apt-2.9.8-1.fc42

List of Findings

Error: SHELLCHECK_WARNING (CWE-571): [#def1]
/usr/bin/apt-key:5:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#    3|   set -e
#    4|   unset GREP_OPTIONS GPGHOMEDIR CURRENTTRAP
#    5|-> export IFS="$(printf "\n\b")"
#    6|   
#    7|   MASTER_KEYRING=''

Error: SHELLCHECK_WARNING (CWE-569): [#def2]
/usr/bin/apt-key:78:11: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled.
#   76|       GPGHOMEDIR="$(mktemp --directory --tmpdir 'apt-key-gpghome.XXXXXXXXXX')"
#   77|       CURRENTTRAP="${CURRENTTRAP} cleanup_gpg_home;"
#   78|->     trap "${CURRENTTRAP}" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM
#   79|       if [ -z "$GPGHOMEDIR" ]; then
#   80|   	apt_error "Could not create temporary gpg home directory in $TMPDIR (wrong permissions?)"

Error: SHELLCHECK_WARNING (CWE-398): [#def3]
/usr/bin/apt-key:134:104: warning[SC2062]: Quote the grep pattern so the shell won't interpret it.
#  132|       #   from a key in the $distro-master-keyring
#  133|       add_keys="$(get_fingerprints_of_keyring "$ADD_KEYRING")"
#  134|->     all_add_keys="$(aptkey_execute "$GPG_SH" --keyring "$ADD_KEYRING" --with-colons --list-keys | grep ^[ps]ub | cut -d: -f5)"
#  135|       master_keys="$(aptkey_execute "$GPG_SH" --keyring "$MASTER" --with-colons --list-keys | grep ^pub | cut -d: -f5)"
#  136|   

Error: SHELLCHECK_WARNING: [#def4]
/usr/bin/apt-key:149:2: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  147|       for add_key in $add_keys; do
#  148|           # export the add keyring one-by-one
#  149|-> 	local TMP_KEYRING="${GPGHOMEDIR}/tmp-keyring.gpg"
#  150|   	aptkey_execute "$GPG_SH" --batch --yes --keyring "$ADD_KEYRING" --output "$TMP_KEYRING" --export "$add_key"
#  151|   	if ! aptkey_execute "$GPG_SH" --batch --yes --keyring "$TMP_KEYRING" --import "$MASTER" > "${GPGHOMEDIR}/gpgoutput.log" 2>&1; then

Error: SHELLCHECK_WARNING: [#def5]
/usr/bin/apt-key:176:5: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  174|   # (otherwise it does not make sense from a security POV)
#  175|   net_update() {
#  176|->     local APT_DIR='/'
#  177|       eval $(apt-config shell APT_DIR Dir)
#  178|   

Error: SHELLCHECK_WARNING (CWE-156): [#def6]
/usr/bin/apt-key:177:10: warning[SC2046]: Quote this to prevent word splitting.
#  175|   net_update() {
#  176|       local APT_DIR='/'
#  177|->     eval $(apt-config shell APT_DIR Dir)
#  178|   
#  179|       # Disabled for now as code is insecure (LP: #1013639 (and 857472, 1013128))

Error: SHELLCHECK_WARNING (CWE-156): [#def7]
/usr/bin/apt-key:181:10: warning[SC2046]: Quote this to prevent word splitting.
#  179|       # Disabled for now as code is insecure (LP: #1013639 (and 857472, 1013128))
#  180|       APT_KEY_NET_UPDATE_ENABLED=""
#  181|->     eval $(apt-config shell APT_KEY_NET_UPDATE_ENABLED APT::Key::Net-Update-Enabled)
#  182|       if [ -z "$APT_KEY_NET_UPDATE_ENABLED" ]; then
#  183|           exit 1

Error: SHELLCHECK_WARNING: [#def8]
/usr/bin/apt-key:248:5: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  246|   
#  247|   remove_key_from_keyring() {
#  248|->     local KEYRINGFILE="$1"
#  249|       shift
#  250|       # non-existent keyrings have by definition no keys

Error: SHELLCHECK_WARNING: [#def9]
/usr/bin/apt-key:255:5: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  253|       fi
#  254|   
#  255|->     local FINGERPRINTS="${GPGHOMEDIR}/keyringfile.keylst"
#  256|       local DEARMOR="$(dearmor_filename "$KEYRINGFILE")"
#  257|       get_fingerprints_of_keyring "$DEARMOR" > "$FINGERPRINTS"

Error: SHELLCHECK_WARNING: [#def10]
/usr/bin/apt-key:256:5: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  254|   
#  255|       local FINGERPRINTS="${GPGHOMEDIR}/keyringfile.keylst"
#  256|->     local DEARMOR="$(dearmor_filename "$KEYRINGFILE")"
#  257|       get_fingerprints_of_keyring "$DEARMOR" > "$FINGERPRINTS"
#  258|   

Error: SHELLCHECK_WARNING (CWE-571): [#def11]
/usr/bin/apt-key:256:11: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  254|   
#  255|       local FINGERPRINTS="${GPGHOMEDIR}/keyringfile.keylst"
#  256|->     local DEARMOR="$(dearmor_filename "$KEYRINGFILE")"
#  257|       get_fingerprints_of_keyring "$DEARMOR" > "$FINGERPRINTS"
#  258|   

Error: SHELLCHECK_WARNING: [#def12]
/usr/bin/apt-key:277:2: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  275|   	fi
#  276|   	# we can't just modify pointed to files as these might be in /usr or something
#  277|-> 	local REALTARGET
#  278|   	if [ -L "$DEARMOR" ]; then
#  279|   	    REALTARGET="$(readlink -f "$DEARMOR")"

Error: SHELLCHECK_WARNING: [#def13]
/usr/bin/apt-key:314:5: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  312|   	return 0
#  313|       fi
#  314|->     local FILEEXT="${1##*.}"
#  315|       if [ "$FILEEXT" = 'gpg' ]; then
#  316|   	# 0x98, 0x99 and 0xC6 via octal as hex isn't supported by dashs printf

Error: SHELLCHECK_WARNING: [#def14]
/usr/bin/apt-key:338:4: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  336|   
#  337|   foreach_keyring_do() {
#  338|->    local ACTION="$1"
#  339|      shift
#  340|      # if a --keyring was given, just work on this one

Error: SHELLCHECK_WARNING: [#def15]
/usr/bin/apt-key:348:2: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  346|   	    $ACTION "$TRUSTEDFILE" "$@"
#  347|   	fi
#  348|-> 	local TRUSTEDPARTS="/etc/apt/trusted.gpg.d"
#  349|   	eval "$(apt-config shell TRUSTEDPARTS Dir::Etc::TrustedParts/d)"
#  350|   	if [ -d "$TRUSTEDPARTS" ]; then

Error: SHELLCHECK_WARNING: [#def16]
/usr/bin/apt-key:352:6: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  350|   	if [ -d "$TRUSTEDPARTS" ]; then
#  351|   	    TRUSTEDPARTS="$(readlink -f "$TRUSTEDPARTS")"
#  352|-> 	    local TRUSTEDPARTSLIST="$(cd /; find "$TRUSTEDPARTS" -mindepth 1 -maxdepth 1 \( -name '*.gpg' -o -name '*.asc' \))"
#  353|   	    for trusted in $(echo "$TRUSTEDPARTSLIST" | sort); do
#  354|   		if accessible_file_exists "$trusted" && is_supported_keyring "$trusted"; then

Error: SHELLCHECK_WARNING (CWE-571): [#def17]
/usr/bin/apt-key:352:12: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  350|   	if [ -d "$TRUSTEDPARTS" ]; then
#  351|   	    TRUSTEDPARTS="$(readlink -f "$TRUSTEDPARTS")"
#  352|-> 	    local TRUSTEDPARTSLIST="$(cd /; find "$TRUSTEDPARTS" -mindepth 1 -maxdepth 1 \( -name '*.gpg' -o -name '*.asc' \))"
#  353|   	    for trusted in $(echo "$TRUSTEDPARTSLIST" | sort); do
#  354|   		if accessible_file_exists "$trusted" && is_supported_keyring "$trusted"; then

Error: SHELLCHECK_WARNING: [#def18]
/usr/bin/apt-key:363:5: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  361|   
#  362|   list_keys_in_keyring() {
#  363|->     local KEYRINGFILE="$1"
#  364|       shift
#  365|       # fingerprint and co will fail if key isn't in this keyring

Error: SHELLCHECK_WARNING: [#def19]
/usr/bin/apt-key:388:5: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  386|   
#  387|   export_key_from_to() {
#  388|->     local FROM="$1"
#  389|       local TO="$2"
#  390|       shift 2

Error: SHELLCHECK_WARNING: [#def20]
/usr/bin/apt-key:389:5: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  387|   export_key_from_to() {
#  388|       local FROM="$1"
#  389|->     local TO="$2"
#  390|       shift 2
#  391|       if ! aptkey_execute "$GPG_SH" --keyring "$(dearmor_filename "$FROM")" --export "$@" > "$TO" 2> "${GPGHOMEDIR}/gpgoutput.log"; then

Error: SHELLCHECK_WARNING: [#def21]
/usr/bin/apt-key:400:5: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  398|   
#  399|   import_keyring_into_keyring() {
#  400|->     local FROM="${1:-${GPGHOMEDIR}/pubring.gpg}"
#  401|       local TO="${2:-${GPGHOMEDIR}/pubring.gpg}"
#  402|       shift 2

Error: SHELLCHECK_WARNING: [#def22]
/usr/bin/apt-key:401:5: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  399|   import_keyring_into_keyring() {
#  400|       local FROM="${1:-${GPGHOMEDIR}/pubring.gpg}"
#  401|->     local TO="${2:-${GPGHOMEDIR}/pubring.gpg}"
#  402|       shift 2
#  403|       rm -f "${GPGHOMEDIR}/gpgoutput.log"

Error: SHELLCHECK_WARNING: [#def23]
/usr/bin/apt-key:414:3: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  412|   	if [ -s "$FROM" ]; then
#  413|   	    if [ -z "$2" ]; then
#  414|-> 		local OPTS
#  415|   		if [ "${TO##*.}" = 'asc' ]; then
#  416|   		    OPTS='--armor'

Error: SHELLCHECK_WARNING: [#def24]
/usr/bin/apt-key:426:2: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  424|   	fi
#  425|       elif [ -s "$FROM" ]; then
#  426|-> 	local EXPORTLIMIT="$1"
#  427|   	if [ -n "$1$2" ]; then shift; fi
#  428|   	local DEARMORTO="$(dearmor_filename "$TO")"

Error: SHELLCHECK_WARNING: [#def25]
/usr/bin/apt-key:428:2: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  426|   	local EXPORTLIMIT="$1"
#  427|   	if [ -n "$1$2" ]; then shift; fi
#  428|-> 	local DEARMORTO="$(dearmor_filename "$TO")"
#  429|   	if ! aptkey_execute "$GPG_SH" --keyring "$(dearmor_filename "$FROM")" --export ${EXPORTLIMIT:+"$EXPORTLIMIT"} \
#  430|   	   | aptkey_execute "$GPG_SH" --keyring "$DEARMORTO" --batch --import "$@" > "${GPGHOMEDIR}/gpgoutput.log" 2>&1; then

Error: SHELLCHECK_WARNING (CWE-571): [#def26]
/usr/bin/apt-key:428:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  426|   	local EXPORTLIMIT="$1"
#  427|   	if [ -n "$1$2" ]; then shift; fi
#  428|-> 	local DEARMORTO="$(dearmor_filename "$TO")"
#  429|   	if ! aptkey_execute "$GPG_SH" --keyring "$(dearmor_filename "$FROM")" --export ${EXPORTLIMIT:+"$EXPORTLIMIT"} \
#  430|   	   | aptkey_execute "$GPG_SH" --keyring "$DEARMORTO" --batch --import "$@" > "${GPGHOMEDIR}/gpgoutput.log" 2>&1; then

Error: SHELLCHECK_WARNING: [#def27]
/usr/bin/apt-key:457:2: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  455|   dearmor_filename() {
#  456|       if [ "${1##*.}" = 'asc' ]; then
#  457|-> 	local trusted="${GPGHOMEDIR}/${1##*/}.gpg"
#  458|   	if [ -s "$1" ]; then
#  459|   	    dearmor_keyring < "$1" > "$trusted"

Error: SHELLCHECK_WARNING: [#def28]
/usr/bin/apt-key:465:2: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  463|   	echo "$1"
#  464|       elif [ "$(head -n 1 "$1" 2>/dev/null)" = '-----BEGIN PGP PUBLIC KEY BLOCK-----' ]; then
#  465|-> 	local trusted="${GPGHOMEDIR}/${1##*/}.gpg"
#  466|   	dearmor_keyring < "$1" > "$trusted"
#  467|   	echo "$trusted"

Error: SHELLCHECK_WARNING: [#def29]
/usr/bin/apt-key:480:5: warning[SC3043]: In POSIX sh, 'local' is undefined.
#  478|       # foreach_keyring_do 'import_keys_from_keyring' "${GPGHOMEDIR}/pubring.gpg"
#  479|       # but without using gpg, just cat and find
#  480|->     local PUBRING="$(readlink -f "${GPGHOMEDIR}")/pubring.gpg"
#  481|       rm -f "$PUBRING"
#  482|       touch "$PUBRING"

Error: SHELLCHECK_WARNING (CWE-571): [#def30]
/usr/bin/apt-key:480:11: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  478|       # foreach_keyring_do 'import_keys_from_keyring' "${GPGHOMEDIR}/pubring.gpg"
#  479|       # but without using gpg, just cat and find
#  480|->     local PUBRING="$(readlink -f "${GPGHOMEDIR}")/pubring.gpg"
#  481|       rm -f "$PUBRING"
#  482|       touch "$PUBRING"

Error: SHELLCHECK_WARNING (CWE-477): [#def31]
/usr/bin/apt-key:586:29: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
#  584|         --keyring)
#  585|   	 shift
#  586|-> 	 if [ -z "$FORCED_KEYRING" -o "$FORCED_KEYRING" = '/dev/null' ]; then
#  587|   	     TRUSTEDFILE="$1"
#  588|   	     FORCED_KEYRING="$1"

Error: SHELLCHECK_WARNING: [#def32]
/usr/bin/apt-key:592:12: warning[SC3037]: In POSIX sh, echo flags are undefined.
#  590|   	     create_gpg_home
#  591|   	     FORCED_KEYRING="${GPGHOMEDIR}/mergedkeyrings.gpg"
#  592|-> 	     echo -n '' > "$FORCED_KEYRING"
#  593|   	     chmod 0644 -- "$FORCED_KEYRING"
#  594|   	     catfile "$TRUSTEDFILE" "$FORCED_KEYRING"

Error: SHELLCHECK_WARNING (CWE-156): [#def33]
/usr/bin/apt-key:647:9: warning[SC2046]: Quote this to prevent word splitting.
#  645|   if [ -z "$TRUSTEDFILE" ]; then
#  646|      TRUSTEDFILE="/etc/apt/trusted.gpg"
#  647|->    eval $(apt-config shell TRUSTEDFILE Apt::GPGV::TrustedKeyring)
#  648|      eval $(apt-config shell TRUSTEDFILE Dir::Etc::Trusted/f)
#  649|      if [ "$APT_KEY_NO_LEGACY_KEYRING" ]; then

Error: SHELLCHECK_WARNING (CWE-156): [#def34]
/usr/bin/apt-key:648:9: warning[SC2046]: Quote this to prevent word splitting.
#  646|      TRUSTEDFILE="/etc/apt/trusted.gpg"
#  647|      eval $(apt-config shell TRUSTEDFILE Apt::GPGV::TrustedKeyring)
#  648|->    eval $(apt-config shell TRUSTEDFILE Dir::Etc::Trusted/f)
#  649|      if [ "$APT_KEY_NO_LEGACY_KEYRING" ]; then
#  650|           TRUSTEDFILE="/dev/null"

Error: SHELLCHECK_WARNING: [#def35]
/usr/bin/apt-key:725:13: warning[SC3037]: In POSIX sh, echo flags are undefined.
#  723|          # and even if not output is littered with the creation of a secring,
#  724|          # so lets call import once to have it create what it wants in silence
#  725|->        echo -n | aptkey_execute "$GPG" --batch --import >/dev/null 2>&1 || true
#  726|       fi
#  727|   }

Error: SHELLCHECK_WARNING (CWE-156): [#def36]
/usr/bin/apt-key:804:7: warning[SC2046]: Quote this to prevent word splitting.
#  802|   	GPGV=''
#  803|   	ASSERT_PUBKEY_ALGO=''
#  804|-> 	eval $(apt-config shell GPGV Apt::Key::gpgvcommand ASSERT_PUBKEY_ALGO Apt::Key::assert-pubkey-algo)
#  805|   	if [ -n "$GPGV" ] && command_available "$GPGV"; then true;
#  806|   	elif command_available 'gpgv'; then GPGV='gpgv';

Error: SHELLCHECK_WARNING (CWE-563): [#def37]
/usr/libexec/dpkg/methods/apt/install:4:1: warning[SC2034]: TEXTDOMAIN appears unused. Verify use (or export if used externally).
#    2|   
#    3|   # Set the textdomain for the translations using $"..."
#    4|-> TEXTDOMAIN="apt"
#    5|   
#    6|   # Get the configuration from /etc/apt/apt.conf

Error: SHELLCHECK_WARNING (CWE-156): [#def38]
/usr/libexec/dpkg/methods/apt/install:68:9: warning[SC2046]: Quote this to prevent word splitting.
#   66|   if [ $RES -eq 0 ]; then
#   67|   
#   68|->    if [ $(ls $ARCHIVES $ARCHIVES/partial | grep -E -v "^lock$|^partial$" | wc -l) \
#   69|           -eq 0 ]; then
#   70|         exit 0

Error: SHELLCHECK_WARNING (CWE-398): [#def39]
/usr/libexec/dpkg/methods/apt/install:68:11: warning[SC2010]: Don't use ls | grep. Use a glob or a for loop with a condition to allow non-alphanumeric filenames.
#   66|   if [ $RES -eq 0 ]; then
#   67|   
#   68|->    if [ $(ls $ARCHIVES $ARCHIVES/partial | grep -E -v "^lock$|^partial$" | wc -l) \
#   69|           -eq 0 ]; then
#   70|         exit 0

Error: SHELLCHECK_WARNING (CWE-156): [#def40]
/usr/libexec/dpkg/methods/apt/install:93:13: warning[SC2046]: Quote this to prevent word splitting.
#   91|          exec 3>&1
#   92|          echo -n $"Do you want to erase any previously downloaded .deb files?"
#   93|->        if [ $(yesno "" y) = y ]; then
#   94|             $APTGET "$APT_OPT0" "$APT_OPT1" clean &&
#   95|   	    echo $"Press [Enter] to continue." && read RES && exit 0;

Error: SHELLCHECK_WARNING (CWE-563): [#def41]
/usr/libexec/dpkg/methods/apt/update:5:1: warning[SC2034]: TEXTDOMAIN appears unused. Verify use (or export if used externally).
#    3|   
#    4|   # Set the textdomain for the translations using $"..."
#    5|-> TEXTDOMAIN="apt"
#    6|   
#    7|   # Get the configuration from /etc/apt/apt.conf

Error: CPPCHECK_WARNING (CWE-825): [#def42]
apt-2.9.8-build/apt-2.9.8/apt-pkg/contrib/configuration.cc:380: error[derefInvalidIterator]: Dereference of an invalid iterator: Itm->Parent->Value.end()
#  378|   	    break;
#  379|   
#  380|-> 	 if (Itm->Parent->Value.end()[-1] != '/')
#  381|   	    val.insert(0, "/");
#  382|   

Error: CPPCHECK_WARNING (CWE-825): [#def43]
apt-2.9.8-build/apt-2.9.8/apt-pkg/contrib/configuration.cc:398: error[derefInvalidIterator]: Dereference of an invalid iterator: Res.end()
#  396|      checkFindConfigOptionType(Name, ConfigType::DIR);
#  397|      string Res = FindFile(Name,Default);
#  398|->    if (Res.end()[-1] != '/')
#  399|      {
#  400|         size_t const found = Res.rfind("/dev/null");

Error: CPPCHECK_WARNING (CWE-825): [#def44]
apt-2.9.8-build/apt-2.9.8/apt-pkg/contrib/configuration.cc:473: error[derefInvalidIterator]: Dereference of an invalid iterator: key.end()
#  471|      char type = 0;
#  472|   
#  473|->    if (key.size() > 2 && key.end()[-2] == '/')
#  474|      {
#  475|         type = key.end()[-1];

Error: CPPCHECK_WARNING (CWE-825): [#def45]
apt-2.9.8-build/apt-2.9.8/apt-pkg/contrib/configuration.cc:475: error[derefInvalidIterator]: Dereference of an invalid iterator: key.end()
#  473|      if (key.size() > 2 && key.end()[-2] == '/')
#  474|      {
#  475|->       type = key.end()[-1];
#  476|         key.resize(key.size() - 2);
#  477|      }

Error: CPPCHECK_WARNING (CWE-825): [#def46]
apt-2.9.8-build/apt-2.9.8/apt-pkg/contrib/configuration.cc:717: error[derefInvalidIterator]: Dereference of an invalid iterator: key.end()
#  715|      string key = Name;
#  716|   
#  717|->    if (key.size() > 2 && key.end()[-2] == '/')
#  718|      {
#  719|         if (key.find_first_of("fdbi",key.size()-1) < key.size())

Error: CPPCHECK_WARNING (CWE-825): [#def47]
apt-2.9.8-build/apt-2.9.8/apt-pkg/contrib/configuration.cc:727: error[derefInvalidIterator]: Dereference of an invalid iterator: key.end()
#  725|         else
#  726|         {
#  727|->          _error->Warning(_("Unrecognized type abbreviation: '%c'"), key.end()[-3]);
#  728|         }
#  729|      }

Error: CPPCHECK_WARNING (CWE-825): [#def48]
apt-2.9.8-build/apt-2.9.8/apt-pkg/contrib/configuration.cc:1060: error[derefInvalidIterator]: Dereference of an invalid iterator: Word.end()
# 1058|   		  if (Depth > 10)
# 1059|   		     return _error->Error(_("Syntax error %s:%u: Too many nested includes"),FName.c_str(),CurLine);
# 1060|-> 		  if (Word.length() > 2 && Word.end()[-1] == '/')
# 1061|   		  {
# 1062|   		     if (ReadConfigDir(Conf,Word,AsSectional,Depth+1) == false)

Error: COMPILER_WARNING: [#def49]
apt-2.9.8-build/apt-2.9.8/apt-pkg/contrib/gpgv.cc:36:47: warning[-Wignored-attributes]: ignoring attributes on template argument ‘int (*)(FILE*)’
#   36 | static std::unique_ptr<FILE, decltype(&fclose)> make_unique_FILE(std::string const &filename, char const *const mode)
#      |                                               ^
#   34|      return {static_cast<char *>(str), &free};
#   35|   }
#   36|-> static std::unique_ptr<FILE, decltype(&fclose)> make_unique_FILE(std::string const &filename, char const *const mode)
#   37|   {
#   38|      return {fopen(filename.c_str(), mode), &fclose};

Error: CPPCHECK_WARNING (CWE-401): [#def50]
apt-2.9.8-build/apt-2.9.8/apt-pkg/contrib/mmap.cc:493: error[memleakOnRealloc]: Common realloc mistake: 'Base' nulled but not freed upon failure
#  491|   			return false;
#  492|   
#  493|-> 		Base = realloc(Base, newSize);
#  494|   		if (Base == NULL)
#  495|   			return false;

Error: CPPCHECK_WARNING (CWE-562): [#def51]
apt-2.9.8-build/apt-2.9.8/apt-pkg/orderlist.cc:142: error[danglingLifetime]: Non-local variable 'AfterEnd' will use pointer to local variable 'AfterList'.
#  140|      std::unique_ptr<Package *[]> NList(new Package *[Size]);
#  141|      std::unique_ptr<Package *[]> AfterList(new Package *[Size]);
#  142|->    AfterEnd = AfterList.get();
#  143|      
#  144|      Depth = 0;

Error: COMPILER_WARNING (CWE-252): [#def52]
apt-2.9.8-build/apt-2.9.8/apt-pkg/sourcelist.cc: scope_hint: In member function ‘void pkgSourceList::AddVolatileFiles(CommandLine&, std::vector<std::__cxx11::basic_string<char> >*)’
apt-2.9.8-build/apt-2.9.8/apt-pkg/sourcelist.cc:617:18: warning[-Wunused-result]: ignoring return value of ‘_FIter std::remove_if(_FIter, _FIter, _Predicate) [with _FIter = const char**; _Predicate = pkgSourceList::AddVolatileFiles(CommandLine&, std::vector<std::__cxx11::basic_string<char> >*)::<lambda(const char*)>]’, declared with attribute ‘nodiscard’
#  617 |    std::remove_if(CmdL.FileList + 1, CmdL.FileList + 1 + CmdL.FileSize(), [&](char const * const I) {
#      |    ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  618 |       if (I != nullptr && (I[0] == '/' || (I[0] == '.' && (I[1] == '\0' || (I[1] == '.' && (I[2] == '\0' || I[2] == '/')) || I[1] == '/'))))
#      |       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  619 |       {
#      |       ~           
#  620 |          if (AddVolatileFile(I, VolatileCmdL))
#      |          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  621 |             ;
#      |             ~     
#  622 |          else
#      |          ~~~~     
#  623 |             _error->Error(_("Unsupported file %s given on commandline"), I);
#      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  624 |          return true;
#      |          ~~~~~~~~~~~~
#  625 |       }
#      |       ~           
#  626 |       return false;
#      |       ~~~~~~~~~~~~~
#  627 |    });
#      |    ~~             
/usr/include/c++/14/algorithm:61: included_from: Included from here.
apt-2.9.8-build/apt-2.9.8/apt-pkg/sourcelist.cc:25: included_from: Included from here.
/usr/include/c++/14/bits/stl_algo.h:822:5: note: declared here
#  822 |     remove_if(_ForwardIterator __first, _ForwardIterator __last,
#      |     ^~~~~~~~~
#  615|   void pkgSourceList::AddVolatileFiles(CommandLine &CmdL, std::vector<std::string> * const VolatileCmdL)/*{{{*/
#  616|   {
#  617|->    std::remove_if(CmdL.FileList + 1, CmdL.FileList + 1 + CmdL.FileSize(), [&](char const * const I) {
#  618|         if (I != nullptr && (I[0] == '/' || (I[0] == '.' && (I[1] == '\0' || (I[1] == '.' && (I[2] == '\0' || I[2] == '/')) || I[1] == '/'))))
#  619|         {

Error: CPPCHECK_WARNING (CWE-825): [#def53]
apt-2.9.8-build/apt-2.9.8/apt-pkg/versionmatch.cc:47: error[derefInvalidIterator]: Dereference of an invalid iterator: Data.end()
#   45|      if (Type == Version)
#   46|      {
#   47|->       if (Data.end()[-1] == '*')
#   48|         {
#   49|   	 VerPrefixMatch = true;

Error: CPPCHECK_WARNING (CWE-825): [#def54]
apt-2.9.8-build/apt-2.9.8/apt-pkg/versionmatch.cc:77: error[derefInvalidIterator]: Dereference of an invalid iterator: RelVerStr.end()
#   75|   	    RelRelease = Data;
#   76|   
#   77|-> 	 if (RelVerStr.length() > 0 && RelVerStr.end()[-1] == '*')
#   78|   	 {
#   79|   	    RelVerPrefixMatch = true;

Error: CPPCHECK_WARNING (CWE-825): [#def55]
apt-2.9.8-build/apt-2.9.8/apt-pkg/versionmatch.cc:116: error[derefInvalidIterator]: Dereference of an invalid iterator: RelVerStr.end()
#  114|         }
#  115|   
#  116|->       if (RelVerStr.end()[-1] == '*')
#  117|         {
#  118|   	 RelVerPrefixMatch = true;

Error: CPPCHECK_WARNING (CWE-825): [#def56]
apt-2.9.8-build/apt-2.9.8/apt-pkg/versionmatch.cc:126: error[derefInvalidIterator]: Dereference of an invalid iterator: Data.end()
#  124|      if (Type == Origin)
#  125|      {
#  126|->       if (Data[0] == '"' && Data.length() >= 2 && Data.end()[-1] == '"')
#  127|   	 OrSite = Data.substr(1, Data.length() - 2);
#  128|         else

Error: COMPILER_WARNING (CWE-252): [#def57]
apt-2.9.8-build/apt-2.9.8/apt-private/private-install.cc: scope_hint: In function ‘std::vector<PseudoPkg> GetPseudoPackages(pkgSourceList*, CommandLine&, bool (*)(pkgSourceList*, PseudoPkg&&, std::vector<PseudoPkg>&), const std::string&)’
apt-2.9.8-build/apt-2.9.8/apt-private/private-install.cc:989:18: warning[-Wunused-result]: ignoring return value of ‘_FIter std::remove_if(_FIter, _FIter, _Predicate) [with _FIter = const char**; _Predicate = GetPseudoPackages(pkgSourceList*, CommandLine&, bool (*)(pkgSourceList*, PseudoPkg&&, std::vector<PseudoPkg>&), const std::string&)::<lambda(const char*)>]’, declared with attribute ‘nodiscard’
#  989 |    std::remove_if(CmdL.FileList + 1, CmdL.FileList + 1 + CmdL.FileSize(), [&](char const *const I) {
#      |    ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  990 |       return AddIfVolatile(SL, VolatileCmdL, Add, I, pseudoArch);
#      |       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  991 |    });
#      |    ~~             
/usr/include/c++/14/algorithm:61: included_from: Included from here.
apt-2.9.8-build/apt-2.9.8/redhat-linux-build/include/apt-pkg/cacheset.h:20: included_from: Included from here.
apt-2.9.8-build/apt-2.9.8/redhat-linux-build/include/apt-pkg/edsp.h:12: included_from: Included from here.
apt-2.9.8-build/apt-2.9.8/redhat-linux-build/include/apt-pkg/packagemanager.h:25: included_from: Included from here.
apt-2.9.8-build/apt-2.9.8/redhat-linux-build/include/apt-pkg/algorithms.h:34: included_from: Included from here.
apt-2.9.8-build/apt-2.9.8/apt-private/private-install.cc:6: included_from: Included from here.
/usr/include/c++/14/bits/stl_algo.h:822:5: note: declared here
#  822 |     remove_if(_ForwardIterator __first, _ForwardIterator __last,
#      |     ^~~~~~~~~
#  987|   {
#  988|      std::vector<PseudoPkg> VolatileCmdL;
#  989|->    std::remove_if(CmdL.FileList + 1, CmdL.FileList + 1 + CmdL.FileSize(), [&](char const *const I) {
#  990|         return AddIfVolatile(SL, VolatileCmdL, Add, I, pseudoArch);
#  991|      });

Error: CPPCHECK_WARNING (CWE-825): [#def58]
apt-2.9.8-build/apt-2.9.8/cmdline/apt-config.cc:52: error[derefInvalidIterator]: Dereference of an invalid iterator: key.end()
#   50|   
#   51|         string key = I[1];
#   52|->       if (key.end()[-1] == '/') // old directory format
#   53|   	 key.append("d");
#   54|   

Error: CPPCHECK_WARNING (CWE-825): [#def59]
apt-2.9.8-build/apt-2.9.8/ftparchive/writer.cc:250: error[derefInvalidIterator]: Dereference of an invalid iterator: Dir.end()
#  248|      char Line[1000];
#  249|      char *FileStart;
#  250|->    if (Dir.empty() == true || Dir.end()[-1] != '/')
#  251|         FileStart = Line + snprintf(Line,sizeof(Line),"%s/",Dir.c_str());
#  252|      else

Scan Properties