libcap-ng-0.8.5-1.fc41

List of Defects

Error: GCC_ANALYZER_WARNING (CWE-476): [#def1]
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_MangledTypeQueryModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:621:13: warning[-Wanalyzer-null-dereference]: dereference of NULL 'iter'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:3436:12: note: in expansion of macro 'SWIG_TypeQuery'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:3436:12: note: in expansion of macro 'SWIG_TypeQuery'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:2965:37: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:2965:37: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:2965:37: note: in expansion of macro 'SWIG_GetModule'
#  619|     swig_module_info *iter = start;
#  620|     do {
#  621|->     if (iter->size) {
#  622|         size_t l = 0;
#  623|         size_t r = iter->size - 1;

Error: GCC_ANALYZER_WARNING (CWE-126): [#def2]
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1143:57: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4561:15: note: in expansion of macro 'SWIG_InternalNewPointerObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4643:1: note: in expansion of macro 'SWIG_init'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4762:3: note: in expansion of macro 'SWIG_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1607:3: note: in expansion of macro 'Py_INCREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4572:9: note: in expansion of macro 'Py_DECREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4561:15: note: in expansion of macro 'SWIG_InternalNewPointerObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1143:57: note: read of 8 bytes from after the end of 'swig_const_table'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4561:15: note: in expansion of macro 'SWIG_InternalNewPointerObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1143:57: note: valid subscripts for 'swig_const_table' are '[0]' to '[0]'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4561:15: note: in expansion of macro 'SWIG_InternalNewPointerObj'
#                                                            └──────────────────────────┘
#                                                                         ^
# 1141|   #endif
# 1142|   
# 1143|-> #define SWIG_InternalNewPointerObj(ptr, type, flags)	SWIG_Python_NewPointerObj(NULL, ptr, type, flags)
# 1144|   
# 1145|   #define SWIG_CheckImplicit(ty)                          SWIG_Python_CheckImplicit(ty) 

Error: GCC_ANALYZER_WARNING (CWE-126): [#def3]
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:57: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4643:1: note: in expansion of macro 'SWIG_init'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4762:3: note: in expansion of macro 'SWIG_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1607:3: note: in expansion of macro 'Py_INCREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4572:9: note: in expansion of macro 'Py_DECREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:57: note: read of 8 bytes from after the end of 'swig_const_table'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:57: note: valid subscripts for 'swig_const_table' are '[0]' to '[0]'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
#                                                            └──────────────────────────┘
#                                                                         ^
# 1149|   /* for raw packed data */
# 1150|   #define SWIG_ConvertPacked(obj, ptr, sz, ty)            SWIG_Python_ConvertPacked(obj, ptr, sz, ty)
# 1151|-> #define SWIG_NewPackedObj(ptr, sz, type)                SWIG_Python_NewPackedObj(ptr, sz, type)
# 1152|   
# 1153|   /* for class or struct pointers */

Error: GCC_ANALYZER_WARNING (CWE-126): [#def4]
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4558:29: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4643:1: note: in expansion of macro 'SWIG_init'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4762:3: note: in expansion of macro 'SWIG_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
/usr/include/python3.12/Python.h:44: included_from: Included from here.
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:198: included_from: Included from here.
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1607:3: note: in expansion of macro 'Py_INCREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4572:9: note: in expansion of macro 'Py_DECREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4558:29: note: read of 4 bytes from after the end of 'swig_const_table'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4558:29: note: valid subscripts for 'swig_const_table' are '[0]' to '[0]'
#                                                          └───────────────────────┘
#                                                                      ^
# 4556|       PyObject *obj = 0;
# 4557|       size_t i;
# 4558|->     for (i = 0; constants[i].type; ++i) {
# 4559|         switch(constants[i].type) {
# 4560|         case SWIG_PY_POINTER:

Error: GCC_ANALYZER_WARNING (CWE-126): [#def5]
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4561:78: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1143:94: note: in definition of macro 'SWIG_InternalNewPointerObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4643:1: note: in expansion of macro 'SWIG_init'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4762:3: note: in expansion of macro 'SWIG_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1607:3: note: in expansion of macro 'Py_INCREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4572:9: note: in expansion of macro 'Py_DECREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1143:94: note: in definition of macro 'SWIG_InternalNewPointerObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4561:78: note: read of 8 bytes from after the end of 'swig_const_table'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1143:94: note: in definition of macro 'SWIG_InternalNewPointerObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4561:78: note: valid subscripts for 'swig_const_table' are '[0]' to '[0]'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1143:94: note: in definition of macro 'SWIG_InternalNewPointerObj'
#                                                            └─────────────────────────────────────────────┘
#                                                                                   ^
# 4559|         switch(constants[i].type) {
# 4560|         case SWIG_PY_POINTER:
# 4561|->         obj = SWIG_InternalNewPointerObj(constants[i].pvalue, *(constants[i]).ptype,0);
# 4562|           break;
# 4563|         case SWIG_PY_BINARY:

Error: GCC_ANALYZER_WARNING (CWE-126): [#def6]
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:66: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:87: note: in definition of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4643:1: note: in expansion of macro 'SWIG_init'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4762:3: note: in expansion of macro 'SWIG_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1607:3: note: in expansion of macro 'Py_INCREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4572:9: note: in expansion of macro 'Py_DECREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:87: note: in definition of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:66: note: read of 8 bytes from after the end of 'swig_const_table'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:87: note: in definition of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:66: note: valid subscripts for 'swig_const_table' are '[0]' to '[0]'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:87: note: in definition of macro 'SWIG_NewPackedObj'
#                                                            └────────────────────────────┘
#                                                                          ^
# 4562|           break;
# 4563|         case SWIG_PY_BINARY:
# 4564|->         obj = SWIG_NewPackedObj(constants[i].pvalue, constants[i].lvalue, *(constants[i].ptype));
# 4565|           break;
# 4566|         default:

Error: GCC_ANALYZER_WARNING (CWE-126): [#def7]
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:89: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:91: note: in definition of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4643:1: note: in expansion of macro 'SWIG_init'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4383:17: note: in expansion of macro 'SWIG_GetModule'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4762:3: note: in expansion of macro 'SWIG_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1607:3: note: in expansion of macro 'Py_INCREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:15: note: in expansion of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4572:9: note: in expansion of macro 'Py_DECREF'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c: scope_hint: In function 'SWIG_Python_InstallConstants'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:91: note: in definition of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:89: note: read of 8 bytes from after the end of 'swig_const_table'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:91: note: in definition of macro 'SWIG_NewPackedObj'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:4564:89: note: valid subscripts for 'swig_const_table' are '[0]' to '[0]'
libcap-ng-0.8.5/bindings/python3/capng_wrap.c:1151:91: note: in definition of macro 'SWIG_NewPackedObj'
#                                                            └─────────────────────────────────────────────┘
#                                                                                   ^
# 4562|           break;
# 4563|         case SWIG_PY_BINARY:
# 4564|->         obj = SWIG_NewPackedObj(constants[i].pvalue, constants[i].lvalue, *(constants[i].ptype));
# 4565|           break;
# 4566|         default:

Error: CLANG_WARNING: [#def8]
libcap-ng-0.8.5/utils/captest.c:75:4: warning[security.insecureAPI.UncheckedReturn]: The return value from the call to 'setuid' is not checked.  If an error occurs in 'setuid', the following code may execute with unexpected privileges
#   73|   						 CAP_SETUID)) {
#   74|   			printf("Attempting to regain root...");
#   75|-> 			setuid(0);
#   76|   			getresuid(&uid, &euid, &suid);
#   77|   			if (uid == 0) {

Error: COMPILER_WARNING (CWE-252): [#def9]
libcap-ng-0.8.5/utils/captest.c: scope_hint: In function ‘report’
libcap-ng-0.8.5/utils/captest.c:75:25: warning[-Wunused-result]: ignoring return value of ‘setuid’ declared with attribute ‘warn_unused_result’
#   75 |                         setuid(0);
#      |                         ^~~~~~~~~
#   73|   						 CAP_SETUID)) {
#   74|   			printf("Attempting to regain root...");
#   75|-> 			setuid(0);
#   76|   			getresuid(&uid, &euid, &suid);
#   77|   			if (uid == 0) {

Error: CLANG_WARNING: [#def10]
libcap-ng-0.8.5/utils/captest.c:79:5: warning[security.insecureAPI.UncheckedReturn]: The return value from the call to 'setgid' is not checked.  If an error occurs in 'setgid', the following code may execute with unexpected privileges
#   77|   			if (uid == 0) {
#   78|   				printf("SUCCESS - PRIVILEGE ESCALATION POSSIBLE\n");
#   79|-> 				setgid(0);
#   80|   				getresgid(&gid, &egid, &sgid);
#   81|   				escalated = 1;

Error: COMPILER_WARNING (CWE-252): [#def11]
libcap-ng-0.8.5/utils/captest.c:79:33: warning[-Wunused-result]: ignoring return value of ‘setgid’ declared with attribute ‘warn_unused_result’
#   79 |                                 setgid(0);
#      |                                 ^~~~~~~~~
#   77|   			if (uid == 0) {
#   78|   				printf("SUCCESS - PRIVILEGE ESCALATION POSSIBLE\n");
#   79|-> 				setgid(0);
#   80|   				getresgid(&gid, &egid, &sgid);
#   81|   				escalated = 1;

Error: COMPILER_WARNING (CWE-252): [#def12]
libcap-ng-0.8.5/utils/captest.c:198:25: warning[-Wunused-result]: ignoring return value of ‘system’ declared with attribute ‘warn_unused_result’
#  198 |                         system("/usr/bin/captest --no-child --text");
#      |                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  196|   			printf("FAILED\n");
#  197|   		if (text)
#  198|-> 			system("/usr/bin/captest --no-child --text");
#  199|   		else
#  200|   			system("/usr/bin/captest --no-child");

Error: COMPILER_WARNING (CWE-252): [#def13]
libcap-ng-0.8.5/utils/captest.c:200:25: warning[-Wunused-result]: ignoring return value of ‘system’ declared with attribute ‘warn_unused_result’
#  200 |                         system("/usr/bin/captest --no-child");
#      |                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  198|   			system("/usr/bin/captest --no-child --text");
#  199|   		else
#  200|-> 			system("/usr/bin/captest --no-child");
#  201|   	}
#  202|   }

Scan Properties

analyzer-version-clang18.1.3
analyzer-version-cppcheck2.13.0
analyzer-version-gcc14.0.1
analyzer-version-gcc-analyzer14.0.1
analyzer-version-shellcheck0.10.0
enabled-pluginsclang, cppcheck, gcc, shellcheck
exit-code0
hostip-172-16-1-34.us-west-2.compute.internal
mock-configfedora-41-x86_64
project-namelibcap-ng-0.8.5-1.fc41
store-results-to/tmp/tmp2mm3w48m/libcap-ng-0.8.5-1.fc41.tar.xz
time-created2024-04-22 10:55:45
time-finished2024-04-22 10:56:52
toolcsmock
tool-args'/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmp2mm3w48m/libcap-ng-0.8.5-1.fc41.tar.xz' '--gcc-analyze' '/tmp/tmp2mm3w48m/libcap-ng-0.8.5-1.fc41.src.rpm'
tool-versioncsmock-3.5.3-1.el9