Error: GCC_ANALYZER_WARNING (CWE-121): [#def1] tcl-8.6.13-build/tcl8.6.13/generic/tclClock.c: scope_hint: In function ‘ConvertUTCToLocalUsingC’ tcl-8.6.13-build/tcl8.6.13/generic/tclClock.c:1108:5: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow tcl-8.6.13-build/tcl8.6.13/generic/tclClock.c:1108:5: note: write of 1 byte to beyond the end of ‘buffer’ tcl-8.6.13-build/tcl8.6.13/generic/tclClock.c:1108:5: note: valid subscripts for ‘buffer’ are ‘[0]’ to ‘[15]’ # 1106| *buffer = '+'; # 1107| } # 1108|-> sprintf(buffer+1, "%02d", diff / 3600); # 1109| diff %= 3600; # 1110| sprintf(buffer+3, "%02d", diff / 60); Error: GCC_ANALYZER_WARNING (CWE-121): [#def2] tcl-8.6.13-build/tcl8.6.13/generic/tclClock.c:1110:5: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow tcl-8.6.13-build/tcl8.6.13/generic/tclClock.c:1110:5: note: write of 3 bytes to beyond the end of ‘buffer’ tcl-8.6.13-build/tcl8.6.13/generic/tclClock.c:1110:5: note: valid subscripts for ‘buffer’ are ‘[0]’ to ‘[15]’ # 1108| sprintf(buffer+1, "%02d", diff / 3600); # 1109| diff %= 3600; # 1110|-> sprintf(buffer+3, "%02d", diff / 60); # 1111| diff %= 60; # 1112| if (diff > 0) { Error: GCC_ANALYZER_WARNING (CWE-121): [#def3] tcl-8.6.13-build/tcl8.6.13/generic/tclClock.c:1113:9: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow tcl-8.6.13-build/tcl8.6.13/generic/tclClock.c:1113:9: note: write of 5 bytes to beyond the end of ‘buffer’ tcl-8.6.13-build/tcl8.6.13/generic/tclClock.c:1113:9: note: valid subscripts for ‘buffer’ are ‘[0]’ to ‘[15]’ # 1111| diff %= 60; # 1112| if (diff > 0) { # 1113|-> sprintf(buffer+5, "%02d", diff); # 1114| } # 1115| fields->tzName = Tcl_NewStringObj(buffer, -1); Error: COMPILER_WARNING: [#def4] tcl-8.6.13-build/tcl8.6.13/generic/tclObj.c: scope_hint: In function ‘ParseBoolean’ tcl-8.6.13-build/tcl8.6.13/generic/tclObj.c:2056:23: warning[-Wstringop-overflow=]: writing 1 byte into a region of size 0 # 2056 | lowerCase[length] = 0; # | ~~~~~~~~~~~~~~~~~~^~~ tcl-8.6.13-build/tcl8.6.13/generic/tclObj.c:2009:10: note: at offset [-2147483648, -1] into destination object ‘lowerCase’ of size 6 # 2009 | char lowerCase[6]; # | ^~~~~~~~~ # 2054| } # 2055| } # 2056|-> lowerCase[length] = 0; # 2057| switch (lowerCase[0]) { # 2058| case 'y':
| analyzer-version-clang | 18.1.7 |
| analyzer-version-cppcheck | 2.14.2 |
| analyzer-version-gcc | 14.1.1 |
| analyzer-version-gcc-analyzer | 14.1.1 |
| analyzer-version-shellcheck | 0.10.0 |
| diffbase-analyzer-version-clang | 18.1.7 |
| diffbase-analyzer-version-cppcheck | 2.14.2 |
| diffbase-analyzer-version-gcc | 14.1.1 |
| diffbase-analyzer-version-gcc-analyzer | 14.1.1 |
| diffbase-analyzer-version-shellcheck | 0.10.0 |
| diffbase-enabled-plugins | clang, cppcheck, gcc, shellcheck |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-133.us-west-2.compute.internal |
| diffbase-mock-config | fedora-41-x86_64 |
| diffbase-project-name | tcl-8.6.14-1.fc41 |
| diffbase-store-results-to | /tmp/tmp26s9kkai/tcl-8.6.14-1.fc41.tar.xz |
| diffbase-time-created | 2024-07-03 18:08:12 |
| diffbase-time-finished | 2024-07-03 18:11:53 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmp26s9kkai/tcl-8.6.14-1.fc41.tar.xz' '--gcc-analyze' '/tmp/tmp26s9kkai/tcl-8.6.14-1.fc41.src.rpm' |
| diffbase-tool-version | csmock-3.5.3-1.el9 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-133.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | tcl-8.6.13-2.fc40 |
| store-results-to | /tmp/tmpl7l4nmba/tcl-8.6.13-2.fc40.tar.xz |
| time-created | 2024-07-03 18:03:45 |
| time-finished | 2024-07-03 18:07:49 |
| title | Fixed defects |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpl7l4nmba/tcl-8.6.13-2.fc40.tar.xz' '--gcc-analyze' '/tmp/tmpl7l4nmba/tcl-8.6.13-2.fc40.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |