pinentry-1.3.0-2.fc41

List of Defects

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
pinentry-1.3.0/gnome3/pinentry-gnome3.c: scope_hint: In function ‘_propagate_g_error_to_pinentry’
pinentry-1.3.0/gnome3/pinentry-gnome3.c:111:7: warning[-Wanalyzer-malloc-leak]: leak of ‘*pe.specific_err_info’
#  109|          * no need to check for failure.  */
#  110|         pe->specific_err_info = strdup (t);
#  111|->       g_free (t);
#  112|       }
#  113|     else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
pinentry-1.3.0/pinentry/pinentry-curses.c: scope_hint: In function ‘pinentry_utf8_to_local’
pinentry-1.3.0/pinentry/pinentry-curses.c:220:6: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open(target_encoding, "UTF-8")’
pinentry-1.3.0/pinentry/pinentry-curses.c:607:3: note: in expansion of macro ‘COPY_OUT’
pinentry-1.3.0/pinentry/pinentry-curses.c:607:3: note: in expansion of macro ‘COPY_OUT’
pinentry-1.3.0/pinentry/pinentry-curses.c:607:3: note: in expansion of macro ‘COPY_OUT’
#  218|   
#  219|     cd = iconv_open (target_encoding, "UTF-8");
#  220|->   if (cd == (iconv_t) -1)
#  221|       {
#  222|         fprintf (stderr, "%s: can't convert from UTF-8 to %s: %s\n",

Error: CLANG_WARNING: [#def3]
pinentry-1.3.0/pinentry/pinentry-curses.c:522:7: warning[deadcode.DeadStores]: Value stored to 'i' is never read
#  520|             p++;
#  521|   
#  522|->       i = 0;
#  523|         error_y++;
#  524|       }

Error: CLANG_WARNING: [#def4]
pinentry-1.3.0/pinentry/pinentry-curses.c:1775:12: warning[deadcode.DeadStores]: Although the value stored to 'tim' is used in the enclosing expression, the value is never actually read from 'tim'
# 1773|   
# 1774|     /* Make sure that we actually update the mtime.  */
# 1775|->   while ( (tim = time (NULL)) == st.st_mtime )
# 1776|       sleep (1);
# 1777|   

Error: CPPCHECK_WARNING (CWE-476): [#def5]
pinentry-1.3.0/pinentry/pinentry-emacs.c:186: error[nullPointer]: Null pointer dereference: (struct sockaddr_un*)0
#  184|   
#  185|     if (connect (emacs_socket, (struct sockaddr *) &unaddr,
#  186|-> 	       SUN_LEN (&unaddr)) < 0)
#  187|       {
#  188|         perror ("connect");

Error: CLANG_WARNING: [#def6]
pinentry-1.3.0/pinentry/pinentry-emacs.c:590:12: warning[deadcode.DeadStores]: Although the value stored to 'tim' is used in the enclosing expression, the value is never actually read from 'tim'
#  588|   
#  589|     /* Make sure that we actually update the mtime.  */
#  590|->   while ( (tim = time (NULL)) == st.st_mtime )
#  591|       sleep (1);
#  592|   

Error: CLANG_WARNING: [#def7]
pinentry-1.3.0/pinentry/pinentry.c:987:13: warning[deadcode.DeadStores]: Value stored to 'tmpstr' is never read
#  985|               tmpstr = parse_color (tmpstr, &pinentry.color_ok,
#  986|                                     &pinentry.color_ok_bright);
#  987|->             tmpstr = parse_color (tmpstr, &pinentry.color_qualitybar,
#  988|                                     &pinentry.color_qualitybar_bright);
#  989|             }

Error: GCC_ANALYZER_WARNING (CWE-465): [#def8]
pinentry-1.3.0/pinentry/pinentry.c: scope_hint: In function ‘option_handler’
pinentry-1.3.0/pinentry/pinentry.c:1119:18: warning[-Wanalyzer-deref-before-check]: check of ‘endp’ for NULL after already dereferencing it
# 1117|                     pinentry.owner_uid = (int)along;
# 1118|                 }
# 1119|->               if (endp)
# 1120|                   {
# 1121|                     while (*endp == ' ')

Error: GCC_ANALYZER_WARNING (CWE-476): [#def9]
pinentry-1.3.0/pinentry/pinentry.c:1127:28: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘endp’
# 1125|                         pinentry.owner_host = strdup (endp);
# 1126|                         for (endp=pinentry.owner_host;
# 1127|->                            *endp && *endp != ' '; endp++)
# 1128|                           ;
# 1129|                         *endp = 0;

Error: CLANG_WARNING: [#def10]
pinentry-1.3.0/pinentry/pinentry.c:1987:12: warning[deadcode.DeadStores]: Although the value stored to 'j' is used in the enclosing expression, the value is never actually read from 'j'
# 1985|     gpg_error_t rc;
# 1986|   
# 1987|->   for (i = j = 0; table[i].name; i++)
# 1988|       {
# 1989|         rc = assuan_register_command (ctx, table[i].name, table[i].handler, NULL);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def11]
pinentry-1.3.0/secmem/secmem.c: scope_hint: In function ‘secmem_realloc’
pinentry-1.3.0/secmem/secmem.c:365:5: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#  363|   	return p; /* it is easier not to shrink the memory */
#  364|       a = secmem_malloc( newsize );
#  365|->     memcpy(a, p, size);
#  366|       memset((char*)a+size, 0, newsize-size);
#  367|       secmem_free(p);

Error: CLANG_WARNING: [#def12]
pinentry-1.3.0/tty/pinentry-tty.c:503:11: warning[deadcode.DeadStores]: Although the value stored to 'tim' is used in the enclosing expression, the value is never actually read from 'tim'
#  501|   
#  502|     /* Make sure that we actually update the mtime.  */
#  503|->   while ((tim = time(NULL)) == st.st_mtime)
#  504|       sleep(1);
#  505|

Scan Properties

analyzer-version-clang	18.1.3
analyzer-version-cppcheck	2.13.0
analyzer-version-gcc	14.0.1
analyzer-version-gcc-analyzer	14.0.1
analyzer-version-shellcheck	0.10.0
enabled-plugins	clang, cppcheck, gcc, shellcheck
exit-code	0
host	ip-172-16-1-237.us-west-2.compute.internal
mock-config	fedora-41-x86_64
project-name	pinentry-1.3.0-2.fc41
store-results-to	/tmp/tmpx15g7pv8/pinentry-1.3.0-2.fc41.tar.xz
time-created	2024-04-22 11:11:45
time-finished	2024-04-22 11:13:28
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmpx15g7pv8/pinentry-1.3.0-2.fc41.tar.xz' '--gcc-analyze' '/tmp/tmpx15g7pv8/pinentry-1.3.0-2.fc41.src.rpm'
tool-version	csmock-3.5.3-1.el9