Error: COMPILER_WARNING (CWE-252): [#def1] catdoc-0.95-build/catdoc-0.95/src/analyze.c: scope_hint: In function ‘analyze_format’ catdoc-0.95-build/catdoc-0.95/src/analyze.c:53:12: warning[-Wunused-result]: ignoring return value of ‘fread’ declared with attribute ‘warn_unused_result’ # 53 | fread(buffer+4,1,124,f); # | ^~~~~~~~~~~~~~~~~~~~~~~ # 51| exit(1); # 52| } else if (strncmp((char *)&buffer,old_word_sign,2)==0) { # 53|-> fread(buffer+4,1,124,f); # 54| return parse_word_header(buffer,f,128,0); # 55| } Error: COMPILER_WARNING (CWE-252): [#def2] catdoc-0.95-build/catdoc-0.95/src/analyze.c:56:9: warning[-Wunused-result]: ignoring return value of ‘fread’ declared with attribute ‘warn_unused_result’ # 56 | fread(buffer+4,1,4,f); # | ^~~~~~~~~~~~~~~~~~~~~ # 54| return parse_word_header(buffer,f,128,0); # 55| } # 56|-> fread(buffer+4,1,4,f); # 57| if (strncmp((char *)&buffer,ole_sign,8)==0) { # 58| if ((new_file=ole_init(f, buffer, 8)) != NULL) { Error: COMPILER_WARNING: [#def3] catdoc-0.95-build/catdoc-0.95/src/analyze.c: scope_hint: In function ‘parse_word_header’ catdoc-0.95-build/catdoc-0.95/src/analyze.c:150:74: warning[-Wformat=]: format ‘%lx’ expects argument of type ‘long unsigned int’, but argument 3 has type ‘int32_t’ {aka ‘int’} # 150 | fprintf(stderr,"[File is encrypted. Encryption key = %08lx]\n", # | ~~~~^ # | | # | long unsigned int # | %08x # 151 | getlong(buffer,14)); # | ~~~~~~~~~~~~~~~~~~ # | | # | int32_t {aka int} # 148| } # 149| if (flags & fEncrypted) { # 150|-> fprintf(stderr,"[File is encrypted. Encryption key = %08lx]\n", # 151| getlong(buffer,14)); # 152| return 69; Error: COMPILER_WARNING (CWE-681): [#def4] catdoc-0.95-build/catdoc-0.95/src/catdoc.c: scope_hint: In function ‘main’ catdoc-0.95-build/catdoc-0.95/src/catdoc.c:115:29: warning[-Wpointer-sign]: pointer targets in assignment from ‘uint16_t *’ {aka ‘short unsigned int *’} to ‘short int *’ differ in signedness # 115 | tmp_charset = read_charset(dest_csname); # | ^ # 113| if (!source_charset) exit(1); # 114| if (strncmp(dest_csname,"utf-8",6)) { # 115|-> tmp_charset = read_charset(dest_csname); # 116| if (!tmp_charset) exit(1); # 117| target_charset= make_reverse_map(tmp_charset); Error: COMPILER_WARNING (CWE-681): [#def5] catdoc-0.95-build/catdoc-0.95/src/catppt.c: scope_hint: In function ‘main’ catdoc-0.95-build/catdoc-0.95/src/catppt.c:103:28: warning[-Wpointer-sign]: pointer targets in assignment from ‘uint16_t *’ {aka ‘short unsigned int *’} to ‘short int *’ differ in signedness # 103 | tmp_charset=read_charset(dest_csname); # | ^ # 101| input_buffer=malloc(FILE_BUFFER); # 102| if (strcmp(dest_csname,"utf-8")) { # 103|-> tmp_charset=read_charset(dest_csname); # 104| if (!tmp_charset) { # 105| fprintf(stderr,"Cannot load target charset %s\n",dest_csname); Error: GCC_ANALYZER_WARNING (CWE-476): [#def6] catdoc-0.95-build/catdoc-0.95/src/charsets.c: scope_hint: In function ‘read_charset’ catdoc-0.95-build/catdoc-0.95/src/charsets.c:95:23: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘new’ # 93| new = calloc(sizeof(short int),256); # 94| for (c=0;c<32;c++) { # 95|-> new[c]=c; # 96| } # 97| while (!feof(f)) { Error: COMPILER_WARNING (CWE-252): [#def7] catdoc-0.95-build/catdoc-0.95/src/confutil.c: scope_hint: In function ‘read_config_file’ catdoc-0.95-build/catdoc-0.95/src/confutil.c:34:17: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ # 34 | fgets(line,1024,f); # | ^~~~~~~~~~~~~~~~~~ # 32| if (!f) return; # 33| while (!feof(f)) { # 34|-> fgets(line,1024,f); # 35| if (feof(f)) break; # 36| lineno++; Error: GCC_ANALYZER_WARNING (CWE-775): [#def8] catdoc-0.95-build/catdoc-0.95/src/confutil.c: scope_hint: In function ‘read_config_file’ catdoc-0.95-build/catdoc-0.95/src/confutil.c:39:24: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "rb")’ # 37| if ((c=strchr(line,'#'))) *c='\0'; # 38| name=line; # 39|-> while (*name&&isspace(*name)) name++; # 40| if (!*name) continue; # 41| for (value=name;*value&&(isalnum(*value)||*value=='_'); value++); Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] catdoc-0.95-build/catdoc-0.95/src/confutil.c:39:24: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’ # 37| if ((c=strchr(line,'#'))) *c='\0'; # 38| name=line; # 39|-> while (*name&&isspace(*name)) name++; # 40| if (!*name) continue; # 41| for (value=name;*value&&(isalnum(*value)||*value=='_'); value++); Error: GCC_ANALYZER_WARNING (CWE-688): [#def10] catdoc-0.95-build/catdoc-0.95/src/confutil.c: scope_hint: In function ‘get_locale_charset’ catdoc-0.95-build/catdoc-0.95/src/confutil.c:126:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘newstr’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 124| } # 125| newstr = malloc(strlen(codeset)-4+2+1); # 126|-> strcpy(newstr,"cp"); # 127| strcpy(newstr+2,codeset+4); # 128| if (check_charset(&dest_csname,newstr)) { Error: GCC_ANALYZER_WARNING (CWE-688): [#def11] catdoc-0.95-build/catdoc-0.95/src/confutil.c:137:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘newstr’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null # 135| if (*codeset == '-') codeset++; # 136| newstr=malloc(strlen(codeset)+2+1); # 137|-> strcpy(newstr,"cp"); # 138| strcpy(newstr+2,codeset); # 139| if (check_charset(&dest_csname, newstr)) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def12] catdoc-0.95-build/catdoc-0.95/src/confutil.c:145:31: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘i’ # 143| } else { # 144| char *i,*newstr = strdup(codeset); # 145|-> for (i=newstr;*i;i++) { # 146| *i=tolower(*i); # 147| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] catdoc-0.95-build/catdoc-0.95/src/confutil.c:148:20: warning[-Wanalyzer-malloc-leak]: leak of ‘i’ # 146| *i=tolower(*i); # 147| } # 148|-> if (check_charset(&dest_csname,newstr)) { # 149| locale_charset = dest_csname; # 150| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def14] catdoc-0.95-build/catdoc-0.95/src/confutil.c:148:20: warning[-Wanalyzer-malloc-leak]: leak of ‘newstr’ catdoc-0.95-build/catdoc-0.95/src/confutil.c:11: included_from: Included from here. # 146| *i=tolower(*i); # 147| } # 148|-> if (check_charset(&dest_csname,newstr)) { # 149| locale_charset = dest_csname; # 150| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] catdoc-0.95-build/catdoc-0.95/src/fileutil.c: scope_hint: In function ‘check_charset’ catdoc-0.95-build/catdoc-0.95/src/fileutil.c:32:13: warning[-Wanalyzer-malloc-leak]: leak of ‘find_file(stradd(charset, ".txt"), charset_path)’ # 30| /************************************************************************/ # 31| int prepare_path_buf(char *path_buf, const char *start, const char *end) { # 32|-> if (*start == '~' && start[1] == DIR_SEP) { # 33| char *home=getenv("HOME"); # 34| start++; Error: GCC_ANALYZER_WARNING (CWE-476): [#def16] catdoc-0.95-build/catdoc-0.95/src/fileutil.c: scope_hint: In function ‘list_charsets’ catdoc-0.95-build/catdoc-0.95/src/fileutil.c:253:36: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘ptr’ # 251| #else # 252| count=0;printf("Available charsets:"); # 253|-> for (ptr=glob_buf.gl_pathv;*ptr;ptr++) { # 254| printf("%c",(count++)%5?'\t':'\n'); # 255| p=strrchr(*ptr,dir_sep[0]); Error: COMPILER_WARNING (CWE-252): [#def17] catdoc-0.95-build/catdoc-0.95/src/ole.c: scope_hint: In function ‘ole_init’ catdoc-0.95-build/catdoc-0.95/src/ole.c:191:25: warning[-Wunused-result]: ignoring return value of ‘fread’ declared with attribute ‘warn_unused_result’ # 191 | fread(SBD+sbdLen*sectorSize, 1, sectorSize, newfile); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 189| while(1) { # 190| fseek(newfile, 512+sbdCurrent*sectorSize, SEEK_SET); # 191|-> fread(SBD+sbdLen*sectorSize, 1, sectorSize, newfile); # 192| sbdLen++; # 193| if (sbdLen >= sbdMaxLen) { Error: GCC_ANALYZER_WARNING (CWE-127): [#def18] catdoc-0.95-build/catdoc-0.95/src/reader.c: scope_hint: In function ‘process_file’ catdoc-0.95-build/catdoc-0.95/src/reader.c:175:40: warning[-Wanalyzer-out-of-bounds]: buffer under-read catdoc-0.95-build/catdoc-0.95/src/reader.c:175:40: note: valid subscripts for ‘buffer’ are ‘[0]’ to ‘[262143]’ # 173| } while (bufptr<=PARAGRAPH_BUFFER-2 && # 174| !catdoc_eof(f) && # 175|-> buffer[bufptr]!=0x000a); # 176| if (bufptr>0) { # 177| buffer[++bufptr]=0; Error: COMPILER_WARNING (CWE-681): [#def19] catdoc-0.95-build/catdoc-0.95/src/rtfread.c: scope_hint: In function ‘parse_rtf’ catdoc-0.95-build/catdoc-0.95/src/rtfread.c:199:24: warning[-Wpointer-sign]: pointer targets in assignment from ‘uint16_t *’ {aka ‘short unsigned int *’} to ‘short int *’ differ in signedness # 199 | current_charset=source_charset; # | ^ # 197| int group_count=0, group_store=20; # 198| int bufptr=-1; # 199|-> current_charset=source_charset; # 200| fseek(f,0,SEEK_SET); # 201| if((groups=(RTFGroupData*)calloc(group_store,sizeof(RTFGroupData))) == NULL ) { Error: CPPCHECK_WARNING (CWE-401): [#def20] catdoc-0.95-build/catdoc-0.95/src/rtfread.c:319: error[memleakOnRealloc]: Common realloc mistake: 'groups' nulled but not freed upon failure # 317| if (group_count >= group_store ) { # 318| group_store+=10; # 319|-> if((groups=(RTFGroupData*)realloc(groups, # 320| group_store*sizeof(RTFGroupData))) # 321| == NULL ) { Error: COMPILER_WARNING (CWE-681): [#def21] catdoc-0.95-build/catdoc-0.95/src/rtfread.c: scope_hint: In function ‘rtf_to_unicode’ catdoc-0.95-build/catdoc-0.95/src/rtfread.c:439:40: warning[-Wpointer-sign]: pointer targets in passing argument 1 of ‘to_unicode’ differ in signedness # 439 | if (code < 0 || (cc=to_unicode(current_charset, code)) < 0 ) return 0xFEFF; # | ^~~~~~~~~~~~~~~ # | | # | short int * catdoc-0.95-build/catdoc-0.95/src/rtfread.c:15: included_from: Included from here. catdoc-0.95-build/catdoc-0.95/src/catdoc.h:211:34: note: expected ‘uint16_t *’ {aka ‘short unsigned int *’} but argument is of type ‘short int *’ # 211 | extern int to_unicode (uint16_t *charset, int c) ; # | ~~~~~~~~~~^~~~~~~ # 437| unsigned short int rtf_to_unicode(int code) { # 438| int cc=code; # 439|-> if (code < 0 || (cc=to_unicode(current_charset, code)) < 0 ) return 0xFEFF; # 440| return cc; # 441| } Error: COMPILER_WARNING (CWE-681): [#def22] catdoc-0.95-build/catdoc-0.95/src/rtfread.c: scope_hint: In function ‘rtfSetCharset’ catdoc-0.95-build/catdoc-0.95/src/rtfread.c:492:22: warning[-Wpointer-sign]: pointer targets in assignment from ‘uint16_t *’ {aka ‘short unsigned int *’} to ‘short int *’ differ in signedness # 492 | *charset_ptr = read_charset(source_csname); # | ^ # 490| check_charset(&source_csname,charset_name); # 491| input_buffer=NULL; # 492|-> *charset_ptr = read_charset(source_csname); # 493| input_buffer = save_buf; # 494| } Error: COMPILER_WARNING (CWE-681): [#def23] catdoc-0.95-build/catdoc-0.95/src/xls2csv.c: scope_hint: In function ‘main’ catdoc-0.95-build/catdoc-0.95/src/xls2csv.c:122:28: warning[-Wpointer-sign]: pointer targets in assignment from ‘uint16_t *’ {aka ‘short unsigned int *’} to ‘short int *’ differ in signedness # 122 | tmp_charset=read_charset(dest_csname); # | ^ # 120| input_buffer=malloc(FILE_BUFFER); # 121| if (strcmp(dest_csname,"utf-8")) { # 122|-> tmp_charset=read_charset(dest_csname); # 123| if (!tmp_charset) { # 124| fprintf(stderr,"Cannot load target charset %s\n",dest_csname); Error: CPPCHECK_WARNING (CWE-401): [#def24] catdoc-0.95-build/catdoc-0.95/src/xlsparse.c:519: error[memleakOnRealloc]: Common realloc mistake: 'dest' nulled but not freed upon failure # 517| while (l+dl>=len) { # 518| len+=16; # 519|-> dest=realloc(dest,len+1); # 520| } # 521| d=dest+l; Error: GCC_ANALYZER_WARNING (CWE-688): [#def25] catdoc-0.95-build/catdoc-0.95/src/xlsparse.c: scope_hint: In function ‘copy_unicode_string’ catdoc-0.95-build/catdoc-0.95/src/xlsparse.c:522:25: warning[-Wanalyzer-null-argument]: use of NULL ‘d’ where non-null expected <built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null # 520| } # 521| d=dest+l; # 522|-> strcpy((char *)d,(char *)c); # 523| l+=dl; # 524| }
| analyzer-version-clippy | 1.82.0 |
| analyzer-version-cppcheck | 2.16.0 |
| analyzer-version-gcc | 14.2.1 |
| analyzer-version-gcc-analyzer | 15.0.0 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-70.us-west-2.compute.internal |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | catdoc-0.95-26.fc42 |
| store-results-to | /tmp/tmp0n8_mxp7/catdoc-0.95-26.fc42.tar.xz |
| time-created | 2024-11-12 23:19:12 |
| time-finished | 2024-11-12 23:20:21 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmp0n8_mxp7/catdoc-0.95-26.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp0n8_mxp7/catdoc-0.95-26.fc42.src.rpm' |
| tool-version | csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9 |