libcap-ng-0.8.5-1.fc41
List of Defects
Error: GCC_ANALYZER_WARNING (CWE-476): [#def1]
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_MangledTypeQueryModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:621:13: warning[-Wanalyzer-null-dereference]: dereference of NULL 'iter'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:3436:12: note: in expansion of macro 'SWIG_TypeQuery'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:3436:12: note: in expansion of macro 'SWIG_TypeQuery'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:2965:37: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:2965:37: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:2965:37: note: in expansion of macro 'SWIG_GetModule'
# 619| swig_module_info *iter = start;
# 620| do {
# 621|-> if (iter->size) {
# 622| size_t l = 0;
# 623| size_t r = iter->size - 1;
Error: GCC_ANALYZER_WARNING (CWE-126): [#def2]
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1143:57: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4561:15: note: in expansion of macro 'SWIG_InternalNewPointerObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4643:1: note: in expansion of macro 'SWIG_init'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4762:3: note: in expansion of macro 'SWIG_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1607:3: note: in expansion of macro 'Py_INCREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4572:9: note: in expansion of macro 'Py_DECREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4561:15: note: in expansion of macro 'SWIG_InternalNewPointerObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1143:57: note: read of 8 bytes from after the end of 'swig_const_table'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4561:15: note: in expansion of macro 'SWIG_InternalNewPointerObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1143:57: note: valid subscripts for 'swig_const_table' are '[0]' to '[0]'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4561:15: note: in expansion of macro 'SWIG_InternalNewPointerObj'
# └──────────────────────────┘
# ^
# 1141| #endif
# 1142|
# 1143|-> #define SWIG_InternalNewPointerObj(ptr, type, flags) SWIG_Python_NewPointerObj(NULL, ptr, type, flags)
# 1144|
# 1145| #define SWIG_CheckImplicit(ty) SWIG_Python_CheckImplicit(ty)
Error: GCC_ANALYZER_WARNING (CWE-126): [#def3]
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:57: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4643:1: note: in expansion of macro 'SWIG_init'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4762:3: note: in expansion of macro 'SWIG_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1607:3: note: in expansion of macro 'Py_INCREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4572:9: note: in expansion of macro 'Py_DECREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:57: note: read of 8 bytes from after the end of 'swig_const_table'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:57: note: valid subscripts for 'swig_const_table' are '[0]' to '[0]'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
# └──────────────────────────┘
# ^
# 1149| /* for raw packed data */
# 1150| #define SWIG_ConvertPacked(obj, ptr, sz, ty) SWIG_Python_ConvertPacked(obj, ptr, sz, ty)
# 1151|-> #define SWIG_NewPackedObj(ptr, sz, type) SWIG_Python_NewPackedObj(ptr, sz, type)
# 1152|
# 1153| /* for class or struct pointers */
Error: GCC_ANALYZER_WARNING (CWE-126): [#def4]
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4558:29: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4643:1: note: in expansion of macro 'SWIG_init'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4762:3: note: in expansion of macro 'SWIG_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
/usr/include/python3.12/Python.h:44: included_from: Included from here.
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:198: included_from: Included from here.
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1607:3: note: in expansion of macro 'Py_INCREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4572:9: note: in expansion of macro 'Py_DECREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4558:29: note: read of 4 bytes from after the end of 'swig_const_table'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4558:29: note: valid subscripts for 'swig_const_table' are '[0]' to '[0]'
# └───────────────────────┘
# ^
# 4556| PyObject *obj = 0;
# 4557| size_t i;
# 4558|-> for (i = 0; constants[i].type; ++i) {
# 4559| switch(constants[i].type) {
# 4560| case SWIG_PY_POINTER:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def5]
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4561:78: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1143:94: note: in definition of macro 'SWIG_InternalNewPointerObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4643:1: note: in expansion of macro 'SWIG_init'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4762:3: note: in expansion of macro 'SWIG_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1607:3: note: in expansion of macro 'Py_INCREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4572:9: note: in expansion of macro 'Py_DECREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1143:94: note: in definition of macro 'SWIG_InternalNewPointerObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4561:78: note: read of 8 bytes from after the end of 'swig_const_table'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1143:94: note: in definition of macro 'SWIG_InternalNewPointerObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4561:78: note: valid subscripts for 'swig_const_table' are '[0]' to '[0]'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1143:94: note: in definition of macro 'SWIG_InternalNewPointerObj'
# └─────────────────────────────────────────────┘
# ^
# 4559| switch(constants[i].type) {
# 4560| case SWIG_PY_POINTER:
# 4561|-> obj = SWIG_InternalNewPointerObj(constants[i].pvalue, *(constants[i]).ptype,0);
# 4562| break;
# 4563| case SWIG_PY_BINARY:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def6]
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:66: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:87: note: in definition of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4643:1: note: in expansion of macro 'SWIG_init'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4762:3: note: in expansion of macro 'SWIG_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1607:3: note: in expansion of macro 'Py_INCREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4572:9: note: in expansion of macro 'Py_DECREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:87: note: in definition of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:66: note: read of 8 bytes from after the end of 'swig_const_table'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:87: note: in definition of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:66: note: valid subscripts for 'swig_const_table' are '[0]' to '[0]'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:87: note: in definition of macro 'SWIG_NewPackedObj'
# └────────────────────────────┘
# ^
# 4562| break;
# 4563| case SWIG_PY_BINARY:
# 4564|-> obj = SWIG_NewPackedObj(constants[i].pvalue, constants[i].lvalue, *(constants[i].ptype));
# 4565| break;
# 4566| default:
Error: GCC_ANALYZER_WARNING (CWE-126): [#def7]
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:89: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:91: note: in definition of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4643:1: note: in expansion of macro 'SWIG_init'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4762:3: note: in expansion of macro 'SWIG_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1607:3: note: in expansion of macro 'Py_INCREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4572:9: note: in expansion of macro 'Py_DECREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:91: note: in definition of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:89: note: read of 8 bytes from after the end of 'swig_const_table'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:91: note: in definition of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:89: note: valid subscripts for 'swig_const_table' are '[0]' to '[0]'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:91: note: in definition of macro 'SWIG_NewPackedObj'
# └─────────────────────────────────────────────┘
# ^
# 4562| break;
# 4563| case SWIG_PY_BINARY:
# 4564|-> obj = SWIG_NewPackedObj(constants[i].pvalue, constants[i].lvalue, *(constants[i].ptype));
# 4565| break;
# 4566| default:
Error: CLANG_WARNING: [#def8]
libcap-ng-0.8.5/utils/captest.c:75:4: warning[security.insecureAPI.UncheckedReturn]: The return value from the call to 'setuid' is not checked. If an error occurs in 'setuid', the following code may execute with unexpected privileges
# 73| CAP_SETUID)) {
# 74| printf("Attempting to regain root...");
# 75|-> setuid(0);
# 76| getresuid(&uid, &euid, &suid);
# 77| if (uid == 0) {
Error: COMPILER_WARNING (CWE-252): [#def9]
libcap-ng-0.8.5/utils/captest.c: scope_hint: In function ‘report’
libcap-ng-0.8.5/utils/captest.c:75:25: warning[-Wunused-result]: ignoring return value of ‘setuid’ declared with attribute ‘warn_unused_result’
# 75 | setuid(0);
# | ^~~~~~~~~
# 73| CAP_SETUID)) {
# 74| printf("Attempting to regain root...");
# 75|-> setuid(0);
# 76| getresuid(&uid, &euid, &suid);
# 77| if (uid == 0) {
Error: CLANG_WARNING: [#def10]
libcap-ng-0.8.5/utils/captest.c:79:5: warning[security.insecureAPI.UncheckedReturn]: The return value from the call to 'setgid' is not checked. If an error occurs in 'setgid', the following code may execute with unexpected privileges
# 77| if (uid == 0) {
# 78| printf("SUCCESS - PRIVILEGE ESCALATION POSSIBLE\n");
# 79|-> setgid(0);
# 80| getresgid(&gid, &egid, &sgid);
# 81| escalated = 1;
Error: COMPILER_WARNING (CWE-252): [#def11]
libcap-ng-0.8.5/utils/captest.c:79:33: warning[-Wunused-result]: ignoring return value of ‘setgid’ declared with attribute ‘warn_unused_result’
# 79 | setgid(0);
# | ^~~~~~~~~
# 77| if (uid == 0) {
# 78| printf("SUCCESS - PRIVILEGE ESCALATION POSSIBLE\n");
# 79|-> setgid(0);
# 80| getresgid(&gid, &egid, &sgid);
# 81| escalated = 1;
Error: COMPILER_WARNING (CWE-252): [#def12]
libcap-ng-0.8.5/utils/captest.c:198:25: warning[-Wunused-result]: ignoring return value of ‘system’ declared with attribute ‘warn_unused_result’
# 198 | system("/usr/bin/captest --no-child --text");
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 196| printf("FAILED\n");
# 197| if (text)
# 198|-> system("/usr/bin/captest --no-child --text");
# 199| else
# 200| system("/usr/bin/captest --no-child");
Error: COMPILER_WARNING (CWE-252): [#def13]
libcap-ng-0.8.5/utils/captest.c:200:25: warning[-Wunused-result]: ignoring return value of ‘system’ declared with attribute ‘warn_unused_result’
# 200 | system("/usr/bin/captest --no-child");
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 198| system("/usr/bin/captest --no-child --text");
# 199| else
# 200|-> system("/usr/bin/captest --no-child");
# 201| }
# 202| }
Scan Properties
analyzer-version-clang | 18.1.3 |
analyzer-version-cppcheck | 2.13.0 |
analyzer-version-gcc | 14.0.1 |
analyzer-version-gcc-analyzer | 14.0.1 |
analyzer-version-shellcheck | 0.10.0 |
enabled-plugins | clang, cppcheck, gcc, shellcheck |
exit-code | 0 |
host | ip-172-16-1-34.us-west-2.compute.internal |
mock-config | fedora-41-x86_64 |
project-name | libcap-ng-0.8.5-1.fc41 |
store-results-to | /tmp/tmp2mm3w48m/libcap-ng-0.8.5-1.fc41.tar.xz |
time-created | 2024-04-22 10:55:45 |
time-finished | 2024-04-22 10:56:52 |
tool | csmock |
tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmp2mm3w48m/libcap-ng-0.8.5-1.fc41.tar.xz' '--gcc-analyze' '/tmp/tmp2mm3w48m/libcap-ng-0.8.5-1.fc41.src.rpm' |
tool-version | csmock-3.5.3-1.el9 |