pam-1.6.1-1.fc41
List of Defects
Error: SHELLCHECK_WARNING (CWE-563): [#def1]
/usr/sbin/pam_namespace_helper:8:16: warning[SC2034]: polydir appears unused. Verify use (or export if used externally).
# 6| # skip the leading white space, rip off the comments, ignore empty lines
# 7| sed -e 's/^[ ]*//g' -e 's/#.*//g' -e '/.*\$HOME.*/d' -e '/^$/d' < $CONF | \
# 8|-> while read polydir instance_prefix method uids; do
# 9| if [ ! -e "$instance_prefix" ]; then
# 10| echo "mkdir $instance_prefix"
Error: SHELLCHECK_WARNING (CWE-563): [#def2]
/usr/sbin/pam_namespace_helper:8:40: warning[SC2034]: method appears unused. Verify use (or export if used externally).
# 6| # skip the leading white space, rip off the comments, ignore empty lines
# 7| sed -e 's/^[ ]*//g' -e 's/#.*//g' -e '/.*\$HOME.*/d' -e '/^$/d' < $CONF | \
# 8|-> while read polydir instance_prefix method uids; do
# 9| if [ ! -e "$instance_prefix" ]; then
# 10| echo "mkdir $instance_prefix"
Error: SHELLCHECK_WARNING (CWE-563): [#def3]
/usr/sbin/pam_namespace_helper:8:47: warning[SC2034]: uids appears unused. Verify use (or export if used externally).
# 6| # skip the leading white space, rip off the comments, ignore empty lines
# 7| sed -e 's/^[ ]*//g' -e 's/#.*//g' -e '/.*\$HOME.*/d' -e '/^$/d' < $CONF | \
# 8|-> while read polydir instance_prefix method uids; do
# 9| if [ ! -e "$instance_prefix" ]; then
# 10| echo "mkdir $instance_prefix"
Error: SHELLCHECK_WARNING (CWE-277): [#def4]
/usr/sbin/pam_namespace_helper:11:22: warning[SC2174]: When used with -p, -m only applies to the deepest directory.
# 9| if [ ! -e "$instance_prefix" ]; then
# 10| echo "mkdir $instance_prefix"
# 11|-> mkdir --parents --mode=0 -Z "$instance_prefix"
# 12| fi
# 13| done
Error: CLANG_WARNING: [#def5]
Linux-PAM-1.6.1/examples/blank.c:76:7: warning[deadcode.DeadStores]: Value stored to 'env' is never read
# 74| env = pam_getenvlist(pamh);
# 75| if (env)
# 76|-> env = pam_misc_drop_env(env);
# 77| else
# 78| fprintf(stderr,"???\n");
Error: CPPCHECK_WARNING (CWE-823): [#def6]
Linux-PAM-1.6.1/examples/tty_conv.c:79: error[arrayIndexOutOfBounds]: Array 'input[512]' accessed at index 512, which is out of bounds.
# 77| }
# 78| funlockfile(stdin);
# 79|-> input[i] = '\0';
# 80|
# 81| return (strdup(input));
Error: CLANG_WARNING: [#def7]
Linux-PAM-1.6.1/examples/xsh.c:142:4: warning[deadcode.DeadStores]: Value stored to 'retcode' is never read
# 140|
# 141| /* this is always a really bad thing for security! */
# 142|-> retcode = system("/bin/sh");
# 143|
# 144| /* close a session for the user --- `0' could be PAM_SILENT
Error: GCC_ANALYZER_WARNING (CWE-122): [#def8]
Linux-PAM-1.6.1/libpam/pam_private.h:303: included_from: Included from here.
Linux-PAM-1.6.1/libpam/include/security/_pam_macros.h:48:8: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
Linux-PAM-1.6.1/libpam/pam_env.c:353:17: note: in expansion of macro ‘_pam_drop’
Linux-PAM-1.6.1/libpam/pam_env.c:352:17: note: in expansion of macro ‘pam_overwrite_string’
Linux-PAM-1.6.1/libpam/pam_env.c:352:17: note: in expansion of macro ‘pam_overwrite_string’
Linux-PAM-1.6.1/libpam/pam_env.c:353:17: note: in expansion of macro ‘_pam_drop’
# 46| do { \
# 47| free(X); \
# 48|-> (X)=NULL; \
# 49| } while (0)
# 50|
Error: GCC_ANALYZER_WARNING (CWE-775): [#def9]
Linux-PAM-1.6.1/libpam/include/security/_pam_types.h:33:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[0]’
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:114:12: note: in expansion of macro ‘PAM_SERVICE_ERR’
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:114:12: note: in expansion of macro ‘PAM_SERVICE_ERR’
# 31| /* loading a service module */
# 32| #define PAM_SYMBOL_ERR 2 /* Symbol not found */
# 33|-> #define PAM_SERVICE_ERR 3 /* Error in service module */
# 34| #define PAM_SYSTEM_ERR 4 /* System error */
# 35| #define PAM_BUF_ERR 5 /* Memory buffer error */
Error: GCC_ANALYZER_WARNING (CWE-775): [#def10]
Linux-PAM-1.6.1/libpam/include/security/_pam_types.h:33:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:114:12: note: in expansion of macro ‘PAM_SERVICE_ERR’
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:114:12: note: in expansion of macro ‘PAM_SERVICE_ERR’
# 31| /* loading a service module */
# 32| #define PAM_SYMBOL_ERR 2 /* Symbol not found */
# 33|-> #define PAM_SERVICE_ERR 3 /* Error in service module */
# 34| #define PAM_SYSTEM_ERR 4 /* System error */
# 35| #define PAM_BUF_ERR 5 /* Memory buffer error */
Error: GCC_ANALYZER_WARNING (CWE-775): [#def11]
Linux-PAM-1.6.1/libpam/include/security/pam_modules.h:17: included_from: Included from here.
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:53: included_from: Included from here.
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c: scope_hint: In function ‘call_exec’
Linux-PAM-1.6.1/libpam/include/security/_pam_types.h:33:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘stdout_fds[1]’
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:114:12: note: in expansion of macro ‘PAM_SERVICE_ERR’
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:57: included_from: Included from here.
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:225:11: note: in expansion of macro ‘pam_overwrite_array’
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c: scope_hint: In function ‘call_exec’
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:114:12: note: in expansion of macro ‘PAM_SERVICE_ERR’
# 31| /* loading a service module */
# 32| #define PAM_SYMBOL_ERR 2 /* Symbol not found */
# 33|-> #define PAM_SERVICE_ERR 3 /* Error in service module */
# 34| #define PAM_SYSTEM_ERR 4 /* System error */
# 35| #define PAM_BUF_ERR 5 /* Memory buffer error */
Error: GCC_ANALYZER_WARNING (CWE-401): [#def12]
Linux-PAM-1.6.1/libpam/include/security/_pam_types.h:33:25: warning[-Wanalyzer-malloc-leak]: leak of ‘stdout_file’
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:114:12: note: in expansion of macro ‘PAM_SERVICE_ERR’
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:114:12: note: in expansion of macro ‘PAM_SERVICE_ERR’
# 31| /* loading a service module */
# 32| #define PAM_SYMBOL_ERR 2 /* Symbol not found */
# 33|-> #define PAM_SERVICE_ERR 3 /* Error in service module */
# 34| #define PAM_SYSTEM_ERR 4 /* System error */
# 35| #define PAM_BUF_ERR 5 /* Memory buffer error */
Error: CLANG_WARNING: [#def13]
Linux-PAM-1.6.1/libpam/pam_dispatch.c:204:17: warning[core.uninitialized.Assign]: Assigned value is garbage or undefined
# 202| case _PAM_ACTION_RESET:
# 203|
# 204|-> impression = substates[stack_level].impression;
# 205| status = substates[stack_level].status;
# 206| break;
Error: GCC_ANALYZER_WARNING (CWE-122): [#def14]
Linux-PAM-1.6.1/libpam/pam_env.c: scope_hint: In function ‘_copy_env’
Linux-PAM-1.6.1/libpam/pam_env.c:351:24: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
Linux-PAM-1.6.1/libpam/pam_env.c:14: included_from: Included from here.
Linux-PAM-1.6.1/libpam/pam_env.c:352:17: note: in expansion of macro ‘pam_overwrite_string’
# └──────────────────────────────────┘
# ^
# 349| /* out of memory */
# 350|
# 351|-> while (dump[++i]) {
# 352| pam_overwrite_string(dump[i]);
# 353| _pam_drop(dump[i]);
Error: CLANG_WARNING: [#def15]
Linux-PAM-1.6.1/libpam/pam_handlers.c:90:21: warning[deadcode.DeadStores]: Although the value stored to 'tok' is used in the enclosing expression, the value is never actually read from 'tok'
# 88| this_service = known_service;
# 89| } else {
# 90|-> this_service = tok = _pam_tokenize(buf, &nexttok);
# 91| }
# 92|
Error: GCC_ANALYZER_WARNING (CWE-131): [#def16]
Linux-PAM-1.6.1/libpam/pam_handlers.c: scope_hint: In function ‘_pam_add_handler’
Linux-PAM-1.6.1/libpam/pam_handlers.c:853:38: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size
Linux-PAM-1.6.1/libpam/pam_handlers.c:9: included_from: Included from here.
Linux-PAM-1.6.1/libpam/pam_handlers.c:716:5: note: in expansion of macro ‘IF_NO_PAMH’
# 851| (*handler_p2)->argc = argc;
# 852| if (argv) {
# 853|-> if (((*handler_p2)->argv = malloc(argvlen)) == NULL) {
# 854| pam_syslog(pamh, LOG_CRIT, "cannot malloc argv for handler #2");
# 855| return (PAM_ABORT);
Error: CLANG_WARNING: [#def17]
Linux-PAM-1.6.1/libpam/pam_misc.c:140:14: warning[deadcode.DeadStores]: Value stored to 'len' is never read
# 138| if (x != NULL) {
# 139| if ((new = malloc(len)) == NULL) {
# 140|-> len = 0;
# 141| pam_syslog(NULL, LOG_CRIT, "_pam_memdup: failed to get memory");
# 142| } else {
Error: GCC_ANALYZER_WARNING (CWE-131): [#def18]
Linux-PAM-1.6.1/libpam/pam_misc.c: scope_hint: In function ‘_pam_mkargv’
Linux-PAM-1.6.1/libpam/pam_misc.c:169:35: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size
# 167| /* Overkill on the malloc, but not large */
# 168| argvlen = (l + 1) * (sizeof(char) + sizeof(char *));
# 169|-> if ((our_argv = argvbuf = malloc(argvlen)) == NULL) {
# 170| pam_syslog(NULL, LOG_CRIT, "pam_mkargv: null returned by malloc");
# 171| argvlen = 0;
Error: GCC_ANALYZER_WARNING (CWE-688): [#def19]
Linux-PAM-1.6.1/libpam/pam_modutil_getgrgid.c: scope_hint: In function ‘pam_modutil_getgrgid’
Linux-PAM-1.6.1/libpam/pam_modutil_getgrgid.c:83:21: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘data_name’ where non-null expected
Linux-PAM-1.6.1/libpam/pam_modutil_getgrgid.c:12: included_from: Included from here.
Linux-PAM-1.6.1/libpam/pam_modutil_getgrgid.c: scope_hint: In function ‘pam_modutil_getgrgid’
<built-in>: note: argument 1 of ‘__builtin_sprintf’ must be non-null
# 81| if (pamh != NULL) {
# 82| for (i = 0; i < INT_MAX; i++) {
# 83|-> sprintf(data_name, "_pammodutil_getgrgid_%ld_%d",
# 84| (long) gid, i);
# 85| status = PAM_NO_MODULE_DATA;
Error: GCC_ANALYZER_WARNING (CWE-688): [#def20]
Linux-PAM-1.6.1/libpam/pam_modutil_getgrnam.c: scope_hint: In function ‘pam_modutil_getgrnam’
Linux-PAM-1.6.1/libpam/pam_modutil_getgrnam.c:73:21: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘data_name’ where non-null expected
Linux-PAM-1.6.1/libpam/pam_modutil_getgrnam.c:12: included_from: Included from here.
Linux-PAM-1.6.1/libpam/pam_modutil_getgrnam.c: scope_hint: In function ‘pam_modutil_getgrnam’
<built-in>: note: argument 1 of ‘__builtin_sprintf’ must be non-null
# 71| if (pamh != NULL) {
# 72| for (i = 0; i < INT_MAX; i++) {
# 73|-> sprintf(data_name, "_pammodutil_getgrnam_%s_%d", group, i);
# 74| status = PAM_NO_MODULE_DATA;
# 75| if (pam_get_data(pamh, data_name, &ignore) != PAM_SUCCESS) {
Error: GCC_ANALYZER_WARNING (CWE-688): [#def21]
Linux-PAM-1.6.1/libpam/pam_modutil_getpwnam.c: scope_hint: In function ‘pam_modutil_getpwnam’
Linux-PAM-1.6.1/libpam/pam_modutil_getpwnam.c:73:21: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘data_name’ where non-null expected
Linux-PAM-1.6.1/libpam/pam_modutil_getpwnam.c:12: included_from: Included from here.
Linux-PAM-1.6.1/libpam/pam_modutil_getpwnam.c: scope_hint: In function ‘pam_modutil_getpwnam’
<built-in>: note: argument 1 of ‘__builtin_sprintf’ must be non-null
# 71| if (pamh != NULL) {
# 72| for (i = 0; i < INT_MAX; i++) {
# 73|-> sprintf(data_name, "_pammodutil_getpwnam_%s_%d", user, i);
# 74| status = PAM_NO_MODULE_DATA;
# 75| if (pam_get_data(pamh, data_name, &ignore) != PAM_SUCCESS) {
Error: GCC_ANALYZER_WARNING (CWE-688): [#def22]
Linux-PAM-1.6.1/libpam/pam_modutil_getpwuid.c: scope_hint: In function ‘pam_modutil_getpwuid’
Linux-PAM-1.6.1/libpam/pam_modutil_getpwuid.c:83:21: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘data_name’ where non-null expected
Linux-PAM-1.6.1/libpam/pam_modutil_getpwuid.c:12: included_from: Included from here.
Linux-PAM-1.6.1/libpam/pam_modutil_getpwuid.c: scope_hint: In function ‘pam_modutil_getpwuid’
<built-in>: note: argument 1 of ‘__builtin_sprintf’ must be non-null
# 81| if (pamh != NULL) {
# 82| for (i = 0; i < INT_MAX; i++) {
# 83|-> sprintf(data_name, "_pammodutil_getpwuid_%ld_%d",
# 84| (long) uid, i);
# 85| status = PAM_NO_MODULE_DATA;
Error: GCC_ANALYZER_WARNING (CWE-688): [#def23]
Linux-PAM-1.6.1/libpam/pam_modutil_getspnam.c: scope_hint: In function ‘pam_modutil_getspnam’
Linux-PAM-1.6.1/libpam/pam_modutil_getspnam.c:73:21: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘data_name’ where non-null expected
Linux-PAM-1.6.1/libpam/pam_modutil_getspnam.c:12: included_from: Included from here.
Linux-PAM-1.6.1/libpam/pam_modutil_getspnam.c: scope_hint: In function ‘pam_modutil_getspnam’
<built-in>: note: argument 1 of ‘__builtin_sprintf’ must be non-null
# 71| if (pamh != NULL) {
# 72| for (i = 0; i < INT_MAX; i++) {
# 73|-> sprintf(data_name, "_pammodutil_getspnam_%s_%d", user, i);
# 74| status = PAM_NO_MODULE_DATA;
# 75| if (pam_get_data(pamh, data_name, &ignore) != PAM_SUCCESS) {
Error: GCC_ANALYZER_WARNING (CWE-775): [#def24]
Linux-PAM-1.6.1/libpam/pam_modutil_sanitize.c: scope_hint: In function ‘redirect_in_pipe’
Linux-PAM-1.6.1/libpam/pam_modutil_sanitize.c:29:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘in[0]’
# 27| if (pipe(in) < 0) {
# 28| pam_syslog(pamh, LOG_ERR, "Could not create pipe: %m");
# 29|-> return -1;
# 30| }
# 31|
Error: GCC_ANALYZER_WARNING (CWE-775): [#def25]
Linux-PAM-1.6.1/libpam/pam_modutil_sanitize.c:37:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(in[0], fd)’
# 35| return fd;
# 36|
# 37|-> if (dup2(in[0], fd) != fd) {
# 38| pam_syslog(pamh, LOG_ERR, "dup2 of %s failed: %m", name);
# 39| fd = -1;
Error: GCC_ANALYZER_WARNING (CWE-775): [#def26]
Linux-PAM-1.6.1/libpam/pam_modutil_sanitize.c: scope_hint: In function ‘redirect_out_null’
Linux-PAM-1.6.1/libpam/pam_modutil_sanitize.c:60:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 1)’
# 58| }
# 59|
# 60|-> if (null == fd)
# 61| return fd;
# 62|
Error: GCC_ANALYZER_WARNING (CWE-775): [#def27]
Linux-PAM-1.6.1/libpam/pam_modutil_sanitize.c:63:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(open("/dev/null", 1), fd)’
# 61| return fd;
# 62|
# 63|-> if (dup2(null, fd) != fd) {
# 64| pam_syslog(pamh, LOG_ERR, "dup2 of %s failed: %m", name);
# 65| fd = -1;
Error: GCC_ANALYZER_WARNING (CWE-775): [#def28]
Linux-PAM-1.6.1/libpam/pam_modutil_sanitize.c: scope_hint: In function ‘pam_modutil_sanitize_helper_fds’
Linux-PAM-1.6.1/libpam/pam_modutil_sanitize.c:150:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(1, 2)’
# 148| if (stderr_mode != PAM_MODUTIL_IGNORE_FD &&
# 149| stdout_mode == stderr_mode) {
# 150|-> if (dup2(STDOUT_FILENO, STDERR_FILENO) != STDERR_FILENO) {
# 151| pam_syslog(pamh, LOG_ERR,
# 152| "dup2 of %s failed: %m", "stderr");
Error: COMPILER_WARNING (CWE-477): [#def29]
Linux-PAM-1.6.1/libpam/pam_modutil_searchkey.c: scope_hint: In function ‘econf_search_key’
Linux-PAM-1.6.1/libpam/pam_modutil_searchkey.c:33:9: warning[-Wdeprecated-declarations]: ‘econf_readDirs’ is deprecated: Use the econf_readConfig/econf_readConfigWithCallback instead
# 33 | if (econf_readDirs (&key_file, VENDORDIR, SYSCONFDIR, name, suffix,
# | ^~
Linux-PAM-1.6.1/libpam/pam_modutil_searchkey.c:17: included_from: Included from here.
/usr/include/libeconf.h:483:1: note: declared here
# 483 | econf_readDirs(econf_file **key_file,
# | ^~~~~~~~~~~~~~
# 31| char *val;
# 32|
# 33|-> if (econf_readDirs (&key_file, VENDORDIR, SYSCONFDIR, name, suffix,
# 34| " \t", "#"))
# 35| return NULL;
Error: CLANG_WARNING: [#def30]
Linux-PAM-1.6.1/libpam_internal/pam_line.c:45:5: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 43| }
# 44|
# 45|-> memcpy(buffer->assembled + buffer->len, start, len);
# 46| buffer->len += len;
# 47| buffer->assembled[buffer->len] = '\0';
Error: CLANG_WARNING: [#def31]
Linux-PAM-1.6.1/libpamc/pamc_client.c:147:2: warning[deadcode.DeadStores]: Value stored to 'pid' is never read
# 145| retval = PAM_BPC_FALSE;
# 146| }
# 147|-> pid = this->pid = 0;
# 148|
# 149| pam_overwrite_n(this->id, this->id_length);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def32]
Linux-PAM-1.6.1/modules/pam_chroot/pam_chroot.c: scope_hint: In function ‘pam_sm_open_session’
Linux-PAM-1.6.1/modules/pam_chroot/pam_chroot.c:86:25: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘errbuf’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
# 84| len = regerror(err, &name_regex, NULL, 0);
# 85| errbuf = malloc(len + 1);
# 86|-> memset(errbuf, 0, len + 1);
# 87| regerror(err, &name_regex, errbuf, len);
# 88|
Error: COMPILER_WARNING (CWE-477): [#def33]
Linux-PAM-1.6.1/modules/pam_env/pam_env.c: scope_hint: In function ‘econf_read_file’
Linux-PAM-1.6.1/modules/pam_env/pam_env.c:245:7: warning[-Wdeprecated-declarations]: ‘econf_readDirs’ is deprecated: Use the econf_readConfig/econf_readConfigWithCallback instead
Linux-PAM-1.6.1/modules/pam_env/pam_env.c:24: included_from: Included from here.
/usr/include/libeconf.h:483:1: note: declared here
# 243|
# 244| D(("Read configuration from directory %s and %s", vendor_dir, sysconf_dir));
# 245|-> error = econf_readDirs (&key_file, vendor_dir, sysconf_dir, name, suffix,
# 246| delim, "#");
# 247| free(vendor_dir);
Error: CLANG_WARNING: [#def34]
Linux-PAM-1.6.1/modules/pam_env/pam_env.c:276:14: warning[unix.MallocSizeof]: Result of 'malloc' is converted to a pointer of type 'char *', which is incompatible with sizeof operand type 'char **'
# 274| }
# 275|
# 276|-> *lines = malloc((key_number +1)* sizeof(char**));
# 277| if (*lines == NULL) {
# 278| pam_syslog(pamh, LOG_ERR, "Cannot allocate memory.");
Error: CLANG_WARNING: [#def35]
Linux-PAM-1.6.1/modules/pam_env/pam_env.c:451:11: warning[unix.Malloc]: Potential memory leak
# 449| *valptr = "e; /* a quick hack to handle the empty string */
# 450| }
# 451|-> ptr = tmpptr; /* Start the search where we stopped */
# 452| } /* while */
# 453|
Error: GCC_ANALYZER_WARNING (CWE-775): [#def36]
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:345:18: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[0]’
# 343| if (expose_authtok)
# 344| {
# 345|-> fds[0] = move_fd_to_non_stdio(pamh, fds[0]);
# 346| close(fds[1]);
# 347| }
Error: GCC_ANALYZER_WARNING (CWE-775): [#def37]
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:351:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘stdout_fds[1]’
# 349| if (use_stdout)
# 350| {
# 351|-> stdout_fds[1] = move_fd_to_non_stdio(pamh, stdout_fds[1]);
# 352| close(stdout_fds[0]);
# 353| }
Error: GCC_ANALYZER_WARNING (CWE-775): [#def38]
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:360:14: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(fds[0], 0)’
# 358| {
# 359| /* reopen stdin as pipe */
# 360|-> if (dup2(fds[0], STDIN_FILENO) == -1)
# 361| {
# 362| int err = errno;
Error: GCC_ANALYZER_WARNING: [#def39]
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:395:19: warning[-Wanalyzer-fd-use-without-check]: ‘dup2’ on possibly invalid file descriptor ‘1’
# 393| if (i != STDOUT_FILENO)
# 394| {
# 395|-> if (dup2 (i, STDOUT_FILENO) == -1)
# 396| {
# 397| int err = errno;
Error: GCC_ANALYZER_WARNING (CWE-910): [#def40]
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:411:11: warning[-Wanalyzer-fd-use-after-close]: ‘dup2’ on closed file descriptor ‘1’
# 409|
# 410| if ((use_stdout || logfile) &&
# 411|-> dup2 (STDOUT_FILENO, STDERR_FILENO) == -1)
# 412| {
# 413| int err = errno;
Error: GCC_ANALYZER_WARNING (CWE-688): [#def41]
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:488:7: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
Linux-PAM-1.6.1/modules/pam_exec/pam_exec.c:46: included_from: Included from here.
/usr/include/unistd.h:572:12: note: argument 1 of ‘execve’ must be non-null
# 486|
# 487| DIAG_PUSH_IGNORE_CAST_QUAL;
# 488|-> execve (arggv[0], (char **) arggv, envlist);
# 489| DIAG_POP_IGNORE_CAST_QUAL;
# 490| i = errno;
Error: COMPILER_WARNING (CWE-252): [#def42]
Linux-PAM-1.6.1/modules/pam_faillock/main.c: scope_hint: In function ‘do_user’
Linux-PAM-1.6.1/modules/pam_faillock/main.c:250:25: warning[-Wunused-result]: ignoring return value of ‘audit_log_acct_message’ declared with attribute ‘warn_unused_result’
# 250 | audit_log_acct_message(audit_fd, AUDIT_USER_MGMT, NULL,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 251 | "faillock-reset", user,
# | ~~~~~~~~~~~~~~~~~~~~~~~
# 252 | pwd != NULL ? pwd->pw_uid : AUDIT_NO_ID,
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 253 | NULL, NULL, NULL, rv == 0);
# | ~~~~~~~~~~~~~~~~~~~~~~~~~~
# 248| }
# 249| if ((audit_fd=audit_open()) >= 0) {
# 250|-> audit_log_acct_message(audit_fd, AUDIT_USER_MGMT, NULL,
# 251| "faillock-reset", user,
# 252| pwd != NULL ? pwd->pw_uid : AUDIT_NO_ID,
Error: COMPILER_WARNING (CWE-252): [#def43]
Linux-PAM-1.6.1/modules/pam_faillock/pam_faillock.c: scope_hint: In function ‘check_tally’
Linux-PAM-1.6.1/modules/pam_faillock/pam_faillock.c:256:33: warning[-Wunused-result]: ignoring return value of ‘audit_log_user_message’ declared with attribute ‘warn_unused_result’
# 256 | audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_UNLOCK_TIMED, buf,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 257 | rhost, NULL, tty, 1);
# | ~~~~~~~~~~~~~~~~~~~~
# 254| (void)pam_get_item(pamh, PAM_RHOST, &rhost);
# 255| snprintf(buf, sizeof(buf), "op=pam_faillock suid=%u ", opts->uid);
# 256|-> audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_UNLOCK_TIMED, buf,
# 257| rhost, NULL, tty, 1);
# 258| }
Error: COMPILER_WARNING (CWE-252): [#def44]
Linux-PAM-1.6.1/modules/pam_faillock/pam_faillock.c: scope_hint: In function ‘write_tally’
Linux-PAM-1.6.1/modules/pam_faillock/pam_faillock.c:372:17: warning[-Wunused-result]: ignoring return value of ‘audit_log_user_message’ declared with attribute ‘warn_unused_result’
# 372 | audit_log_user_message(audit_fd, AUDIT_ANOM_LOGIN_FAILURES, buf,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 373 | NULL, NULL, NULL, 1);
# | ~~~~~~~~~~~~~~~~~~~~
# 370|
# 371| snprintf(buf, sizeof(buf), "op=pam_faillock suid=%u ", opts->uid);
# 372|-> audit_log_user_message(audit_fd, AUDIT_ANOM_LOGIN_FAILURES, buf,
# 373| NULL, NULL, NULL, 1);
# 374|
Error: COMPILER_WARNING (CWE-252): [#def45]
Linux-PAM-1.6.1/modules/pam_faillock/pam_faillock.c:376:25: warning[-Wunused-result]: ignoring return value of ‘audit_log_user_message’ declared with attribute ‘warn_unused_result’
# 376 | audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_LOCK, buf,
# | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 377 | NULL, NULL, NULL, 1);
# | ~~~~~~~~~~~~~~~~~~~~
# 374|
# 375| if (!opts->is_admin || (opts->flags & FAILLOCK_FLAG_DENY_ROOT)) {
# 376|-> audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_LOCK, buf,
# 377| NULL, NULL, NULL, 1);
# 378| }
Error: GCC_ANALYZER_WARNING (CWE-775): [#def46]
Linux-PAM-1.6.1/modules/pam_filter/pam_filter.c:53:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/ptmx", 2)’
Linux-PAM-1.6.1/modules/pam_filter/pam_filter.c: scope_hint: In function ‘set_filter’
# 51| int fd;
# 52|
# 53|-> if ((fd = open(DEV_PTMX, O_RDWR)) >= 0) {
# 54| return fd;
# 55| }
Error: CLANG_WARNING: [#def47]
Linux-PAM-1.6.1/modules/pam_ftp/pam_ftp.c:176:7: warning[deadcode.DeadStores]: Value stored to 'retval' is never read
# 174| if ((token) && (retval == PAM_SUCCESS)) {
# 175| token = strtok_r(NULL, "@", &sptr);
# 176|-> retval = pam_set_item(pamh, PAM_RHOST, token);
# 177| }
# 178| }
Error: GCC_ANALYZER_WARNING (CWE-775): [#def48]
Linux-PAM-1.6.1/modules/pam_group/pam_group.c: scope_hint: In function ‘read_field’
Linux-PAM-1.6.1/modules/pam_group/pam_group.c:133:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
Linux-PAM-1.6.1/modules/pam_group/pam_group.c:603:24: note: in expansion of macro ‘blk_size’
Linux-PAM-1.6.1/modules/pam_group/pam_group.c:44: included_from: Included from here.
Linux-PAM-1.6.1/modules/pam_group/pam_group.c:132:9: note: in expansion of macro ‘_pam_drop’
# 131| /* nothing previously in buf, nothing read */
# 132| _pam_drop(*buf);
# 133|-> *state = STATE_EOF;
# 134| return -1;
# 135| }
Error: CLANG_WARNING: [#def49]
Linux-PAM-1.6.1/modules/pam_group/pam_group.c:434:4: warning[deadcode.DeadStores]: Value stored to 'j' is never read
# 432| time_end += times[i+j]-'0'; /* is this portable? */
# 433| }
# 434|-> j += i;
# 435| } else
# 436| time_end = -1;
Error: CLANG_WARNING: [#def50]
Linux-PAM-1.6.1/modules/pam_group/pam_group.c:749:2: warning[deadcode.DeadStores]: Value stored to 'no_grps' is never read
# 747| pam_overwrite_n(grps, sizeof(gid_t) * blk_size(no_grps));
# 748| _pam_drop(grps);
# 749|-> no_grps = 0;
# 750| }
# 751|
Error: GCC_ANALYZER_WARNING (CWE-457): [#def51]
Linux-PAM-1.6.1/modules/pam_issue/pam_issue.c: scope_hint: In function ‘read_issue_quoted’
Linux-PAM-1.6.1/modules/pam_issue/pam_issue.c:216:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘src’
# 214| issue = new_issue;
# 215| }
# 216|-> memcpy(issue + issue_len, src, len);
# 217| issue_len += len;
# 218| }
Error: CLANG_WARNING: [#def52]
Linux-PAM-1.6.1/modules/pam_issue/pam_issue.c:300:14: warning[unix.Malloc]: Potential leak of memory pointed to by 'issue_prompt'
# 298| }
# 299|
# 300|-> retval = pam_set_item(pamh, PAM_USER_PROMPT,
# 301| (const void *) issue_prompt);
# 302| out:
Error: CLANG_WARNING: [#def53]
Linux-PAM-1.6.1/modules/pam_lastlog/pam_lastlog.c:804:5: warning[deadcode.DeadStores]: Value stored to 'uid' is never read
# 802| /* indicate success or failure */
# 803|
# 804|-> uid = -1; /* forget this */
# 805|
# 806| return retval;
Error: CLANG_WARNING: [#def54]
Linux-PAM-1.6.1/modules/pam_listfile/pam_listfile.c:130:6: warning[deadcode.DeadStores]: Value stored to 'apply_type' is never read
# 128| }
# 129| } else if ((str = pam_str_skip_prefix(argv[i], "apply=")) != NULL) {
# 130|-> apply_type=APPLY_TYPE_NONE;
# 131| if (*str=='@') {
# 132| apply_type=APPLY_TYPE_GROUP;
Error: CLANG_WARNING: [#def55]
Linux-PAM-1.6.1/modules/pam_mail/pam_mail.c:226:16: warning[core.NullDereference]: Array access (from variable 'namelist') results in a null pointer dereference
# 224| type = (i > 2) ? HAVE_NEW_MAIL : 0;
# 225| while (--i >= 0)
# 226|-> _pam_drop(namelist[i]);
# 227| _pam_drop(namelist);
# 228| if (type == 0) {
Error: CLANG_WARNING: [#def56]
Linux-PAM-1.6.1/modules/pam_mail/pam_mail.c:250:13: warning[core.NullDereference]: Array access (from variable 'namelist') results in a null pointer dereference
# 248| type = (ctrl & PAM_EMPTY_TOO) ? HAVE_NO_MAIL : 0;
# 249| while (--i >= 0)
# 250|-> _pam_drop(namelist[i]);
# 251| _pam_drop(namelist);
# 252| }
Error: CLANG_WARNING: [#def57]
Linux-PAM-1.6.1/modules/pam_mail/pam_mail.c:451:6: warning[deadcode.DeadStores]: Value stored to 'type' is never read
# 449| if (type != 0) {
# 450| retval = report_mail(pamh, ctrl, type, folder);
# 451|-> type = 0;
# 452| }
# 453| }
Error: CLANG_WARNING: [#def58]
Linux-PAM-1.6.1/modules/pam_motd/pam_motd.c:280:15: warning[core.NonNullParamChecker]: Null pointer passed to 2nd parameter expecting 'nonnull'
# 278|
# 279| /* Skip duplicate file names. */
# 280|-> if (i > 0 && strcmp(dirnames_all[i], dirnames_all[i - 1]) == 0) {
# 281| continue;
# 282| }
Error: CLANG_WARNING: [#def59]
Linux-PAM-1.6.1/modules/pam_motd/pam_motd.c:357:22: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 355|
# 356| for (i = 0; i < num_motd_paths; i++) {
# 357|-> int fd = open(motd_path_split[i], O_RDONLY, 0);
# 358|
# 359| if (fd >= 0) {
Error: CLANG_WARNING: [#def60]
Linux-PAM-1.6.1/modules/pam_namespace/pam_namespace.c:667:20: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 665| struct passwd *pwd;
# 666|
# 667|-> tptr = strchr(ustr, ',');
# 668| if (tptr)
# 669| *tptr = '\0';
Error: CLANG_WARNING: [#def61]
Linux-PAM-1.6.1/modules/pam_namespace/pam_namespace.c:1140:2: warning[unix.Malloc]: Potential memory leak
# 1138| freecon(*i_context);
# 1139| *i_context = NULL;
# 1140|-> freecon(*origcon);
# 1141| *origcon = NULL;
# 1142| #endif
Error: CPPCHECK_WARNING (CWE-457): [#def62]
Linux-PAM-1.6.1/modules/pam_pwhistory/opasswd.c:204: warning[uninitvar]: Uninitialized variable: entry.old_passwords
# 202| fclose (oldpf);
# 203|
# 204|-> if (found && entry.old_passwords)
# 205| {
# 206| const char delimiters[] = ",";
Error: GCC_ANALYZER_WARNING (CWE-775): [#def63]
Linux-PAM-1.6.1/modules/pam_pwhistory/pam_pwhistory.c: scope_hint: In function ‘run_check_helper’
Linux-PAM-1.6.1/modules/pam_pwhistory/pam_pwhistory.c:214:10: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(fds[0], 0)’
# 212|
# 213| /* reopen stdin as pipe */
# 214|-> if (dup2(fds[0], STDIN_FILENO) != STDIN_FILENO)
# 215| {
# 216| pam_syslog(pamh, LOG_ERR, "dup2 of %s failed: %m", "stdin");
Error: CLANG_WARNING: [#def64]
Linux-PAM-1.6.1/modules/pam_succeed_if/pam_succeed_if.c:317:20: warning[core.NullDereference]: Access to field 'pw_uid' results in a dereference of a null pointer
# 315| } else if (strcasecmp(left, "uid") == 0) {
# 316| snprintf(numstr, sizeof(numstr), "%lu",
# 317|-> (unsigned long) (*pwd)->pw_uid);
# 318| left = numstr;
# 319| } else if (strcasecmp(left, "gid") == 0) {
Error: CLANG_WARNING: [#def65]
Linux-PAM-1.6.1/modules/pam_succeed_if/pam_succeed_if.c:321:20: warning[core.NullDereference]: Access to field 'pw_gid' results in a dereference of a null pointer
# 319| } else if (strcasecmp(left, "gid") == 0) {
# 320| snprintf(numstr, sizeof(numstr), "%lu",
# 321|-> (unsigned long) (*pwd)->pw_gid);
# 322| left = numstr;
# 323| } else if (strcasecmp(left, "shell") == 0) {
Error: CLANG_WARNING: [#def66]
Linux-PAM-1.6.1/modules/pam_succeed_if/pam_succeed_if.c:324:10: warning[core.NullDereference]: Access to field 'pw_shell' results in a dereference of a null pointer
# 322| left = numstr;
# 323| } else if (strcasecmp(left, "shell") == 0) {
# 324|-> left = (*pwd)->pw_shell;
# 325| } else if ((strcasecmp(left, "home") == 0) ||
# 326| (strcasecmp(left, "dir") == 0) ||
Error: CLANG_WARNING: [#def67]
Linux-PAM-1.6.1/modules/pam_succeed_if/pam_succeed_if.c:328:10: warning[core.NullDereference]: Access to field 'pw_dir' results in a dereference of a null pointer
# 326| (strcasecmp(left, "dir") == 0) ||
# 327| (strcasecmp(left, "homedir") == 0)) {
# 328|-> left = (*pwd)->pw_dir;
# 329| } else if (strcasecmp(left, "service") == 0) {
# 330| const void *svc;
Error: GCC_ANALYZER_WARNING (CWE-775): [#def68]
Linux-PAM-1.6.1/modules/pam_time/pam_time.c: scope_hint: In function ‘read_field’
Linux-PAM-1.6.1/modules/pam_time/pam_time.c:186:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
Linux-PAM-1.6.1/modules/pam_time/pam_time.c:26: included_from: Included from here.
Linux-PAM-1.6.1/modules/pam_time/pam_time.c:185:9: note: in expansion of macro ‘_pam_drop’
# 184| /* nothing previously in buf, nothing read */
# 185| _pam_drop(*buf);
# 186|-> *state = STATE_EOF;
# 187| return -1;
# 188| }
Error: CLANG_WARNING: [#def69]
Linux-PAM-1.6.1/modules/pam_time/pam_time.c:270:8: warning[core.NullDereference]: Array access (from variable 'string') results in a null pointer dereference
# 268| to=*at;
# 269| do {
# 270|-> c = string[to++];
# 271|
# 272| switch (c) {
Error: CLANG_WARNING: [#def70]
Linux-PAM-1.6.1/modules/pam_time/pam_time.c:317:12: warning[core.NullDereference]: Array access (from variable 'x') results in a null pointer dereference
# 315|
# 316| while ((l = logic_member(x,&at))) {
# 317|-> int c = x[at];
# 318|
# 319| if (next == VAL) {
Error: CLANG_WARNING: [#def71]
Linux-PAM-1.6.1/modules/pam_time/pam_time.c:489:4: warning[deadcode.DeadStores]: Value stored to 'j' is never read
# 487| time_end += times[i+j]-'0'; /* is this portable */
# 488| }
# 489|-> j += i;
# 490| } else
# 491| time_end = -1;
Error: CLANG_WARNING: [#def72]
Linux-PAM-1.6.1/modules/pam_tty_audit/pam_tty_audit.c:153:18: warning[core.UndefinedBinaryOperatorResult]: The left operand of '==' is a garbage value
# 151| return -1;
# 152| }
# 153|-> if (err.error == 0)
# 154| goto again;
# 155| errno = -err.error;
Error: CLANG_WARNING: [#def73]
Linux-PAM-1.6.1/modules/pam_tty_audit/pam_tty_audit.c:379:27: warning[core.UndefinedBinaryOperatorResult]: The left operand of '==' is a garbage value
# 377| new_status.log_passwd = log_passwd;
# 378| #endif /* HAVE_STRUCT_AUDIT_TTY_STATUS_LOG_PASSWD */
# 379|-> if (old_status->enabled == new_status.enabled
# 380| #ifdef HAVE_STRUCT_AUDIT_TTY_STATUS_LOG_PASSWD
# 381| && old_status->log_passwd == new_status.log_passwd
Error: GCC_ANALYZER_WARNING (CWE-775): [#def74]
Linux-PAM-1.6.1/modules/pam_unix/pam_unix_acct.c: scope_hint: In function ‘_unix_run_verify_binary’
Linux-PAM-1.6.1/modules/pam_unix/pam_unix_acct.c:102:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(fds[1], 1)’
Linux-PAM-1.6.1/modules/pam_unix/pam_unix_acct.c:61: included_from: Included from here.
Linux-PAM-1.6.1/modules/pam_unix/support.h:40:23: note: in expansion of macro ‘on’
Linux-PAM-1.6.1/modules/pam_unix/pam_unix_acct.c:79:7: note: in expansion of macro ‘off’
# 100|
# 101| /* reopen stdout as pipe */
# 102|-> if (dup2(fds[1], STDOUT_FILENO) != STDOUT_FILENO) {
# 103| pam_syslog(pamh, LOG_ERR, "dup2 of %s failed: %m", "stdout");
# 104| _exit(PAM_AUTHINFO_UNAVAIL);
Error: GCC_ANALYZER_WARNING (CWE-775): [#def75]
Linux-PAM-1.6.1/modules/pam_unix/pam_unix_passwd.c: scope_hint: In function ‘_unix_run_update_binary’
Linux-PAM-1.6.1/modules/pam_unix/pam_unix_passwd.c:261:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(fds[0], 0)’
Linux-PAM-1.6.1/modules/pam_unix/pam_unix_passwd.c:72: included_from: Included from here.
Linux-PAM-1.6.1/modules/pam_unix/support.h:40:23: note: in expansion of macro ‘on’
Linux-PAM-1.6.1/modules/pam_unix/pam_unix_passwd.c:237:9: note: in expansion of macro ‘off’
# 259|
# 260| /* reopen stdin as pipe */
# 261|-> if (dup2(fds[0], STDIN_FILENO) != STDIN_FILENO) {
# 262| pam_syslog(pamh, LOG_ERR, "dup2 of %s failed: %m", "stdin");
# 263| _exit(PAM_AUTHINFO_UNAVAIL);
Error: CLANG_WARNING: [#def76]
Linux-PAM-1.6.1/modules/pam_unix/passverify.c:499:2: warning[deadcode.DeadStores]: Value stored to 'sp' is never read
# 497| * guaranteed to have crypt_gensalt_rn().
# 498| */
# 499|-> sp = crypt_gensalt_rn(algoid, rounds, NULL, 0, salt, sizeof(salt));
# 500| #else
# 501| sp = stpcpy(salt, algoid);
Error: CLANG_WARNING: [#def77]
Linux-PAM-1.6.1/modules/pam_unix/passverify.c:1111:2: warning[deadcode.DeadStores]: Value stored to 'retval' is never read
# 1109| int retval;
# 1110|
# 1111|-> retval = get_pwd_hash(name, &pwd, &hash);
# 1112|
# 1113| if (pwd == NULL || hash == NULL) {
Error: CPPCHECK_WARNING (CWE-823): [#def78]
Linux-PAM-1.6.1/modules/pam_unix/support.c:172: error[arrayIndexOutOfBounds]: Array 'unix_args[34]' accessed at index 34, which is out of bounds.
# 170| }
# 171|
# 172|-> ctrl &= unix_args[j].mask; /* for turning things off */
# 173| ctrl |= unix_args[j].flag; /* for turning things on */
# 174| }
Error: CPPCHECK_WARNING (CWE-823): [#def79]
Linux-PAM-1.6.1/modules/pam_unix/support.c:173: error[arrayIndexOutOfBounds]: Array 'unix_args[34]' accessed at index 34, which is out of bounds.
# 171|
# 172| ctrl &= unix_args[j].mask; /* for turning things off */
# 173|-> ctrl |= unix_args[j].flag; /* for turning things on */
# 174| }
# 175| }
Error: CLANG_WARNING: [#def80]
Linux-PAM-1.6.1/modules/pam_unix/support.c:455:10: warning[unix.MallocSizeof]: Result of 'calloc' is converted to a pointer of type 'struct passwd', which is incompatible with sizeof operand type 'char'
# 453| strlen(shome) + 1 +
# 454| strlen(sshell) + 1;
# 455|-> *ret = calloc(retlen, sizeof(char));
# 456| if (*ret == NULL) {
# 457| goto fail;
Error: GCC_ANALYZER_WARNING (CWE-775): [#def81]
Linux-PAM-1.6.1/modules/pam_unix/support.c: scope_hint: In function ‘_unix_run_helper_binary’
Linux-PAM-1.6.1/modules/pam_unix/support.c:555:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(fds[0], 0)’
Linux-PAM-1.6.1/modules/pam_unix/support.c:33: included_from: Included from here.
Linux-PAM-1.6.1/modules/pam_unix/support.h:40:23: note: in expansion of macro ‘on’
Linux-PAM-1.6.1/modules/pam_unix/support.c:532:9: note: in expansion of macro ‘off’
# 553|
# 554| /* reopen stdin as pipe */
# 555|-> if (dup2(fds[0], STDIN_FILENO) != STDIN_FILENO) {
# 556| pam_syslog(pamh, LOG_ERR, "dup2 of %s failed: %m", "stdin");
# 557| _exit(PAM_AUTHINFO_UNAVAIL);
Error: CLANG_WARNING: [#def82]
Linux-PAM-1.6.1/modules/pam_wheel/pam_wheel.c:139:17: warning[deadcode.DeadStores]: Value stored to 'retval' is never read
# 137| retval = pam_get_item(pamh, PAM_RHOST, (const void **)&rhostname);
# 138| if (retval != PAM_SUCCESS || rhostname == NULL) {
# 139|-> retval = pam_get_item(pamh, PAM_RUSER, (const void **)&fromsu);
# 140| }
# 141| }
Error: GCC_ANALYZER_WARNING (CWE-775): [#def83]
Linux-PAM-1.6.1/modules/pam_xauth/pam_xauth.c: scope_hint: In function ‘run_coprocess’
Linux-PAM-1.6.1/modules/pam_xauth/pam_xauth.c:160:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(ipipe[0], 0)’
# 158| * everything else, including the original values for the
# 159| * descriptors. */
# 160|-> if (dup2(ipipe[0], STDIN_FILENO) != STDIN_FILENO) {
# 161| int err = errno;
# 162| pam_syslog(pamh, LOG_ERR, "dup2 of %s failed: %m", "stdin");
Error: GCC_ANALYZER_WARNING (CWE-775): [#def84]
Linux-PAM-1.6.1/modules/pam_xauth/pam_xauth.c:165:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(opipe[1], 1)’
# 163| _exit(err);
# 164| }
# 165|-> if (dup2(opipe[1], STDOUT_FILENO) != STDOUT_FILENO) {
# 166| int err = errno;
# 167| pam_syslog(pamh, LOG_ERR, "dup2 of %s failed: %m", "stdout");
Error: CLANG_WARNING: [#def85]
Linux-PAM-1.6.1/modules/pam_xauth/pam_xauth.c:506:16: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 504| /* Figure out where the source user's .Xauthority file is. */
# 505| if (getenv(XAUTHENV) != NULL) {
# 506|-> cookiefile = strdup(getenv(XAUTHENV));
# 507| if (cookiefile == NULL) {
# 508| retval = PAM_SESSION_ERR;
Scan Properties
| analyzer-version-clang | 18.1.3 |
| analyzer-version-cppcheck | 2.13.0 |
| analyzer-version-gcc | 14.0.1 |
| analyzer-version-gcc-analyzer | 14.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-228.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | pam-1.6.1-1.fc41 |
| store-results-to | /tmp/tmpsrlsr7na/pam-1.6.1-1.fc41.tar.xz |
| time-created | 2024-04-22 11:13:19 |
| time-finished | 2024-04-22 11:17:11 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpsrlsr7na/pam-1.6.1-1.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpsrlsr7na/pam-1.6.1-1.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |