pcsc-lite-2.1.0-1.fc41
List of Defects
Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
pcsc-lite-2.1.0/src/configfile.c: scope_hint: In function ‘yy_create_buffer’
pcsc-lite-2.1.0/src/configfile.c:1322:12: warning[-Wanalyzer-malloc-leak]: leak of ‘malloc(64)’
pcsc-lite-2.1.0/src/configfile.c:699:1: note: in expansion of macro ‘YY_DECL’
pcsc-lite-2.1.0/src/configfile.c: scope_hint: In function ‘yy_create_buffer’
# 1320| */
# 1321| b->yy_ch_buf = (char *) yyalloc( (yy_size_t) (b->yy_buf_size + 2) );
# 1322|-> if ( ! b->yy_ch_buf )
# 1323| YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
# 1324|
Error: CPPCHECK_WARNING (CWE-476): [#def2]
pcsc-lite-2.1.0/src/configfile.c:1362: warning[nullPointer]: Possible null pointer dereference: b
# 1360| yy_flush_buffer( b );
# 1361|
# 1362|-> b->yy_input_file = file;
# 1363| b->yy_fill_buffer = 1;
# 1364|
Error: CPPCHECK_WARNING (CWE-476): [#def3]
pcsc-lite-2.1.0/src/configfile.c:1363: warning[nullPointer]: Possible null pointer dereference: b
# 1361|
# 1362| b->yy_input_file = file;
# 1363|-> b->yy_fill_buffer = 1;
# 1364|
# 1365| /* If b is the current buffer, then yy_init_buffer was _probably_
Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
pcsc-lite-2.1.0/src/hotplug_libudev.c: scope_hint: In function ‘HPReadBundleValues’
pcsc-lite-2.1.0/src/hotplug_libudev.c:234:44: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pcsc-lite-2.1.0/src/hotplug_libudev.c:168:25: note: in expansion of macro ‘GET_KEY’
pcsc-lite-2.1.0/src/hotplug_libudev.c:168:25: note: in expansion of macro ‘GET_KEY’
pcsc-lite-2.1.0/src/hotplug_libudev.c:176:25: note: in expansion of macro ‘GET_KEY’
pcsc-lite-2.1.0/src/hotplug_libudev.c:177:25: note: in expansion of macro ‘GET_KEY’
pcsc-lite-2.1.0/src/hotplug_libudev.c:177:25: note: in expansion of macro ‘GET_KEY’
pcsc-lite-2.1.0/src/hotplug_libudev.c:178:25: note: in expansion of macro ‘GET_KEY’
pcsc-lite-2.1.0/src/hotplug_libudev.c:178:25: note: in expansion of macro ‘GET_KEY’
# 232| driverSize * sizeof(*driverTracker));
# 233|
# 234|-> if (NULL == tmp)
# 235| {
# 236| free(driverTracker);
Error: CLANG_WARNING: [#def5]
pcsc-lite-2.1.0/src/hotplug_libudev.c:256:4: warning[unix.Malloc]: Potential leak of memory pointed to by 'CFBundleName'
# 254| }
# 255| }
# 256|-> bundleRelease(&plist);
# 257| }
# 258| }
Error: GCC_ANALYZER_WARNING (CWE-688): [#def6]
pcsc-lite-2.1.0/src/hotplug_libudev.c: scope_hint: In function ‘HPAddDevice’
pcsc-lite-2.1.0/src/hotplug_libudev.c:466:36: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘tmpInterfaceName’ where non-null expected
pcsc-lite-2.1.0/src/hotplug_libudev.c:47: included_from: Included from here.
<built-in>: note: argument 1 of ‘__builtin_strlen’ must be non-null
# 464|
# 465| /* check the interface name contains only valid ASCII codes */
# 466|-> for (size_t i=0; i<strlen(tmpInterfaceName); i++)
# 467| {
# 468| if (! isascii(tmpInterfaceName[i]))
Error: GCC_ANALYZER_WARNING (CWE-476): [#def7]
pcsc-lite-2.1.0/src/ifdwrapper.c: scope_hint: In function ‘IFDOpenIFD’
pcsc-lite-2.1.0/src/ifdwrapper.c:136:31: warning[-Wanalyzer-jump-through-null]: jump through null pointer
# 134| /* use device name only if defined */
# 135| if (rContext->device[0] != '\0')
# 136|-> rv = (*IFDH_create_channel_by_name) (rContext->slot, rContext->device);
# 137| else
# 138| rv = (*IFDH_create_channel) (rContext->slot, rContext->port);
Error: GCC_ANALYZER_WARNING (CWE-775): [#def8]
pcsc-lite-2.1.0/src/pcscdaemon.c: scope_hint: In function ‘main’
pcsc-lite-2.1.0/src/pcscdaemon.c:566:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 2)’
# 564|
# 565| /* do not close stdin, stdout or stderr */
# 566|-> if (fd > 2)
# 567| close(fd);
# 568| }
Error: GCC_ANALYZER_WARNING (CWE-476): [#def9]
pcsc-lite-2.1.0/src/readerfactory.c: scope_hint: In function ‘RFAddReader’
pcsc-lite-2.1.0/src/readerfactory.c:348:56: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘malloc(4)’
pcsc-lite-2.1.0/src/readerfactory.c:60: included_from: Included from here.
pcsc-lite-2.1.0/src/readerfactory.c:1530:17: note: in expansion of macro ‘Log2’
# 346| RFUnloadReader unloads the driver library
# 347| and there are still devices attached using it --mikeg*/
# 348|-> *(sReadersContexts[dwContext])->pFeeds = 1;
# 349| }
# 350|
Error: GCC_ANALYZER_WARNING (CWE-688): [#def10]
pcsc-lite-2.1.0/src/readerfactory.c:355:23: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc(40)’ where non-null expected
pcsc-lite-2.1.0/src/readerfactory.c:1530:17: note: in expansion of macro ‘Log2’
pcsc-lite-2.1.0/src/readerfactory.c:51: included_from: Included from here.
/usr/include/pthread.h:781:12: note: argument 1 of ‘pthread_mutex_init’ must be non-null
# 353| sReadersContexts[dwContext]->mMutex =
# 354| malloc(sizeof(pthread_mutex_t));
# 355|-> (void)pthread_mutex_init(sReadersContexts[dwContext]->mMutex, NULL);
# 356| }
# 357|
Error: GCC_ANALYZER_WARNING (CWE-476): [#def11]
pcsc-lite-2.1.0/src/readerfactory.c:361:56: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘malloc(4)’
pcsc-lite-2.1.0/src/readerfactory.c:1530:17: note: in expansion of macro ‘Log2’
# 359| {
# 360| sReadersContexts[dwContext]->pMutex = malloc(sizeof(int));
# 361|-> *(sReadersContexts[dwContext])->pMutex = 1;
# 362| }
# 363|
Error: GCC_ANALYZER_WARNING: [#def12]
pcsc-lite-2.1.0/src/readerfactory.c:452:17: warning[-Wanalyzer-overlapping-buffers]: overlapping buffers passed as arguments to ‘memcpy’
pcsc-lite-2.1.0/src/readerfactory.c:1530:17: note: in expansion of macro ‘Log2’
pcsc-lite-2.1.0/src/readerfactory.c:936:17: note: in expansion of macro ‘Log1’
pcsc-lite-2.1.0/src/readerfactory.c:45: included_from: Included from here.
/usr/include/string.h:43:14: note: the behavior of ‘memcpy’ is undefined for overlapping buffers
# 450| /* Copy the previous reader name and increment the slot number */
# 451| tmpReader = sReadersContexts[dwContextB]->readerState->readerName;
# 452|-> memcpy(tmpReader,
# 453| sReadersContexts[dwContext]->readerState->readerName,
# 454| sizeof(sReadersContexts[dwContextB]->readerState->readerName));
Error: GCC_ANALYZER_WARNING (CWE-688): [#def13]
pcsc-lite-2.1.0/src/readerfactory.c:528:31: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc(40)’ where non-null expected
pcsc-lite-2.1.0/src/readerfactory.c:1530:17: note: in expansion of macro ‘Log2’
pcsc-lite-2.1.0/src/readerfactory.c:936:17: note: in expansion of macro ‘Log1’
pcsc-lite-2.1.0/src/readerfactory.c:520:25: note: in expansion of macro ‘Log1’
/usr/include/pthread.h:781:12: note: argument 1 of ‘pthread_mutex_init’ must be non-null
# 526| sReadersContexts[dwContextB]->mMutex =
# 527| malloc(sizeof(pthread_mutex_t));
# 528|-> (void)pthread_mutex_init(sReadersContexts[dwContextB]->mMutex,
# 529| NULL);
# 530|
Error: GCC_ANALYZER_WARNING (CWE-476): [#def14]
pcsc-lite-2.1.0/src/readerfactory.c:532:65: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘malloc(4)’
pcsc-lite-2.1.0/src/readerfactory.c:1530:17: note: in expansion of macro ‘Log2’
pcsc-lite-2.1.0/src/readerfactory.c:936:17: note: in expansion of macro ‘Log1’
pcsc-lite-2.1.0/src/readerfactory.c:520:25: note: in expansion of macro ‘Log1’
# 530|
# 531| sReadersContexts[dwContextB]->pMutex = malloc(sizeof(int));
# 532|-> *(sReadersContexts[dwContextB])->pMutex = 1;
# 533| }
# 534| else
Error: CLANG_WARNING: [#def15]
pcsc-lite-2.1.0/src/readerfactory.c:713:14: warning[deadcode.DeadStores]: Value stored to 'extend' during its initialization is never read
# 711| bool usedDigits[PCSCLITE_MAX_READERS_CONTEXTS];
# 712| int i;
# 713|-> const char *extend = "";
# 714|
# 715| /* Clear the list */
Error: GCC_ANALYZER_WARNING (CWE-476): [#def16]
pcsc-lite-2.1.0/src/simclist.c: scope_hint: In function 'list_delete_range'
pcsc-lite-2.1.0/src/simclist.c:601:15: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
# 599|
# 600| tmp = list_findpos(l, posstart); /* first el to be deleted */
# 601|-> lastvalid = tmp->prev; /* last valid element */
# 602|
# 603| midposafter = (l->numels-1-numdel)/2;
Error: GCC_ANALYZER_WARNING (CWE-476): [#def17]
pcsc-lite-2.1.0/src/simclist.c: scope_hint: In function ‘list_delete_range’
pcsc-lite-2.1.0/src/simclist.c:601:15: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 599|
# 600| tmp = list_findpos(l, posstart); /* first el to be deleted */
# 601|-> lastvalid = tmp->prev; /* last valid element */
# 602|
# 603| midposafter = (l->numels-1-numdel)/2;
Error: CLANG_WARNING: [#def18]
pcsc-lite-2.1.0/src/simclist.c:802:67: warning[core.NullDereference]: Access to field 'next' results in a dereference of a null pointer (loaded from field 'mid')
# 800| if ((err+1)/2 > 0) { /* correct pos RIGHT (err-1)/2 moves */
# 801| err = (err+1)/2;
# 802|-> for (cnt = 0; cnt < (unsigned int)err; cnt++) dest->mid = dest->mid->next;
# 803| } else if (err/2 < 0) { /* correct pos LEFT (err/2)-1 moves */
# 804| err = -err/2;
Error: CLANG_WARNING: [#def19]
pcsc-lite-2.1.0/src/simclist.c:805:67: warning[core.NullDereference]: Access to field 'prev' results in a dereference of a null pointer (loaded from field 'mid')
# 803| } else if (err/2 < 0) { /* correct pos LEFT (err/2)-1 moves */
# 804| err = -err/2;
# 805|-> for (cnt = 0; cnt < (unsigned int)err; cnt++) dest->mid = dest->mid->prev;
# 806| }
# 807|
Error: CLANG_WARNING: [#def20]
pcsc-lite-2.1.0/src/spy/libpcscspy.c:159:2: warning[deadcode.DeadStores]: Value stored to 'r' is never read
# 157| snprintf(threadid, sizeof threadid, "%lX@", pthread_self());
# 158| pthread_mutex_lock(&Log_fd_mutex);
# 159|-> r = write(Log_fd, threadid, strlen(threadid));
# 160| r = write(Log_fd, line, strlen(line));
# 161| r = write(Log_fd, "\n", 1);
Error: CLANG_WARNING: [#def21]
pcsc-lite-2.1.0/src/spy/libpcscspy.c:160:2: warning[deadcode.DeadStores]: Value stored to 'r' is never read
# 158| pthread_mutex_lock(&Log_fd_mutex);
# 159| r = write(Log_fd, threadid, strlen(threadid));
# 160|-> r = write(Log_fd, line, strlen(line));
# 161| r = write(Log_fd, "\n", 1);
# 162| (void)r;
Error: CLANG_WARNING: [#def22]
pcsc-lite-2.1.0/src/spy/libpcscspy.c:188:2: warning[deadcode.DeadStores]: Value stored to 'r' is never read
# 186| snprintf(threadid, sizeof threadid, "%lX@", pthread_self());
# 187| pthread_mutex_lock(&Log_fd_mutex);
# 188|-> r = write(Log_fd, threadid, strlen(threadid));
# 189| r = write(Log_fd, line, size);
# 190| r = write(Log_fd, "\n", 1);
Error: CLANG_WARNING: [#def23]
pcsc-lite-2.1.0/src/spy/libpcscspy.c:189:2: warning[deadcode.DeadStores]: Value stored to 'r' is never read
# 187| pthread_mutex_lock(&Log_fd_mutex);
# 188| r = write(Log_fd, threadid, strlen(threadid));
# 189|-> r = write(Log_fd, line, size);
# 190| r = write(Log_fd, "\n", 1);
# 191| (void)r;
Error: CPPCHECK_WARNING (CWE-786): [#def24]
pcsc-lite-2.1.0/src/testpcsc.c:232: error[negativeIndex]: Array 'iList[16]' accessed at index -1, which is out of bounds.
# 230| iReader = 1;
# 231|
# 232|-> rgReaderStates[0].szReader = &mszReaders[iList[iReader]];
# 233| rgReaderStates[0].dwCurrentState = SCARD_STATE_EMPTY;
# 234|
Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
pcsc-lite-2.1.0/src/tokenparser.c: scope_hint: In function ‘tp_create_buffer’
pcsc-lite-2.1.0/src/tokenparser.c:1594:12: warning[-Wanalyzer-malloc-leak]: leak of ‘malloc(64)’
pcsc-lite-2.1.0/src/tokenparser.l:228:23: note: in expansion of macro ‘yylex’
pcsc-lite-2.1.0/src/tokenparser.c:952:21: note: in expansion of macro ‘yylex’
pcsc-lite-2.1.0/src/tokenparser.c:972:1: note: in expansion of macro ‘YY_DECL’
pcsc-lite-2.1.0/src/tokenparser.c:996:25: note: in expansion of macro ‘yyensure_buffer_stack’
pcsc-lite-2.1.0/src/tokenparser.c:996:25: note: in expansion of macro ‘yyensure_buffer_stack’
pcsc-lite-2.1.0/src/tokenparser.c:1733:13: note: in expansion of macro ‘yyensure_buffer_stack’
pcsc-lite-2.1.0/src/tokenparser.c:996:25: note: in expansion of macro ‘yyensure_buffer_stack’
pcsc-lite-2.1.0/src/tokenparser.c:998:33: note: in expansion of macro ‘yy_create_buffer’
pcsc-lite-2.1.0/src/tokenparser.c:1580:21: note: in expansion of macro ‘yy_create_buffer’
pcsc-lite-2.1.0/src/tokenparser.c:1584:31: note: in expansion of macro ‘yyalloc’
pcsc-lite-2.1.0/src/tokenparser.c: scope_hint: In function ‘tp_create_buffer’
# 1592| */
# 1593| b->yy_ch_buf = (char *) yyalloc( (yy_size_t) (b->yy_buf_size + 2) );
# 1594|-> if ( ! b->yy_ch_buf )
# 1595| YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
# 1596|
Error: CPPCHECK_WARNING (CWE-476): [#def26]
pcsc-lite-2.1.0/src/tokenparser.c:1634: warning[nullPointer]: Possible null pointer dereference: b
# 1632| yy_flush_buffer( b );
# 1633|
# 1634|-> b->yy_input_file = file;
# 1635| b->yy_fill_buffer = 1;
# 1636|
Error: CPPCHECK_WARNING (CWE-476): [#def27]
pcsc-lite-2.1.0/src/tokenparser.c:1635: warning[nullPointer]: Possible null pointer dereference: b
# 1633|
# 1634| b->yy_input_file = file;
# 1635|-> b->yy_fill_buffer = 1;
# 1636|
# 1637| /* If b is the current buffer, then yy_init_buffer was _probably_
Error: GCC_ANALYZER_WARNING (CWE-476): [#def28]
pcsc-lite-2.1.0/src/tokenparser.l: scope_hint: In function ‘eval_key’
pcsc-lite-2.1.0/src/tokenparser.l:98:18: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘elt’
pcsc-lite-2.1.0/src/tokenparser.l:228:23: note: in expansion of macro ‘yylex’
pcsc-lite-2.1.0/src/tokenparser.c:952:21: note: in expansion of macro ‘yylex’
pcsc-lite-2.1.0/src/tokenparser.c:972:1: note: in expansion of macro ‘YY_DECL’
# 96| len++; /* final NULL byte */
# 97|
# 98|-> elt->key = malloc(len);
# 99| memcpy(elt->key, &pcToken[5], len-1);
# 100| elt->key[len-1] = '\0';
Error: GCC_ANALYZER_WARNING (CWE-688): [#def29]
pcsc-lite-2.1.0/src/tokenparser.l:99:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc(len)’ where non-null expected
pcsc-lite-2.1.0/src/tokenparser.l:228:23: note: in expansion of macro ‘yylex’
pcsc-lite-2.1.0/src/tokenparser.c:952:21: note: in expansion of macro ‘yylex’
pcsc-lite-2.1.0/src/tokenparser.c:972:1: note: in expansion of macro ‘YY_DECL’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 97|
# 98| elt->key = malloc(len);
# 99|-> memcpy(elt->key, &pcToken[5], len-1);
# 100| elt->key[len-1] = '\0';
# 101|
Error: GCC_ANALYZER_WARNING (CWE-688): [#def30]
pcsc-lite-2.1.0/src/tokenparser.l: scope_hint: In function ‘eval_value’
pcsc-lite-2.1.0/src/tokenparser.l:131:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘value’ where non-null expected
pcsc-lite-2.1.0/src/tokenparser.l:228:23: note: in expansion of macro ‘yylex’
pcsc-lite-2.1.0/src/tokenparser.c:952:21: note: in expansion of macro ‘yylex’
pcsc-lite-2.1.0/src/tokenparser.c:972:1: note: in expansion of macro ‘YY_DECL’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
# 129| assert(value);
# 130|
# 131|-> memcpy(value, &pcToken[8], len-1);
# 132| value[len-1] = '\0';
# 133|
Error: GCC_ANALYZER_WARNING (CWE-401): [#def31]
pcsc-lite-2.1.0/src/tokenparser.l:155:1: warning[-Wanalyzer-malloc-leak]: leak of ‘amp’
pcsc-lite-2.1.0/src/tokenparser.l:228:23: note: in expansion of macro ‘yylex’
pcsc-lite-2.1.0/src/tokenparser.c:952:21: note: in expansion of macro ‘yylex’
pcsc-lite-2.1.0/src/tokenparser.c:972:1: note: in expansion of macro ‘YY_DECL’
# 153| assert(r >= 0);
# 154| (void)r;
# 155|-> }
# 156|
# 157| void tperrorCheck (char *token_error)
Error: GCC_ANALYZER_WARNING (CWE-401): [#def32]
pcsc-lite-2.1.0/src/winscard_clnt.c: scope_hint: In function 'SCardAddHandle'
pcsc-lite-2.1.0/src/winscard_clnt.c:3445:12: warning[-Wanalyzer-malloc-leak]: leak of 'newChannelMap'
# 3443|
# 3444| lrv = list_append(¤tContextMap->channelMapList, newChannelMap);
# 3445|-> if (lrv < 0)
# 3446| {
# 3447| free(newChannelMap->readerName);
Error: CLANG_WARNING: [#def33]
pcsc-lite-2.1.0/src/winscard_clnt.c:3454:9: warning[unix.Malloc]: Potential leak of memory pointed to by 'newChannelMap'
# 3452| }
# 3453|
# 3454|-> return SCARD_S_SUCCESS;
# 3455| }
# 3456|
Error: GCC_ANALYZER_WARNING (CWE-775): [#def34]
pcsc-lite-2.1.0/src/winscard_msg.c: scope_hint: In function 'ClientSetupSession'
pcsc-lite-2.1.0/src/winscard_msg.c:141:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor
# 139| strncpy(svc_addr.sun_path, socketName, sizeof(svc_addr.sun_path));
# 140|
# 141|-> if (connect(*pdwClientID, (struct sockaddr *) &svc_addr,
# 142| sizeof(svc_addr.sun_family) + strlen(svc_addr.sun_path) + 1) < 0)
# 143| {
Scan Properties
| analyzer-version-clang | 18.1.3 |
| analyzer-version-cppcheck | 2.13.0 |
| analyzer-version-gcc | 14.0.1 |
| analyzer-version-gcc-analyzer | 14.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| enabled-plugins | clang, cppcheck, gcc, shellcheck |
| exit-code | 0 |
| host | ip-172-16-1-134.us-west-2.compute.internal |
| mock-config | fedora-41-x86_64 |
| project-name | pcsc-lite-2.1.0-1.fc41 |
| store-results-to | /tmp/tmpcvgi682d/pcsc-lite-2.1.0-1.fc41.tar.xz |
| time-created | 2024-04-22 11:10:28 |
| time-finished | 2024-04-22 11:11:39 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpcvgi682d/pcsc-lite-2.1.0-1.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpcvgi682d/pcsc-lite-2.1.0-1.fc41.src.rpm' |
| tool-version | csmock-3.5.3-1.el9 |