Newly introduced defects

List of Defects

Error: GCC_ANALYZER_WARNING (CWE-476): [#def1]
rpm-4.19.92-build/rpm-4.19.92/build/rpmfc.c: scope_hint: In function ‘initAttrs’
rpm-4.19.92-build/rpm-4.19.92/build/rpmfc.c:1226:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 1224|   
# 1225|       for (int i = 0; i < nattrs; i++) {
# 1226|-> 	fc->atypes[i] = rpmfcAttrNew(all_attrs[i]);
# 1227|       }
# 1228|       fc->atypes[nattrs] = NULL;

Error: CLANG_WARNING: [#def2]
rpm-4.19.92-build/rpm-4.19.92/build/rpmfc.c:1226:31: warning[core.NullDereference]: Array access (from variable 'all_attrs') results in a null pointer dereference
# 1224|   
# 1225|       for (int i = 0; i < nattrs; i++) {
# 1226|-> 	fc->atypes[i] = rpmfcAttrNew(all_attrs[i]);
# 1227|       }
# 1228|       fc->atypes[nattrs] = NULL;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def3]
rpm-4.19.92-build/rpm-4.19.92/lib/formats.c: scope_hint: In function ‘jsonEscape’
rpm-4.19.92-build/rpm-4.19.92/lib/formats.c:344:29: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘c’
#  342|       char *es = NULL;
#  343|       rstrcat(&es, "\"");
#  344|->     for (const char *c = s; *c != '\0'; c++) {
#  345|   	const char *ec = NULL;
#  346|   	switch (*c) {

Error: CLANG_WARNING: [#def4]
rpm-4.19.92-build/rpm-4.19.92/lib/headerfmt.c:451:19: warning[core.NullDereference]: Access to field 'type' results in a dereference of a null pointer (loaded from variable 'token')
#  449|   		if (token == NULL || token->type != PTOK_STRING) {
#  450|   		    token = format + numTokens++;
#  451|-> 		    token->type = PTOK_STRING;
#  452|   		    dst = token->u.string.string = start;
#  453|   		}

Error: CLANG_WARNING: [#def5]
rpm-4.19.92-build/rpm-4.19.92/lib/headerfmt.c:590:15: warning[core.NullDereference]: Access to field 'type' results in a dereference of a null pointer (loaded from variable 'token')
#  588|   	    if (token == NULL || token->type != PTOK_STRING) {
#  589|   		token = format + numTokens++;
#  590|-> 		token->type = PTOK_STRING;
#  591|   		dst = token->u.string.string = start;
#  592|   	    }

Error: CPPCHECK_WARNING: [#def6]
rpm-4.19.92-build/rpm-4.19.92/python/header-py.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def7]
rpm-4.19.92-build/rpm-4.19.92/python/rpmfd-py.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def8]
rpm-4.19.92-build/rpm-4.19.92/python/rpmfiles-py.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def9]
rpm-4.19.92-build/rpm-4.19.92/python/rpmtd-py.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def10]
rpm-4.19.92-build/rpm-4.19.92/python/rpmts-py.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def11]
rpm-4.19.92-build/rpm-4.19.92/rpmio/url.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: GCC_ANALYZER_WARNING (CWE-688): [#def12]
rpm-4.19.92-build/rpm-4.19.92/tools/rpmbuild.c: scope_hint: In function ‘buildForTarget’
rpm-4.19.92-build/rpm-4.19.92/tools/rpmbuild.c:539:16: warning[-Wanalyzer-null-argument]: use of NULL ‘specFile’ where non-null expected
/usr/include/bits/sigstksz.h:24: included_from: Included from here.
/usr/include/signal.h:328: included_from: Included from here.
/usr/include/sys/param.h:28: included_from: Included from here.
rpm-4.19.92-build/rpm-4.19.92/misc/system.h:15: included_from: Included from here.
rpm-4.19.92-build/rpm-4.19.92/tools/rpmbuild.c:1: included_from: Included from here.
/usr/include/unistd.h:858:12: note: argument 1 of ‘unlink’ must be non-null
#  537|   exit:
#  538|       if (buildMode == 't')
#  539|-> 	(void) unlink(specFile);
#  540|       free(specFile);
#  541|       rpmSpecFree(spec);

Error: GCC_ANALYZER_WARNING (CWE-457): [#def13]
/usr/include/arpa/inet.h:22: included_from: Included from here.
rpm-4.19.92-build/rpm-4.19.92/tools/rpmdump.c:9: included_from: Included from here.
rpm-4.19.92-build/rpm-4.19.92/tools/rpmdump.c: scope_hint: In function ‘dumptag’
rpm-4.19.92-build/rpm-4.19.92/tools/rpmdump.c:103:47: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*entry.offset’
#  101|       printf("%stype:   %4d (%s)\n", pfx, htonl(entry->type),
#  102|   		tagTypeNames[htonl(entry->type)]);
#  103|->     printf("%soffset: %4d\n", pfx, htonl(entry->offset));
#  104|       printf("%scount:  %4d\n", pfx, htonl(entry->count));
#  105|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def14]
rpm-4.19.92-build/rpm-4.19.92/tools/rpmdump.c: scope_hint: In function ‘readhdr’
rpm-4.19.92-build/rpm-4.19.92/tools/rpmdump.c:132:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘blob’
#  130|   
#  131|       blob = (uint32_t *)malloc(sizeof(numEntries) + sizeof(numBytes) + headerLen);
#  132|->     blob[0] = htonl(numEntries);
#  133|       blob[1] = htonl(numBytes);
#  134|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def15]
rpm-4.19.92-build/rpm-4.19.92/tools/rpmdump.c:169:48: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*(struct entryInfo *)((char *)blob + 8).offset’
#  167|       if (tag == 62 || tag == 63) {
#  168|   	/* The trailer isn't guaranteed to be aligned, copy required */
#  169|-> 	memcpy(trailer, dataStart + htonl(entry->offset), sizeof(*trailer));
#  170|   	toffset = -htonl(trailer->offset);
#  171|   	regionEnd = dataStart + toffset + 16;

Scan Properties