Newly introduced defects

List of Defects

Error: GCC_ANALYZER_WARNING (CWE-126): [#def1]
bluez-5.75/emulator/bthost.c: scope_hint: In function ‘queue_command’
bluez-5.75/emulator/bthost.c:571:52: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
bluez-5.75/emulator/bthost.c:571:52: note: read of 8 bytes from after the end of ‘iov’
bluez-5.75/emulator/bthost.c:571:52: note: valid subscripts for ‘iov’ are ‘[0]’ to ‘[2]’
#                                              └──────────────────────────┘
#                                                           ^
#  569|   
#  570|   	for (i = 0; i < iovlen; i++) {
#  571|-> 		memcpy(cmd->data + cmd->len, iov[i].iov_base, iov[i].iov_len);
#  572|   		cmd->len += iov[i].iov_len;
#  573|   	}

Error: GCC_ANALYZER_WARNING (CWE-126): [#def2]
bluez-5.75/emulator/bthost.c:571:69: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
bluez-5.75/emulator/bthost.c:571:69: note: read of 8 bytes from after the end of ‘iov’
bluez-5.75/emulator/bthost.c:571:69: note: valid subscripts for ‘iov’ are ‘[0]’ to ‘[2]’
#                                              └──────────────────────────┘
#                                                           ^
#  569|   
#  570|   	for (i = 0; i < iovlen; i++) {
#  571|-> 		memcpy(cmd->data + cmd->len, iov[i].iov_base, iov[i].iov_len);
#  572|   		cmd->len += iov[i].iov_len;
#  573|   	}

Error: CLANG_WARNING: [#def3]
bluez-5.75/profiles/audio/media.c:1046:7: warning[unix.Malloc]: Use of memory after it is freed
# 1044|   		struct pac_select_data *data;
# 1045|   
# 1046|-> 		if (req->cb != pac_select_cb) {
# 1047|   			l = g_slist_next(l);
# 1048|   			continue;

Scan Properties

analyzer-version-clang	18.1.3
analyzer-version-cppcheck	2.13.0
analyzer-version-gcc	14.0.1
analyzer-version-gcc-analyzer	14.0.1
analyzer-version-shellcheck	0.10.0
diffbase-analyzer-version-clang	18.1.3
diffbase-analyzer-version-cppcheck	2.13.0
diffbase-analyzer-version-gcc	14.0.1
diffbase-analyzer-version-gcc-analyzer	14.0.1
diffbase-analyzer-version-shellcheck	0.10.0
diffbase-enabled-plugins	clang, cppcheck, gcc, shellcheck
diffbase-exit-code	0
diffbase-host	ip-172-16-1-187.us-west-2.compute.internal
diffbase-mock-config	fedora-41-x86_64
diffbase-project-name	bluez-5.73-3.fc40
diffbase-store-results-to	/tmp/tmpdgbvdw7a/bluez-5.73-3.fc40.tar.xz
diffbase-time-created	2024-04-22 10:43:57
diffbase-time-finished	2024-04-22 10:50:04
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpdgbvdw7a/bluez-5.73-3.fc40.tar.xz' '--gcc-analyze' '/tmp/tmpdgbvdw7a/bluez-5.73-3.fc40.src.rpm'
diffbase-tool-version	csmock-3.5.3-1.el9
enabled-plugins	clang, cppcheck, gcc, shellcheck
exit-code	0
host	ip-172-16-1-187.us-west-2.compute.internal
mock-config	fedora-41-x86_64
project-name	bluez-5.75-1.fc41
store-results-to	/tmp/tmpm8gqi9gz/bluez-5.75-1.fc41.tar.xz
time-created	2024-04-22 10:50:29
time-finished	2024-04-22 10:56:17
title	Newly introduced defects
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpm8gqi9gz/bluez-5.75-1.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpm8gqi9gz/bluez-5.75-1.fc41.src.rpm'
tool-version	csmock-3.5.3-1.el9