Fixed defects
List of Defects
Error: GCC_ANALYZER_WARNING (CWE-686): [#def1]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:112:13: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘int’ but received ‘const char *’ for variadic argument 1 of ‘ap’
# 110| }
# 111| if( c=='d' ){
# 112|-> int v = va_arg(ap, int);
# 113| if( v<0 ){
# 114| lemon_addtext(str, &nUsed, "-", 1, iWidth);
Error: GCC_ANALYZER_WARNING (CWE-686): [#def2]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:112:13: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘int’ but received ‘const char *’ for variadic argument 2 of ‘ap’
# 110| }
# 111| if( c=='d' ){
# 112|-> int v = va_arg(ap, int);
# 113| if( v<0 ){
# 114| lemon_addtext(str, &nUsed, "-", 1, iWidth);
Error: GCC_ANALYZER_WARNING (CWE-686): [#def3]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:131:11: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘int’ but received ‘const char *’ for variadic argument 1 of ‘ap’
# 129| }else if( c=='.' && memcmp(&zFormat[i], ".*s", 3)==0 ){
# 130| i += 2;
# 131|-> k = va_arg(ap, int);
# 132| z = va_arg(ap, const char*);
# 133| lemon_addtext(str, &nUsed, z, k, iWidth);
Error: GCC_ANALYZER_WARNING (CWE-686): [#def4]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:131:11: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘int’ but received ‘const char *’ for variadic argument 2 of ‘ap’
# 129| }else if( c=='.' && memcmp(&zFormat[i], ".*s", 3)==0 ){
# 130| i += 2;
# 131|-> k = va_arg(ap, int);
# 132| z = va_arg(ap, const char*);
# 133| lemon_addtext(str, &nUsed, z, k, iWidth);
Error: CLANG_WARNING: [#def5]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:713:9: warning[core.NullDereference]: Dereference of null pointer
# 711| end = makeItSafe ? p->mnLookahead : 0;
# 712| for(i=p->nAction-1; i>=end; i--){
# 713|-> if( p->aAction[i].lookahead==p->mnLookahead ){
# 714| /* All lookaheads and actions in the aLookahead[] transaction
# 715| ** must match against the candidate aAction[i] entry. */
Error: CLANG_WARNING: [#def6]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:749:11: warning[core.NullDereference]: Dereference of null pointer
# 747| i = makeItSafe ? p->mnLookahead : 0;
# 748| for(; i<p->nActionAlloc - p->mxLookahead; i++){
# 749|-> if( p->aAction[i].lookahead<0 ){
# 750| for(j=0; j<p->nLookahead; j++){
# 751| k = p->aLookahead[j].lookahead - p->mnLookahead + i;
Error: CLANG_WARNING: [#def7]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:775:19: warning[core.NullDereference]: Array access (via field 'aAction') results in a null pointer dereference
# 773| for(j=0; j<p->nLookahead; j++){
# 774| k = p->aLookahead[j].lookahead - p->mnLookahead + i;
# 775|-> p->aAction[k] = p->aLookahead[j];
# 776| if( k>=p->nAction ) p->nAction = k+1;
# 777| }
Error: CLANG_WARNING: [#def8]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:958:3: warning[unix.Malloc]: Potential memory leak
# 956| ** The returned pointer to the first state is not used. */
# 957| (void)getstate(lemp);
# 958|-> return;
# 959| }
# 960|
Error: GCC_ANALYZER_WARNING (CWE-476): [#def9]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c: scope_hint: In function ‘Configlist_add.part.0’
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:1358:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘calloc(1, 72)’
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c: scope_hint: In function ‘Configlist_add.part.0’
# 1356| if( cfp==0 ){
# 1357| cfp = newconfig();
# 1358|-> cfp->rp = rp;
# 1359| cfp->dot = dot;
# 1360| cfp->fws = SetNew();
Error: GCC_ANALYZER_WARNING (CWE-775): [#def10]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c: scope_hint: In function ‘ReportTable’
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:3233:11: warning[-Wanalyzer-file-leak]: leak of FILE ‘file_open(lemp, ".sql", "wb")’
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c: scope_hint: In function ‘ReportTable’
# 3231| FILE *fp;
# 3232|
# 3233|-> if( lemp->outname ) free(lemp->outname);
# 3234| lemp->outname = file_makename(lemp, suffix);
# 3235| fp = fopen(lemp->outname,mode);
Error: GCC_ANALYZER_WARNING (CWE-401): [#def11]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:3233:11: warning[-Wanalyzer-malloc-leak]: leak of ‘file_open(lemp, ".sql", "wb")’
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c: scope_hint: In function ‘ReportTable’
# 3231| FILE *fp;
# 3232|
# 3233|-> if( lemp->outname ) free(lemp->outname);
# 3234| lemp->outname = file_makename(lemp, suffix);
# 3235| fp = fopen(lemp->outname,mode);
Error: CLANG_WARNING: [#def12]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:3572:5: warning[unix.Malloc]: Potential leak of memory pointed to by 'pathbuf'
# 3570| }
# 3571| }
# 3572|-> free(pathbufptr);
# 3573| }
# 3574| return path;
Error: GCC_ANALYZER_WARNING (CWE-775): [#def13]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:3662:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘tplt_open(lemp)’
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c: scope_hint: In function ‘ReportTable’
# 3660|
# 3661| /* first, see if user specified a template filename on the command line. */
# 3662|-> if (user_templatename != 0) {
# 3663| if( access(user_templatename,004)==-1 ){
# 3664| fprintf(stderr,"Can't find the parser driver template file \"%s\".\n",
Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:3662:25: warning[-Wanalyzer-malloc-leak]: leak of ‘tplt_open(lemp)’
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c: scope_hint: In function ‘ReportTable’
# 3660|
# 3661| /* first, see if user specified a template filename on the command line. */
# 3662|-> if (user_templatename != 0) {
# 3663| if( access(user_templatename,004)==-1 ){
# 3664| fprintf(stderr,"Can't find the parser driver template file \"%s\".\n",
Error: CPPCHECK_WARNING (CWE-401): [#def15]
sqlite-3.45.1-build/sqlite-src-3450100/tool/lemon.c:3834: error[memleakOnRealloc]: Common realloc mistake: 'z' nulled but not freed upon failure
# 3832| if( (int) (n+sizeof(zInt)*2+used) >= alloced ){
# 3833| alloced = n + sizeof(zInt)*2 + used + 200;
# 3834|-> z = (char *) realloc(z, alloced);
# 3835| }
# 3836| if( z==0 ) return empty;
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| diffbase-analyzer-version-clang | 18.1.7 |
| diffbase-analyzer-version-cppcheck | 2.14.2 |
| diffbase-analyzer-version-gcc | 14.1.1 |
| diffbase-analyzer-version-gcc-analyzer | 14.1.1 |
| diffbase-analyzer-version-shellcheck | 0.10.0 |
| diffbase-enabled-plugins | clang, cppcheck, gcc, shellcheck |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-217.us-west-2.compute.internal |
| diffbase-mock-config | fedora-41-x86_64 |
| diffbase-project-name | sqlite-3.46.0-2.fc41 |
| diffbase-store-results-to | /tmp/tmptmuy_kgv/sqlite-3.46.0-2.fc41.tar.xz |
| diffbase-time-created | 2024-07-03 18:06:34 |
| diffbase-time-finished | 2024-07-03 18:14:41 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmptmuy_kgv/sqlite-3.46.0-2.fc41.tar.xz' '--gcc-analyze' '/tmp/tmptmuy_kgv/sqlite-3.46.0-2.fc41.src.rpm' |
| diffbase-tool-version | csmock-3.5.3-1.el9 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-217.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | sqlite-3.45.1-2.fc40 |
| store-results-to | /tmp/tmpvz6xrq74/sqlite-3.45.1-2.fc40.tar.xz |
| time-created | 2024-07-03 18:00:45 |
| time-finished | 2024-07-03 18:06:25 |
| title | Fixed defects |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpvz6xrq74/sqlite-3.45.1-2.fc40.tar.xz' '--gcc-analyze' '/tmp/tmpvz6xrq74/sqlite-3.45.1-2.fc40.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |