libgpg-error-1.48-1.fc41
List of Defects
Error: SHELLCHECK_WARNING (CWE-563): [#def1]
/usr/bin/gpg-error-config:15:1: warning[SC2034]: includedir appears unused. Verify use (or export if used externally).
# 13| prefix=/usr
# 14| exec_prefix=/usr
# 15|-> includedir=/usr/include
# 16| libdir=/usr/lib
# 17|
Error: SHELLCHECK_WARNING (CWE-563): [#def2]
/usr/bin/gpg-error-config:16:1: warning[SC2034]: libdir appears unused. Verify use (or export if used externally).
# 14| exec_prefix=/usr
# 15| includedir=/usr/include
# 16|-> libdir=/usr/lib
# 17|
# 18| if echo "$0" | grep gpg-error-config 2>/dev/null >/dev/null; then
Error: SHELLCHECK_WARNING (CWE-563): [#def3]
/usr/bin/gpg-error-config:52:6: warning[SC2034]: optarg appears unused. Verify use (or export if used externally).
# 50| ;;
# 51| *)
# 52|-> optarg=
# 53| ;;
# 54| esac
Error: SHELLCHECK_WARNING (CWE-569): [#def4]
/usr/bin/gpgrt-config:121:3: warning[SC2221]: This pattern always overrides a later one on line 132.
# 119| if [ -n "$_reading_attrs" ]; then
# 120| case "$_line" in
# 121|-> *:\ *)
# 122| _key="${_line%%:\ *}"
# 123| _value="${_line#*:\ }"
Error: SHELLCHECK_WARNING (CWE-569): [#def5]
/usr/bin/gpgrt-config:132:6: warning[SC2222]: This pattern never matches because of a previous pattern on line 121.
# 130| EOF2
# 131| ;;
# 132|-> *:|*:\ ) ;;
# 133| *)
# 134| echo "Error reading $_filename: $_line" 1>&2
Error: SHELLCHECK_WARNING (CWE-477): [#def6]
/usr/bin/gpgrt-config:250:18: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
# 248|
# 249| arg1_is_same () {
# 250|-> [ "$1" = "=" -o "$1" = ">=" -o "$1" = "<=" ]
# 251| }
# 252|
Error: SHELLCHECK_WARNING (CWE-477): [#def7]
/usr/bin/gpgrt-config:250:33: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
# 248|
# 249| arg1_is_same () {
# 250|-> [ "$1" = "=" -o "$1" = ">=" -o "$1" = "<=" ]
# 251| }
# 252|
Error: SHELLCHECK_WARNING (CWE-477): [#def8]
/usr/bin/gpgrt-config:254:19: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
# 252|
# 253| arg1_is_less () {
# 254|-> [ "$1" = "!=" -o "$1" = "<" -o "$1" = "<=" ]
# 255| }
# 256|
Error: SHELLCHECK_WARNING (CWE-477): [#def9]
/usr/bin/gpgrt-config:254:33: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
# 252|
# 253| arg1_is_less () {
# 254|-> [ "$1" = "!=" -o "$1" = "<" -o "$1" = "<=" ]
# 255| }
# 256|
Error: SHELLCHECK_WARNING (CWE-477): [#def10]
/usr/bin/gpgrt-config:258:19: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
# 256|
# 257| arg1_is_great () {
# 258|-> [ "$1" = "!=" -o "$1" = ">" -o "$1" = ">=" ]
# 259| }
# 260|
Error: SHELLCHECK_WARNING (CWE-477): [#def11]
/usr/bin/gpgrt-config:258:33: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
# 256|
# 257| arg1_is_great () {
# 258|-> [ "$1" = "!=" -o "$1" = ">" -o "$1" = ">=" ]
# 259| }
# 260|
Error: SHELLCHECK_WARNING (CWE-477): [#def12]
/usr/bin/gpgrt-config:273:27: warning[SC2166]: Prefer [ p ] && [ q ] as [ p -a q ] is not well defined.
# 271| ___chunk2=""
# 272|
# 273|-> while [ -n "$___str1" -a -n "$___str2" ]; do
# 274| # Trim anything that's not alnum or tilde from the front
# 275| ___str1="$(expr "$___str1" : '[^0-9A-Za-z~]*\(.*\)')"
Error: SHELLCHECK_WARNING (CWE-477): [#def13]
/usr/bin/gpgrt-config:282:23: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
# 280| ___char2=${___str2%${___str2#?}}
# 281|
# 282|-> if [ "$___char1" = ~ -o "$___char2" = ~ ]; then
# 283| if [ "$___char1" != ~ ]; then
# 284| arg1_is_great $___cmp
Error: SHELLCHECK_WARNING (CWE-477): [#def14]
/usr/bin/gpgrt-config:296:22: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
# 294| fi
# 295|
# 296|-> if [ -z "$___char1" -o -z "$___char2" ]; then
# 297| break
# 298| fi
Error: SHELLCHECK_WARNING (CWE-563): [#def15]
/usr/bin/gpgrt-config:602:5: warning[SC2034]: VAR_pc_sysrootdir appears unused. Verify use (or export if used externally).
# 600| VAR_pc_sysrootdir="/"
# 601| else
# 602|-> VAR_pc_sysrootdir="$PKG_CONFIG_SYSROOT_DIR"
# 603| fi
# 604|
Error: SHELLCHECK_WARNING (CWE-477): [#def16]
/usr/bin/gpgrt-config:699:21: warning[SC2166]: Prefer [ p ] && [ q ] as [ p -a q ] is not well defined.
# 697| done
# 698|
# 699|-> if [ -z "$want_var" -a -z "$want_attr" ]; then
# 700| if [ -n "$want_cflags" ]; then
# 701| output="$output${output:+ }$(sysroot -I $(list_only_once $cflags))"
Error: SHELLCHECK_WARNING (CWE-156): [#def17]
/usr/bin/gpgrt-config:701:42: warning[SC2046]: Quote this to prevent word splitting.
# 699| if [ -z "$want_var" -a -z "$want_attr" ]; then
# 700| if [ -n "$want_cflags" ]; then
# 701|-> output="$output${output:+ }$(sysroot -I $(list_only_once $cflags))"
# 702| # Backward compatibility to old gpg-error-config
# 703| if [ $mt = yes -a -n "$mtcflags" ]; then
Error: SHELLCHECK_WARNING (CWE-477): [#def18]
/usr/bin/gpgrt-config:703:17: warning[SC2166]: Prefer [ p ] && [ q ] as [ p -a q ] is not well defined.
# 701| output="$output${output:+ }$(sysroot -I $(list_only_once $cflags))"
# 702| # Backward compatibility to old gpg-error-config
# 703|-> if [ $mt = yes -a -n "$mtcflags" ]; then
# 704| output="$output${output:+ }$mtcflags"
# 705| fi
Error: SHELLCHECK_WARNING (CWE-156): [#def19]
/usr/bin/gpgrt-config:708:42: warning[SC2046]: Quote this to prevent word splitting.
# 706| fi
# 707| if [ -n "$want_libs" ]; then
# 708|-> output="$output${output:+ }$(sysroot -L $(list_only_once_for_libs $libs))"
# 709| # Backward compatibility to old gpg-error-config
# 710| if [ $mt = yes -a -n "$mtlibs" ]; then
Error: SHELLCHECK_WARNING (CWE-477): [#def20]
/usr/bin/gpgrt-config:710:17: warning[SC2166]: Prefer [ p ] && [ q ] as [ p -a q ] is not well defined.
# 708| output="$output${output:+ }$(sysroot -L $(list_only_once_for_libs $libs))"
# 709| # Backward compatibility to old gpg-error-config
# 710|-> if [ $mt = yes -a -n "$mtlibs" ]; then
# 711| output="$output${output:+ }$mtlibs"
# 712| fi
Error: CLANG_WARNING: [#def21]
libgpg-error-1.48/src/argparse.c:1122:15: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 1120| }
# 1121| else if (!strcmp (op, "="))
# 1122|-> result = !strcmp (str1, str2);
# 1123| else if (!strcmp (op, "<>"))
# 1124| result = !!strcmp (str1, str2);
Error: CLANG_WARNING: [#def22]
libgpg-error-1.48/src/argparse.c:1124:16: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 1122| result = !strcmp (str1, str2);
# 1123| else if (!strcmp (op, "<>"))
# 1124|-> result = !!strcmp (str1, str2);
# 1125| else if (!strcmp (op, "=~"))
# 1126| result = !!strstr (str1, str2);
Error: CLANG_WARNING: [#def23]
libgpg-error-1.48/src/argparse.c:1126:16: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 1124| result = !!strcmp (str1, str2);
# 1125| else if (!strcmp (op, "=~"))
# 1126|-> result = !!strstr (str1, str2);
# 1127| else if (!strcmp (op, "!~"))
# 1128| result = !strstr (str1, str2);
Error: CLANG_WARNING: [#def24]
libgpg-error-1.48/src/argparse.c:1128:15: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 1126| result = !!strstr (str1, str2);
# 1127| else if (!strcmp (op, "!~"))
# 1128|-> result = !strstr (str1, str2);
# 1129| else if (!strcmp (op, "-le"))
# 1130| result = (strcmp (str1, str2) <= 0);
Error: CLANG_WARNING: [#def25]
libgpg-error-1.48/src/argparse.c:1130:15: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 1128| result = !strstr (str1, str2);
# 1129| else if (!strcmp (op, "-le"))
# 1130|-> result = (strcmp (str1, str2) <= 0);
# 1131| else if (!strcmp (op, "-lt"))
# 1132| result = (strcmp (str1, str2) < 0);
Error: CLANG_WARNING: [#def26]
libgpg-error-1.48/src/argparse.c:1132:15: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 1130| result = (strcmp (str1, str2) <= 0);
# 1131| else if (!strcmp (op, "-lt"))
# 1132|-> result = (strcmp (str1, str2) < 0);
# 1133| else if (!strcmp (op, "-gt"))
# 1134| result = (strcmp (str1, str2) > 0);
Error: CLANG_WARNING: [#def27]
libgpg-error-1.48/src/argparse.c:1134:15: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 1132| result = (strcmp (str1, str2) < 0);
# 1133| else if (!strcmp (op, "-gt"))
# 1134|-> result = (strcmp (str1, str2) > 0);
# 1135| else if (!strcmp (op, "-ge"))
# 1136| result = (strcmp (str1, str2) >= 0);
Error: CLANG_WARNING: [#def28]
libgpg-error-1.48/src/argparse.c:1136:15: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 1134| result = (strcmp (str1, str2) > 0);
# 1135| else if (!strcmp (op, "-ge"))
# 1136|-> result = (strcmp (str1, str2) >= 0);
# 1137| else if (!strncmp (op, "-v3", 3) || !strncmp (op, "-v2", 3))
# 1138| {
Error: CLANG_WARNING: [#def29]
libgpg-error-1.48/src/argparse.c:1161:14: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 1159|
# 1160| num1 = strtol (str1, NULL, 0);
# 1161|-> num2 = strtol (str2, NULL, 0);
# 1162|
# 1163| if (!strcmp (op, "=="))
Error: CLANG_WARNING: [#def30]
libgpg-error-1.48/src/argparse.c:1586:24: warning[core.NullDereference]: Access to field 'r_opt' results in a dereference of a null pointer (loaded from variable 'arg')
# 1584|
# 1585| if (initialize (arg, opts_orig, fp))
# 1586|-> return (arg->r_opt = ARGPARSE_OUT_OF_CORE);
# 1587|
# 1588| opts = arg->internal->opts;
Error: CLANG_WARNING: [#def31]
libgpg-error-1.48/src/argparse.c:1588:10: warning[core.NullDereference]: Access to field 'internal' results in a dereference of a null pointer (loaded from variable 'arg')
# 1586| return (arg->r_opt = ARGPARSE_OUT_OF_CORE);
# 1587|
# 1588|-> opts = arg->internal->opts;
# 1589| nopts = arg->internal->nopts;
# 1590|
Error: CPPCHECK_WARNING (CWE-457): [#def32]
libgpg-error-1.48/src/argparse.c:1626: error[legacyUninitvar]: Uninitialized variable: keyword
# 1624| for (idx=0; idx < nopts; idx++ )
# 1625| {
# 1626|-> if (opts[idx].long_opt && !strcmp (opts[idx].long_opt, keyword))
# 1627| break;
# 1628| }
Error: CLANG_WARNING: [#def33]
libgpg-error-1.48/src/argparse.c:1763:19: warning[deadcode.DeadStores]: Value stored to 'set_ignore' is never read
# 1761| {
# 1762| prepare_arg_return (arg, opts, idx, 0, set_ignore);
# 1763|-> set_ignore = 0;
# 1764| goto leave;
# 1765| }
Error: GCC_ANALYZER_WARNING (CWE-457): [#def34]
libgpg-error-1.48/src/argparse.c:39: included_from: Included from here.
libgpg-error-1.48/src/argparse.c: scope_hint: In function '_gpgrt_argparse.part.0'
libgpg-error-1.48/src/argparse.c:1772:25: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'keyword[0]'
libgpg-error-1.48/src/gpgrt-int.h:579:5: note: in definition of macro 'gpgrt_assert'
libgpg-error-1.48/src/gpgrt-int.h:579:5: note: in definition of macro 'gpgrt_assert'
libgpg-error-1.48/src/gpgrt-int.h:579:5: note: in definition of macro 'gpgrt_assert'
# 1770| {
# 1771| /* We are at the end of a line. */
# 1772|-> gpgrt_assert (*keyword == '[');
# 1773| trim_spaces (keyword+1);
# 1774| if (!keyword[1])
Error: CLANG_WARNING: [#def35]
libgpg-error-1.48/src/argparse.c:1821:15: warning[deadcode.DeadStores]: Value stored to 'set_ignore' is never read
# 1819| /* No argument found at the end of the line. */
# 1820| prepare_arg_return (arg, opts, idx, in_alias, set_ignore);
# 1821|-> set_ignore = 0;
# 1822| goto leave;
# 1823| }
Error: CLANG_WARNING: [#def36]
libgpg-error-1.48/src/argparse.c:2217:24: warning[core.NullDereference]: Access to field 'r_opt' results in a dereference of a null pointer (loaded from variable 'arg')
# 2215| * warnings or errors from the last iteration. */
# 2216| if (initialize (arg, opts, NULL))
# 2217|-> return (arg->r_opt = ARGPARSE_OUT_OF_CORE);
# 2218|
# 2219| next_state:
Error: CLANG_WARNING: [#def37]
libgpg-error-1.48/src/argparse.c:2220:11: warning[core.NullDereference]: Access to field 'internal' results in a dereference of a null pointer (loaded from variable 'arg')
# 2218|
# 2219| next_state:
# 2220|-> switch (arg->internal->state)
# 2221| {
# 2222| case STATE_init:
Error: CLANG_WARNING: [#def38]
libgpg-error-1.48/src/estream.c:1747:22: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 1745| else
# 1746| bytes_read = 0;
# 1747|-> if (!bytes_read && ferror (file_cookie->fp))
# 1748| return -1;
# 1749| return bytes_read;
Error: CPPCHECK_WARNING (CWE-476): [#def39]
libgpg-error-1.48/src/logging.c:260: error[nullPointer]: Null pointer dereference: (struct sockaddr_un*)0
# 258| srvr_addr_un.sun_path[sizeof (srvr_addr_un.sun_path)-1] = 0;
# 259| srvr_addr = (struct sockaddr *)&srvr_addr_un;
# 260|-> addrlen = SUN_LEN (&srvr_addr_un);
# 261| name_for_err = srvr_addr_un.sun_path;
# 262| }
Error: CPPCHECK_WARNING (CWE-476): [#def40]
libgpg-error-1.48/src/logging.c:272: error[nullPointer]: Null pointer dereference: (struct sockaddr_un*)0
# 270| srvr_addr_un.sun_path[sizeof (srvr_addr_un.sun_path)-1] = 0;
# 271| srvr_addr = (struct sockaddr *)&srvr_addr_un;
# 272|-> addrlen = SUN_LEN (&srvr_addr_un);
# 273| }
# 274| }
Error: GCC_ANALYZER_WARNING (CWE-126): [#def41]
libgpg-error-1.48/src/logging.c: scope_hint: In function 'set_file_fd'
libgpg-error-1.48/src/logging.c:476:56: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libgpg-error-1.48/src/logging.c:476:56: note: read of 1 byte from after the end of '"-"'
libgpg-error-1.48/src/logging.c:476:56: note: valid subscripts for '"-"' are '[0]' to '[1]'
# └─────────────────────────────┘
# ^
# 474| goto leave;
# 475| }
# 476|-> else if (name && !strncmp (name, "tcp://", 6) && name[6])
# 477| want_socket = 1;
# 478| #ifndef HAVE_W32_SYSTEM
Error: CPPCHECK_WARNING (CWE-664): [#def42]
libgpg-error-1.48/src/logging.c:1230: error[va_list_usedBeforeStarted]: va_list 'dummy_argptr' used before va_start() was called.
# 1228| static va_list dummy_argptr;
# 1229|
# 1230|-> _gpgrt_logv_printhex (buffer, length, NULL, dummy_argptr);
# 1231| }
# 1232| }
Error: GCC_ANALYZER_WARNING (CWE-775): [#def43]
libgpg-error-1.48/src/spawn-posix.c: scope_hint: In function 'do_exec'
libgpg-error-1.48/src/spawn-posix.c:316:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(fds[i], i)'
# 314| if (nodevnull[i])
# 315| continue;
# 316|-> if (fds[i] != i && dup2 (fds[i], i) == -1)
# 317| _gpgrt_log_fatal ("dup2 std%s failed: %s\n",
# 318| i==0?"in":i==1?"out":"err", strerror (errno));
Error: GCC_ANALYZER_WARNING: [#def44]
libgpg-error-1.48/src/spawn-posix.c:316:26: warning[-Wanalyzer-fd-use-without-check]: 'dup2' on possibly invalid file descriptor '-1'
# 314| if (nodevnull[i])
# 315| continue;
# 316|-> if (fds[i] != i && dup2 (fds[i], i) == -1)
# 317| _gpgrt_log_fatal ("dup2 std%s failed: %s\n",
# 318| i==0?"in":i==1?"out":"err", strerror (errno));
Scan Properties
| analyzer-version-clang | 18.1.3 |
| analyzer-version-cppcheck | 2.13.0 |
| analyzer-version-gcc | 14.0.1 |
| analyzer-version-gcc-analyzer | 14.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-86.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | libgpg-error-1.48-1.fc41 |
| store-results-to | /tmp/tmpl5skvat4/libgpg-error-1.48-1.fc41.tar.xz |
| time-created | 2024-04-22 10:55:55 |
| time-finished | 2024-04-22 10:57:38 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpl5skvat4/libgpg-error-1.48-1.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpl5skvat4/libgpg-error-1.48-1.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |