podman-5.0.3-1.fc41
List of Defects
Error: CPPCHECK_WARNING: [#def1]
podman-5.0.3-build/podman-5.0.3/libpod/lock/shm/shm_lock.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def2]
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-1341): [#def3]
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c:4: included_from: Included from here.
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c: scope_hint: In function ‘cleanup_closep.part.0’
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c:51:25: warning[-Wanalyzer-fd-double-close]: double ‘close’ of file descriptor ‘*(void *)p’
# 49| int *pp = p;
# 50| if (*pp >= 0)
# 51|-> TEMP_FAILURE_RETRY (close (*pp));
# 52| }
# 53|
Error: GCC_ANALYZER_WARNING (CWE-1341): [#def4]
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c:51:25: warning[-Wanalyzer-fd-double-close]: double ‘close’ of file descriptor ‘fd’
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c: scope_hint: In function ‘cleanup_closep.part.0’
# 49| int *pp = p;
# 50| if (*pp >= 0)
# 51|-> TEMP_FAILURE_RETRY (close (*pp));
# 52| }
# 53|
Error: CLANG_WARNING: [#def5]
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c:212:3: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 210| }
# 211|
# 212|-> qsort (buffer, nfiles, NAME_MAX + 1, (int (*)(const void *, const void *)) strcmp);
# 213|
# 214| for (i = 0; i < nfiles; i++)
Error: GCC_ANALYZER_WARNING (CWE-775): [#def6]
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c: scope_hint: In function ‘get_cmd_line_args’
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c:308:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/proc/self/cmdline", 0)’
# 306| char **argv;
# 307|
# 308|-> fd = open ("/proc/self/cmdline", O_RDONLY);
# 309| if (fd < 0)
# 310| return NULL;
Error: CLANG_WARNING: [#def7]
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c:375:3: warning[deadcode.DeadStores]: Value stored to 'argv0' is never read
# 373| #endif
# 374|
# 375|-> argv0 = argv[0];
# 376|
# 377| if (strstr (argv[0], "podman") == NULL)
Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c: scope_hint: In function ‘init’
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c:453:7: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir("/proc/self/fd")’
# 451|
# 452| /* Store how many FDs were open before the Go runtime kicked in. */
# 453|-> d = opendir ("/proc/self/fd");
# 454| if (d)
# 455| {
Error: CLANG_WARNING: [#def9]
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c:821:3: warning[deadcode.DeadStores]: Value stored to 'argv0' is never read
# 819| }
# 820|
# 821|-> argv0 = argv[0];
# 822|
# 823| userns_fd = open_namespace (pid_to_join, "user");
Error: GCC_ANALYZER_WARNING (CWE-775): [#def10]
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c: scope_hint: In function ‘copy_file_to_fd’
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c:956:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(file_to_read, 0)’
# 954| cleanup_close int fd = -1;
# 955|
# 956|-> fd = open (file_to_read, O_RDONLY);
# 957| if (fd < 0)
# 958| {
Error: CLANG_WARNING: [#def11]
podman-5.0.3-build/podman-5.0.3/pkg/rootless/rootless_linux.c:1071:3: warning[deadcode.DeadStores]: Value stored to 'argv0' is never read
# 1069| }
# 1070|
# 1071|-> argv0 = argv[0];
# 1072|
# 1073| if (do_socket_activation)
Error: GCC_ANALYZER_WARNING (CWE-775): [#def12]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c: scope_hint: In function ‘parse_proc_stringlist’
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c:117:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(list, 0)’
# 115| new_size = used + BUFSTEP;
# 116| new_buf = realloc(buf, new_size);
# 117|-> if (new_buf == NULL) {
# 118| free(buf);
# 119| fprintf(stderr, "realloc(%ld): out of memory\n", (long)(size + BUFSTEP));
Error: GCC_ANALYZER_WARNING (CWE-775): [#def13]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c:124:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(list, 0)’
# 122| buf = new_buf;
# 123| size = new_size;
# 124|-> memset(buf + used, '\0', size - used);
# 125| n = read(fd, buf + used, size - used - 1);
# 126| if (n < 0) {
Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c: scope_hint: In function ‘containers_reexec’
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c:124:28: warning[-Wanalyzer-malloc-leak]: leak of ‘parse_proc_stringlist("/proc/self/cmdline")’
# 122| buf = new_buf;
# 123| size = new_size;
# 124|-> memset(buf + used, '\0', size - used);
# 125| n = read(fd, buf + used, size - used - 1);
# 126| if (n < 0) {
Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c:127:25: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
# 125| n = read(fd, buf + used, size - used - 1);
# 126| if (n < 0) {
# 127|-> fprintf(stderr, "read(): %m\n");
# 128| return NULL;
# 129| }
Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c: scope_hint: In function ‘parse_proc_stringlist’
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c:127:25: warning[-Wanalyzer-malloc-leak]: leak of ‘new_buf’
# 125| n = read(fd, buf + used, size - used - 1);
# 126| if (n < 0) {
# 127|-> fprintf(stderr, "read(): %m\n");
# 128| return NULL;
# 129| }
Error: GCC_ANALYZER_WARNING (CWE-401): [#def17]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c:153:16: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
# 151| }
# 152| }
# 153|-> ret[i] = NULL;
# 154| return ret;
# 155| }
Error: GCC_ANALYZER_WARNING (CWE-401): [#def18]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c:153:16: warning[-Wanalyzer-malloc-leak]: leak of ‘new_buf’
# 151| }
# 152| }
# 153|-> ret[i] = NULL;
# 154| return ret;
# 155| }
Error: CLANG_WARNING: [#def19]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c:235:12: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 233| return -1;
# 234| }
# 235|-> exename = basename(argv[0]);
# 236| mmfd = syscall(SYS_memfd_create, exename, (long) MFD_ALLOW_SEALING | MFD_CLOEXEC);
# 237| if (mmfd == -1) {
Error: GCC_ANALYZER_WARNING (CWE-688): [#def20]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c: scope_hint: In function ‘copy_self_proc_exe’
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c:235:19: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c:14: included_from: Included from here.
/usr/include/string.h:540:14: note: argument 1 of ‘basename’ must be non-null
# 233| return -1;
# 234| }
# 235|-> exename = basename(argv[0]);
# 236| mmfd = syscall(SYS_memfd_create, exename, (long) MFD_ALLOW_SEALING | MFD_CLOEXEC);
# 237| if (mmfd == -1) {
Error: GCC_ANALYZER_WARNING (CWE-401): [#def21]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c: scope_hint: In function ‘containers_reexec’
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c:290:12: warning[-Wanalyzer-malloc-leak]: leak of ‘parse_proc_stringlist("/proc/self/cmdline")’
# 288| return fd;
# 289|
# 290|-> if (fexecve(fd, argv, environ) == -1) {
# 291| close(fd);
# 292| fprintf(stderr, "Error during reexec(...): %m\n");
Error: CLANG_WARNING: [#def22]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/containers/storage/pkg/unshare/unshare.c:295:2: warning[unix.Malloc]: Potential leak of memory pointed to by 'argv'
# 293| return -1;
# 294| }
# 295|-> close(fd);
# 296| return 0;
# 297| }
Error: CPPCHECK_WARNING: [#def23]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: COMPILER_WARNING (CWE-1164): [#def24]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/mattn/go-sqlite3/sqlite3.go:85:1: warning[-Wunused-function]: ‘_sqlite3_exec’ defined but not used
# 85 | _sqlite3_exec(sqlite3* db, const char* pcmd, long long* rowid, long long* changes)
# | ^~~~~~~~~~~~~
# 83|
# 84| static int
# 85|-> _sqlite3_exec(sqlite3* db, const char* pcmd, long long* rowid, long long* changes)
# 86| {
# 87| int rv = sqlite3_exec(db, pcmd, 0, 0, 0);
Error: GCC_ANALYZER_WARNING (CWE-476): [#def25]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/miekg/pkcs11/pkcs11.go: scope_hint: In function 'New'
podman-5.0.3-build/podman-5.0.3/vendor/github.com/miekg/pkcs11/pkcs11.go:77:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'c'
# 75| CK_C_GetFunctionList list;
# 76| struct ctx *c = calloc(1, sizeof(struct ctx));
# 77|-> c->handle = dlopen(module, RTLD_LAZY);
# 78| if (c->handle == NULL) {
# 79| free(c);
Error: GCC_ANALYZER_WARNING (CWE-476): [#def26]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/miekg/pkcs11/pkcs11.go: scope_hint: In function ‘New’
podman-5.0.3-build/podman-5.0.3/vendor/github.com/miekg/pkcs11/pkcs11.go:77:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘c’
# 75| CK_C_GetFunctionList list;
# 76| struct ctx *c = calloc(1, sizeof(struct ctx));
# 77|-> c->handle = dlopen(module, RTLD_LAZY);
# 78| if (c->handle == NULL) {
# 79| free(c);
Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/miekg/pkcs11/pkcs11.go: scope_hint: In function ‘GetAttributeValue.part.0’
podman-5.0.3-build/podman-5.0.3/vendor/github.com/miekg/pkcs11/pkcs11.go:316:32: warning[-Wanalyzer-malloc-leak]: leak of ‘*((CK_ATTRIBUTE *)temp).pValue’
# 314| continue;
# 315| }
# 316|-> temp[i].pValue = calloc(temp[i].ulValueLen, sizeof(CK_BYTE));
# 317| }
# 318| return c->sym->C_GetAttributeValue(session, object, temp, templen);
Error: CPPCHECK_WARNING: [#def28]
podman-5.0.3-build/podman-5.0.3/vendor/github.com/opencontainers/runc/libcontainer/userns/userns_maps.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-33.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | podman-5.0.3-1.fc41 |
| store-results-to | /tmp/tmpsik_niam/podman-5.0.3-1.fc41.tar.xz |
| time-created | 2024-07-03 17:10:09 |
| time-finished | 2024-07-03 17:17:47 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpsik_niam/podman-5.0.3-1.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpsik_niam/podman-5.0.3-1.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |