authselect-1.5.0-8.fc42

List of Findings

Error: SHELLCHECK_WARNING (CWE-758): [#def1]
/etc/bash_completion.d/authselect-completion.sh:1:1: error[SC2148]: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
#    1|-> #
#    2|   #    Authors:
#    3|   #        Tomas Halman <thalman@redhat.com>

Error: SHELLCHECK_WARNING (CWE-140): [#def2]
/etc/bash_completion.d/authselect-completion.sh:199:24: warning[SC2207]: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
#  197|       if [[ "$possibleopts" != "" ]]; then
#  198|           if [[ "${COMP_WORDS[$COMP_CWORD]}" = "=" ]]; then
#  199|->             COMPREPLY=($(compgen -W "$possibleopts"))
#  200|           else
#  201|               COMPREPLY=($(compgen -W "$possibleopts" -- "${COMP_WORDS[$COMP_CWORD]}"))

Error: SHELLCHECK_WARNING (CWE-140): [#def3]
/etc/bash_completion.d/authselect-completion.sh:201:24: warning[SC2207]: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
#  199|               COMPREPLY=($(compgen -W "$possibleopts"))
#  200|           else
#  201|->             COMPREPLY=($(compgen -W "$possibleopts" -- "${COMP_WORDS[$COMP_CWORD]}"))
#  202|           fi
#  203|       else

Error: SHELLCHECK_WARNING (CWE-569): [#def4]
/etc/bash_completion.d/authselect-completion.sh:206:26: warning[SC2124]: Assigning an array to a string! Assign as array, or use * instead of @ to concatenate.
#  204|           command="$(get_command)"
#  205|           if [[ "$command" = "" ]]; then
#  206|->             possibleopts="$(get_global_options) ${COMMANDS[@]}"
#  207|           else
#  208|               possibleopts="$(get_global_options) $(get_command_params) $(get_command_keywords) $(get_command_options)"

Error: SHELLCHECK_WARNING (CWE-140): [#def5]
/etc/bash_completion.d/authselect-completion.sh:210:20: warning[SC2207]: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
#  208|               possibleopts="$(get_global_options) $(get_command_params) $(get_command_keywords) $(get_command_options)"
#  209|           fi
#  210|->         COMPREPLY=($(compgen -W "$possibleopts" -- "${COMP_WORDS[$COMP_CWORD]}"))
#  211|       fi
#  212|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
authselect-1.5.0-build/authselect-1.5.0/src/cli/main.c: scope_hint: In function ‘requirements’
authselect-1.5.0-build/authselect-1.5.0/src/cli/main.c:540:12: warning[-Wanalyzer-malloc-leak]: leak of ‘features’
authselect-1.5.0-build/authselect-1.5.0/src/cli/main.c:32: included_from: Included from here.
authselect-1.5.0-build/authselect-1.5.0/src/common/common.h:42:22: note: in definition of macro ‘malloc_zero_array’
authselect-1.5.0-build/authselect-1.5.0/src/cli/main.c:83:16: note: in expansion of macro ‘malloc_zero_array’
authselect-1.5.0-build/authselect-1.5.0/src/cli/main.c:516:9: note: in expansion of macro ‘ERROR’
#  538|       authselect_profile_free(profile);
#  539|   
#  540|->     return ret;
#  541|   }
#  542|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
authselect-1.5.0-build/authselect-1.5.0/src/lib/profiles/read.c: scope_hint: In function 'authselect_profile_read'
authselect-1.5.0-build/authselect-1.5.0/src/lib/profiles/read.c:289:19: warning[-Wanalyzer-malloc-leak]: leak of 'authselect_profile_init(profile_id)'
authselect-1.5.0-build/authselect-1.5.0/src/lib/profiles/read.c:27: included_from: Included from here.
authselect-1.5.0-build/authselect-1.5.0/src/lib/profiles/read.c:254:15: note: in expansion of macro 'malloc_zero'
authselect-1.5.0-build/authselect-1.5.0/src/lib/profiles/read.c:168:13: note: in expansion of macro 'ERROR'
#  287|       }
#  288|   
#  289|->     profile->path = location;
#  290|   
#  291|       ret = authselect_profile_read_readme(location, dirfd, &profile->name,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
authselect-1.5.0-build/authselect-1.5.0/src/lib/profiles/read.c:315:8: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
authselect-1.5.0-build/authselect-1.5.0/src/lib/profiles/read.c:168:13: note: in expansion of macro 'ERROR'
#  313|       close(dirfd);
#  314|   
#  315|->     if (ret != EOK) {
#  316|           ERROR("Unable to find profile [%s] [%d]: %s",
#  317|                 profile_id, ret, strerror(ret));

Error: GCC_ANALYZER_WARNING (CWE-688): [#def9]
authselect-1.5.0-build/authselect-1.5.0/src/lib/util/file.c: scope_hint: In function 'file_make_path.part.0'
authselect-1.5.0-build/authselect-1.5.0/src/lib/util/file.c:340:11: warning[-Wanalyzer-null-argument]: use of NULL 'path' where non-null expected
authselect-1.5.0-build/authselect-1.5.0/src/common/gettext.h:25: included_from: Included from here.
authselect-1.5.0-build/authselect-1.5.0/src/common/common.h:30: included_from: Included from here.
authselect-1.5.0-build/authselect-1.5.0/src/lib/util/file.c:31: included_from: Included from here.
authselect-1.5.0-build/authselect-1.5.0/src/lib/util/file.c:281:9: note: in expansion of macro 'ERROR'
authselect-1.5.0-build/authselect-1.5.0/src/lib/util/file.c:28: included_from: Included from here.
/usr/include/sys/stat.h:389:12: note: argument 1 of 'mkdir' must be non-null
#  338|       }
#  339|   
#  340|->     ret = mkdir(path, mode);
#  341|       if (ret != 0) {
#  342|           return errno;

Error: GCC_ANALYZER_WARNING (CWE-416): [#def10]
authselect-1.5.0-build/authselect-1.5.0/src/lib/util/string_array.c: scope_hint: In function 'string_array_free.part.0'
authselect-1.5.0-build/authselect-1.5.0/src/lib/util/string_array.c:100:22: warning[-Wanalyzer-use-after-free]: use after 'reallocarray' of 'array'
authselect-1.5.0-build/authselect-1.5.0/src/lib/util/string_array.c:28: included_from: Included from here.
authselect-1.5.0-build/authselect-1.5.0/src/lib/util/string_array.c:81:19: note: in expansion of macro 'realloc_array'
#   98|       }
#   99|   
#  100|->     for (i = 0; array[i] != NULL; i++) {
#  101|           free(array[i]);
#  102|       }

Scan Properties