c-ares-1.34.2-1.fc42

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-476): [#def1]
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/ares_getnameinfo.c: scope_hint: In function ‘ares_getnameinfo_int’
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/ares_getnameinfo.c:173:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘addr’
#  171|         if (sa->sa_family == AF_INET) {
#  172|           niquery->family = AF_INET;
#  173|->         memcpy(&niquery->addr.addr4, addr, sizeof(niquery->addr.addr4));
#  174|           ares_gethostbyaddr_nolock(channel, &addr->sin_addr,
#  175|                                     sizeof(struct in_addr), AF_INET,

Error: GCC_ANALYZER_WARNING (CWE-688): [#def2]
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/ares_getnameinfo.c:179:9: warning[-Wanalyzer-null-argument]: use of NULL ‘addr6’ where non-null expected
<built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null
#  177|         } else {
#  178|           niquery->family = AF_INET6;
#  179|->         memcpy(&niquery->addr.addr6, addr6, sizeof(niquery->addr.addr6));
#  180|           ares_gethostbyaddr_nolock(channel, &addr6->sin6_addr,
#  181|                                     sizeof(struct ares_in6_addr), AF_INET6,

Error: CPPCHECK_WARNING (CWE-457): [#def3]
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/ares_sysconfig_files.c:355: error[legacyUninitvar]: Uninitialized variable: lookupstr
#  353|   
#  354|       /* Look for a duplicate and ignore */
#  355|->     if (memchr(lookupstr, ch, lookupstr_cnt) == NULL) {
#  356|         lookupstr[lookupstr_cnt++] = ch;
#  357|       }

Error: COMPILER_WARNING (CWE-252): [#def4]
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/event/ares_event_wake_pipe.c: scope_hint: In function ‘ares_pipeevent_signal’
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/event/ares_event_wake_pipe.c:118:9: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
#  118 |   (void)write(p->filedes[1], "1", 1);
#      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  116|   
#  117|     p = e->data;
#  118|->   (void)write(p->filedes[1], "1", 1);
#  119|   }
#  120|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def5]
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/util/ares_rand.c: scope_hint: In function ‘ares_rand_bytes_fetch’
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/util/ares_rand.c:337:14: warning[-Wanalyzer-file-leak]: leak of FILE ‘*state.state.rand_file’
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/util/ares_rand.c: scope_hint: In function ‘ares_rand_bytes_fetch’
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/util/ares_rand.c: scope_hint: In function ‘ares_rand_bytes_fetch’
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/util/ares_rand.c: scope_hint: In function ‘ares_rand_bytes_fetch’
#  335|             size_t rv = fread(buf + bytes_read, 1, len - bytes_read,
#  336|                               state->state.rand_file);
#  337|->           if (rv == 0) {
#  338|               break; /* critical error, will reinit rand state */
#  339|             }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/util/ares_rand.c:337:14: warning[-Wanalyzer-malloc-leak]: leak of ‘*state.state.rand_file’
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/util/ares_rand.c: scope_hint: In function ‘ares_rand_bytes_fetch’
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/util/ares_rand.c: scope_hint: In function ‘ares_rand_bytes_fetch’
c-ares-1.34.2-build/c-ares-1.34.2/src/lib/util/ares_rand.c: scope_hint: In function ‘ares_rand_bytes_fetch’
#  335|             size_t rv = fread(buf + bytes_read, 1, len - bytes_read,
#  336|                               state->state.rand_file);
#  337|->           if (rv == 0) {
#  338|               break; /* critical error, will reinit rand state */
#  339|             }

Scan Properties