Fixed findings

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-121): [#def1]
certmonger-0.79.20-build/certmonger-0.79.20/src/local-getcert.c:3: included_from: Included from here.
certmonger-0.79.20-build/certmonger-0.79.20/src/getcert.c: scope_hint: In function ‘request’
certmonger-0.79.20-build/certmonger-0.79.20/src/getcert.c:826:13: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
certmonger-0.79.20-build/certmonger-0.79.20/src/getcert.c:826:13: note: write of 3 bytes to beyond the end of ‘subject_default’
certmonger-0.79.20-build/certmonger-0.79.20/src/getcert.c:826:13: note: valid subscripts for ‘subject_default’ are ‘[0]’ to ‘[2047]’
certmonger-0.79.20-build/certmonger-0.79.20/src/getcert.c:30: included_from: Included from here.
/usr/include/unistd.h:911:12: note: parameter 1 of ‘gethostname’ marked with attribute ‘access (write_only, 1, 2)’
#  824|   	memset(subject_default, '\0', sizeof(subject_default));
#  825|   	strcpy(subject_default, "CN=");
#  826|-> 	if (gethostname(subject_default + 3,
#  827|   			sizeof(subject_default) - 4) != 0) {
#  828|   		strcpy(subject_default, "CN=localhost");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c:4716:65: warning[-Wanalyzer-malloc-leak]: leak of ‘make_property("external-helper", 1, 2, 0, 0, &ca_prop_get_external_helper, 0, 0, 0, 0, & ca_prop_set_external_helper, 0, 0, 0, 0, 0)’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
certmonger-0.79.20-build/certmonger-0.79.20/src/tdbush.c: scope_hint: In function ‘cm_tdbush_iface_ca’
# 4714|   	case cm_tdbush_property_special:
# 4715|   		assert(ret->cm_offset == 0);
# 4716|-> 		if ((ret->cm_access == cm_tdbush_property_read) ||
# 4717|   		    (ret->cm_access == cm_tdbush_property_readwrite)) {
# 4718|   			switch (ret->cm_bus_type) {

Scan Properties

analyzer-version-clippy	1.82.0
analyzer-version-cppcheck	2.16.0
analyzer-version-gcc	14.2.1
analyzer-version-gcc-analyzer	15.0.0
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
diffbase-analyzer-version-clippy	1.82.0
diffbase-analyzer-version-cppcheck	2.16.0
diffbase-analyzer-version-gcc	14.2.1
diffbase-analyzer-version-gcc-analyzer	15.0.0
diffbase-analyzer-version-shellcheck	0.10.0
diffbase-analyzer-version-unicontrol	0.0.2
diffbase-enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code	0
diffbase-host	ip-172-16-1-204.us-west-2.compute.internal
diffbase-mock-config	fedora-rawhide-gcc-latest-x86_64
diffbase-project-name	certmonger-0.79.20-3.fc42
diffbase-store-results-to	/tmp/tmpms52ao35/certmonger-0.79.20-3.fc42.tar.xz
diffbase-time-created	2024-11-12 23:22:49
diffbase-time-finished	2024-11-12 23:26:09
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmpms52ao35/certmonger-0.79.20-3.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpms52ao35/certmonger-0.79.20-3.fc42.src.rpm'
diffbase-tool-version	csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-204.us-west-2.compute.internal
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	certmonger-0.79.20-2.fc41
store-results-to	/tmp/tmph4fbdv3p/certmonger-0.79.20-2.fc41.tar.xz
time-created	2024-11-12 23:18:43
time-finished	2024-11-12 23:22:37
title	Fixed findings
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmph4fbdv3p/certmonger-0.79.20-2.fc41.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmph4fbdv3p/certmonger-0.79.20-2.fc41.src.rpm'
tool-version	csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9