swtpm-0.9.0-1.fc41
List of Defects
Error: CPPCHECK_WARNING: [#def1]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/common.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def2]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/ctrlchannel.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-775): [#def3]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/daemonize.c: scope_hint: In function ‘daemonize_finish’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/daemonize.c:277:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(devnullfd, 1)’
# 275| }
# 276|
# 277|-> if (dup2(devnullfd, STDOUT_FILENO) == -1) {
# 278| fprintf(stderr, "Failed to redirect output stream to /dev/null: %s\n",
# 279| strerror(errno));
Error: GCC_ANALYZER_WARNING (CWE-775): [#def4]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/daemonize.c:283:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(devnullfd, 2)’
# 281| exit(1);
# 282| }
# 283|-> if (dup2(devnullfd, STDERR_FILENO) == -1) {
# 284| fprintf(stderr, "Failed to redirect error stream to /dev/null: %s\n",
# 285| strerror(errno));
Error: CPPCHECK_WARNING: [#def5]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-775): [#def6]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c: scope_hint: In function 'mainloop_ensure_locked_storage'
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c:95:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor
# 93|
# 94| /* if NVRAM hasn't been initialized yet locking may need to be retried */
# 95|-> res = SWTPM_NVRAM_Lock_Storage(mlp->locking_retries);
# 96| if (res == TPM_RETRY)
# 97| return true;
Error: GCC_ANALYZER_WARNING (CWE-775): [#def7]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c: scope_hint: In function 'mainLoop'
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c:233:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor
# 231| ready = poll(pollfds, 5, -1);
# 232| if (ready < 0 && errno == EINTR)
# 233|-> continue;
# 234|
# 235| if (ready < 0 ||
Error: GCC_ANALYZER_WARNING (CWE-775): [#def8]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c:238:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor
# 236| (pollfds[NOTIFY_FD].revents & POLLIN) != 0) {
# 237| SWTPM_IO_Disconnect(&connection_fd);
# 238|-> break;
# 239| }
# 240|
Error: GCC_ANALYZER_WARNING (CWE-775): [#def9]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c:259:30: warning[-Wanalyzer-fd-leak]: leak of file descriptor
# 257|
# 258| if (pollfds[CTRL_CLIENT_FD].revents & POLLIN) {
# 259|-> ctrlclntfd = ctrlchannel_process_fd(ctrlclntfd,
# 260| &mainloop_terminate,
# 261| &locality, &tpm_running,
Error: GCC_ANALYZER_WARNING (CWE-775): [#def10]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c:291:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor
# 289| /* Read the command. The number of bytes is determined by 'paramSize' in the stream */
# 290| if (rc == 0) {
# 291|-> rc = SWTPM_IO_Read(&connection_fd, command, &command_length,
# 292| max_command_length);
# 293| if (rc != 0) {
Error: CPPCHECK_WARNING: [#def11]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/swtpm.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def12]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/swtpm_aes.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def13]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/swtpm_chardev.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def14]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/swtpm_nvstore.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-457): [#def15]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/swtpm_nvstore.c: scope_hint: In function 'SWTPM_NVRAM_LoadData'
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/swtpm_nvstore.c:345:17: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'decrypt_length'
/usr/include/arpa/inet.h:22: included_from: Included from here.
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/swtpm_nvstore.c:62: included_from: Included from here.
# 343| *length, decrypt_length);
# 344| *data = decrypt_data;
# 345|-> *length = decrypt_length;
# 346| } else {
# 347| *data = NULL;
Error: CLANG_WARNING: [#def16]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/swtpm_nvstore.c:345:17: warning[core.uninitialized.Assign]: Assigned value is garbage or undefined
# 343| *length, decrypt_length);
# 344| *data = decrypt_data;
# 345|-> *length = decrypt_length;
# 346| } else {
# 347| *data = NULL;
Error: CLANG_WARNING: [#def17]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/swtpm_nvstore.c:1171:13: warning[unix.Malloc]: Potential memory leak
# 1169| if (!decrypt && SWTPM_NVRAM_Has_FileKey()) {
# 1170| td_len = 3;
# 1171|-> res = SWTPM_NVRAM_EncryptData(&filekey, &td[0], &td_len,
# 1172| TAG_ENCRYPTED_DATA, plain, plain_len,
# 1173| TAG_IVEC_ENCRYPTED_DATA);
Error: CLANG_WARNING: [#def18]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/swtpm_nvstore.c:1184:16: warning[unix.Malloc]: Potential leak of memory pointed to by 'plain'
# 1182| td[0] = TLV_DATA(TAG_DATA, plain_len, plain);
# 1183| plain = NULL;
# 1184|-> td_len = 1;
# 1185| }
# 1186|
Error: CLANG_WARNING: [#def19]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/swtpm_nvstore.c:1202:13: warning[unix.Malloc]: Potential memory leak
# 1200|
# 1201| td_len = 3;
# 1202|-> res = SWTPM_NVRAM_EncryptData(&migrationkey, &td[0], &td_len,
# 1203| TAG_ENCRYPTED_MIGRATION_DATA,
# 1204| buffer, buffer_len,
Error: CPPCHECK_WARNING: [#def20]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/swtpm_nvstore_dir.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def21]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/swtpm_nvstore_linear.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def22]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/tlv.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def23]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/tpmlib.c:208:20: warning[unix.MallocSizeof]: Result of 'malloc' is converted to a pointer of type 'unsigned char', which is incompatible with sizeof operand type 'struct tpm_resp_header'
# 206| free(*rbuffer);
# 207|
# 208|-> *rbuffer = malloc(sizeof(errresp));
# 209| if (*rbuffer)
# 210| *rTotal = sizeof(errresp);
Error: CPPCHECK_WARNING: [#def24]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_bios/tpm_bios.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def25]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_cert/ek-cert.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def26]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_ioctl/tpm_ioctl.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def27]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: GCC_ANALYZER_WARNING (CWE-775): [#def28]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c: scope_hint: In function ‘main’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:743:19: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(gl_LOGFILE, "a")’
/usr/include/glib-2.0/glib/gstring.h:37: included_from: Included from here.
/usr/include/glib-2.0/glib/giochannel.h:36: included_from: Included from here.
/usr/include/glib-2.0/glib.h:56: included_from: Included from here.
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:25: included_from: Included from here.
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:660:16: note: in expansion of macro ‘g_strdup’
# 741| goto error;
# 742| }
# 743|-> tmpfile = fopen(gl_LOGFILE, "a"); // do not truncate
# 744| if (tmpfile == NULL) {
# 745| fprintf(stderr, "Cannot write to logfile %s.\n", gl_LOGFILE);
Error: GCC_ANALYZER_WARNING (CWE-401): [#def29]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:743:19: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(gl_LOGFILE, "a")’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:660:16: note: in expansion of macro ‘g_strdup’
# 741| goto error;
# 742| }
# 743|-> tmpfile = fopen(gl_LOGFILE, "a"); // do not truncate
# 744| if (tmpfile == NULL) {
# 745| fprintf(stderr, "Cannot write to logfile %s.\n", gl_LOGFILE);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def30]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:751:9: warning[-Wanalyzer-null-argument]: use of NULL ‘optsfile’ where non-null expected
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:660:16: note: in expansion of macro ‘g_strdup’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:20: included_from: Included from here.
/usr/include/unistd.h:287:12: note: argument 1 of ‘access’ must be non-null
# 749| }
# 750|
# 751|-> if (access(optsfile, R_OK) != 0) {
# 752| logerr(gl_LOGFILE, "Need read rights on options file %s for user %s.\n",
# 753| optsfile, curr_user ? curr_user->pw_name : "<unknown>");
Error: GCC_ANALYZER_WARNING (CWE-688): [#def31]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:757:9: warning[-Wanalyzer-null-argument]: use of NULL ‘configfile’ where non-null expected
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:661:18: note: in expansion of macro ‘g_strdup’
/usr/include/unistd.h:287:12: note: argument 1 of ‘access’ must be non-null
# 755| }
# 756|
# 757|-> if (access(configfile, R_OK) != 0) {
# 758| logerr(gl_LOGFILE, "Need read rights on config file %s for user %s.\n",
# 759| configfile, curr_user ? curr_user->pw_name : "<unknown>");
Error: CPPCHECK_WARNING: [#def32]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING (CWE-457): [#def33]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm.c:1081: error[uninitvar]: Uninitialized variable: authpolicy
# 1079|
# 1080| return swtpm_tpm2_createprimary_ecc(self, TPM2_RH_OWNER, keyflags, symkeydata, symkeydata_len,
# 1081|-> authpolicy, authpolicy_len, schemedata, schemedata_len,
# 1082| TPM2_ECC_NIST_P384, TPM2_ALG_SHA384,
# 1083| NONCE_ECC_384, sizeof(NONCE_ECC_384), off, curr_handle,
Error: CLANG_WARNING: [#def34]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm.c:1692:9: warning[unix.Malloc]: Potential leak of memory pointed to by 'enc_owner_auth'
# 1690| if (exp == NULL || mod == NULL ||
# 1691| BN_hex2bn(&exp, "10001") == 0) {
# 1692|-> logerr(self->logfile, "Could not create public RSA key!\n");
# 1693| goto error_free_bn;
# 1694| }
Error: CLANG_WARNING: [#def35]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm.c:1692:9: warning[unix.Malloc]: Potential leak of memory pointed to by 'enc_srk_auth'
# 1690| if (exp == NULL || mod == NULL ||
# 1691| BN_hex2bn(&exp, "10001") == 0) {
# 1692|-> logerr(self->logfile, "Could not create public RSA key!\n");
# 1693| goto error_free_bn;
# 1694| }
Error: CPPCHECK_WARNING: [#def36]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_backend_dir.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CPPCHECK_WARNING: [#def37]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.
Error: CLANG_WARNING: [#def38]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:263:21: warning[unix.Malloc]: Potential leak of memory pointed to by 'prgname'
# 261| &standard_output, &standard_error, &exit_status, &error);
# 262| if (!success) {
# 263|-> logerr(gl_LOGFILE, "An error occurred running %s: %s\n",
# 264| create_certs_tool, error->message);
# 265| g_error_free(error);
Error: CLANG_WARNING: [#def39]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:438:23: warning[core.CallAndMessage]: 8th function call argument is an uninitialized value
# 436| key_type = flags_to_certfiles[idx].flag & SETUP_EK_CERT_F ? "ek" : "";
# 437|
# 438|-> ret = tpm2_persist_certificate(flags, certsdir, &flags_to_certfiles[idx],
# 439| rsa_keysize, swtpm2, user_certsdir,
# 440| key_type, key_description);
Error: CLANG_WARNING: [#def40]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:1455:9: warning[unix.Malloc]: Potential leak of memory pointed to by 'rsa_keysize_str'
# 1453|
# 1454| if (swtpm_prg == NULL) {
# 1455|-> logerr(gl_LOGFILE,
# 1456| "Default TPM 'swtpm' could not be found and was not provided using --tpm.\n");
# 1457| goto error;
Error: GCC_ANALYZER_WARNING (CWE-775): [#def41]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c: scope_hint: In function ‘main’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:1504:19: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(gl_LOGFILE, "a")’
/usr/include/glib-2.0/glib/gstring.h:37: included_from: Included from here.
/usr/include/glib-2.0/glib/giochannel.h:36: included_from: Included from here.
/usr/include/glib-2.0/glib.h:56: included_from: Included from here.
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:26: included_from: Included from here.
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:1493:21: note: in expansion of macro ‘g_strdup’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c: scope_hint: In function ‘main’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:1495:19: note: in expansion of macro ‘g_strdup’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c: scope_hint: In function ‘main’
# 1502| goto error;
# 1503| }
# 1504|-> tmpfile = fopen(gl_LOGFILE, "a");
# 1505| if (tmpfile == NULL) {
# 1506| fprintf(stderr, "Cannot write to logfile %s.\n", gl_LOGFILE);
Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:1504:19: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(gl_LOGFILE, "a")’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:1493:21: note: in expansion of macro ‘g_strdup’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c: scope_hint: In function ‘main’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:1495:19: note: in expansion of macro ‘g_strdup’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c: scope_hint: In function ‘main’
# 1502| goto error;
# 1503| }
# 1504|-> tmpfile = fopen(gl_LOGFILE, "a");
# 1505| if (tmpfile == NULL) {
# 1506| fprintf(stderr, "Cannot write to logfile %s.\n", gl_LOGFILE);
Error: CLANG_WARNING: [#def43]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup_utils.c:111:23: warning[unix.Malloc]: Potential leak of memory pointed to by 'configfiles'
# 109| if (!overwrite && g_file_test(configfiles[i], G_FILE_TEST_EXISTS)) {
# 110| if (skip_if_exist) {
# 111|-> ret = 0;
# 112| } else {
# 113| fprintf(stderr, "File %s already exists. Refusing to overwrite.\n",
Error: CLANG_WARNING: [#def44]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup_utils.c:162:9: warning[unix.Malloc]: Potential leak of memory pointed to by 'filedata'
# 160| /* swtpm-localca.options */
# 161| if (uname(&utsname) < 0) {
# 162|-> fprintf(stderr, "uname failed: %s\n", strerror(errno));
# 163| goto error;
# 164| }
Scan Properties
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-7.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | swtpm-0.9.0-1.fc41 |
| store-results-to | /tmp/tmpd5egy8vm/swtpm-0.9.0-1.fc41.tar.xz |
| time-created | 2024-07-03 18:10:17 |
| time-finished | 2024-07-03 18:11:59 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpd5egy8vm/swtpm-0.9.0-1.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpd5egy8vm/swtpm-0.9.0-1.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |