Newly introduced defects

List of Defects

Error: GCC_ANALYZER_WARNING (CWE-126): [#def1]
bluez-5.75/emulator/bthost.c: scope_hint: In function ‘queue_command’
bluez-5.75/emulator/bthost.c:571:52: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
bluez-5.75/emulator/bthost.c:571:52: note: read of 8 bytes from after the end of ‘iov’
bluez-5.75/emulator/bthost.c:571:52: note: valid subscripts for ‘iov’ are ‘[0]’ to ‘[2]’
#                                              └──────────────────────────┘
#                                                           ^
#  569|   
#  570|   	for (i = 0; i < iovlen; i++) {
#  571|-> 		memcpy(cmd->data + cmd->len, iov[i].iov_base, iov[i].iov_len);
#  572|   		cmd->len += iov[i].iov_len;
#  573|   	}

Error: GCC_ANALYZER_WARNING (CWE-126): [#def2]
bluez-5.75/emulator/bthost.c:571:69: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
bluez-5.75/emulator/bthost.c:571:69: note: read of 8 bytes from after the end of ‘iov’
bluez-5.75/emulator/bthost.c:571:69: note: valid subscripts for ‘iov’ are ‘[0]’ to ‘[2]’
#                                              └──────────────────────────┘
#                                                           ^
#  569|   
#  570|   	for (i = 0; i < iovlen; i++) {
#  571|-> 		memcpy(cmd->data + cmd->len, iov[i].iov_base, iov[i].iov_len);
#  572|   		cmd->len += iov[i].iov_len;
#  573|   	}

Error: CLANG_WARNING: [#def3]
bluez-5.75/profiles/audio/media.c:1046:7: warning[unix.Malloc]: Use of memory after it is freed
# 1044|   		struct pac_select_data *data;
# 1045|   
# 1046|-> 		if (req->cb != pac_select_cb) {
# 1047|   			l = g_slist_next(l);
# 1048|   			continue;

Scan Properties

analyzer-version-clang18.1.3
analyzer-version-cppcheck2.13.0
analyzer-version-gcc14.0.1
analyzer-version-gcc-analyzer14.0.1
analyzer-version-shellcheck0.10.0
diffbase-analyzer-version-clang18.1.3
diffbase-analyzer-version-cppcheck2.13.0
diffbase-analyzer-version-gcc14.0.1
diffbase-analyzer-version-gcc-analyzer14.0.1
diffbase-analyzer-version-shellcheck0.10.0
diffbase-enabled-pluginsclang, cppcheck, gcc, shellcheck
diffbase-exit-code0
diffbase-hostip-172-16-1-187.us-west-2.compute.internal
diffbase-mock-configfedora-41-x86_64
diffbase-project-namebluez-5.73-3.fc40
diffbase-store-results-to/tmp/tmpdgbvdw7a/bluez-5.73-3.fc40.tar.xz
diffbase-time-created2024-04-22 10:43:57
diffbase-time-finished2024-04-22 10:50:04
diffbase-toolcsmock
diffbase-tool-args'/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpdgbvdw7a/bluez-5.73-3.fc40.tar.xz' '--gcc-analyze' '/tmp/tmpdgbvdw7a/bluez-5.73-3.fc40.src.rpm'
diffbase-tool-versioncsmock-3.5.3-1.el9
enabled-pluginsclang, cppcheck, gcc, shellcheck
exit-code0
hostip-172-16-1-187.us-west-2.compute.internal
mock-configfedora-41-x86_64
project-namebluez-5.75-1.fc41
store-results-to/tmp/tmpm8gqi9gz/bluez-5.75-1.fc41.tar.xz
time-created2024-04-22 10:50:29
time-finished2024-04-22 10:56:17
titleNewly introduced defects
toolcsmock
tool-args'/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpm8gqi9gz/bluez-5.75-1.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpm8gqi9gz/bluez-5.75-1.fc41.src.rpm'
tool-versioncsmock-3.5.3-1.el9