;
# 94| }
Error: CLANG_WARNING: [#def514]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_cbc.c:92:19: warning[deadcode.DeadStores]: Although the value stored to 'tout0' is used in the enclosing expression, the value is never actually read from 'tout0'
# 90| l2n(xor1, iv);
# 91| }
# 92|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 93| tin[0] = tin[1] = 0;
# 94| }
Error: CLANG_WARNING: [#def515]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_cbc.c:92:27: warning[deadcode.DeadStores]: Although the value stored to 'tout1' is used in the enclosing expression, the value is never actually read from 'tout1'
# 90| l2n(xor1, iv);
# 91| }
# 92|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 93| tin[0] = tin[1] = 0;
# 94| }
Error: CLANG_WARNING: [#def516]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_cbc.c:92:35: warning[deadcode.DeadStores]: Although the value stored to 'xor0' is used in the enclosing expression, the value is never actually read from 'xor0'
# 90| l2n(xor1, iv);
# 91| }
# 92|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 93| tin[0] = tin[1] = 0;
# 94| }
Error: CLANG_WARNING: [#def517]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_cbc.c:92:42: warning[deadcode.DeadStores]: Although the value stored to 'xor1' is used in the enclosing expression, the value is never actually read from 'xor1'
# 90| l2n(xor1, iv);
# 91| }
# 92|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 93| tin[0] = tin[1] = 0;
# 94| }
Error: CLANG_WARNING: [#def518]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_cfb64.c:84:5: warning[deadcode.DeadStores]: Value stored to 'v0' is never read
# 82| }
# 83| }
# 84|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 85| *num = n;
# 86| }
Error: CLANG_WARNING: [#def519]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_cfb64.c:84:10: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 82| }
# 83| }
# 84|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 85| *num = n;
# 86| }
Error: CLANG_WARNING: [#def520]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_cfb64.c:84:31: warning[deadcode.DeadStores]: Although the value stored to 't' is used in the enclosing expression, the value is never actually read from 't'
# 82| }
# 83| }
# 84|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 85| *num = n;
# 86| }
Error: CLANG_WARNING: [#def521]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_cfb64.c:84:35: warning[deadcode.DeadStores]: Although the value stored to 'c' is used in the enclosing expression, the value is never actually read from 'c'
# 82| }
# 83| }
# 84|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 85| *num = n;
# 86| }
Error: CLANG_WARNING: [#def522]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_cfb64.c:84:39: warning[deadcode.DeadStores]: Although the value stored to 'cc' is used in the enclosing expression, the value is never actually read from 'cc'
# 82| }
# 83| }
# 84|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 85| *num = n;
# 86| }
Error: CLANG_WARNING: [#def523]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_ecb.c:40:5: warning[deadcode.DeadStores]: Value stored to 'l0' is never read
# 38| l1 = d[1];
# 39| l2n(l1, out);
# 40|-> l0 = l1 = d[0] = d[1] = 0;
# 41| }
Error: CLANG_WARNING: [#def524]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_ecb.c:40:10: warning[deadcode.DeadStores]: Although the value stored to 'l1' is used in the enclosing expression, the value is never actually read from 'l1'
# 38| l1 = d[1];
# 39| l2n(l1, out);
# 40|-> l0 = l1 = d[0] = d[1] = 0;
# 41| }
Error: CLANG_WARNING: [#def525]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_ofb64.c:71:5: warning[deadcode.DeadStores]: Value stored to 't' is never read
# 69| l2n(v1, iv);
# 70| }
# 71|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 72| *num = n;
# 73| }
Error: CLANG_WARNING: [#def526]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_ofb64.c:71:9: warning[deadcode.DeadStores]: Although the value stored to 'v0' is used in the enclosing expression, the value is never actually read from 'v0'
# 69| l2n(v1, iv);
# 70| }
# 71|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 72| *num = n;
# 73| }
Error: CLANG_WARNING: [#def527]
openssl-3.2.2-build/openssl-3.2.2/crypto/idea/i_ofb64.c:71:14: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 69| l2n(v1, iv);
# 70| }
# 71|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 72| *num = n;
# 73| }
Error: CPPCHECK_WARNING: [#def528]
openssl-3.2.2-build/openssl-3.2.2/crypto/init.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def529]
openssl-3.2.2-build/openssl-3.2.2/crypto/initthread.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def530]
openssl-3.2.2-build/openssl-3.2.2/crypto/md5/md5_sha1.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-590): [#def531]
openssl-3.2.2-build/openssl-3.2.2/crypto/mem.c:282:5: warning[-Wfree-nonheap-object]: 'free' called on unallocated object 'recp'
# 282 | free(str);
# | ^
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_exp.c: scope_hint: In function 'BN_mod_exp_recp'
openssl-3.2.2-build/openssl-3.2.2/crypto/bn/bn_exp.c:177:17: note: declared here
# 177 | BN_RECP_CTX recp;
# | ^
# 280| }
# 281|
# 282|-> free(str);
# 283| }
# 284|
Error: CPPCHECK_WARNING: [#def532]
openssl-3.2.2-build/openssl-3.2.2/crypto/modes/cbc128.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def533]
openssl-3.2.2-build/openssl-3.2.2/crypto/modes/ccm128.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def534]
openssl-3.2.2-build/openssl-3.2.2/crypto/modes/cfb128.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def535]
openssl-3.2.2-build/openssl-3.2.2/crypto/modes/ctr128.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def536]
openssl-3.2.2-build/openssl-3.2.2/crypto/modes/gcm128.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def537]
openssl-3.2.2-build/openssl-3.2.2/crypto/modes/ofb128.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def538]
openssl-3.2.2-build/openssl-3.2.2/crypto/modes/wrap128.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def539]
openssl-3.2.2-build/openssl-3.2.2/crypto/modes/xts128.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-758): [#def540]
openssl-3.2.2-build/openssl-3.2.2/crypto/modes/xts128.c:74: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 72| unsigned int carry, res;
# 73|
# 74|-> res = 0x87 & (((int)tweak.d[3]) >> 31);
# 75| carry = (unsigned int)(tweak.u[0] >> 63);
# 76| tweak.u[0] = (tweak.u[0] << 1) ^ res;
Error: CPPCHECK_WARNING (CWE-758): [#def541]
openssl-3.2.2-build/openssl-3.2.2/crypto/modes/xts128.c:113: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 111| unsigned int carry, res;
# 112|
# 113|-> res = 0x87 & (((int)tweak.d[3]) >> 31);
# 114| carry = (unsigned int)(tweak.u[0] >> 63);
# 115| tweak1.u[0] = (tweak.u[0] << 1) ^ res;
Error: CPPCHECK_WARNING: [#def542]
openssl-3.2.2-build/openssl-3.2.2/crypto/modes/xts128gb.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def543]
openssl-3.2.2-build/openssl-3.2.2/crypto/o_str.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def544]
openssl-3.2.2-build/openssl-3.2.2/crypto/objects/o_names.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def545]
openssl-3.2.2-build/openssl-3.2.2/crypto/objects/obj_dat.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def546]
openssl-3.2.2-build/openssl-3.2.2/crypto/objects/obj_dat.c:600:13: warning[deadcode.DeadStores]: Value stored to 'l' is never read
# 598| }
# 599| n += i;
# 600|-> l = 0;
# 601| }
# 602| }
Error: CPPCHECK_WARNING: [#def547]
openssl-3.2.2-build/openssl-3.2.2/crypto/objects/obj_xref.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def548]
openssl-3.2.2-build/openssl-3.2.2/crypto/ocsp/ocsp_vfy.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def549]
openssl-3.2.2-build/openssl-3.2.2/crypto/ocsp/ocsp_vfy.c:411:10: warning[deadcode.DeadStores]: Although the value stored to 'ret' is used in the enclosing expression, the value is never actually read from 'ret'
# 409| flags |= OCSP_NOVERIFY;
# 410|
# 411|-> if ((ret = ocsp_verify(req, NULL, signer, flags)) <= 0)
# 412| return 0; /* not returning 'ret' here for backward compatibility*/
# 413| if ((flags & OCSP_NOVERIFY) != 0)
Error: CPPCHECK_WARNING: [#def550]
openssl-3.2.2-build/openssl-3.2.2/crypto/packet.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def551]
openssl-3.2.2-build/openssl-3.2.2/crypto/param_build.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def552]
openssl-3.2.2-build/openssl-3.2.2/crypto/param_build.c: scope_hint: In function 'param_bld_convert'
openssl-3.2.2-build/openssl-3.2.2/crypto/param_build.c:356:31: warning[-Wanalyzer-null-dereference]: dereference of NULL 'p'
openssl-3.2.2-build/openssl-3.2.2/include/openssl/bio.h:30: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/openssl/err.h:29: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/crypto/param_build.c:12: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/crypto/param_build.c:393:14: note: in expansion of macro 'OPENSSL_malloc'
# 354| || pd->type == OSSL_PARAM_UTF8_PTR) {
# 355| /* PTR */
# 356|-> *(const void **)p = pd->string;
# 357| } else if (pd->type == OSSL_PARAM_OCTET_STRING
# 358| || pd->type == OSSL_PARAM_UTF8_STRING) {
Error: CLANG_WARNING: [#def553]
openssl-3.2.2-build/openssl-3.2.2/crypto/param_build.c:356:31: warning[core.NullDereference]: Dereference of null pointer
# 354| || pd->type == OSSL_PARAM_UTF8_PTR) {
# 355| /* PTR */
# 356|-> *(const void **)p = pd->string;
# 357| } else if (pd->type == OSSL_PARAM_OCTET_STRING
# 358| || pd->type == OSSL_PARAM_UTF8_STRING) {
Error: CLANG_WARNING: [#def554]
openssl-3.2.2-build/openssl-3.2.2/crypto/param_build.c:360:17: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 358| || pd->type == OSSL_PARAM_UTF8_STRING) {
# 359| if (pd->string != NULL)
# 360|-> memcpy(p, pd->string, pd->size);
# 361| else
# 362| memset(p, 0, pd->size);
Error: CLANG_WARNING: [#def555]
openssl-3.2.2-build/openssl-3.2.2/crypto/param_build.c:362:17: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 360| memcpy(p, pd->string, pd->size);
# 361| else
# 362|-> memset(p, 0, pd->size);
# 363| if (pd->type == OSSL_PARAM_UTF8_STRING)
# 364| ((char *)p)[pd->size] = '\0';
Error: GCC_ANALYZER_WARNING (CWE-688): [#def556]
openssl-3.2.2-build/openssl-3.2.2/crypto/param_build.c:368:17: warning[-Wanalyzer-null-argument]: use of NULL 'p' where non-null expected
openssl-3.2.2-build/openssl-3.2.2/crypto/param_build.c:393:14: note: in expansion of macro 'OPENSSL_malloc'
<built-in>: note: argument 1 of '__builtin_memset' must be non-null
# 366| /* Number, but could also be a NULL BIGNUM */
# 367| if (pd->size > sizeof(pd->num))
# 368|-> memset(p, 0, pd->size);
# 369| else if (pd->size > 0)
# 370| memcpy(p, &pd->num, pd->size);
Error: CLANG_WARNING: [#def557]
openssl-3.2.2-build/openssl-3.2.2/crypto/param_build.c:368:17: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 366| /* Number, but could also be a NULL BIGNUM */
# 367| if (pd->size > sizeof(pd->num))
# 368|-> memset(p, 0, pd->size);
# 369| else if (pd->size > 0)
# 370| memcpy(p, &pd->num, pd->size);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def558]
openssl-3.2.2-build/openssl-3.2.2/crypto/param_build.c:370:17: warning[-Wanalyzer-null-argument]: use of NULL 'p' where non-null expected
openssl-3.2.2-build/openssl-3.2.2/crypto/param_build.c:393:14: note: in expansion of macro 'OPENSSL_malloc'
<built-in>: note: argument 1 of '__builtin_memcpy' must be non-null
# 368| memset(p, 0, pd->size);
# 369| else if (pd->size > 0)
# 370|-> memcpy(p, &pd->num, pd->size);
# 371| }
# 372| }
Error: CLANG_WARNING: [#def559]
openssl-3.2.2-build/openssl-3.2.2/crypto/param_build.c:370:17: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 368| memset(p, 0, pd->size);
# 369| else if (pd->size > 0)
# 370|-> memcpy(p, &pd->num, pd->size);
# 371| }
# 372| }
Error: CPPCHECK_WARNING: [#def560]
openssl-3.2.2-build/openssl-3.2.2/crypto/params.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def561]
openssl-3.2.2-build/openssl-3.2.2/crypto/params_dup.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def562]
openssl-3.2.2-build/openssl-3.2.2/crypto/params_from_text.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def563]
openssl-3.2.2-build/openssl-3.2.2/crypto/passphrase.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def564]
openssl-3.2.2-build/openssl-3.2.2/crypto/pem/pem_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def565]
openssl-3.2.2-build/openssl-3.2.2/crypto/pem/pem_pk8.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def566]
openssl-3.2.2-build/openssl-3.2.2/crypto/pem/pem_pkey.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def567]
openssl-3.2.2-build/openssl-3.2.2/crypto/pem/pvkfmt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def568]
openssl-3.2.2-build/openssl-3.2.2/crypto/pkcs12/p12_crpt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def569]
openssl-3.2.2-build/openssl-3.2.2/crypto/pkcs12/p12_crt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def570]
openssl-3.2.2-build/openssl-3.2.2/crypto/pkcs12/p12_key.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def571]
openssl-3.2.2-build/openssl-3.2.2/crypto/pkcs12/p12_kiss.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def572]
openssl-3.2.2-build/openssl-3.2.2/crypto/pkcs12/p12_mutl.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def573]
openssl-3.2.2-build/openssl-3.2.2/crypto/pkcs12/p12_npas.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def574]
openssl-3.2.2-build/openssl-3.2.2/crypto/pkcs12/p12_npas.c:216:9: warning[deadcode.DeadStores]: Value stored to 'pbenid' is never read
# 214|
# 215| X509_ALGOR_get0(&aoid, &aparamtype, &aparam, pbe2->keyfunc);
# 216|-> pbenid = OBJ_obj2nid(aoid);
# 217| X509_ALGOR_get0(&aoid, NULL, NULL, pbe2->encryption);
# 218| encnid = OBJ_obj2nid(aoid);
Error: CLANG_WARNING: [#def575]
openssl-3.2.2-build/openssl-3.2.2/crypto/pkcs12/p12_npas.c:248:9: warning[deadcode.DeadStores]: Value stored to 'ret' is never read
# 246| *psaltlen = pbe->salt->length;
# 247| *cipherid = NID_undef;
# 248|-> ret = 1;
# 249| break;
# 250| }
Error: CPPCHECK_WARNING: [#def576]
openssl-3.2.2-build/openssl-3.2.2/crypto/pkcs7/pk7_doit.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def577]
openssl-3.2.2-build/openssl-3.2.2/crypto/pkcs7/pk7_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def578]
openssl-3.2.2-build/openssl-3.2.2/crypto/pkcs7/pk7_smime.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def579]
openssl-3.2.2-build/openssl-3.2.2/crypto/property/property.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def580]
openssl-3.2.2-build/openssl-3.2.2/crypto/property/property_parse.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def581]
openssl-3.2.2-build/openssl-3.2.2/crypto/property/property_string.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def582]
openssl-3.2.2-build/openssl-3.2.2/crypto/provider.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def583]
openssl-3.2.2-build/openssl-3.2.2/crypto/provider_conf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def584]
openssl-3.2.2-build/openssl-3.2.2/crypto/provider_core.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def585]
openssl-3.2.2-build/openssl-3.2.2/crypto/punycode.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def586]
openssl-3.2.2-build/openssl-3.2.2/crypto/rand/rand_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-1164): [#def587]
openssl-3.2.2-build/openssl-3.2.2/crypto/rand/rand_lib.c:534:22: warning[-Wunused-function]: 'rand_new_seed' defined but not used
# 534 | static EVP_RAND_CTX *rand_new_seed(OSSL_LIB_CTX *libctx)
# | ^~~~~~~~~~~~~
# 532|
# 533| #ifndef FIPS_MODULE
# 534|-> static EVP_RAND_CTX *rand_new_seed(OSSL_LIB_CTX *libctx)
# 535| {
# 536| EVP_RAND *rand;
Error: CPPCHECK_WARNING: [#def588]
openssl-3.2.2-build/openssl-3.2.2/crypto/rand/rand_uniform.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def589]
openssl-3.2.2-build/openssl-3.2.2/crypto/rand/randfile.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def590]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2_cbc.c:90:5: warning[deadcode.DeadStores]: Value stored to 'tin0' is never read
# 88| l2c(xor1, iv);
# 89| }
# 90|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 91| tin[0] = tin[1] = 0;
# 92| }
Error: CLANG_WARNING: [#def591]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2_cbc.c:90:12: warning[deadcode.DeadStores]: Although the value stored to 'tin1' is used in the enclosing expression, the value is never actually read from 'tin1'
# 88| l2c(xor1, iv);
# 89| }
# 90|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 91| tin[0] = tin[1] = 0;
# 92| }
Error: CLANG_WARNING: [#def592]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2_cbc.c:90:19: warning[deadcode.DeadStores]: Although the value stored to 'tout0' is used in the enclosing expression, the value is never actually read from 'tout0'
# 88| l2c(xor1, iv);
# 89| }
# 90|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 91| tin[0] = tin[1] = 0;
# 92| }
Error: CLANG_WARNING: [#def593]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2_cbc.c:90:27: warning[deadcode.DeadStores]: Although the value stored to 'tout1' is used in the enclosing expression, the value is never actually read from 'tout1'
# 88| l2c(xor1, iv);
# 89| }
# 90|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 91| tin[0] = tin[1] = 0;
# 92| }
Error: CLANG_WARNING: [#def594]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2_cbc.c:90:35: warning[deadcode.DeadStores]: Although the value stored to 'xor0' is used in the enclosing expression, the value is never actually read from 'xor0'
# 88| l2c(xor1, iv);
# 89| }
# 90|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 91| tin[0] = tin[1] = 0;
# 92| }
Error: CLANG_WARNING: [#def595]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2_cbc.c:90:42: warning[deadcode.DeadStores]: Although the value stored to 'xor1' is used in the enclosing expression, the value is never actually read from 'xor1'
# 88| l2c(xor1, iv);
# 89| }
# 90|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 91| tin[0] = tin[1] = 0;
# 92| }
Error: CLANG_WARNING: [#def596]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2_ecb.c:45:5: warning[deadcode.DeadStores]: Value stored to 'l' is never read
# 43| l = d[1];
# 44| l2c(l, out);
# 45|-> l = d[0] = d[1] = 0;
# 46| }
Error: CPPCHECK_WARNING: [#def597]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2_skey.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def598]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2cfb64.c:78:5: warning[deadcode.DeadStores]: Value stored to 'v0' is never read
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def599]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2cfb64.c:78:10: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def600]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2cfb64.c:78:31: warning[deadcode.DeadStores]: Although the value stored to 't' is used in the enclosing expression, the value is never actually read from 't'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def601]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2cfb64.c:78:35: warning[deadcode.DeadStores]: Although the value stored to 'c' is used in the enclosing expression, the value is never actually read from 'c'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def602]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2cfb64.c:78:39: warning[deadcode.DeadStores]: Although the value stored to 'cc' is used in the enclosing expression, the value is never actually read from 'cc'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def603]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2ofb64.c:65:5: warning[deadcode.DeadStores]: Value stored to 't' is never read
# 63| l2c(v1, iv);
# 64| }
# 65|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 66| *num = n;
# 67| }
Error: CLANG_WARNING: [#def604]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2ofb64.c:65:9: warning[deadcode.DeadStores]: Although the value stored to 'v0' is used in the enclosing expression, the value is never actually read from 'v0'
# 63| l2c(v1, iv);
# 64| }
# 65|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 66| *num = n;
# 67| }
Error: CLANG_WARNING: [#def605]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc2/rc2ofb64.c:65:14: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 63| l2c(v1, iv);
# 64| }
# 65|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 66| *num = n;
# 67| }
Error: CLANG_WARNING: [#def606]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5_ecb.c:37:5: warning[deadcode.DeadStores]: Value stored to 'l' is never read
# 35| l = d[1];
# 36| l2c(l, out);
# 37|-> l = d[0] = d[1] = 0;
# 38| }
Error: CLANG_WARNING: [#def607]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5_enc.c:92:5: warning[deadcode.DeadStores]: Value stored to 'tin0' is never read
# 90| l2c(xor1, iv);
# 91| }
# 92|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 93| tin[0] = tin[1] = 0;
# 94| }
Error: CLANG_WARNING: [#def608]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5_enc.c:92:12: warning[deadcode.DeadStores]: Although the value stored to 'tin1' is used in the enclosing expression, the value is never actually read from 'tin1'
# 90| l2c(xor1, iv);
# 91| }
# 92|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 93| tin[0] = tin[1] = 0;
# 94| }
Error: CLANG_WARNING: [#def609]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5_enc.c:92:19: warning[deadcode.DeadStores]: Although the value stored to 'tout0' is used in the enclosing expression, the value is never actually read from 'tout0'
# 90| l2c(xor1, iv);
# 91| }
# 92|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 93| tin[0] = tin[1] = 0;
# 94| }
Error: CLANG_WARNING: [#def610]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5_enc.c:92:27: warning[deadcode.DeadStores]: Although the value stored to 'tout1' is used in the enclosing expression, the value is never actually read from 'tout1'
# 90| l2c(xor1, iv);
# 91| }
# 92|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 93| tin[0] = tin[1] = 0;
# 94| }
Error: CLANG_WARNING: [#def611]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5_enc.c:92:35: warning[deadcode.DeadStores]: Although the value stored to 'xor0' is used in the enclosing expression, the value is never actually read from 'xor0'
# 90| l2c(xor1, iv);
# 91| }
# 92|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 93| tin[0] = tin[1] = 0;
# 94| }
Error: CLANG_WARNING: [#def612]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5_enc.c:92:42: warning[deadcode.DeadStores]: Although the value stored to 'xor1' is used in the enclosing expression, the value is never actually read from 'xor1'
# 90| l2c(xor1, iv);
# 91| }
# 92|-> tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
# 93| tin[0] = tin[1] = 0;
# 94| }
Error: CPPCHECK_WARNING: [#def613]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5_skey.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def614]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5cfb64.c:78:5: warning[deadcode.DeadStores]: Value stored to 'v0' is never read
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def615]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5cfb64.c:78:10: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def616]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5cfb64.c:78:31: warning[deadcode.DeadStores]: Although the value stored to 't' is used in the enclosing expression, the value is never actually read from 't'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def617]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5cfb64.c:78:35: warning[deadcode.DeadStores]: Although the value stored to 'c' is used in the enclosing expression, the value is never actually read from 'c'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def618]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5cfb64.c:78:39: warning[deadcode.DeadStores]: Although the value stored to 'cc' is used in the enclosing expression, the value is never actually read from 'cc'
# 76| }
# 77| }
# 78|-> v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
# 79| *num = n;
# 80| }
Error: CLANG_WARNING: [#def619]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5ofb64.c:65:5: warning[deadcode.DeadStores]: Value stored to 't' is never read
# 63| l2c(v1, iv);
# 64| }
# 65|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 66| *num = n;
# 67| }
Error: CLANG_WARNING: [#def620]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5ofb64.c:65:9: warning[deadcode.DeadStores]: Although the value stored to 'v0' is used in the enclosing expression, the value is never actually read from 'v0'
# 63| l2c(v1, iv);
# 64| }
# 65|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 66| *num = n;
# 67| }
Error: CLANG_WARNING: [#def621]
openssl-3.2.2-build/openssl-3.2.2/crypto/rc5/rc5ofb64.c:65:14: warning[deadcode.DeadStores]: Although the value stored to 'v1' is used in the enclosing expression, the value is never actually read from 'v1'
# 63| l2c(v1, iv);
# 64| }
# 65|-> t = v0 = v1 = ti[0] = ti[1] = 0;
# 66| *num = n;
# 67| }
Error: CPPCHECK_WARNING: [#def622]
openssl-3.2.2-build/openssl-3.2.2/crypto/rsa/rsa_acvp_test_params.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def623]
openssl-3.2.2-build/openssl-3.2.2/crypto/rsa/rsa_ameth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def624]
openssl-3.2.2-build/openssl-3.2.2/crypto/rsa/rsa_backend.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def625]
openssl-3.2.2-build/openssl-3.2.2/crypto/rsa/rsa_chk.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def626]
openssl-3.2.2-build/openssl-3.2.2/crypto/rsa/rsa_gen.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def627]
openssl-3.2.2-build/openssl-3.2.2/crypto/rsa/rsa_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def628]
openssl-3.2.2-build/openssl-3.2.2/crypto/rsa/rsa_oaep.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def629]
openssl-3.2.2-build/openssl-3.2.2/crypto/rsa/rsa_ossl.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def630]
openssl-3.2.2-build/openssl-3.2.2/crypto/rsa/rsa_pk1.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def631]
openssl-3.2.2-build/openssl-3.2.2/crypto/rsa/rsa_pmeth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def632]
openssl-3.2.2-build/openssl-3.2.2/crypto/rsa/rsa_sp800_56b_check.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def633]
openssl-3.2.2-build/openssl-3.2.2/crypto/rsa/rsa_sp800_56b_gen.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def634]
openssl-3.2.2-build/openssl-3.2.2/crypto/rsa/rsa_x931.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def635]
openssl-3.2.2-build/openssl-3.2.2/crypto/sha/sha1dgst.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def636]
openssl-3.2.2-build/openssl-3.2.2/crypto/sha/sha512.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def637]
openssl-3.2.2-build/openssl-3.2.2/crypto/sparse_array.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def638]
openssl-3.2.2-build/openssl-3.2.2/crypto/srp/srp_vfy.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def639]
openssl-3.2.2-build/openssl-3.2.2/crypto/stack/stack.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-758): [#def640]
openssl-3.2.2-build/openssl-3.2.2/crypto/stack/stack.c:18: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 16| #include <openssl/e_os2.h> /* For ossl_inline */
# 17|
# 18|-> OSSL_SAFE_MATH_SIGNED(int, int)
# 19|
# 20| /*
Error: CPPCHECK_WARNING: [#def641]
openssl-3.2.2-build/openssl-3.2.2/crypto/store/store_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def642]
openssl-3.2.2-build/openssl-3.2.2/crypto/store/store_register.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def643]
openssl-3.2.2-build/openssl-3.2.2/crypto/store/store_result.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING: [#def644]
openssl-3.2.2-build/openssl-3.2.2/crypto/thread/arch/thread_posix.c:13:10: warning: "_GNU_SOURCE" redefined
# 13 | # define _GNU_SOURCE
# | ^~~~~~~~~~~
<command-line>: note: this is the location of the previous definition
# 11|
# 12| #if defined(OPENSSL_THREADS_POSIX)
# 13|-> # define _GNU_SOURCE
# 14| # include <errno.h>
# 15| # include <sys/types.h>
Error: CPPCHECK_WARNING: [#def645]
openssl-3.2.2-build/openssl-3.2.2/crypto/ts/ts_rsp_print.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def646]
openssl-3.2.2-build/openssl-3.2.2/crypto/ts/ts_rsp_sign.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def647]
openssl-3.2.2-build/openssl-3.2.2/crypto/ts/ts_rsp_verify.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def648]
openssl-3.2.2-build/openssl-3.2.2/crypto/ts/ts_rsp_verify.c:143:13: warning[deadcode.DeadStores]: Although the value stored to 'i' is used in the enclosing expression, the value is never actually read from 'i'
# 141|
# 142| /* We now have to 'read' from p7bio to calculate digests etc. */
# 143|-> while ((i = BIO_read(p7bio, buf, sizeof(buf))) > 0)
# 144| continue;
# 145|
Error: CPPCHECK_WARNING: [#def649]
openssl-3.2.2-build/openssl-3.2.2/crypto/txt_db/txt_db.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def650]
openssl-3.2.2-build/openssl-3.2.2/crypto/ui/ui_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def651]
openssl-3.2.2-build/openssl-3.2.2/crypto/ui/ui_openssl.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def652]
openssl-3.2.2-build/openssl-3.2.2/crypto/whrlpool/wp_dgst.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def653]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/by_dir.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def654]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/by_file.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def655]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/by_store.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def656]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/pcy_data.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def657]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/pcy_tree.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def658]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/t_x509.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def659]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_addr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def660]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_addr.c:1328:9: warning[core.NullDereference]: Access to field 'rfc3779_addr' results in a dereference of a null pointer (loaded from variable 'x')
# 1326| * Trust anchor can't inherit.
# 1327| */
# 1328|-> if (x->rfc3779_addr != NULL) {
# 1329| for (j = 0; j < sk_IPAddressFamily_num(x->rfc3779_addr); j++) {
# 1330| IPAddressFamily *fp = sk_IPAddressFamily_value(x->rfc3779_addr, j);
Error: CPPCHECK_WARNING: [#def661]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_akid.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def662]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_asid.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def663]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_conf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def664]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_crld.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def665]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_ist.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def666]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_ist.c:135:9: warning[deadcode.DeadStores]: Value stored to 'new_line' is never read
# 133| BIO_printf(out, "%*scAToolCert : ", indent, "");
# 134| BIO_write(out, ist->cAToolCert->data, ist->cAToolCert->length);
# 135|-> new_line = 1;
# 136| }
# 137| return 1;
Error: CPPCHECK_WARNING: [#def667]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-562): [#def668]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_lib.c:144: error[returnDanglingLifetime]: Returning pointer to local variable 'p' that will be invalid when returning.
# 142| if (method->it)
# 143| return ASN1_item_d2i(NULL, &p, extlen, ASN1_ITEM_ptr(method->it));
# 144|-> return method->d2i(NULL, &p, extlen);
# 145| }
# 146|
Error: CPPCHECK_WARNING: [#def669]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_ncons.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-758): [#def670]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_ncons.c:24: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 22| #include "ext_dat.h"
# 23|
# 24|-> OSSL_SAFE_MATH_SIGNED(int, int)
# 25|
# 26| static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
Error: CLANG_WARNING: [#def671]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_ncons.c:765:17: warning[deadcode.DeadStores]: Value stored to 'hostptr' during its initialization is never read
# 763| {
# 764| const char *baseptr = (char *)base->data;
# 765|-> const char *hostptr = (char *)uri->data;
# 766| const char *p = ia5memchr(uri, (char *)uri->data, ':');
# 767| int hostlen;
Error: CPPCHECK_WARNING: [#def672]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_pci.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def673]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_prn.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def674]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_purp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def675]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_san.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def676]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_sxnet.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def677]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_tlsf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def678]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/v3_utl.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def679]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509_cmp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def680]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509_lu.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def681]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509_obj.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def682]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509_vfy.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-688): [#def683]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509_vfy.c: scope_hint: In function 'dane_match_cert'
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509_vfy.c:2934:13: warning[-Wanalyzer-null-argument]: use of NULL 'cmpbuf' where non-null expected
openssl-3.2.2-build/openssl-3.2.2/include/internal/common.h:15: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/internal/cryptlib.h:21: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509_vfy.c:18: included_from: Included from here.
/usr/include/string.h:64:12: note: argument 1 of 'memcmp' must be non-null
# 2932| */
# 2933| if (cmplen == t->dlen &&
# 2934|-> memcmp(cmpbuf, t->data, cmplen) == 0) {
# 2935| if (DANETLS_USAGE_BIT(usage) & DANETLS_DANE_MASK)
# 2936| matched = 1;
Error: CPPCHECK_WARNING: [#def684]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509_vpm.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def685]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509name.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def686]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509name.c: scope_hint: In function 'X509_NAME_get_text_by_OBJ'
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509name.c:41:20: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
# 39| data = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, i));
# 40| if (buf == NULL)
# 41|-> return data->length;
# 42| if (len <= 0)
# 43| return 0;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def687]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509name.c:44:14: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
# 42| if (len <= 0)
# 43| return 0;
# 44|-> i = (data->length > (len - 1)) ? (len - 1) : data->length;
# 45| memcpy(buf, data->data, i);
# 46| buf[i] = '\0';
Error: CPPCHECK_WARNING: [#def688]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x_all.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def689]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x_crl.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def690]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x_name.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def691]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x_pubkey.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def692]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x_req.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def693]
openssl-3.2.2-build/openssl-3.2.2/engines/e_afalg.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def694]
openssl-3.2.2-build/openssl-3.2.2/engines/e_dasync.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def695]
openssl-3.2.2-build/openssl-3.2.2/engines/e_loader_attic.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def696]
openssl-3.2.2-build/openssl-3.2.2/engines/e_loader_attic.c:1244:13: warning[deadcode.DeadStores]: Although the value stored to 't' is used in the enclosing expression, the value is never actually read from 't'
# 1242|
# 1243| if (result != NULL
# 1244|-> && (t = OSSL_STORE_INFO_get_type(result)) == STORE_INFO_EMBEDDED) {
# 1245| struct embedded_st *embedded = get0_EMBEDDED(result);
# 1246|
Error: CPPCHECK_WARNING (CWE-562): [#def697]
openssl-3.2.2-build/openssl-3.2.2/engines/e_loader_attic.c:1284: error[returnDanglingLifetime]: Returning pointer to local variable 'try_matchcount' that will be invalid when returning.
# 1282| }
# 1283| }
# 1284|-> return result;
# 1285| }
# 1286|
Error: CPPCHECK_WARNING: [#def698]
openssl-3.2.2-build/openssl-3.2.2/engines/e_ossltest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def699]
openssl-3.2.2-build/openssl-3.2.2/engines/e_ossltest.c:835:17: warning[deadcode.DeadStores]: Value stored to 'in' is never read
# 833|
# 834| /* omit explicit iv */
# 835|-> in += AES_BLOCK_SIZE;
# 836| out += AES_BLOCK_SIZE;
# 837| len -= AES_BLOCK_SIZE;
Error: CPPCHECK_WARNING: [#def700]
openssl-3.2.2-build/openssl-3.2.2/engines/e_padlock.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def701]
openssl-3.2.2-build/openssl-3.2.2/fuzz/test-corpus.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-775): [#def702]
openssl-3.2.2-build/openssl-3.2.2/fuzz/test-corpus.c: scope_hint: In function 'testfile'
openssl-3.2.2-build/openssl-3.2.2/fuzz/test-corpus.c:51:20: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(pathname, "rb")'
# 49| if (f == NULL)
# 50| return;
# 51|-> buf = malloc(st.st_size);
# 52| if (buf != NULL) {
# 53| s = fread(buf, 1, st.st_size, f);
Error: GCC_ANALYZER_WARNING (CWE-401): [#def703]
openssl-3.2.2-build/openssl-3.2.2/fuzz/test-corpus.c:51:20: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(pathname, "rb")'
# 49| if (f == NULL)
# 50| return;
# 51|-> buf = malloc(st.st_size);
# 52| if (buf != NULL) {
# 53| s = fread(buf, 1, st.st_size, f);
Error: GCC_ANALYZER_WARNING (CWE-1335): [#def704]
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509_vfy.c:27: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/internal/dane.h:82:32: warning[-Wanalyzer-shift-count-overflow]: shift by count ('256') >= precision of type ('32')
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509_vfy.c:2935:17: note: in expansion of macro 'DANETLS_USAGE_BIT'
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509_vfy.c:2935:17: note: in expansion of macro 'DANETLS_USAGE_BIT'
openssl-3.2.2-build/openssl-3.2.2/crypto/x509/x509_vfy.c:2935:17: note: in expansion of macro 'DANETLS_USAGE_BIT'
# 80| ((dane) != NULL && sk_danetls_record_num((dane)->trecs) > 0)
# 81|
# 82|-> #define DANETLS_USAGE_BIT(u) (((uint32_t)1) << u)
# 83|
# 84| #define DANETLS_PKIX_TA_MASK (DANETLS_USAGE_BIT(DANETLS_USAGE_PKIX_TA))
Error: GCC_ANALYZER_WARNING (CWE-476): [#def705]
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bss_conn.c:15: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/internal/ktls.h: scope_hint: In function 'ktls_read_record'
openssl-3.2.2-build/openssl-3.2.2/include/internal/ktls.h:416:17: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
/usr/include/sys/socket.h:33: included_from: Included from here.
/usr/include/netinet/in.h:23: included_from: Included from here.
/usr/include/netdb.h:27: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/internal/sockets.h:91: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bio_local.h:11: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/crypto/bio/bss_conn.c:13: included_from: Included from here.
# 414| if (msg.msg_controllen > 0) {
# 415| cmsg = CMSG_FIRSTHDR(&msg);
# 416|-> if (cmsg->cmsg_type == TLS_GET_RECORD_TYPE) {
# 417| p[0] = *((unsigned char *)CMSG_DATA(cmsg));
# 418| p[1] = TLS1_2_VERSION_MAJOR;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def706]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_tx.c:14: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_tx.c: scope_hint: In function 'ossl_list_txe_remove'
openssl-3.2.2-build/openssl-3.2.2/include/internal/list.h:95:17: warning[-Wanalyzer-null-dereference]: dereference of NULL 'list'
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_tx.c:41:1: note: in expansion of macro 'DEFINE_LIST_OF'
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_tx.c: scope_hint: In function 'ossl_list_txe_remove'
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_tx.c:41:1: note: in expansion of macro 'DEFINE_LIST_OF'
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_tx.c: scope_hint: In function 'ossl_list_txe_remove'
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_tx.c:41:1: note: in expansion of macro 'DEFINE_LIST_OF'
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_tx.c:41:1: note: in expansion of macro 'DEFINE_LIST_OF'
# 93| assert(elem->ossl_list_ ## name.list == list); \
# 94| OSSL_LIST_DBG(elem->ossl_list_ ## name.list = NULL) \
# 95|-> if (list->alpha == elem) \
# 96| list->alpha = elem->ossl_list_ ## name.next; \
# 97| if (list->omega == elem) \
Error: CLANG_WARNING: [#def707]
openssl-3.2.2-build/openssl-3.2.2/test/servername_test.c:21: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/internal/packet.h:493:12: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 491| static ossl_inline int PACKET_contains_zero_byte(const PACKET *pkt)
# 492| {
# 493|-> return memchr(pkt->curr, 0, pkt->remaining) != NULL;
# 494| }
# 495|
Error: CLANG_WARNING: [#def708]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/uint_set.c:10: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/internal/uint_set.h:37:1: warning[core.NullDereference]: Dereference of null pointer
# 35| };
# 36|
# 37|-> DEFINE_LIST_OF(uint_set, UINT_SET_ITEM);
# 38|
# 39| typedef OSSL_LIST(uint_set) UINT_SET;
Error: CPPCHECK_WARNING (CWE-457): [#def709]
openssl-3.2.2-build/openssl-3.2.2/include/openssl/asn1.h:234: warning[uninitvar]: Uninitialized variables: ptr.minsize, ptr.maxsize, ptr.mask, ptr.flags
# 232| };
# 233|
# 234|-> SKM_DEFINE_STACK_OF_INTERNAL(ASN1_STRING_TABLE, ASN1_STRING_TABLE, ASN1_STRING_TABLE)
# 235| #define sk_ASN1_STRING_TABLE_num(sk) OPENSSL_sk_num(ossl_check_const_ASN1_STRING_TABLE_sk_type(sk))
# 236| #define sk_ASN1_STRING_TABLE_value(sk, idx) ((ASN1_STRING_TABLE *)OPENSSL_sk_value(ossl_check_const_ASN1_STRING_TABLE_sk_type(sk), (idx)))
Error: GCC_ANALYZER_WARNING (CWE-476): [#def710]
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:22: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c: scope_hint: In function 'ping_pong_query'
openssl-3.2.2-build/openssl-3.2.2/include/openssl/bio.h:202:7: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:1085:10: note: in expansion of macro 'BIO_get_ktls_send'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1816:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_ONLY_int'
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:1045:33: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_ONLY'
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:1085:10: note: in expansion of macro 'BIO_get_ktls_send'
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:1085:10: note: in expansion of macro 'BIO_get_ktls_send'
# 200| # ifndef OPENSSL_NO_KTLS
# 201| # define BIO_get_ktls_send(b) \
# 202|-> (BIO_ctrl(b, BIO_CTRL_GET_KTLS_SEND, 0, NULL) > 0)
# 203| # define BIO_get_ktls_recv(b) \
# 204| (BIO_ctrl(b, BIO_CTRL_GET_KTLS_RECV, 0, NULL) > 0)
Error: CPPCHECK_WARNING (CWE-457): [#def711]
openssl-3.2.2-build/openssl-3.2.2/include/openssl/conf.h:70: warning[uninitvar]: Uninitialized variable: ptr.value
# 68| #define sk_CONF_VALUE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(CONF_VALUE) *)OPENSSL_sk_deep_copy(ossl_check_const_CONF_VALUE_sk_type(sk), ossl_check_CONF_VALUE_copyfunc_type(copyfunc), ossl_check_CONF_VALUE_freefunc_type(freefunc)))
# 69| #define sk_CONF_VALUE_set_cmp_func(sk, cmp) ((sk_CONF_VALUE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_CONF_VALUE_sk_type(sk), ossl_check_CONF_VALUE_compfunc_type(cmp)))
# 70|-> DEFINE_LHASH_OF_INTERNAL(CONF_VALUE);
# 71| #define lh_CONF_VALUE_new(hfn, cmp) ((LHASH_OF(CONF_VALUE) *)OPENSSL_LH_new(ossl_check_CONF_VALUE_lh_hashfunc_type(hfn), ossl_check_CONF_VALUE_lh_compfunc_type(cmp)))
# 72| #define lh_CONF_VALUE_free(lh) OPENSSL_LH_free(ossl_check_CONF_VALUE_lh_type(lh))
Error: GCC_ANALYZER_WARNING (CWE-465): [#def712]
openssl-3.2.2-build/openssl-3.2.2/include/openssl/bio.h:30: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/openssl/err.h:29: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/apps/lib/opt.c:27: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/apps/lib/opt.c: scope_hint: In function 'opt_init'
openssl-3.2.2-build/openssl-3.2.2/include/openssl/crypto.h:421:5: warning[-Wanalyzer-deref-before-check]: check of 'o' for NULL after already dereferencing it
openssl-3.2.2-build/openssl-3.2.2/apps/lib/opt.c:219:13: note: in expansion of macro 'OPENSSL_assert'
openssl-3.2.2-build/openssl-3.2.2/apps/lib/opt.c:218:13: note: in expansion of macro 'OPENSSL_assert'
openssl-3.2.2-build/openssl-3.2.2/include/openssl/crypto.h:421:13: note: in definition of macro 'OPENSSL_assert'
openssl-3.2.2-build/openssl-3.2.2/apps/lib/opt.c:219:13: note: in expansion of macro 'OPENSSL_assert'
openssl-3.2.2-build/openssl-3.2.2/apps/lib/opt.c:221:13: note: in expansion of macro 'OPENSSL_assert'
openssl-3.2.2-build/openssl-3.2.2/apps/lib/opt.c:218:13: note: in expansion of macro 'OPENSSL_assert'
openssl-3.2.2-build/openssl-3.2.2/include/openssl/crypto.h:421:13: note: in definition of macro 'OPENSSL_assert'
openssl-3.2.2-build/openssl-3.2.2/apps/lib/opt.c:219:13: note: in expansion of macro 'OPENSSL_assert'
# 419| # endif
# 420| # define OPENSSL_assert(e) \
# 421|-> (void)((e) ? 0 : (OPENSSL_die("assertion failed: " #e, OPENSSL_FILE, OPENSSL_LINE), 1))
# 422|
# 423| int OPENSSL_isservice(void);
Error: CPPCHECK_WARNING (CWE-457): [#def713]
openssl-3.2.2-build/openssl-3.2.2/include/openssl/err.h:374: warning[uninitvar]: Uninitialized variable: ptr.string
# 372| } ERR_STRING_DATA;
# 373|
# 374|-> DEFINE_LHASH_OF_INTERNAL(ERR_STRING_DATA);
# 375| #define lh_ERR_STRING_DATA_new(hfn, cmp) ((LHASH_OF(ERR_STRING_DATA) *)OPENSSL_LH_new(ossl_check_ERR_STRING_DATA_lh_hashfunc_type(hfn), ossl_check_ERR_STRING_DATA_lh_compfunc_type(cmp)))
# 376| #define lh_ERR_STRING_DATA_free(lh) OPENSSL_LH_free(ossl_check_ERR_STRING_DATA_lh_type(lh))
Error: CPPCHECK_WARNING (CWE-457): [#def714]
openssl-3.2.2-build/openssl-3.2.2/include/openssl/ssl.h:1030: warning[uninitvar]: Uninitialized variables: ptr.name, ptr.method
# 1028| #define sk_SSL_CIPHER_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(SSL_CIPHER) *)OPENSSL_sk_deep_copy(ossl_check_const_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_copyfunc_type(copyfunc), ossl_check_SSL_CIPHER_freefunc_type(freefunc)))
# 1029| #define sk_SSL_CIPHER_set_cmp_func(sk, cmp) ((sk_SSL_CIPHER_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_compfunc_type(cmp)))
# 1030|-> SKM_DEFINE_STACK_OF_INTERNAL(SSL_COMP, SSL_COMP, SSL_COMP)
# 1031| #define sk_SSL_COMP_num(sk) OPENSSL_sk_num(ossl_check_const_SSL_COMP_sk_type(sk))
# 1032| #define sk_SSL_COMP_value(sk, idx) ((SSL_COMP *)OPENSSL_sk_value(ossl_check_const_SSL_COMP_sk_type(sk), (idx)))
Error: CPPCHECK_WARNING (CWE-457): [#def715]
openssl-3.2.2-build/openssl-3.2.2/include/openssl/x509.h:104: warning[uninitvar]: Uninitialized variables: ptr.revocationDate, ptr.extensions, ptr.issuer, ptr.reason, ptr.sequence
# 102| #define sk_X509_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_sk_type(sk), ossl_check_X509_copyfunc_type(copyfunc), ossl_check_X509_freefunc_type(freefunc)))
# 103| #define sk_X509_set_cmp_func(sk, cmp) ((sk_X509_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_sk_type(sk), ossl_check_X509_compfunc_type(cmp)))
# 104|-> SKM_DEFINE_STACK_OF_INTERNAL(X509_REVOKED, X509_REVOKED, X509_REVOKED)
# 105| #define sk_X509_REVOKED_num(sk) OPENSSL_sk_num(ossl_check_const_X509_REVOKED_sk_type(sk))
# 106| #define sk_X509_REVOKED_value(sk, idx) ((X509_REVOKED *)OPENSSL_sk_value(ossl_check_const_X509_REVOKED_sk_type(sk), (idx)))
Error: CPPCHECK_WARNING (CWE-457): [#def716]
openssl-3.2.2-build/openssl-3.2.2/include/openssl/x509_vfy.h:120: warning[uninitvar]: Uninitialized variables: ptr.check_time, ptr.inh_flags, ptr.flags, ptr.purpose, ptr.trust, ptr.depth, ptr.auth_level, ptr.policies, ptr.hosts, ptr.hostflags, ptr.peername, ptr.email, ptr.emaillen, ptr.ip, ptr.iplen
# 118| #define sk_X509_OBJECT_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_OBJECT) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_OBJECT_sk_type(sk), ossl_check_X509_OBJECT_copyfunc_type(copyfunc), ossl_check_X509_OBJECT_freefunc_type(freefunc)))
# 119| #define sk_X509_OBJECT_set_cmp_func(sk, cmp) ((sk_X509_OBJECT_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_OBJECT_sk_type(sk), ossl_check_X509_OBJECT_compfunc_type(cmp)))
# 120|-> SKM_DEFINE_STACK_OF_INTERNAL(X509_VERIFY_PARAM, X509_VERIFY_PARAM, X509_VERIFY_PARAM)
# 121| #define sk_X509_VERIFY_PARAM_num(sk) OPENSSL_sk_num(ossl_check_const_X509_VERIFY_PARAM_sk_type(sk))
# 122| #define sk_X509_VERIFY_PARAM_value(sk, idx) ((X509_VERIFY_PARAM *)OPENSSL_sk_value(ossl_check_const_X509_VERIFY_PARAM_sk_type(sk), (idx)))
Error: CPPCHECK_WARNING (CWE-457): [#def717]
openssl-3.2.2-build/openssl-3.2.2/include/openssl/x509_vfy.h:157: warning[uninitvar]: Uninitialized variables: ptr.flags, ptr.check_trust, ptr.name, ptr.arg1, ptr.arg2
# 155| void *arg2;
# 156| } X509_TRUST;
# 157|-> SKM_DEFINE_STACK_OF_INTERNAL(X509_TRUST, X509_TRUST, X509_TRUST)
# 158| #define sk_X509_TRUST_num(sk) OPENSSL_sk_num(ossl_check_const_X509_TRUST_sk_type(sk))
# 159| #define sk_X509_TRUST_value(sk, idx) ((X509_TRUST *)OPENSSL_sk_value(ossl_check_const_X509_TRUST_sk_type(sk), (idx)))
Error: CPPCHECK_WARNING (CWE-457): [#def718]
openssl-3.2.2-build/openssl-3.2.2/include/openssl/x509v3.h:707: warning[uninitvar]: Uninitialized variables: ptr.trust, ptr.flags, ptr.check_purpose, ptr.name, ptr.sname, ptr.usr_data
# 705| } X509_PURPOSE;
# 706|
# 707|-> SKM_DEFINE_STACK_OF_INTERNAL(X509_PURPOSE, X509_PURPOSE, X509_PURPOSE)
# 708| #define sk_X509_PURPOSE_num(sk) OPENSSL_sk_num(ossl_check_const_X509_PURPOSE_sk_type(sk))
# 709| #define sk_X509_PURPOSE_value(sk, idx) ((X509_PURPOSE *)OPENSSL_sk_value(ossl_check_const_X509_PURPOSE_sk_type(sk), (idx)))
Error: CPPCHECK_WARNING (CWE-457): [#def719]
openssl-3.2.2-build/openssl-3.2.2/include/openssl/x509v3.h:1052: warning[uninitvar]: Uninitialized variables: ptr.parent, ptr.nchild
# 1050|
# 1051| void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
# 1052|-> SKM_DEFINE_STACK_OF_INTERNAL(X509_POLICY_NODE, X509_POLICY_NODE, X509_POLICY_NODE)
# 1053| #define sk_X509_POLICY_NODE_num(sk) OPENSSL_sk_num(ossl_check_const_X509_POLICY_NODE_sk_type(sk))
# 1054| #define sk_X509_POLICY_NODE_value(sk, idx) ((X509_POLICY_NODE *)OPENSSL_sk_value(ossl_check_const_X509_POLICY_NODE_sk_type(sk), (idx)))
Error: CPPCHECK_WARNING: [#def720]
openssl-3.2.2-build/openssl-3.2.2/providers/common/provider_util.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def721]
openssl-3.2.2-build/openssl-3.2.2/providers/common/provider_util.c:257:17: warning[deadcode.DeadStores]: Value stored to 'engine' is never read
# 255| if (p->data_type != OSSL_PARAM_UTF8_STRING)
# 256| return 0;
# 257|-> engine = p->data;
# 258| }
# 259| }
Error: CPPCHECK_WARNING: [#def722]
openssl-3.2.2-build/openssl-3.2.2/providers/fips/self_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-704): [#def723]
openssl-3.2.2-build/openssl-3.2.2/providers/fips/self_test.c: scope_hint: In function 'SELF_TEST_post'
openssl-3.2.2-build/openssl-3.2.2/providers/fips/self_test.c:521:25: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type
# 521 | module_checksum = fips_hmac_container;
# | ^
# 519|
# 520| if (st->module_checksum_data == NULL) {
# 521|-> module_checksum = fips_hmac_container;
# 522| checksum_len = sizeof(fips_hmac_container);
# 523| } else {
Error: CLANG_WARNING: [#def724]
openssl-3.2.2-build/openssl-3.2.2/providers/fips/self_test.c:584:13: warning[deadcode.DeadStores]: Value stored to 'kats_already_passed' is never read
# 582| goto end;
# 583| } else {
# 584|-> kats_already_passed = 1;
# 585| }
# 586| }
Error: CPPCHECK_WARNING: [#def725]
openssl-3.2.2-build/openssl-3.2.2/providers/fips/self_test_kats.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-563): [#def726]
openssl-3.2.2-build/openssl-3.2.2/providers/fips/self_test_kats.c: scope_hint: In function 'self_test_sign'
openssl-3.2.2-build/openssl-3.2.2/providers/fips/self_test_kats.c:461:32: warning[-Wunused-variable]: unused variable 'dgst'
# 461 | static const unsigned char dgst[] = {
# | ^~~~
# 459| unsigned char sig[256];
# 460| size_t siglen = sizeof(sig);
# 461|-> static const unsigned char dgst[] = {
# 462| 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
# 463| 0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28,
Error: CPPCHECK_WARNING: [#def727]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/asymciphers/rsa_enc.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def728]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def729]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def730]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:146: error[legacyUninitvar]: Uninitialized variable: blocks[0].c
# 144|
# 145| /* ask for IVs in bulk */
# 146|-> if (RAND_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4, 0) <= 0)
# 147| return 0;
# 148|
Error: GCC_ANALYZER_WARNING (CWE-121): [#def731]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c: scope_hint: In function 'tls1_multi_block_encrypt'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:170:23: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:170:23: note: write of 8 bytes to beyond the end of 'ciph_d'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:170:23: note: valid subscripts for 'ciph_d' are '[0]' to '[7]'
# +------------------------------------------+
# |
# | [0] | ... | [7] || |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||~~~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~~~|
# | |
# 168|
# 169| for (i = 1; i < x4; i++) {
# 170|-> ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
# 171| ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 172| memcpy(ciph_d[i].out - 16, IVs, 16);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def732]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:170:39: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:170:39: note: write of 8 bytes to beyond the end of 'hash_d'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:170:39: note: valid subscripts for 'hash_d' are '[0]' to '[7]'
# +------------------------------------------+
# |
# | [0] | ... | [7] || |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||~~~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~~~|
# | |
# 168|
# 169| for (i = 1; i < x4; i++) {
# 170|-> ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
# 171| ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 172| memcpy(ciph_d[i].out - 16, IVs, 16);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def733]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:171:23: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:171:23: note: write of 8 bytes to beyond the end of 'ciph_d'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:171:23: note: valid subscripts for 'ciph_d' are '[0]' to '[7]'
# +------------------------------------+
# |
# | [0] | ... | [7] | | |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||||~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~|
# | | |
# 169| for (i = 1; i < x4; i++) {
# 170| ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
# 171|-> ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 172| memcpy(ciph_d[i].out - 16, IVs, 16);
# 173| memcpy(ciph_d[i].iv, IVs, 16);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def734]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:173:9: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:173:9: note: write of 16 bytes to beyond the end of 'ciph_d'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:173:9: note: valid subscripts for 'ciph_d' are '[0]' to '[7]'
# +-------------------------------+
# |
# | [0] | ... | [7] | | |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||||~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~|
# | | |
# 171| ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 172| memcpy(ciph_d[i].out - 16, IVs, 16);
# 173|-> memcpy(ciph_d[i].iv, IVs, 16);
# 174| IVs += 16;
# 175| }
Error: CPPCHECK_WARNING (CWE-758): [#def735]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:609: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 607| c = p[j];
# 608| cmask =
# 609|-> ((int)(j - off - SHA_DIGEST_LENGTH)) >> (sizeof(int) *
# 610| 8 - 1);
# 611| res |= (c ^ pad) & ~cmask; /* ... and padding */
Error: CPPCHECK_WARNING (CWE-758): [#def736]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:612: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 610| 8 - 1);
# 611| res |= (c ^ pad) & ~cmask; /* ... and padding */
# 612|-> cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1);
# 613| res |= (c ^ pmac->c[i]) & cmask;
# 614| i += 1 & cmask;
Error: CPPCHECK_WARNING: [#def737]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def738]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:150: error[legacyUninitvar]: Uninitialized variable: blocks[0].c
# 148|
# 149| /* ask for IVs in bulk */
# 150|-> if (RAND_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4, 0) <= 0)
# 151| return 0;
# 152|
Error: GCC_ANALYZER_WARNING (CWE-121): [#def739]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c: scope_hint: In function 'tls1_multi_block_encrypt'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:174:23: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:174:23: note: write of 8 bytes to beyond the end of 'ciph_d'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:174:23: note: valid subscripts for 'ciph_d' are '[0]' to '[7]'
# +------------------------------------------+
# |
# | [0] | ... | [7] || |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||~~~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~~~|
# | |
# 172|
# 173| for (i = 1; i < x4; i++) {
# 174|-> ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
# 175| ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 176| memcpy(ciph_d[i].out - 16, IVs, 16);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def740]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:174:39: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:174:39: note: write of 8 bytes to beyond the end of 'hash_d'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:174:39: note: valid subscripts for 'hash_d' are '[0]' to '[7]'
# +------------------------------------------+
# |
# | [0] | ... | [7] || |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||~~~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~~~|
# | |
# 172|
# 173| for (i = 1; i < x4; i++) {
# 174|-> ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
# 175| ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 176| memcpy(ciph_d[i].out - 16, IVs, 16);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def741]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:175:23: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:175:23: note: write of 8 bytes to beyond the end of 'ciph_d'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:175:23: note: valid subscripts for 'ciph_d' are '[0]' to '[7]'
# +------------------------------------+
# |
# | [0] | ... | [7] | | |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||||~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~|
# | | |
# 173| for (i = 1; i < x4; i++) {
# 174| ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
# 175|-> ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 176| memcpy(ciph_d[i].out - 16, IVs, 16);
# 177| memcpy(ciph_d[i].iv, IVs, 16);
Error: GCC_ANALYZER_WARNING (CWE-121): [#def742]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:177:9: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:177:9: note: write of 16 bytes to beyond the end of 'ciph_d'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:177:9: note: valid subscripts for 'ciph_d' are '[0]' to '[7]'
# +-------------------------------+
# |
# | [0] | ... | [7] | | |
# |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~||||~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~|
# | | |
# 175| ciph_d[i].out = ciph_d[i - 1].out + packlen;
# 176| memcpy(ciph_d[i].out - 16, IVs, 16);
# 177|-> memcpy(ciph_d[i].iv, IVs, 16);
# 178| IVs += 16;
# 179| }
Error: CPPCHECK_WARNING (CWE-758): [#def743]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:663: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 661| c = p[j];
# 662| cmask =
# 663|-> ((int)(j - off - SHA256_DIGEST_LENGTH)) >>
# 664| (sizeof(int) * 8 - 1);
# 665| res |= (c ^ pad) & ~cmask; /* ... and padding */
Error: CPPCHECK_WARNING (CWE-758): [#def744]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:666: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 664| (sizeof(int) * 8 - 1);
# 665| res |= (c ^ pad) & ~cmask; /* ... and padding */
# 666|-> cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1);
# 667| res |= (c ^ pmac->c[i]) & cmask;
# 668| i += 1 & cmask;
Error: CPPCHECK_WARNING: [#def745]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_gcm_hw.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def746]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_gcm_siv.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def747]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def748]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_gcm_siv_polyval.c:56:20: warning[core.uninitialized.Assign]: Assigned value is garbage or undefined
# 54|
# 55| for (i = 0; i < 16; i++)
# 56|-> out[i] = in[15 - i];
# 57| }
# 58| }
Error: CPPCHECK_WARNING: [#def749]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_ocb.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def750]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_siv.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def751]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_wrp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def752]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_aes_xts.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def753]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_chacha20_hw.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def754]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_chacha20_poly1305.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def755]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def756]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_cts.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def757]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_des.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def758]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_rc2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def759]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_rc4_hmac_md5.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def760]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_rc4_hmac_md5_hw.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def761]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/cipher_tdes_common.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def762]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/ciphercommon.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def763]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/ciphercommon_ccm.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def764]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/ciphers/ciphercommon_gcm.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def765]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/digests/blake2b_prov.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-457): [#def766]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/digests/blake2b_prov.c: scope_hint: In function 'blake2b_compress'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/digests/blake2b_prov.c:283:26: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'm[1]'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/digests/blake2b_prov.c:290:13: note: in expansion of macro 'G'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/digests/blake2b_prov.c:305:9: note: in expansion of macro 'ROUND'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/digests/blake2b_prov.c:290:13: note: in expansion of macro 'G'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/digests/blake2b_prov.c:305:9: note: in expansion of macro 'ROUND'
# 281| c = c + d; \
# 282| b = rotr64(b ^ c, 24); \
# 283|-> a = a + b + m[blake2b_sigma[r][2*i+1]]; \
# 284| d = rotr64(d ^ a, 16); \
# 285| c = c + d; \
Error: GCC_ANALYZER_WARNING (CWE-457): [#def767]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/digests/blake2s_prov.c: scope_hint: In function 'blake2s_compress'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/digests/blake2s_prov.c:204:26: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'm[1]'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/digests/blake2s_prov.c:211:13: note: in expansion of macro 'G'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/digests/blake2s_prov.c:226:9: note: in expansion of macro 'ROUND'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/digests/blake2s_prov.c:211:13: note: in expansion of macro 'G'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/digests/blake2s_prov.c:226:9: note: in expansion of macro 'ROUND'
# 202| c = c + d; \
# 203| b = rotr32(b ^ c, 12); \
# 204|-> a = a + b + m[blake2s_sigma[r][2*i+1]]; \
# 205| d = rotr32(d ^ a, 8); \
# 206| c = c + d; \
Error: CPPCHECK_WARNING: [#def768]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/encode_decode/decode_epki2pki.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def769]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/encode_decode/decode_pem2der.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def770]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/encode_decode/encode_key2text.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def771]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/exchange/dh_exch.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def772]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/exchange/ecdh_exch.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def773]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/argon2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def774]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/argon2.c:272:27: warning[core.UndefinedBinaryOperatorResult]: The left operand of '<<' is a garbage value
# 270| {
# 271| return
# 272|-> (((uint64_t)src[0]) << 0)
# 273| | (((uint64_t)src[1]) << 8)
# 274| | (((uint64_t)src[2]) << 16)
Error: GCC_ANALYZER_WARNING (CWE-457): [#def775]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/argon2.c: scope_hint: In function 'blake2b_long'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/argon2.c:884:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '&outbuf'
# 882|
# 883| if (outlen > BLAKE2B_OUTBYTES) {
# 884|-> memcpy(out, outbuf, BLAKE2B_OUTBYTES / 2);
# 885| out += BLAKE2B_OUTBYTES / 2;
# 886| outlen_curr = (uint32_t) outlen - BLAKE2B_OUTBYTES / 2;
Error: CPPCHECK_WARNING: [#def776]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/hkdf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def777]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/hkdf.c:326:9: warning[deadcode.DeadStores]: Value stored to 'any_valid' is never read
# 324| size_t sz = kdf_hkdf_size(ctx);
# 325|
# 326|-> any_valid = 1;
# 327| if (sz == 0)
# 328| return 0;
Error: CLANG_WARNING: [#def778]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/hkdf.c:332:9: warning[deadcode.DeadStores]: Value stored to 'any_valid' is never read
# 330| }
# 331| if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_INFO)) != NULL) {
# 332|-> any_valid = 1;
# 333| if (ctx->info == NULL || ctx->info_len == 0) {
# 334| p->return_size = 0;
Error: CPPCHECK_WARNING: [#def779]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/hmacdrbg_kdf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def780]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/kbkdf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def781]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/krb5kdf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def782]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/pbkdf1.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def783]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/pbkdf2.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def784]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/pkcs12kdf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def785]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/pvkkdf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def786]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/scrypt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def787]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/sshkdf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def788]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/sskdf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def789]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/tls1_prf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-563): [#def790]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/tls1_prf.c: scope_hint: In function 'kdf_tls1_prf_free'
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/tls1_prf.c:131:19: warning[-Wunused-variable]: unused variable 'libctx'
# 131 | OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
# | ^~~~~~
# 129| {
# 130| TLS1_PRF *ctx = (TLS1_PRF *)vctx;
# 131|-> OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
# 132|
# 133| if (ctx != NULL) {
Error: CLANG_WARNING: [#def791]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/tls1_prf.c:131:19: warning[deadcode.DeadStores]: Value stored to 'libctx' during its initialization is never read
# 129| {
# 130| TLS1_PRF *ctx = (TLS1_PRF *)vctx;
# 131|-> OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
# 132|
# 133| if (ctx != NULL) {
Error: CPPCHECK_WARNING: [#def792]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kdfs/x942kdf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def793]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kem/ec_kem.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def794]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kem/ecx_kem.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def795]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/kem/rsa_kem.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def796]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/keymgmt/dh_kmgmt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def797]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/keymgmt/dsa_kmgmt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def798]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/keymgmt/ec_kmgmt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def799]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/keymgmt/ecx_kmgmt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def800]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/keymgmt/mac_legacy_kmgmt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def801]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/keymgmt/rsa_kmgmt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def802]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/macs/blake2b_mac.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def803]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/macs/blake2s_mac.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def804]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/macs/cmac_prov.c:204:10: warning[deadcode.DeadStores]: Although the value stored to 'p' is used in the enclosing expression, the value is never actually read from 'p'
# 202| return 1;
# 203|
# 204|-> if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CIPHER)) != NULL) {
# 205| if (!ossl_prov_cipher_load_from_params(&macctx->cipher, params, ctx))
# 206| return 0;
Error: CPPCHECK_WARNING: [#def805]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/macs/gmac_prov.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def806]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/macs/gmac_prov.c:215:10: warning[deadcode.DeadStores]: Although the value stored to 'p' is used in the enclosing expression, the value is never actually read from 'p'
# 213| return 0;
# 214|
# 215|-> if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CIPHER)) != NULL) {
# 216| if (!ossl_prov_cipher_load_from_params(&macctx->cipher, params, provctx))
# 217| return 0;
Error: CPPCHECK_WARNING: [#def807]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/macs/hmac_prov.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def808]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/macs/kmac_prov.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def809]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/macs/siphash_prov.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def810]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/rands/drbg.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def811]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/rands/drbg_ctr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def812]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/rands/drbg_hash.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def813]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/rands/drbg_hmac.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def814]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/rands/seeding/rand_unix.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def815]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/rands/test_rng.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def816]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/signature/dsa_sig.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def817]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/signature/dsa_sig.c:363: warning[uninitvar]: Uninitialized variable: digest
# 361| pdsactx->flag_allow_md = 1;
# 362|
# 363|-> return dsa_sign(vpdsactx, sig, siglen, sigsize, digest, (size_t)dlen);
# 364| }
# 365|
Error: CPPCHECK_WARNING: [#def818]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/signature/ecdsa_sig.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def819]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/signature/eddsa_sig.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def820]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/signature/mac_legacy_sig.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def821]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/signature/rsa_sig.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def822]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/signature/rsa_sig.c:968: warning[uninitvar]: Uninitialized variable: digest
# 966| }
# 967|
# 968|-> return rsa_sign(vprsactx, sig, siglen, sigsize, digest, (size_t)dlen);
# 969| }
# 970|
Error: CPPCHECK_WARNING: [#def823]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/storemgmt/file_store.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def824]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/storemgmt/file_store_any2obj.c:147:5: warning[deadcode.DeadStores]: Value stored to 'ok' is never read
# 145| goto next;
# 146|
# 147|-> ok = 0;
# 148| mem_want = ossl_blob_length(bitlen, isdss, ispub);
# 149| if (!BUF_MEM_grow(mem, mem_len + mem_want)) {
Error: CLANG_WARNING: [#def825]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/storemgmt/file_store_any2obj.c:156:5: warning[deadcode.DeadStores]: Value stored to 'mem_len' is never read
# 154| ERR_set_mark();
# 155| ok = BIO_read(in, &mem->data[mem_len], mem_want) == (int)mem_want;
# 156|-> mem_len += mem_want;
# 157| ERR_pop_to_mark();
# 158|
Error: CLANG_WARNING: [#def826]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/storemgmt/file_store_any2obj.c:214:5: warning[deadcode.DeadStores]: Value stored to 'ok' is never read
# 212| goto next;
# 213|
# 214|-> ok = 0;
# 215| mem_want = saltlen + keylen;
# 216| if (!BUF_MEM_grow(mem, mem_len + mem_want)) {
Error: CLANG_WARNING: [#def827]
openssl-3.2.2-build/openssl-3.2.2/providers/implementations/storemgmt/file_store_any2obj.c:223:5: warning[deadcode.DeadStores]: Value stored to 'mem_len' is never read
# 221| ERR_set_mark();
# 222| ok = BIO_read(in, &mem->data[mem_len], mem_want) == (int)mem_want;
# 223|-> mem_len += mem_want;
# 224| ERR_pop_to_mark();
# 225|
Error: CPPCHECK_WARNING: [#def828]
openssl-3.2.2-build/openssl-3.2.2/ssl/d1_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def829]
openssl-3.2.2-build/openssl-3.2.2/ssl/d1_lib.c: scope_hint: In function 'dtls1_shutdown'
openssl-3.2.2-build/openssl-3.2.2/ssl/d1_lib.c:869:13: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/ssl/d1_lib.c:14: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1816:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_ONLY_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/d1_lib.c:862:26: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_ONLY'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1816:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_ONLY_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/d1_lib.c:862:26: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_ONLY'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1816:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_ONLY_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/d1_lib.c:862:26: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_ONLY'
# 867| wbio = SSL_get_wbio(s);
# 868| if (wbio != NULL && BIO_dgram_is_sctp(wbio) &&
# 869|-> !(sc->shutdown & SSL_SENT_SHUTDOWN)) {
# 870| ret = BIO_dgram_sctp_wait_for_dry(wbio);
# 871| if (ret < 0)
Error: CPPCHECK_WARNING: [#def830]
openssl-3.2.2-build/openssl-3.2.2/ssl/priority_queue.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def831]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/cc_newreno.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def832]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_ackm.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def833]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_channel.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def834]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_demux.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def835]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_fifd.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def836]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def837]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:310:28: warning[core.NullDereference]: Access to field 'mutex' results in a dereference of a null pointer (loaded from variable 'qc')
# 308| {
# 309| #if defined(OPENSSL_THREADS)
# 310|-> ossl_crypto_mutex_lock(qc->mutex);
# 311| #endif
# 312| }
Error: CLANG_WARNING: [#def838]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:626:9: warning[core.NullDereference]: Access to field 'is_thread_assisted' results in a dereference of a null pointer (loaded from field 'qc')
# 624|
# 625| #if !defined(OPENSSL_NO_QUIC_THREAD_ASSIST)
# 626|-> if (ctx.qc->is_thread_assisted && ctx.qc->started)
# 627| ossl_quic_thread_assist_notify_deadline_changed(&ctx.qc->thread_assist);
# 628| #endif
Error: CLANG_WARNING: [#def839]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:876:9: warning[core.NullDereference]: Access to field 'net_rbio' results in a dereference of a null pointer (loaded from field 'qc')
# 874| return;
# 875|
# 876|-> if (ctx.qc->net_rbio == net_rbio)
# 877| return;
# 878|
Error: CLANG_WARNING: [#def840]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:903:9: warning[core.NullDereference]: Access to field 'net_wbio' results in a dereference of a null pointer (loaded from field 'qc')
# 901| return;
# 902|
# 903|-> if (ctx.qc->net_wbio == net_wbio)
# 904| return;
# 905|
Error: CLANG_WARNING: [#def841]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:930:12: warning[core.NullDereference]: Access to field 'net_rbio' results in a dereference of a null pointer (loaded from field 'qc')
# 928| return NULL;
# 929|
# 930|-> return ctx.qc->net_rbio;
# 931| }
# 932|
Error: CLANG_WARNING: [#def842]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:940:12: warning[core.NullDereference]: Access to field 'net_wbio' results in a dereference of a null pointer (loaded from field 'qc')
# 938| return NULL;
# 939|
# 940|-> return ctx.qc->net_wbio;
# 941| }
# 942|
Error: CLANG_WARNING: [#def843]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:1014:9: warning[core.NullDereference]: Access to field 'started' results in a dereference of a null pointer (loaded from field 'qc')
# 1012| return 0;
# 1013|
# 1014|-> if (ctx.qc->started)
# 1015| return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
# 1016| NULL);
Error: CLANG_WARNING: [#def844]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:1040:12: warning[core.NullDereference]: Access to field 'blocking' results in a dereference of a null pointer (loaded from variable 'qc')
# 1038| static int qc_blocking_mode(const QUIC_CONNECTION *qc)
# 1039| {
# 1040|-> return qc->blocking;
# 1041| }
# 1042|
Error: CLANG_WARNING: [#def845]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:1078:15: warning[deadcode.DeadStores]: Value stored to 'deadline' during its initialization is never read
# 1076| {
# 1077| QCTX ctx;
# 1078|-> OSSL_TIME deadline = ossl_time_infinite();
# 1079|
# 1080| if (!expect_quic(s, &ctx))
Error: CLANG_WARNING: [#def846]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:1116:25: warning[core.NullDereference]: Access to field 'net_rbio' results in a dereference of a null pointer (loaded from field 'qc')
# 1114| return 0;
# 1115|
# 1116|-> if (desc == NULL || ctx.qc->net_rbio == NULL)
# 1117| return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
# 1118| NULL);
Error: CLANG_WARNING: [#def847]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:1131:25: warning[core.NullDereference]: Access to field 'net_wbio' results in a dereference of a null pointer (loaded from field 'qc')
# 1129| return 0;
# 1130|
# 1131|-> if (desc == NULL || ctx.qc->net_wbio == NULL)
# 1132| return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, ERR_R_PASSED_INVALID_ARGUMENT,
# 1133| NULL);
Error: CLANG_WARNING: [#def848]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:1350:38: warning[core.NullDereference]: Access to field 'default_ssl_mode' results in a dereference of a null pointer (loaded from field 'qc')
# 1348| /* If called on a QCSO, update the default mode. */
# 1349| if (!ctx.is_stream)
# 1350|-> ctx.qc->default_ssl_mode |= (uint32_t)larg;
# 1351|
# 1352| /*
Error: CLANG_WARNING: [#def849]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:1368:38: warning[core.NullDereference]: Access to field 'default_ssl_mode' results in a dereference of a null pointer (loaded from field 'qc')
# 1366| case SSL_CTRL_CLEAR_MODE:
# 1367| if (!ctx.is_stream)
# 1368|-> ctx.qc->default_ssl_mode &= ~(uint32_t)larg;
# 1369|
# 1370| if (ctx.xso != NULL) {
Error: CLANG_WARNING: [#def850]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:1378:48: warning[core.NullDereference]: Access to field 'ch' results in a dereference of a null pointer (loaded from field 'qc')
# 1376|
# 1377| case SSL_CTRL_SET_MSG_CALLBACK_ARG:
# 1378|-> ossl_quic_channel_set_msg_callback_arg(ctx.qc->ch, parg);
# 1379| /* This ctrl also needs to be passed to the internal SSL object */
# 1380| return SSL_ctrl(ctx.qc->tls, cmd, larg, parg);
Error: CLANG_WARNING: [#def851]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:1425:9: warning[core.NullDereference]: Access to field 'started' results in a dereference of a null pointer (loaded from field 'qc')
# 1423|
# 1424| /* Cannot be changed after handshake started */
# 1425|-> if (ctx.qc->started || ctx.is_stream)
# 1426| return;
# 1427|
Error: CLANG_WARNING: [#def852]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:1440:9: warning[core.NullDereference]: Access to field 'started' results in a dereference of a null pointer (loaded from field 'qc')
# 1438|
# 1439| /* Cannot be changed after handshake started */
# 1440|-> if (ctx.qc->started || ctx.is_stream)
# 1441| return;
# 1442|
Error: CLANG_WARNING: [#def853]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:2951:13: warning[core.NullDereference]: Access to field 'default_xso_created' results in a dereference of a null pointer (loaded from field 'qc')
# 2949| * SSL_read() or SSL_write() first.
# 2950| */
# 2951|-> if (ctx.qc->default_xso_created
# 2952| || ctx.qc->default_stream_mode == SSL_DEFAULT_STREAM_MODE_NONE)
# 2953| return SSL_STREAM_TYPE_NONE;
Error: CLANG_WARNING: [#def854]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:3513:48: warning[core.NullDereference]: Access to field 'ch' results in a dereference of a null pointer (loaded from field 'qc')
# 3511| return -1;
# 3512|
# 3513|-> tc = ossl_quic_channel_get_terminate_cause(ctx.qc->ch);
# 3514| if (tc == NULL)
# 3515| return 0;
Error: CLANG_WARNING: [#def855]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:3602:44: warning[core.NullDereference]: Access to field 'ch' results in a dereference of a null pointer (loaded from field 'qc')
# 3600| switch (cmd) {
# 3601| case SSL_CTRL_SET_MSG_CALLBACK:
# 3602|-> ossl_quic_channel_set_msg_callback(ctx.qc->ch, (ossl_msg_cb)fp,
# 3603| &ctx.qc->ssl);
# 3604| /* This callback also needs to be set on the internal SSL object */
Error: CLANG_WARNING: [#def856]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:3609:35: warning[core.NullDereference]: Access to field 'tls' results in a dereference of a null pointer (loaded from field 'qc')
# 3607| default:
# 3608| /* Probably a TLS related ctrl. Defer to our internal SSL object */
# 3609|-> return ssl3_callback_ctrl(ctx.qc->tls, cmd, fp);
# 3610| }
# 3611| }
Error: CLANG_WARNING: [#def857]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:3661:39: warning[core.NullDereference]: Access to field 'ch' results in a dereference of a null pointer (loaded from field 'qc')
# 3659| return 0;
# 3660|
# 3661|-> if (ossl_quic_channel_is_term_any(ctx.qc->ch)) {
# 3662| shut |= SSL_SENT_SHUTDOWN;
# 3663| if (!ossl_quic_channel_is_closing(ctx.qc->ch))
Error: CLANG_WARNING: [#def858]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_impl.c:3682:12: warning[core.NullDereference]: Access to field 'ch' results in a dereference of a null pointer (loaded from field 'qc')
# 3680| return NULL;
# 3681|
# 3682|-> return ctx.qc->ch;
# 3683| }
Error: CPPCHECK_WARNING: [#def859]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_rx.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def860]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_shared.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def861]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_shared.c: scope_hint: In function 'ossl_qrl_enc_level_set_have_el'
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_shared.c:49:15: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
# 47| OSSL_QRL_ENC_LEVEL *el = ossl_qrl_enc_level_set_get(els, enc_level, 0);
# 48|
# 49|-> switch (el->state) {
# 50| case QRL_EL_STATE_UNPROV:
# 51| return 0;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def862]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_shared.c: scope_hint: In function 'el_teardown_keyslot'
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_shared.c:90:63: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
# 88| OSSL_QRL_ENC_LEVEL *el = ossl_qrl_enc_level_set_get(els, enc_level, 0);
# 89|
# 90|-> if (!ossl_qrl_enc_level_set_has_keyslot(els, enc_level, el->state, keyslot))
# 91| return;
# 92|
Error: CPPCHECK_WARNING: [#def863]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_tx.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-476): [#def864]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_tx.c:41: error[ctunullpointer]: Null pointer dereference: elem
# 39| };
# 40|
# 41|-> DEFINE_LIST_OF(txe, TXE);
# 42| typedef OSSL_LIST(txe) TXE_LIST;
# 43|
Error: CPPCHECK_WARNING (CWE-476): [#def865]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_tx.c:41: error[ctunullpointer]: Null pointer dereference: list
# 39| };
# 40|
# 41|-> DEFINE_LIST_OF(txe, TXE);
# 42| typedef OSSL_LIST(txe) TXE_LIST;
# 43|
Error: CLANG_WARNING: [#def866]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_record_tx.c:41:1: warning[core.NullDereference]: Access to field 'alpha' results in a dereference of a null pointer (loaded from variable 'list')
# 39| };
# 40|
# 41|-> DEFINE_LIST_OF(txe, TXE);
# 42| typedef OSSL_LIST(txe) TXE_LIST;
# 43|
Error: CPPCHECK_WARNING: [#def867]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_rstream.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def868]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_rx_depack.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def869]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_sf_list.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def870]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_sstream.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def871]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_tls.c: scope_hint: In function 'ossl_quic_tls_tick'
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_tls.c:758:54: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_tls.c:12: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1824:7: note: in definition of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_tls.c:734:30: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL'
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_tls.c:9: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_tls.c:752:14: note: in expansion of macro 'SSL_set_min_proto_version'
# 756| ossl_ssl_set_custom_record_layer(sc, &quic_tls_record_method, qtls);
# 757|
# 758|-> if (!ossl_tls_add_custom_ext_intern(NULL, &sc->cert->custext,
# 759| qtls->args.is_server ? ENDPOINT_SERVER
# 760| : ENDPOINT_CLIENT,
Error: CPPCHECK_WARNING: [#def872]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_tserver.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def873]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_txp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def874]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_txp.c:2769:13: warning[deadcode.DeadStores]: Value stored to 'done_pre_token' is never read
# 2767| chosen_for_conn_close,
# 2768| &can_be_non_inflight))
# 2769|-> done_pre_token = 1;
# 2770|
# 2771| /* CRYPTO Frames */
Error: CLANG_WARNING: [#def875]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_txpim.c:163:12: warning[deadcode.DeadStores]: Value stored to 'new_alloc_chunks' during its initialization is never read
# 161| QUIC_TXPIM_PKT_EX *ex = (QUIC_TXPIM_PKT_EX *)fpkt;
# 162| QUIC_TXPIM_CHUNK *new_chunk;
# 163|-> size_t new_alloc_chunks = ex->alloc_chunks;
# 164|
# 165| if (ex->num_chunks == ex->alloc_chunks) {
Error: CPPCHECK_WARNING: [#def876]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_wire.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def877]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/quic_wire_pkt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def878]
openssl-3.2.2-build/openssl-3.2.2/ssl/quic/uint_set.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def879]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/dtls_meth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def880]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/ktls_meth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def881]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/ktls_meth.c: scope_hint: In function 'ktls_configure_crypto'
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/ktls_meth.c:225:9: warning[-Wanalyzer-null-dereference]: dereference of NULL 'eiv'
# 223| crypto_info->gcm128.info.version = version;
# 224| crypto_info->tls_crypto_info_len = sizeof(crypto_info->gcm128);
# 225|-> memcpy(crypto_info->gcm128.iv, eiv, TLS_CIPHER_AES_GCM_128_IV_SIZE);
# 226| memcpy(crypto_info->gcm128.salt, iv, TLS_CIPHER_AES_GCM_128_SALT_SIZE);
# 227| memcpy(crypto_info->gcm128.key, key, keylen);
Error: CLANG_WARNING: [#def882]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/ktls_meth.c:225:9: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 223| crypto_info->gcm128.info.version = version;
# 224| crypto_info->tls_crypto_info_len = sizeof(crypto_info->gcm128);
# 225|-> memcpy(crypto_info->gcm128.iv, eiv, TLS_CIPHER_AES_GCM_128_IV_SIZE);
# 226| memcpy(crypto_info->gcm128.salt, iv, TLS_CIPHER_AES_GCM_128_SALT_SIZE);
# 227| memcpy(crypto_info->gcm128.key, key, keylen);
Error: GCC_ANALYZER_WARNING (CWE-476): [#def883]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/ktls_meth.c:242:9: warning[-Wanalyzer-null-dereference]: dereference of NULL 'eiv'
# 240| crypto_info->gcm256.info.version = version;
# 241| crypto_info->tls_crypto_info_len = sizeof(crypto_info->gcm256);
# 242|-> memcpy(crypto_info->gcm256.iv, eiv, TLS_CIPHER_AES_GCM_256_IV_SIZE);
# 243| memcpy(crypto_info->gcm256.salt, iv, TLS_CIPHER_AES_GCM_256_SALT_SIZE);
# 244| memcpy(crypto_info->gcm256.key, key, keylen);
Error: CLANG_WARNING: [#def884]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/ktls_meth.c:242:9: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 240| crypto_info->gcm256.info.version = version;
# 241| crypto_info->tls_crypto_info_len = sizeof(crypto_info->gcm256);
# 242|-> memcpy(crypto_info->gcm256.iv, eiv, TLS_CIPHER_AES_GCM_256_IV_SIZE);
# 243| memcpy(crypto_info->gcm256.salt, iv, TLS_CIPHER_AES_GCM_256_SALT_SIZE);
# 244| memcpy(crypto_info->gcm256.key, key, keylen);
Error: GCC_ANALYZER_WARNING (CWE-476): [#def885]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/ktls_meth.c:260:9: warning[-Wanalyzer-null-dereference]: dereference of NULL 'eiv'
# 258| crypto_info->ccm128.info.version = version;
# 259| crypto_info->tls_crypto_info_len = sizeof(crypto_info->ccm128);
# 260|-> memcpy(crypto_info->ccm128.iv, eiv, TLS_CIPHER_AES_CCM_128_IV_SIZE);
# 261| memcpy(crypto_info->ccm128.salt, iv, TLS_CIPHER_AES_CCM_128_SALT_SIZE);
# 262| memcpy(crypto_info->ccm128.key, key, keylen);
Error: CLANG_WARNING: [#def886]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/ktls_meth.c:260:9: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 258| crypto_info->ccm128.info.version = version;
# 259| crypto_info->tls_crypto_info_len = sizeof(crypto_info->ccm128);
# 260|-> memcpy(crypto_info->ccm128.iv, eiv, TLS_CIPHER_AES_CCM_128_IV_SIZE);
# 261| memcpy(crypto_info->ccm128.salt, iv, TLS_CIPHER_AES_CCM_128_SALT_SIZE);
# 262| memcpy(crypto_info->ccm128.key, key, keylen);
Error: CPPCHECK_WARNING: [#def887]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/ssl3_cbc.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def888]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/ssl3_meth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def889]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/tls13_meth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def890]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/tls1_meth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def891]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/tls_common.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def892]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/tls_multib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def893]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/tls_pad.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def894]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/methods/tlsany_meth.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def895]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/rec_layer_d1.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def896]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/rec_layer_s3.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def897]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/rec_layer_s3.c: scope_hint: In function 'ssl3_read_bytes'
openssl-3.2.2-build/openssl-3.2.2/ssl/record/rec_layer_s3.c:666:14: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
# 664| if (!ossl_statem_get_in_handshake(s) && SSL_in_init(ssl)) {
# 665| /* type == SSL3_RT_APPLICATION_DATA */
# 666|-> i = s->handshake_func(ssl);
# 667| /* SSLfatal() already called */
# 668| if (i < 0)
Error: GCC_ANALYZER_WARNING (CWE-476): [#def898]
openssl-3.2.2-build/openssl-3.2.2/ssl/record/rec_layer_s3.c:674:16: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
# 672| }
# 673| start:
# 674|-> s->rwstate = SSL_NOTHING;
# 675|
# 676| /*-
Error: CPPCHECK_WARNING: [#def899]
openssl-3.2.2-build/openssl-3.2.2/ssl/s3_enc.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def900]
openssl-3.2.2-build/openssl-3.2.2/ssl/s3_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def901]
openssl-3.2.2-build/openssl-3.2.2/ssl/s3_msg.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def902]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_asn1.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def903]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_cert.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def904]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_cert_comp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-476): [#def905]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_cert_comp.c:416: warning[nullPointer]: Possible null pointer dereference: sc
# 414| CERT_PKEY *cpk = NULL;
# 415|
# 416|-> if (sc->cert != NULL)
# 417| cpk = sc->cert->key;
# 418| else
Error: GCC_ANALYZER_WARNING (CWE-476): [#def906]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_cert_comp.c: scope_hint: In function 'SSL_get1_compressed_cert'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_cert_comp.c:416:11: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_cert_comp.c:11: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1831:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_cert_comp.c:413:26: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL'
# 414| CERT_PKEY *cpk = NULL;
# 415|
# 416|-> if (sc->cert != NULL)
# 417| cpk = sc->cert->key;
# 418| else
Error: CPPCHECK_WARNING: [#def907]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_ciph.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-704): [#def908]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_ciph.c: scope_hint: In function 'ssl_create_cipher_list'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_ciph.c:1526:19: warning[-Wdiscarded-qualifiers]: initialization discards 'const' qualifier from pointer target type
# 1524|
# 1525| if (rule_str != NULL && strncmp(rule_str, "PROFILE=SYSTEM", 14) == 0) {
# 1526|-> char *p = rule_str + 14;
# 1527|
# 1528| new_rules = load_system_str(p);
Error: CPPCHECK_WARNING: [#def909]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_conf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def910]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def911]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:465:13: warning[deadcode.DeadStores]: Value stored to 'min_version' is never read
# 463| if (min_version == 0)
# 464| /* Ignore DTLS1_BAD_VER */
# 465|-> min_version = DTLS1_VERSION;
# 466| if (max_version == 0)
# 467| max_version = DTLS1_2_VERSION;
Error: CLANG_WARNING: [#def912]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:467:13: warning[deadcode.DeadStores]: Value stored to 'max_version' is never read
# 465| min_version = DTLS1_VERSION;
# 466| if (max_version == 0)
# 467|-> max_version = DTLS1_2_VERSION;
# 468| #ifdef OPENSSL_NO_DTLS1_2
# 469| if (max_version == DTLS1_2_VERSION)
Error: GCC_ANALYZER_WARNING (CWE-476): [#def913]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c: scope_hint: In function 'SSL_is_dtls'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:935:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 's'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:13: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1831:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:932:26: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL'
# 933|
# 934| #ifndef OPENSSL_NO_QUIC
# 935|-> if (s->type == SSL_TYPE_QUIC_CONNECTION || s->type == SSL_TYPE_QUIC_XSO)
# 936| return 0;
# 937| #endif
Error: GCC_ANALYZER_WARNING (CWE-476): [#def914]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c: scope_hint: In function 'SSL_is_tls'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:950:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 's'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1831:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:947:26: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL'
# 948|
# 949| #ifndef OPENSSL_NO_QUIC
# 950|-> if (s->type == SSL_TYPE_QUIC_CONNECTION || s->type == SSL_TYPE_QUIC_XSO)
# 951| return 0;
# 952| #endif
Error: GCC_ANALYZER_WARNING (CWE-476): [#def915]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c: scope_hint: In function 'SSL_set_wfd'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:1693:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 's'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1833:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:1581:32: note: in expansion of macro 'SSL_CONNECTION_FROM_CONST_SSL'
# 1691| int desired_type = IS_QUIC(s) ? BIO_TYPE_DGRAM : BIO_TYPE_SOCKET;
# 1692|
# 1693|-> if (s->type == SSL_TYPE_QUIC_XSO) {
# 1694| ERR_raise(ERR_LIB_SSL, SSL_R_CONN_USE_ONLY);
# 1695| return 0;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def916]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c: scope_hint: In function 'SSL_set_rfd'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:1729:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 's'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1833:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:1596:32: note: in expansion of macro 'SSL_CONNECTION_FROM_CONST_SSL'
# 1727| int desired_type = IS_QUIC(s) ? BIO_TYPE_DGRAM : BIO_TYPE_SOCKET;
# 1728|
# 1729|-> if (s->type == SSL_TYPE_QUIC_XSO) {
# 1730| ERR_raise(ERR_LIB_SSL, SSL_R_CONN_USE_ONLY);
# 1731| return 0;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def917]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c: scope_hint: In function 'SSL_do_handshake'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:4701:11: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1831:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:4694:26: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL'
# 4699| #endif
# 4700|
# 4701|-> if (sc->handshake_func == NULL) {
# 4702| ERR_raise(ERR_LIB_SSL, SSL_R_CONNECTION_TYPE_NOT_SET);
# 4703| return -1;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def918]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c: scope_hint: In function 'SSL_set_accept_state'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:4736:16: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1816:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_ONLY_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:4727:26: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_ONLY'
# 4734| #endif
# 4735|
# 4736|-> sc->server = 1;
# 4737| sc->shutdown = 0;
# 4738| ossl_statem_clear(sc);
Error: GCC_ANALYZER_WARNING (CWE-476): [#def919]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c: scope_hint: In function 'SSL_set_connect_state'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:4755:16: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1816:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_ONLY_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:4746:26: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_ONLY'
# 4753| #endif
# 4754|
# 4755|-> sc->server = 0;
# 4756| sc->shutdown = 0;
# 4757| ossl_statem_clear(sc);
Error: GCC_ANALYZER_WARNING (CWE-476): [#def920]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c: scope_hint: In function 'SSL_get_version'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:4825:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 's'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1833:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:4821:32: note: in expansion of macro 'SSL_CONNECTION_FROM_CONST_SSL'
# 4823| #ifndef OPENSSL_NO_QUIC
# 4824| /* We only support QUICv1 - so if its QUIC its QUICv1 */
# 4825|-> if (s->type == SSL_TYPE_QUIC_CONNECTION || s->type == SSL_TYPE_QUIC_XSO)
# 4826| return "QUICv1";
# 4827| #endif
Error: GCC_ANALYZER_WARNING (CWE-476): [#def921]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c: scope_hint: In function 'SSL_version'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:5187:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 's'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1833:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:5183:32: note: in expansion of macro 'SSL_CONNECTION_FROM_CONST_SSL'
# 5185| #ifndef OPENSSL_NO_QUIC
# 5186| /* We only support QUICv1 - so if its QUIC its QUICv1 */
# 5187|-> if (s->type == SSL_TYPE_QUIC_CONNECTION || s->type == SSL_TYPE_QUIC_XSO)
# 5188| return OSSL_QUIC1_VERSION;
# 5189| #endif
Error: GCC_ANALYZER_WARNING (CWE-476): [#def922]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c: scope_hint: In function 'SSL_client_version'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:5202:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 's'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1833:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:5198:32: note: in expansion of macro 'SSL_CONNECTION_FROM_CONST_SSL'
# 5200| #ifndef OPENSSL_NO_QUIC
# 5201| /* We only support QUICv1 - so if its QUIC its QUICv1 */
# 5202|-> if (s->type == SSL_TYPE_QUIC_CONNECTION || s->type == SSL_TYPE_QUIC_XSO)
# 5203| return OSSL_QUIC1_VERSION;
# 5204| #endif
Error: GCC_ANALYZER_WARNING (CWE-476): [#def923]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c: scope_hint: In function 'SSL_get0_client_cert_type'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:7767:12: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1833:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:7762:32: note: in expansion of macro 'SSL_CONNECTION_FROM_CONST_SSL'
# 7765| return 0;
# 7766|
# 7767|-> *t = sc->client_cert_type;
# 7768| *len = sc->client_cert_type_len;
# 7769| return 1;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def924]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c: scope_hint: In function 'SSL_get0_server_cert_type'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:7779:12: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1833:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_lib.c:7774:32: note: in expansion of macro 'SSL_CONNECTION_FROM_CONST_SSL'
# 7777| return 0;
# 7778|
# 7779|-> *t = sc->server_cert_type;
# 7780| *len = sc->server_cert_type_len;
# 7781| return 1;
Error: CPPCHECK_WARNING: [#def925]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_mcnf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def926]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_rsa.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-476): [#def927]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_rsa.c:961: warning[nullPointer]: Possible null pointer dereference: ctx
# 959| return 0;
# 960|
# 961|-> c = sc != NULL ? sc->cert : ctx->cert;
# 962| /* Do all security checks before anything else */
# 963| rv = ssl_security_cert(sc, ctx, x509, 0, 1);
Error: CPPCHECK_WARNING: [#def928]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_sess.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-562): [#def929]
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_sess.c:557: error[returnDanglingLifetime]: Returning pointer to local variable 'copy' that will be invalid when returning.
# 555| }
# 556|
# 557|-> return ret;
# 558| }
# 559|
Error: CPPCHECK_WARNING: [#def930]
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/extensions.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def931]
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/extensions_clnt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def932]
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/extensions_clnt.c:289:17: warning[core.NullDereference]: Dereference of null pointer
# 287|
# 288| if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_session_ticket)
# 289|-> || !WPACKET_sub_memcpy_u16(pkt, s->session->ext.tick, ticklen)) {
# 290| SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
# 291| return EXT_RETURN_FAIL;
Error: CPPCHECK_WARNING: [#def933]
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/extensions_cust.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def934]
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/extensions_srvr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def935]
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/statem.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def936]
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/statem_clnt.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def937]
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/statem_clnt.c:1435:43: warning[core.NullDereference]: Access to field 'algorithm2' results in a dereference of a null pointer (loaded from field 'cipher')
# 1433| */
# 1434| if (md == NULL
# 1435|-> || md != ssl_md(sctx, s->session->cipher->algorithm2)) {
# 1436| SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER,
# 1437| SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED);
Error: CPPCHECK_WARNING: [#def938]
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/statem_dtls.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def939]
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/statem_dtls.c:678:13: warning[deadcode.DeadStores]: Value stored to 'i' is never read
# 676| item = pitem_new(seq64be, frag);
# 677| if (item == NULL) {
# 678|-> i = -1;
# 679| goto err;
# 680| }
Error: GCC_ANALYZER_WARNING (CWE-688): [#def940]
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/statem_dtls.c: scope_hint: In function 'dtls1_buffer_message'
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/statem_dtls.c:1127:5: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
<built-in>: note: argument 1 of '__builtin_memcpy' must be non-null
# 1125| return 0;
# 1126|
# 1127|-> memcpy(frag->fragment, s->init_buf->data, s->init_num);
# 1128|
# 1129| if (is_ccs) {
Error: CLANG_WARNING: [#def941]
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/statem_dtls.c:1127:5: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 1125| return 0;
# 1126|
# 1127|-> memcpy(frag->fragment, s->init_buf->data, s->init_num);
# 1128|
# 1129| if (is_ccs) {
Error: CPPCHECK_WARNING: [#def942]
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/statem_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def943]
openssl-3.2.2-build/openssl-3.2.2/ssl/statem/statem_srvr.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def944]
openssl-3.2.2-build/openssl-3.2.2/ssl/t1_lib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def945]
openssl-3.2.2-build/openssl-3.2.2/ssl/t1_lib.c: scope_hint: In function 'tls_choose_sigalg'
openssl-3.2.2-build/openssl-3.2.2/ssl/t1_lib.c:3907:17: warning[-Wanalyzer-null-dereference]: dereference of NULL 'lu'
# 3905| }
# 3906| if (sig_idx == -1)
# 3907|-> sig_idx = lu->sig_idx;
# 3908| s->s3.tmp.cert = &s->cert->pkeys[sig_idx];
# 3909| s->cert->key = s->s3.tmp.cert;
Error: CPPCHECK_WARNING: [#def946]
openssl-3.2.2-build/openssl-3.2.2/ssl/t1_trce.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def947]
openssl-3.2.2-build/openssl-3.2.2/ssl/tls13_enc.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def948]
openssl-3.2.2-build/openssl-3.2.2/ssl/tls_srp.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-1164): [#def949]
openssl-3.2.2-build/openssl-3.2.2/test/acvp_test.c:369:12: warning[-Wunused-function]: 'dsa_keygen_test' defined but not used
# 369 | static int dsa_keygen_test(int id)
# | ^~~~~~~~~~~~~~~
# 367| }
# 368|
# 369|-> static int dsa_keygen_test(int id)
# 370| {
# 371| int ret = 0, i;
Error: COMPILER_WARNING (CWE-1164): [#def950]
openssl-3.2.2-build/openssl-3.2.2/test/acvp_test.c:409:12: warning[-Wunused-function]: 'dsa_paramgen_test' defined but not used
# 409 | static int dsa_paramgen_test(int id)
# | ^~~~~~~~~~~~~~~~~
# 407| }
# 408|
# 409|-> static int dsa_paramgen_test(int id)
# 410| {
# 411| int ret = 0, counter = 0;
Error: COMPILER_WARNING (CWE-1164): [#def951]
openssl-3.2.2-build/openssl-3.2.2/test/acvp_test.c:520:12: warning[-Wunused-function]: 'dsa_pqver_test' defined but not used
# 520 | static int dsa_pqver_test(int id)
# | ^~~~~~~~~~~~~~
# 518| }
# 519|
# 520|-> static int dsa_pqver_test(int id)
# 521| {
# 522| int ret = 0;
Error: COMPILER_WARNING (CWE-1164): [#def952]
openssl-3.2.2-build/openssl-3.2.2/test/acvp_test.c:589:12: warning[-Wunused-function]: 'dsa_siggen_test' defined but not used
# 589 | static int dsa_siggen_test(int id)
# | ^~~~~~~~~~~~~~~
# 587| }
# 588|
# 589|-> static int dsa_siggen_test(int id)
# 590| {
# 591| int ret = 0;
Error: COMPILER_WARNING (CWE-1164): [#def953]
openssl-3.2.2-build/openssl-3.2.2/test/acvp_test.c:615:12: warning[-Wunused-function]: 'dsa_sigver_test' defined but not used
# 615 | static int dsa_sigver_test(int id)
# | ^~~~~~~~~~~~~~~
# 613| }
# 614|
# 615|-> static int dsa_sigver_test(int id)
# 616| {
# 617| int ret = 0;
Error: CPPCHECK_WARNING: [#def954]
openssl-3.2.2-build/openssl-3.2.2/test/algorithmid_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def955]
openssl-3.2.2-build/openssl-3.2.2/test/asn1_encode_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def956]
openssl-3.2.2-build/openssl-3.2.2/test/asn1_time_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def957]
openssl-3.2.2-build/openssl-3.2.2/test/asynciotest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def958]
openssl-3.2.2-build/openssl-3.2.2/test/asynciotest.c:342:14: warning[deadcode.DeadStores]: Value stored to 'ret' is never read
# 340| * (the first one might be a retryable fail).
# 341| */
# 342|-> for (ret = -1, i = 0, len = 0; len != sizeof(testdata) && i < 2;
# 343| i++) {
# 344| ret = SSL_write(clientssl, testdata + len,
Error: CLANG_WARNING: [#def959]
openssl-3.2.2-build/openssl-3.2.2/test/asynciotest.c:364:14: warning[deadcode.DeadStores]: Value stored to 'ret' is never read
# 362| * bytes from the record header/padding etc.
# 363| */
# 364|-> for (ret = -1, i = 0, len = 0; len != sizeof(testdata) &&
# 365| i < MAX_ATTEMPTS; i++) {
# 366| ret = SSL_read(serverssl, buf + len, sizeof(buf) - len);
Error: CPPCHECK_WARNING: [#def960]
openssl-3.2.2-build/openssl-3.2.2/test/asynctest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def961]
openssl-3.2.2-build/openssl-3.2.2/test/bad_dtls_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def962]
openssl-3.2.2-build/openssl-3.2.2/test/bftest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def963]
openssl-3.2.2-build/openssl-3.2.2/test/bio_addr_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def964]
openssl-3.2.2-build/openssl-3.2.2/test/bioprinttest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def965]
openssl-3.2.2-build/openssl-3.2.2/test/ca_internals_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-476): [#def966]
openssl-3.2.2-build/openssl-3.2.2/test/cert_comp_test.c:215: warning[nullPointer]: Possible null pointer dereference: sc
# 213|
# 214| /* expect that the pre-compressed cert won't be used */
# 215|-> if (!TEST_int_eq(sc->cert->key->cert_comp_used, 0))
# 216| goto end;
# 217|
Error: CPPCHECK_WARNING (CWE-476): [#def967]
openssl-3.2.2-build/openssl-3.2.2/test/cert_comp_test.c:223: warning[nullPointer]: Possible null pointer dereference: sc
# 221| SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(serverssl);
# 222|
# 223|-> if (!TEST_int_gt(sc->cert->key->cert_comp_used, 0))
# 224| goto end;
# 225|
Error: GCC_ANALYZER_WARNING (CWE-476): [#def968]
openssl-3.2.2-build/openssl-3.2.2/test/cert_comp_test.c:21: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/cert_comp_test.c: scope_hint: In function 'test_ssl_cert_comp'
openssl-3.2.2-build/openssl-3.2.2/test/cert_comp_test.c:223:28: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:436:71: note: in definition of macro 'TEST_int_gt'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/cert_comp_test.c:196:20: note: in expansion of macro 'SSL_set_app_data'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/cert_comp_test.c:198:20: note: in expansion of macro 'SSL_set_app_data'
openssl-3.2.2-build/openssl-3.2.2/test/cert_comp_test.c:22: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1831:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/test/cert_comp_test.c:221:30: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1831:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/test/cert_comp_test.c:221:30: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:436:71: note: in definition of macro 'TEST_int_gt'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:436:71: note: in definition of macro 'TEST_int_gt'
# 221| SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(serverssl);
# 222|
# 223|-> if (!TEST_int_gt(sc->cert->key->cert_comp_used, 0))
# 224| goto end;
# 225|
Error: COMPILER_WARNING (CWE-1164): [#def969]
openssl-3.2.2-build/openssl-3.2.2/test/cipherlist_test.c:197:12: warning[-Wunused-function]: 'test_default_cipherlist_implicit' defined but not used
# 197 | static int test_default_cipherlist_implicit(void)
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 195| EXECUTE_TEST(execute_test, tear_down)
# 196|
# 197|-> static int test_default_cipherlist_implicit(void)
# 198| {
# 199| SETUP_CIPHERLIST_TEST_FIXTURE();
Error: CPPCHECK_WARNING: [#def970]
openssl-3.2.2-build/openssl-3.2.2/test/cmp_client_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def971]
openssl-3.2.2-build/openssl-3.2.2/test/cmp_ctx_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def972]
openssl-3.2.2-build/openssl-3.2.2/test/cmp_hdr_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-476): [#def973]
openssl-3.2.2-build/openssl-3.2.2/test/cmp_vfy_test.c:340: warning[nullPointer]: Possible null pointer dereference: fixture
# 338| fixture = NULL;
# 339| }
# 340|-> fixture->cert = sk_X509_value(fixture->msg->extraCerts, 1); /* Insta CA */
# 341| EXECUTE_TEST(execute_validate_msg_test, tear_down);
# 342| return result;
Error: CLANG_WARNING: [#def974]
openssl-3.2.2-build/openssl-3.2.2/test/cmp_vfy_test.c:340:35: warning[core.NullDereference]: Access to field 'msg' results in a dereference of a null pointer (loaded from variable 'fixture')
# 338| fixture = NULL;
# 339| }
# 340|-> fixture->cert = sk_X509_value(fixture->msg->extraCerts, 1); /* Insta CA */
# 341| EXECUTE_TEST(execute_validate_msg_test, tear_down);
# 342| return result;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def975]
openssl-3.2.2-build/openssl-3.2.2/include/openssl/x509v3.h:25: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/openssl/crmf.h:28: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/openssl/cmp.h:23: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/helpers/cmp_testlib.h:15: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/cmp_vfy_test.c:12: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/cmp_vfy_test.c: scope_hint: In function 'test_validate_msg_signature_sender_cert_extracert'
openssl-3.2.2-build/openssl-3.2.2/test/cmp_vfy_test.c:340:42: warning[-Wanalyzer-null-dereference]: dereference of NULL 'fixture'
openssl-3.2.2-build/openssl-3.2.2/include/openssl/x509.h:80:88: note: in definition of macro 'sk_X509_value'
openssl-3.2.2-build/openssl-3.2.2/test/helpers/cmp_testlib.h:20: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:100:34: note: in definition of macro 'SETUP_TEST_FIXTURE'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/cmp_vfy_test.c:64:17: note: in expansion of macro 'OSSL_CMP_CTX_set0_trusted'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:100:34: note: in definition of macro 'SETUP_TEST_FIXTURE'
openssl-3.2.2-build/openssl-3.2.2/test/cmp_vfy_test.c:333:5: note: in expansion of macro 'SETUP_TEST_FIXTURE'
openssl-3.2.2-build/openssl-3.2.2/include/openssl/x509.h:80:88: note: in definition of macro 'sk_X509_value'
# 338| fixture = NULL;
# 339| }
# 340|-> fixture->cert = sk_X509_value(fixture->msg->extraCerts, 1); /* Insta CA */
# 341| EXECUTE_TEST(execute_validate_msg_test, tear_down);
# 342| return result;
Error: CPPCHECK_WARNING: [#def976]
openssl-3.2.2-build/openssl-3.2.2/test/danetest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def977]
openssl-3.2.2-build/openssl-3.2.2/test/destest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def978]
openssl-3.2.2-build/openssl-3.2.2/test/drbgtest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def979]
openssl-3.2.2-build/openssl-3.2.2/test/drbgtest.c:107:12: warning[-Wanalyzer-null-dereference]: dereference of NULL 'drbg'
openssl-3.2.2-build/openssl-3.2.2/test/drbgtest.c: scope_hint: In function 'inc_reseed_counter'
openssl-3.2.2-build/openssl-3.2.2/test/drbgtest.c:43: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/drbgtest.c:819:13: note: in expansion of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
# 105| static PROV_DRBG *prov_rand(EVP_RAND_CTX *drbg)
# 106| {
# 107|-> return (PROV_DRBG *)drbg->algctx;
# 108| }
# 109|
Error: COMPILER_WARNING (CWE-563): [#def980]
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c:170:19: warning[-Wunused-but-set-variable]: variable 'buf' set but not used
# 170 | unsigned char buf[100];
# | ^~~
# 168| const BIGNUM *scalars[4];
# 169| #endif
# 170|-> unsigned char buf[100];
# 171| size_t len, r = 0;
# 172| int k;
Error: COMPILER_WARNING (CWE-563): [#def981]
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c:171:12: warning[-Wunused-variable]: unused variable 'len'
# 171 | size_t len, r = 0;
# | ^~~
# 169| #endif
# 170| unsigned char buf[100];
# 171|-> size_t len, r = 0;
# 172| int k;
# 173|
Error: COMPILER_WARNING (CWE-563): [#def982]
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c: scope_hint: In function 'prime_field_tests'
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c:172:9: warning[-Wunused-variable]: unused variable 'k'
# 172 | int k;
# | ^
# 170| unsigned char buf[100];
# 171| size_t len, r = 0;
# 172|-> int k;
# 173|
# 174| if (!TEST_ptr(ctx = BN_CTX_new())
Error: COMPILER_WARNING (CWE-1164): [#def983]
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c: scope_hint: At top level
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c:2079:12: warning[-Wunused-function]: 'cofactor_range_test' defined but not used
# 2079 | static int cofactor_range_test(void)
# | ^~~~~~~~~~~~~~~~~~~
# 2077| * conform to that -- this is just robustness testing.
# 2078| */
# 2079|-> static int cofactor_range_test(void)
# 2080| {
# 2081| EC_GROUP *group = NULL;
Error: COMPILER_WARNING (CWE-563): [#def984]
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c:2345:18: warning[-Wunused-variable]: unused variable 'i_out'
# 2345 | int ret = 0, i_out;
# | ^~~~~
# 2343| unsigned char *gen, int gen_size)
# 2344| {
# 2345|-> int ret = 0, i_out;
# 2346| EVP_PKEY_CTX *pctx = NULL;
# 2347| EVP_PKEY *pkeyparam = NULL;
Error: COMPILER_WARNING (CWE-563): [#def985]
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c:2351:23: warning[-Wunused-variable]: unused variable 'gettable'
# 2351 | const OSSL_PARAM *gettable;
# | ^~~~~~~~
# 2349| const char *field_name;
# 2350| OSSL_PARAM *params = NULL;
# 2351|-> const OSSL_PARAM *gettable;
# 2352| BIGNUM *p, *a, *b;
# 2353| BIGNUM *p_out = NULL, *a_out = NULL, *b_out = NULL;
Error: COMPILER_WARNING (CWE-563): [#def986]
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c:2355:10: warning[-Wunused-variable]: unused variable 'name'
# 2355 | char name[80];
# | ^~~~
# 2353| BIGNUM *p_out = NULL, *a_out = NULL, *b_out = NULL;
# 2354| BIGNUM *order_out = NULL, *cofactor_out = NULL;
# 2355|-> char name[80];
# 2356| unsigned char buf[1024];
# 2357| size_t buf_len, name_len;
Error: COMPILER_WARNING (CWE-563): [#def987]
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c:2356:19: warning[-Wunused-variable]: unused variable 'buf'
# 2356 | unsigned char buf[1024];
# | ^~~
# 2354| BIGNUM *order_out = NULL, *cofactor_out = NULL;
# 2355| char name[80];
# 2356|-> unsigned char buf[1024];
# 2357| size_t buf_len, name_len;
# 2358| #ifndef OPENSSL_NO_EC2M
Error: COMPILER_WARNING (CWE-563): [#def988]
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c:2357:12: warning[-Wunused-variable]: unused variable 'buf_len'
# 2357 | size_t buf_len, name_len;
# | ^~~~~~~
# 2355| char name[80];
# 2356| unsigned char buf[1024];
# 2357|-> size_t buf_len, name_len;
# 2358| #ifndef OPENSSL_NO_EC2M
# 2359| unsigned int k1 = 0, k2 = 0, k3 = 0;
Error: COMPILER_WARNING (CWE-563): [#def989]
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c: scope_hint: In function 'do_test_custom_explicit_fromdata'
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c:2357:21: warning[-Wunused-variable]: unused variable 'name_len'
# 2357 | size_t buf_len, name_len;
# | ^~~~~~~~
# 2355| char name[80];
# 2356| unsigned char buf[1024];
# 2357|-> size_t buf_len, name_len;
# 2358| #ifndef OPENSSL_NO_EC2M
# 2359| unsigned int k1 = 0, k2 = 0, k3 = 0;
Error: COMPILER_WARNING (CWE-563): [#def990]
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c:2667:12: warning[-Wunused-variable]: unused variable 'sslen'
# 2667 | size_t sslen, t;
# | ^~~~~
# 2665| EVP_PKEY *pkey1 = NULL, *pkey2 = NULL;
# 2666| EVP_PKEY_CTX *pctx1 = NULL, *pctx2 = NULL;
# 2667|-> size_t sslen, t;
# 2668| unsigned char *pub1 = NULL , *pub2 = NULL;
# 2669| OSSL_PARAM_BLD *param_bld = NULL;
Error: COMPILER_WARNING (CWE-563): [#def991]
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c: scope_hint: In function 'custom_params_test'
openssl-3.2.2-build/openssl-3.2.2/test/ectest.c:2667:19: warning[-Wunused-variable]: unused variable 't'
# 2667 | size_t sslen, t;
# | ^
# 2665| EVP_PKEY *pkey1 = NULL, *pkey2 = NULL;
# 2666| EVP_PKEY_CTX *pctx1 = NULL, *pctx2 = NULL;
# 2667|-> size_t sslen, t;
# 2668| unsigned char *pub1 = NULL , *pub2 = NULL;
# 2669| OSSL_PARAM_BLD *param_bld = NULL;
Error: CPPCHECK_WARNING: [#def992]
openssl-3.2.2-build/openssl-3.2.2/test/endecode_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-688): [#def993]
openssl-3.2.2-build/openssl-3.2.2/test/endecode_test.c: scope_hint: In function 'check_protected_legacy_PEM'
openssl-3.2.2-build/openssl-3.2.2/test/endecode_test.c:776:24: warning[-Wanalyzer-null-argument]: use of NULL 'data' where non-null expected
openssl-3.2.2-build/openssl-3.2.2/test/endecode_test.c:34:63: note: in definition of macro 'TEST_FL_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/endecode_test.c:27: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/endecode_test.c:775:12: note: in expansion of macro 'TEST_FL_strn_eq'
openssl-3.2.2-build/openssl-3.2.2/test/endecode_test.c:34:63: note: in definition of macro 'TEST_FL_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/endecode_test.c:34:63: note: in definition of macro 'TEST_FL_ptr'
<built-in>: note: argument 1 of '__builtin_strstr' must be non-null
# 774| "-----BEGIN %s PRIVATE KEY-----", type), 0)
# 775| && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header))
# 776|-> && TEST_FL_ptr(strstr(data, "\nDEK-Info: "));
# 777| }
# 778|
Error: CLANG_WARNING: [#def994]
openssl-3.2.2-build/openssl-3.2.2/test/endecode_test.c:776:24: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 774| "-----BEGIN %s PRIVATE KEY-----", type), 0)
# 775| && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header))
# 776|-> && TEST_FL_ptr(strstr(data, "\nDEK-Info: "));
# 777| }
# 778|
Error: CPPCHECK_WARNING: [#def995]
openssl-3.2.2-build/openssl-3.2.2/test/endecoder_legacy_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def996]
openssl-3.2.2-build/openssl-3.2.2/test/endecoder_legacy_test.c:59: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/endecoder_legacy_test.c: scope_hint: In function 'test_key'
openssl-3.2.2-build/openssl-3.2.2/test/endecoder_legacy_test.c:519:24: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
# 517|
# 518| /* Set up the keys */
# 519|-> if (!TEST_ptr(pkey = key->key)
# 520| || !TEST_true(evp_pkey_copy_downgraded(&downgraded_pkey, pkey))
# 521| || !TEST_ptr(downgraded_pkey)
Error: CPPCHECK_WARNING: [#def997]
openssl-3.2.2-build/openssl-3.2.2/test/errtest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def998]
openssl-3.2.2-build/openssl-3.2.2/test/evp_extra_test.c:3371:9: warning[deadcode.DeadStores]: Value stored to 'keytype' is never read
# 3369| break;
# 3370| case 1:
# 3371|-> keytype = "SM2";
# 3372| expect_null = 1;
# 3373| #ifdef OPENSSL_NO_EC
Error: CLANG_WARNING: [#def999]
openssl-3.2.2-build/openssl-3.2.2/test/evp_extra_test.c:3372:9: warning[deadcode.DeadStores]: Value stored to 'expect_null' is never read
# 3370| case 1:
# 3371| keytype = "SM2";
# 3372|-> expect_null = 1;
# 3373| #ifdef OPENSSL_NO_EC
# 3374| TEST_info("EC disable, skipping SM2 check...");
Error: CPPCHECK_WARNING (CWE-416): [#def1000]
openssl-3.2.2-build/openssl-3.2.2/test/evp_extra_test2.c:465: error[deallocuse]: Dereferencing 'fp' after it is deallocated / released
# 463| || !TEST_ptr(key = EVP_PKEY_Q_keygen(mainctx, NULL, "EC", "P-256"))
# 464| || !TEST_true(i2d_PUBKEY_fp(fp, key))
# 465|-> || !TEST_int_eq(fclose(fp), 0))
# 466| goto err;
# 467| fp = NULL;
Error: GCC_ANALYZER_WARNING (CWE-910): [#def1001]
openssl-3.2.2-build/openssl-3.2.2/test/evp_extra_test2.c:479:5: warning[-Wanalyzer-double-fclose]: double 'fclose' of FILE 'fp'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/evp_extra_test2.c:465:13: note: in expansion of macro 'TEST_int_eq'
openssl-3.2.2-build/openssl-3.2.2/test/evp_extra_test2.c:465:13: note: in expansion of macro 'TEST_int_eq'
# 477| EVP_PKEY_free(outkey);
# 478| EVP_PKEY_free(key);
# 479|-> fclose(fp);
# 480| return ret;
# 481| }
Error: GCC_ANALYZER_WARNING (CWE-415): [#def1002]
openssl-3.2.2-build/openssl-3.2.2/test/evp_extra_test2.c:479:5: warning[-Wanalyzer-double-free]: double-'fclose' of 'fp'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/evp_extra_test2.c:465:13: note: in expansion of macro 'TEST_int_eq'
openssl-3.2.2-build/openssl-3.2.2/test/evp_extra_test2.c:465:13: note: in expansion of macro 'TEST_int_eq'
# 477| EVP_PKEY_free(outkey);
# 478| EVP_PKEY_free(key);
# 479|-> fclose(fp);
# 480| return ret;
# 481| }
Error: GCC_ANALYZER_WARNING (CWE-688): [#def1003]
openssl-3.2.2-build/openssl-3.2.2/test/evp_extra_test2.c: scope_hint: In function 'test_ec_d2i_i2d_pubkey'
openssl-3.2.2-build/openssl-3.2.2/test/evp_extra_test2.c:479:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'fp' where non-null expected
openssl-3.2.2-build/openssl-3.2.2/test/evp_extra_test2.c:28: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/include/openssl/evp.h:22: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/evp_extra_test2.c:20: included_from: Included from here.
/usr/include/stdio.h:184:12: note: argument 1 of 'fclose' must be non-null
# 477| EVP_PKEY_free(outkey);
# 478| EVP_PKEY_free(key);
# 479|-> fclose(fp);
# 480| return ret;
# 481| }
Error: GCC_ANALYZER_WARNING (CWE-121): [#def1004]
openssl-3.2.2-build/openssl-3.2.2/test/evp_fetch_prov_test.c: scope_hint: In function 'load_providers'
openssl-3.2.2-build/openssl-3.2.2/test/evp_fetch_prov_test.c:96:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
openssl-3.2.2-build/openssl-3.2.2/test/evp_fetch_prov_test.c:22: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/evp_fetch_prov_test.c:96:17: note: write of 8 bytes to beyond the end of 'prov'
openssl-3.2.2-build/openssl-3.2.2/test/evp_fetch_prov_test.c:96:17: note: valid subscripts for 'prov' are '[0]' to '[1]'
# +-------------------------------------------+
# |
# | [0] | [1] || |
# |~~~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~~~||~~~~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~~~|
# | |
# 94| for (i = 0; i < test_get_argument_count(); ++i) {
# 95| char *provname = test_get_argument(i);
# 96|-> prov[i] = OSSL_PROVIDER_load(ctx, provname);
# 97| if (!TEST_ptr(prov[i]))
# 98| goto err;
Error: CPPCHECK_WARNING: [#def1005]
openssl-3.2.2-build/openssl-3.2.2/test/evp_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1006]
openssl-3.2.2-build/openssl-3.2.2/test/evp_test.c: scope_hint: In function 'keypair_test_init'
openssl-3.2.2-build/openssl-3.2.2/test/evp_test.c:3144:12: warning[-Wanalyzer-null-dereference]: dereference of NULL 'pub'
openssl-3.2.2-build/openssl-3.2.2/test/evp_test.c:29: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
# 3142| goto end;
# 3143| }
# 3144|-> *pub++ = '\0';
# 3145|
# 3146| if (!TEST_true(find_key(&pk, priv, private_keys))) {
Error: CLANG_WARNING: [#def1007]
openssl-3.2.2-build/openssl-3.2.2/test/evp_test.c:3989:20: warning[core.CallAndMessage]: 5th function call argument is an uninitialized value
# 3987| }
# 3988| if (klist == &private_keys)
# 3989|-> pkey = EVP_PKEY_new_raw_private_key_ex(libctx, strnid, NULL, keybin,
# 3990| keylen);
# 3991| else
Error: CLANG_WARNING: [#def1008]
openssl-3.2.2-build/openssl-3.2.2/test/evp_test.c:3992:20: warning[core.CallAndMessage]: 5th function call argument is an uninitialized value
# 3990| keylen);
# 3991| else
# 3992|-> pkey = EVP_PKEY_new_raw_public_key_ex(libctx, strnid, NULL, keybin,
# 3993| keylen);
# 3994| if (pkey == NULL && !key_unsupported()) {
Error: CPPCHECK_WARNING: [#def1009]
openssl-3.2.2-build/openssl-3.2.2/test/fake_rsaprov.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1010]
openssl-3.2.2-build/openssl-3.2.2/test/fake_rsaprov.c:89:26: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/test/fake_rsaprov.c: scope_hint: In function 'fake_rsa_st_load'
openssl-3.2.2-build/openssl-3.2.2/test/fake_rsaprov.c:16: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/fake_rsaprov.c:631:14: note: in expansion of macro 'TEST_int_gt'
openssl-3.2.2-build/openssl-3.2.2/test/fake_rsaprov.c:631:14: note: in expansion of macro 'TEST_int_gt'
openssl-3.2.2-build/openssl-3.2.2/test/fake_rsaprov.c:631:14: note: in expansion of macro 'TEST_int_gt'
# 87|
# 88| /* key was imported */
# 89|-> fake_rsa_key->status = 1;
# 90|
# 91| return 1;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1011]
openssl-3.2.2-build/openssl-3.2.2/test/fake_rsaprov.c: scope_hint: In function 'fake_rsa_gen'
openssl-3.2.2-build/openssl-3.2.2/test/fake_rsaprov.c:261:21: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/test/fake_rsaprov.c:255:13: note: in expansion of macro 'TEST_mem_eq'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
# 259| return NULL;
# 260|
# 261|-> keydata->status = 2;
# 262| return keydata;
# 263| }
Error: CPPCHECK_WARNING: [#def1012]
openssl-3.2.2-build/openssl-3.2.2/test/filterprov.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1013]
openssl-3.2.2-build/openssl-3.2.2/test/helpers/cmp_testlib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1014]
openssl-3.2.2-build/openssl-3.2.2/test/helpers/handshake.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1015]
openssl-3.2.2-build/openssl-3.2.2/test/helpers/noisydgrambio.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-457): [#def1016]
openssl-3.2.2-build/openssl-3.2.2/test/helpers/noisydgrambio.c: scope_hint: In function 'noisy_dgram_recvmmsg'
openssl-3.2.2-build/openssl-3.2.2/test/helpers/noisydgrambio.c:266:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'flip_offset'
# 264| }
# 265|
# 266|-> flip_bits(thismsg->data, thismsg->data_len, flip, flip_offset);
# 267|
# 268| /*
Error: CLANG_WARNING: [#def1017]
openssl-3.2.2-build/openssl-3.2.2/test/helpers/noisydgrambio.c:266:9: warning[core.CallAndMessage]: 4th function call argument is an uninitialized value
# 264| }
# 265|
# 266|-> flip_bits(thismsg->data, thismsg->data_len, flip, flip_offset);
# 267|
# 268| /*
Error: CPPCHECK_WARNING: [#def1018]
openssl-3.2.2-build/openssl-3.2.2/test/helpers/pkcs12.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1019]
openssl-3.2.2-build/openssl-3.2.2/test/helpers/quictestlib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def1020]
openssl-3.2.2-build/openssl-3.2.2/test/helpers/quictestlib.c:250:9: warning[core.NullDereference]: Dereference of null pointer (loaded from variable 'fault')
# 248| (void)BIO_ctrl(sbio, BIO_CTRL_NOISE_BACK_OFF, 0, NULL);
# 249|
# 250|-> (*fault)->noiseargs.cbio = cbio;
# 251| (*fault)->noiseargs.sbio = sbio;
# 252| (*fault)->noiseargs.tracebio = tmpbio;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1021]
openssl-3.2.2-build/openssl-3.2.2/test/helpers/quictestlib.c: scope_hint: In function 'qtest_create_quic_objects'
openssl-3.2.2-build/openssl-3.2.2/test/helpers/quictestlib.c:250:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 'fault'
openssl-3.2.2-build/openssl-3.2.2/test/helpers/quictestlib.c:16: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/helpers/quictestlib.c:227:14: note: in expansion of macro 'TEST_ptr'
# 248| (void)BIO_ctrl(sbio, BIO_CTRL_NOISE_BACK_OFF, 0, NULL);
# 249|
# 250|-> (*fault)->noiseargs.cbio = cbio;
# 251| (*fault)->noiseargs.sbio = sbio;
# 252| (*fault)->noiseargs.tracebio = tmpbio;
Error: CPPCHECK_WARNING: [#def1022]
openssl-3.2.2-build/openssl-3.2.2/test/helpers/ssl_test_ctx.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1023]
openssl-3.2.2-build/openssl-3.2.2/test/helpers/ssltestlib.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def1024]
openssl-3.2.2-build/openssl-3.2.2/test/helpers/ssltestlib.c:647:9: warning[core.CallAndMessage]: 1st function call argument is an uninitialized value
# 645| err:
# 646| for (i = 0; i < (ctx->duprec > 0 ? 3 : 1); i++)
# 647|-> mempacket_free(allpkts[i]);
# 648| return -1;
# 649| }
Error: CPPCHECK_WARNING: [#def1025]
openssl-3.2.2-build/openssl-3.2.2/test/hpke_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1026]
openssl-3.2.2-build/openssl-3.2.2/test/http_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1027]
openssl-3.2.2-build/openssl-3.2.2/test/keymgmt_internal_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1028]
openssl-3.2.2-build/openssl-3.2.2/test/list_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1029]
openssl-3.2.2-build/openssl-3.2.2/test/modes_internal_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def1030]
openssl-3.2.2-build/openssl-3.2.2/test/modes_internal_test.c:177:5: warning[deadcode.DeadStores]: Value stored to 'len' is never read
# 175| memcpy(out + len, in + len + 16, tail);
# 176| memcpy(out + len + tail, in + len, 16);
# 177|-> len += 16 + tail;
# 178| tail = 16;
# 179|
Error: CPPCHECK_WARNING: [#def1031]
openssl-3.2.2-build/openssl-3.2.2/test/p_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1032]
openssl-3.2.2-build/openssl-3.2.2/test/packettest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1033]
openssl-3.2.2-build/openssl-3.2.2/test/pairwise_fail_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1034]
openssl-3.2.2-build/openssl-3.2.2/test/params_api_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1035]
openssl-3.2.2-build/openssl-3.2.2/test/params_conversion_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1036]
openssl-3.2.2-build/openssl-3.2.2/test/params_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1037]
openssl-3.2.2-build/openssl-3.2.2/test/params_test.c: scope_hint: In function 'cleanup_object'
openssl-3.2.2-build/openssl-3.2.2/test/params_test.c:92:5: warning[-Wanalyzer-null-dereference]: dereference of NULL 'vobj'
openssl-3.2.2-build/openssl-3.2.2/test/params_test.c:22: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
# 90| struct object_st *obj = vobj;
# 91|
# 92|-> BN_free(obj->p3);
# 93| obj->p3 = NULL;
# 94| OPENSSL_free(obj->p4);
Error: CLANG_WARNING: [#def1038]
openssl-3.2.2-build/openssl-3.2.2/test/params_test.c:338:13: warning[deadcode.DeadStores]: Although the value stored to 'l' is used in the enclosing expression, the value is never actually read from 'l'
# 336| app_p2 = app_p2_init;
# 337| if (!BN_hex2bn(&app_p3, app_p3_init)
# 338|-> || (l = BN_bn2nativepad(app_p3, bignumbin, sizeof(bignumbin))) < 0)
# 339| return 0;
# 340| strcpy(app_p4, app_p4_init);
Error: CPPCHECK_WARNING: [#def1039]
openssl-3.2.2-build/openssl-3.2.2/test/pkcs12_format_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1040]
openssl-3.2.2-build/openssl-3.2.2/test/poly1305_internal_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1041]
openssl-3.2.2-build/openssl-3.2.2/test/priority_queue_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1042]
openssl-3.2.2-build/openssl-3.2.2/test/prov_config_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def1043]
openssl-3.2.2-build/openssl-3.2.2/test/prov_config_test.c:89:32: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 87| return 0;
# 88|
# 89|-> full_path = OPENSSL_zalloc(strlen(module_path) + strlen(P_TEST_PATH) + 1);
# 90| if (!TEST_ptr(full_path))
# 91| return 0;
Error: CPPCHECK_WARNING: [#def1044]
openssl-3.2.2-build/openssl-3.2.2/test/quic_ackm_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def1045]
openssl-3.2.2-build/openssl-3.2.2/test/quic_ackm_test.c:546:26: warning[core.NullDereference]: Dereference of null pointer
# 544| case TX_ACK_TIME_OP_PKT:
# 545| for (i = 0; i < s->num_pn; ++i) {
# 546|-> tx = h.pkts[pkt_idx + i].pkt;
# 547|
# 548| tx->pkt_num = s->pn + i;
Error: CPPCHECK_WARNING: [#def1046]
openssl-3.2.2-build/openssl-3.2.2/test/quic_cc_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1047]
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def1048]
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:863:10: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 861| return NULL;
# 862|
# 863|-> if (!strcmp(stream_name, "DEFAULT"))
# 864| return NULL;
# 865|
Error: CLANG_WARNING: [#def1049]
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:916:10: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 914| STREAM_INFO *info;
# 915|
# 916|-> if (!strcmp(stream_name, "DEFAULT"))
# 917| return 0;
# 918|
Error: CLANG_WARNING: [#def1050]
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1013:15: warning[deadcode.DeadStores]: Value stored to 'op_start_time' during its initialization is never read
# 1011| int end_wait_warning = 0;
# 1012| #endif
# 1013|-> OSSL_TIME op_start_time = ossl_time_zero(), op_deadline = ossl_time_zero();
# 1014| struct helper_local hl_, *hl = &hl_;
# 1015| #define REPEAT_SLOTS 8
Error: GCC_ANALYZER_WARNING (CWE-124): [#def1051]
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c: scope_hint: In function 'run_script_worker'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1181:16: warning[-Wanalyzer-out-of-bounds]: stack-based buffer underwrite
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:17: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c: scope_hint: In function 'run_script_worker'
openssl-3.2.2-build/openssl-3.2.2/include/internal/quic_stream.h:15: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/internal/quic_tserver.h:15: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:14: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/internal/safe_math.h:432:5: note: in expansion of macro 'OSSL_SAFE_MATH_ADDU'
openssl-3.2.2-build/openssl-3.2.2/include/internal/time.h:53:1: note: in expansion of macro 'OSSL_SAFE_MATH_UNSIGNED'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c: scope_hint: In function 'run_script_worker'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1061:14: note: in expansion of macro 'TEST_int_le'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1061:14: note: in expansion of macro 'TEST_int_le'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c: scope_hint: In function 'run_script_worker'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1061:14: note: in expansion of macro 'TEST_int_le'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1181:16: note: valid subscripts for 'repeat_stack_done' are '[0]' to '[7]'
# +--------------------------------------+
# |
# | [0] | ... | [7] | | |
# |~~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~| |~~~~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~|
# | |
# 1179| goto out;
# 1180|
# 1181|-> if (++repeat_stack_done[repeat_stack_len - 1]
# 1182| == repeat_stack_limit[repeat_stack_len - 1]) {
# 1183| --repeat_stack_len;
Error: CLANG_WARNING: [#def1052]
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1181:17: warning[core.uninitialized.Assign]: The expression is an uninitialized value. The computed value will also be garbage
# 1179| goto out;
# 1180|
# 1181|-> if (++repeat_stack_done[repeat_stack_len - 1]
# 1182| == repeat_stack_limit[repeat_stack_len - 1]) {
# 1183| --repeat_stack_len;
Error: GCC_ANALYZER_WARNING (CWE-127): [#def1053]
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1181:36: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c: scope_hint: In function 'run_script_worker'
openssl-3.2.2-build/openssl-3.2.2/include/internal/safe_math.h:432:5: note: in expansion of macro 'OSSL_SAFE_MATH_ADDU'
openssl-3.2.2-build/openssl-3.2.2/include/internal/time.h:53:1: note: in expansion of macro 'OSSL_SAFE_MATH_UNSIGNED'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c: scope_hint: In function 'run_script_worker'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1061:14: note: in expansion of macro 'TEST_int_le'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1061:14: note: in expansion of macro 'TEST_int_le'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c: scope_hint: In function 'run_script_worker'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1061:14: note: in expansion of macro 'TEST_int_le'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1181:36: note: valid subscripts for 'repeat_stack_done' are '[0]' to '[7]'
# +--------------------------+
# ^
# +------------+------------+-------------+ +--------------------------+
# | [0] | ... | [7] | | |
# | |
# 1179| goto out;
# 1180|
# 1181|-> if (++repeat_stack_done[repeat_stack_len - 1]
# 1182| == repeat_stack_limit[repeat_stack_len - 1]) {
# 1183| --repeat_stack_len;
Error: GCC_ANALYZER_WARNING (CWE-127): [#def1054]
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1182:38: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c: scope_hint: In function 'run_script_worker'
openssl-3.2.2-build/openssl-3.2.2/include/internal/safe_math.h:432:5: note: in expansion of macro 'OSSL_SAFE_MATH_ADDU'
openssl-3.2.2-build/openssl-3.2.2/include/internal/time.h:53:1: note: in expansion of macro 'OSSL_SAFE_MATH_UNSIGNED'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c: scope_hint: In function 'run_script_worker'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1061:14: note: in expansion of macro 'TEST_int_le'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1061:14: note: in expansion of macro 'TEST_int_le'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c: scope_hint: In function 'run_script_worker'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1061:14: note: in expansion of macro 'TEST_int_le'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1182:38: note: valid subscripts for 'repeat_stack_limit' are '[0]' to '[7]'
# +--------------------------+
# ^
# +------------+------------+--------------+ +--------------------------+
# | [0] | ... | [7] | | |
# | |
# 1180|
# 1181| if (++repeat_stack_done[repeat_stack_len - 1]
# 1182|-> == repeat_stack_limit[repeat_stack_len - 1]) {
# 1183| --repeat_stack_len;
# 1184| } else {
Error: GCC_ANALYZER_WARNING (CWE-127): [#def1055]
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1185:24: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c: scope_hint: In function 'run_script_worker'
openssl-3.2.2-build/openssl-3.2.2/include/internal/safe_math.h:432:5: note: in expansion of macro 'OSSL_SAFE_MATH_ADDU'
openssl-3.2.2-build/openssl-3.2.2/include/internal/time.h:53:1: note: in expansion of macro 'OSSL_SAFE_MATH_UNSIGNED'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c: scope_hint: In function 'run_script_worker'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1061:14: note: in expansion of macro 'TEST_int_le'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1061:14: note: in expansion of macro 'TEST_int_le'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c: scope_hint: In function 'run_script_worker'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1061:14: note: in expansion of macro 'TEST_int_le'
openssl-3.2.2-build/openssl-3.2.2/test/quic_multistream_test.c:1185:24: note: valid subscripts for 'repeat_stack_idx' are '[0]' to '[7]'
# +--------------------------+
# ^
# +------------+------------+------------+ +--------------------------+
# | [0] | ... | [7] | | |
# | |
# 1183| --repeat_stack_len;
# 1184| } else {
# 1185|-> op_idx = repeat_stack_idx[repeat_stack_len - 1];
# 1186| no_advance = 1;
# 1187| continue;
Error: CPPCHECK_WARNING: [#def1056]
openssl-3.2.2-build/openssl-3.2.2/test/quic_record_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1057]
openssl-3.2.2-build/openssl-3.2.2/test/quic_stream_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1058]
openssl-3.2.2-build/openssl-3.2.2/test/quic_txp_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1059]
openssl-3.2.2-build/openssl-3.2.2/test/quic_wire_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1060]
openssl-3.2.2-build/openssl-3.2.2/test/quicapitest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1061]
openssl-3.2.2-build/openssl-3.2.2/test/safe_math_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-758): [#def1062]
openssl-3.2.2-build/openssl-3.2.2/test/safe_math_test.c:24: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 22|
# 23| /* Create the safe math instances we're interested in */
# 24|-> OSSL_SAFE_MATH_SIGNED(int, int)
# 25| OSSL_SAFE_MATH_UNSIGNED(uint, unsigned int)
# 26| OSSL_SAFE_MATH_UNSIGNED(size_t, size_t)
Error: CPPCHECK_WARNING: [#def1063]
openssl-3.2.2-build/openssl-3.2.2/test/shlibloadtest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1064]
openssl-3.2.2-build/openssl-3.2.2/test/siphash_internal_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1065]
openssl-3.2.2-build/openssl-3.2.2/test/ssl_handshake_rtt_test.c: scope_hint: In function 'test_handshake_rtt'
openssl-3.2.2-build/openssl-3.2.2/test/ssl_handshake_rtt_test.c:80:24: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/test/ssl_handshake_rtt_test.c:28: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/ssl_handshake_rtt_test.c:31: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1831:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/test/ssl_handshake_rtt_test.c:73:9: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL'
# 78| switch (tst) {
# 79| case 0:
# 80|-> st->hand_state = TLS_ST_CW_CLNT_HELLO;
# 81| ossl_statem_client_write_transition(s);
# 82| OSSL_sleep(1);
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1066]
openssl-3.2.2-build/openssl-3.2.2/test/ssl_handshake_rtt_test.c:87:24: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1831:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/test/ssl_handshake_rtt_test.c:73:9: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL'
# 85| break;
# 86| case 1:
# 87|-> st->hand_state = TLS_ST_SW_SRVR_DONE;
# 88| ossl_statem_server_write_transition(s);
# 89| OSSL_sleep(1);
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1067]
openssl-3.2.2-build/openssl-3.2.2/test/ssl_handshake_rtt_test.c:94:24: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1831:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/test/ssl_handshake_rtt_test.c:73:9: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL'
# 92| break;
# 93| case 2:
# 94|-> st->hand_state = TLS_ST_CW_CLNT_HELLO;
# 95| ossl_statem_client_write_transition(s);
# 96| OSSL_sleep(1);
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1068]
openssl-3.2.2-build/openssl-3.2.2/test/ssl_handshake_rtt_test.c:101:24: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1831:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/test/ssl_handshake_rtt_test.c:73:9: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL'
# 99| break;
# 100| case 3:
# 101|-> st->hand_state = TLS_ST_SW_SRVR_DONE;
# 102| ossl_statem_server_write_transition(s);
# 103| OSSL_sleep(1);
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1069]
openssl-3.2.2-build/openssl-3.2.2/test/ssl_handshake_rtt_test.c:108:24: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1831:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_int'
openssl-3.2.2-build/openssl-3.2.2/test/ssl_handshake_rtt_test.c:73:9: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL'
# 106| break;
# 107| case 4:
# 108|-> st->hand_state = TLS_ST_EARLY_DATA;
# 109| ossl_statem_client_write_transition(s);
# 110| OSSL_sleep(1);
Error: CPPCHECK_WARNING: [#def1070]
openssl-3.2.2-build/openssl-3.2.2/test/ssl_old_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def1071]
openssl-3.2.2-build/openssl-3.2.2/test/ssl_old_test.c:354:9: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 352|
# 353| if (client_proto != NULL &&
# 354|-> memcmp(client_proto, server_proto, client_proto_len) != 0) {
# 355| BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
# 356| goto err;
Error: CLANG_WARNING: [#def1072]
openssl-3.2.2-build/openssl-3.2.2/test/ssl_old_test.c:366:10: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 364| if (alpn_expected != NULL &&
# 365| (client_proto_len != strlen(alpn_expected) ||
# 366|-> memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
# 367| BIO_printf(bio_stdout,
# 368| "ALPN selected protocols not equal to expected protocol: %s\n",
Error: CPPCHECK_WARNING: [#def1073]
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-688): [#def1074]
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:268:29: warning[-Wanalyzer-null-argument]: use of NULL 'token' where non-null expected
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:525:67: note: in definition of macro 'TEST_false'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:254:18: note: in expansion of macro 'TEST_size_t_eq'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:525:67: note: in definition of macro 'TEST_false'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:525:67: note: in definition of macro 'TEST_false'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:525:67: note: in definition of macro 'TEST_false'
<built-in>: note: argument 1 of '__builtin_strlen' must be non-null
# 266| if (!TEST_size_t_ne(master_key_size, 0))
# 267| return 0;
# 268|-> if (!TEST_false(compare_hex_encoded_buffer(token, strlen(token),
# 269| actual_master_key,
# 270| master_key_size)))
Error: COMPILER_WARNING (CWE-563): [#def1075]
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c: scope_hint: In function 'test_client_cert_verify_cb'
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:576:25: warning[-Wunused-variable]: unused variable 'status'
# 576 | int testresult = 0, status;
# | ^~~~~~
# 574| SSL_CTX *cctx = NULL, *sctx = NULL;
# 575| SSL *clientssl = NULL, *serverssl = NULL;
# 576|-> int testresult = 0, status;
# 577|
# 578| if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1076]
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c: scope_hint: In function 'execute_cleanse_plaintext'
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:1778:15: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:1763:10: note: in expansion of macro 'TEST_int_eq'
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:1766:10: note: in expansion of macro 'TEST_mem_eq'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/ssl/ssl_local.h:1816:5: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_ONLY_int'
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:1774:30: note: in expansion of macro 'SSL_CONNECTION_FROM_SSL_ONLY'
# 1776| rr = serversc->rlayer.tlsrecs;
# 1777|
# 1778|-> zbuf = &rr->data[rr->off];
# 1779| if (!TEST_int_eq(rr->length, sizeof(cbuf)))
# 1780| goto end;
Error: CLANG_WARNING: [#def1077]
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:4972:13: warning[deadcode.DeadStores]: Value stored to 'kexch_name0' is never read
# 4970| case 13:
# 4971| max_version = TLS1_2_VERSION;
# 4972|-> kexch_name0 = "ffdhe2048";
# 4973| # endif
# 4974| /* Fall through */
Error: CPPCHECK_WARNING (CWE-476): [#def1078]
openssl-3.2.2-build/openssl-3.2.2/test/sslbuffertest.c:49: warning[nullPointer]: Possible null pointer dereference: sc
# 47| {
# 48| SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
# 49|-> OSSL_RECORD_LAYER *rrl = sc->rlayer.rrl;
# 50| OSSL_RECORD_LAYER *wrl = sc->rlayer.wrl;
# 51|
Error: CPPCHECK_WARNING (CWE-476): [#def1079]
openssl-3.2.2-build/openssl-3.2.2/test/sslbuffertest.c:50: warning[nullPointer]: Possible null pointer dereference: sc
# 48| SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
# 49| OSSL_RECORD_LAYER *rrl = sc->rlayer.rrl;
# 50|-> OSSL_RECORD_LAYER *wrl = sc->rlayer.wrl;
# 51|
# 52| if (isalloced)
Error: CLANG_WARNING: [#def1080]
openssl-3.2.2-build/openssl-3.2.2/test/sslbuffertest.c:104:14: warning[deadcode.DeadStores]: Value stored to 'ret' is never read
# 102| * (the first one might be a retryable fail).
# 103| */
# 104|-> for (ret = -1, i = 0, len = 0; len != sizeof(testdata) && i < 2;
# 105| i++) {
# 106| /* test == 0 mean to free/allocate = control */
Error: CLANG_WARNING: [#def1081]
openssl-3.2.2-build/openssl-3.2.2/test/sslbuffertest.c:142:14: warning[deadcode.DeadStores]: Value stored to 'ret' is never read
# 140| * bytes from the record header/padding etc.
# 141| */
# 142|-> for (ret = -1, i = 0, len = 0; len != sizeof(testdata) &&
# 143| i < MAX_ATTEMPTS; i++)
# 144| {
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1082]
openssl-3.2.2-build/openssl-3.2.2/test/params_test.c: scope_hint: In function 'test_case_variant'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:432:31: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
openssl-3.2.2-build/openssl-3.2.2/test/params_test.c:489:14: note: in expansion of macro 'TEST_int_eq'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:524:66: note: in definition of macro 'TEST_true'
openssl-3.2.2-build/openssl-3.2.2/test/params_test.c:489:14: note: in expansion of macro 'TEST_int_eq'
openssl-3.2.2-build/openssl-3.2.2/test/params_test.c:489:14: note: in expansion of macro 'TEST_int_eq'
# 430| * if (!TEST_ptr(ptr))
# 431| */
# 432|-> # define TEST_int_eq(a, b) test_int_eq(__FILE__, __LINE__, #a, #b, a, b)
# 433| # define TEST_int_ne(a, b) test_int_ne(__FILE__, __LINE__, #a, #b, a, b)
# 434| # define TEST_int_lt(a, b) test_int_lt(__FILE__, __LINE__, #a, #b, a, b)
Error: GCC_ANALYZER_WARNING (CWE-688): [#def1083]
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:39: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c: scope_hint: In function 'test_keylog_output'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:488:31: warning[-Wanalyzer-null-argument]: use of NULL 'token' where non-null expected
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:231:18: note: in expansion of macro 'TEST_size_t_eq'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:231:18: note: in expansion of macro 'TEST_size_t_eq'
openssl-3.2.2-build/openssl-3.2.2/test/sslapitest.c:231:18: note: in expansion of macro 'TEST_size_t_eq'
<built-in>: note: argument 1 of '__builtin_strlen' must be non-null
# 486| # define TEST_uint64_t_ge(a, b) test_uint64_t_ge(__FILE__, __LINE__, #a, #b, a, b)
# 487|
# 488|-> # define TEST_size_t_eq(a, b) test_size_t_eq(__FILE__, __LINE__, #a, #b, a, b)
# 489| # define TEST_size_t_ne(a, b) test_size_t_ne(__FILE__, __LINE__, #a, #b, a, b)
# 490| # define TEST_size_t_lt(a, b) test_size_t_lt(__FILE__, __LINE__, #a, #b, a, b)
Error: CPPCHECK_WARNING: [#def1084]
openssl-3.2.2-build/openssl-3.2.2/test/testutil/driver.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def1085]
openssl-3.2.2-build/openssl-3.2.2/test/testutil/driver.c:324:11: warning[core.uninitialized.Assign]: Assigned value is garbage or undefined
# 322|
# 323| for (ii = 0; ii != num_tests; ++ii) {
# 324|-> i = permute[ii];
# 325|
# 326| if (single_test != -1 && ((i+1) != single_test)) {
Error: CPPCHECK_WARNING: [#def1086]
openssl-3.2.2-build/openssl-3.2.2/test/testutil/format_output.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def1087]
openssl-3.2.2-build/openssl-3.2.2/test/testutil/format_output.c:229:24: warning[core.NullDereference]: Dereference of null pointer (loaded from variable 'q')
# 227| if ((in[bytes] & 0xf0) != 0 && BN_is_negative(bn)) {
# 228| *lz = 0;
# 229|-> *q = '-';
# 230| n++;
# 231| }
Error: CLANG_WARNING: [#def1088]
openssl-3.2.2-build/openssl-3.2.2/test/testutil/format_output.c:239:24: warning[core.NullDereference]: Dereference of null pointer (loaded from variable 'q')
# 237| * the number holds.
# 238| */
# 239|-> *q = '-';
# 240| n++;
# 241| }
Error: CLANG_WARNING: [#def1089]
openssl-3.2.2-build/openssl-3.2.2/test/testutil/format_output.c:323:9: warning[deadcode.DeadStores]: Value stored to 'i' is never read
# 321|
# 322| diff = real_diff = 0;
# 323|-> i = 0;
# 324| p = bdiff;
# 325| for (i=0; b1[i] != '\0'; i++)
Error: CPPCHECK_WARNING: [#def1090]
openssl-3.2.2-build/openssl-3.2.2/test/testutil/provider.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1091]
openssl-3.2.2-build/openssl-3.2.2/test/testutil/stanza.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1092]
openssl-3.2.2-build/openssl-3.2.2/test/testutil/stanza.c: scope_hint: In function 'test_readstanza'
openssl-3.2.2-build/openssl-3.2.2/test/testutil/stanza.c:98:12: warning[-Wanalyzer-null-dereference]: dereference of NULL 'p'
openssl-3.2.2-build/openssl-3.2.2/test/testutil/stanza.c:16: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
# 96| return 0;
# 97| }
# 98|-> *p = '\0';
# 99|
# 100| /* Blank line marks end of tests. */
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1093]
openssl-3.2.2-build/openssl-3.2.2/test/testutil/stanza.c:113:19: warning[-Wanalyzer-null-dereference]: dereference of NULL 'equals'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
# 111| return 0;
# 112| }
# 113|-> *equals++ = '\0';
# 114| if (!TEST_ptr(key = strip_spaces(s->buff))) {
# 115| TEST_info("Empty field at line %d\n", s->curr);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def1094]
openssl-3.2.2-build/openssl-3.2.2/test/testutil/stanza.c:121:13: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil.h:511:64: note: in definition of macro 'TEST_ptr'
openssl-3.2.2-build/openssl-3.2.2/test/testutil/stanza.c:12: included_from: Included from here.
/usr/include/string.h:156:12: note: argument 1 of 'strcmp' must be non-null
# 119| value = "";
# 120|
# 121|-> if (strcmp(key, "Title") == 0) {
# 122| TEST_info("Starting \"%s\" tests at line %d", value, s->curr);
# 123| continue;
Error: CPPCHECK_WARNING: [#def1095]
openssl-3.2.2-build/openssl-3.2.2/test/time_offset_test.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def1096]
openssl-3.2.2-build/openssl-3.2.2/test/timing_load_creds.c:136:5: warning[deadcode.DeadStores]: Value stored to 'ac' is never read
# 134| }
# 135| }
# 136|-> ac -= optind;
# 137| av += optind;
# 138|
Error: GCC_ANALYZER_WARNING (CWE-688): [#def1097]
openssl-3.2.2-build/openssl-3.2.2/test/timing_load_creds.c: scope_hint: In function 'main'
openssl-3.2.2-build/openssl-3.2.2/test/timing_load_creds.c:152:15: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'fopen(*av, "r")' where non-null expected
openssl-3.2.2-build/openssl-3.2.2/include/openssl/bio.h:30: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/openssl/pem.h:20: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/test/timing_load_creds.c:18: included_from: Included from here.
openssl-3.2.2-build/openssl-3.2.2/include/openssl/crypto.h:97:23: note: in definition of macro 'OPENSSL_malloc'
openssl-3.2.2-build/openssl-3.2.2/test/timing_load_creds.c:10: included_from: Included from here.
/usr/include/stdio.h:728:15: note: argument 4 of 'fread' must be non-null
# 150| }
# 151| fp = fopen(av[0], "r");
# 152|-> if ((long)fread(contents, 1, sb.st_size, fp) != sb.st_size) {
# 153| perror("fread");
# 154| exit(EXIT_FAILURE);
Error: GCC_ANALYZER_WARNING (CWE-775): [#def1098]
openssl-3.2.2-build/openssl-3.2.2/test/timing_load_creds.c:152:36: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(*av, "r")'
openssl-3.2.2-build/openssl-3.2.2/include/openssl/crypto.h:97:23: note: in definition of macro 'OPENSSL_malloc'
# 150| }
# 151| fp = fopen(av[0], "r");
# 152|-> if ((long)fread(contents, 1, sb.st_size, fp) != sb.st_size) {
# 153| perror("fread");
# 154| exit(EXIT_FAILURE);
Error: GCC_ANALYZER_WARNING (CWE-401): [#def1099]
openssl-3.2.2-build/openssl-3.2.2/test/timing_load_creds.c:152:36: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(*av, "r")'
openssl-3.2.2-build/openssl-3.2.2/include/openssl/crypto.h:97:23: note: in definition of macro 'OPENSSL_malloc'
# 150| }
# 151| fp = fopen(av[0], "r");
# 152|-> if ((long)fread(contents, 1, sb.st_size, fp) != sb.st_size) {
# 153| perror("fread");
# 154| exit(EXIT_FAILURE);
Error: CPPCHECK_WARNING: [#def1100]
openssl-3.2.2-build/openssl-3.2.2/test/tls-provider.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def1101]
openssl-3.2.2-build/openssl-3.2.2/test/tls-provider.c:2894: warning[uninitvar]: Uninitialized variable: digest
# 2892| }
# 2893|
# 2894|-> return xor_sig_sign(vpxor_sigctx, sig, siglen, sigsize, digest, (size_t)dlen);
# 2895|
# 2896| }
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1102]
openssl-3.2.2-build/openssl-3.2.2/test/tls-provider.c: scope_hint: In function 'tls_provider_init'
openssl-3.2.2-build/openssl-3.2.2/test/tls-provider.c:3259:10: warning[-Wanalyzer-jump-through-null]: jump through null pointer
# 3257| * key & cert generation...
# 3258| */
# 3259|-> if (!c_obj_create(handle, XORSIGALG_OID, XORSIGALG_NAME, XORSIGALG_NAME)) {
# 3260| ERR_raise(ERR_LIB_USER, XORPROV_R_OBJ_CREATE_ERR);
# 3261| goto err;
Error: CLANG_WARNING: [#def1103]
openssl-3.2.2-build/openssl-3.2.2/test/tls-provider.c:3259:10: warning[core.CallAndMessage]: Called function pointer is null (null dereference)
# 3257| * key & cert generation...
# 3258| */
# 3259|-> if (!c_obj_create(handle, XORSIGALG_OID, XORSIGALG_NAME, XORSIGALG_NAME)) {
# 3260| ERR_raise(ERR_LIB_USER, XORPROV_R_OBJ_CREATE_ERR);
# 3261| goto err;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1104]
openssl-3.2.2-build/openssl-3.2.2/test/tls-provider.c:3264:10: warning[-Wanalyzer-jump-through-null]: jump through null pointer
# 3262| }
# 3263|
# 3264|-> if (!c_obj_add_sigid(handle, XORSIGALG_OID, "", XORSIGALG_OID)) {
# 3265| ERR_raise(ERR_LIB_USER, XORPROV_R_OBJ_CREATE_ERR);
# 3266| goto err;
Error: CLANG_WARNING: [#def1105]
openssl-3.2.2-build/openssl-3.2.2/test/tls-provider.c:3264:10: warning[core.CallAndMessage]: Called function pointer is null (null dereference)
# 3262| }
# 3263|
# 3264|-> if (!c_obj_add_sigid(handle, XORSIGALG_OID, "", XORSIGALG_OID)) {
# 3265| ERR_raise(ERR_LIB_USER, XORPROV_R_OBJ_CREATE_ERR);
# 3266| goto err;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1106]
openssl-3.2.2-build/openssl-3.2.2/test/tls-provider.c:3268:10: warning[-Wanalyzer-jump-through-null]: jump through null pointer
# 3266| goto err;
# 3267| }
# 3268|-> if (!c_obj_create(handle, XORSIGALG_HASH_OID, XORSIGALG_HASH_NAME, NULL)) {
# 3269| ERR_raise(ERR_LIB_USER, XORPROV_R_OBJ_CREATE_ERR);
# 3270| goto err;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1107]
openssl-3.2.2-build/openssl-3.2.2/test/tls-provider.c:3273:10: warning[-Wanalyzer-jump-through-null]: jump through null pointer
# 3271| }
# 3272|
# 3273|-> if (!c_obj_add_sigid(handle, XORSIGALG_HASH_OID, XORSIGALG_HASH, XORSIGALG_HASH_OID)) {
# 3274| ERR_raise(ERR_LIB_USER, XORPROV_R_OBJ_CREATE_ERR);
# 3275| goto err;
Error: CPPCHECK_WARNING: [#def1108]
openssl-3.2.2-build/openssl-3.2.2/test/tls13ccstest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1109]
openssl-3.2.2-build/openssl-3.2.2/test/tls13encryptiontest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1110]
openssl-3.2.2-build/openssl-3.2.2/test/tls13secretstest.c: scope_hint: In function 'test_handshake_secrets'
openssl-3.2.2-build/openssl-3.2.2/test/tls13secretstest.c:297:16: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
# 295| goto err;
# 296|
# 297|-> s->session = SSL_SESSION_new();
# 298| if (!TEST_ptr(s->session))
# 299| goto err;
Error: CPPCHECK_WARNING: [#def1111]
openssl-3.2.2-build/openssl-3.2.2/test/v3ext.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1112]
openssl-3.2.2-build/openssl-3.2.2/test/v3nametest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def1113]
openssl-3.2.2-build/openssl-3.2.2/test/wpackettest.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-157.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | openssl-3.2.2-3.fc41 |
| store-results-to | /tmp/tmpuavh4xo8/openssl-3.2.2-3.fc41.tar.xz |
| time-created | 2024-07-03 17:00:57 |
| time-finished | 2024-07-03 17:36:15 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpuavh4xo8/openssl-3.2.2-3.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpuavh4xo8/openssl-3.2.2-3.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |