chrony-4.6-0.1.pre1.fc41

List of Findings

Error: SHELLCHECK_WARNING (CWE-457): [#def1]
/etc/dhcp/dhclient.d/chrony.sh:4:30: warning[SC2154]: interface is referenced but not assigned.
#    2|   
#    3|   CHRONY_SOURCEDIR=/run/chrony-dhcp
#    4|-> SERVERFILE=$CHRONY_SOURCEDIR/$interface.sources
#    5|   
#    6|   chrony_config() {

Error: SHELLCHECK_WARNING (CWE-457): [#def2]
/etc/dhcp/dhclient.d/chrony.sh:13:17: warning[SC2154]: new_ntp_servers is referenced but not assigned.
#   11|   	if [ "$PEERNTP" != "no" ]; then
#   12|   		mkdir -p $CHRONY_SOURCEDIR
#   13|-> 		for server in $new_ntp_servers; do
#   14|   			echo "server $server ${NTPSERVERARGS:-iburst}" >> "$SERVERFILE"
#   15|   		done

Error: GCC_ANALYZER_WARNING (CWE-457): [#def3]
chrony-4.6-build/chrony-4.6-pre1/getdate.c: scope_hint: In function ‘gd_parse’
chrony-4.6-build/chrony-4.6-pre1/getdate.c:676:7: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyss’
chrony-4.6-build/chrony-4.6-pre1/getdate.c:661:9: note: in expansion of macro ‘YYCOPY’
chrony-4.6-build/chrony-4.6-pre1/getdate.c:1225:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
chrony-4.6-build/chrony-4.6-pre1/getdate.c:661:9: note: in expansion of macro ‘YYCOPY’
chrony-4.6-build/chrony-4.6-pre1/getdate.c:1225:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
chrony-4.6-build/chrony-4.6-pre1/getdate.c:661:9: note: in expansion of macro ‘YYCOPY’
chrony-4.6-build/chrony-4.6-pre1/getdate.c:1225:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
#  674|   #  if defined __GNUC__ && 1 < __GNUC__
#  675|   #   define YYCOPY(Dst, Src, Count) \
#  676|->       __builtin_memcpy (Dst, Src, YY_CAST (YYSIZE_T, (Count)) * sizeof (*(Src)))
#  677|   #  else
#  678|   #   define YYCOPY(Dst, Src, Count)              \

Error: GCC_ANALYZER_WARNING (CWE-457): [#def4]
chrony-4.6-build/chrony-4.6-pre1/getdate.c:1352:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*(unsigned int *)<unknown>’
# 1350|        unconditionally makes the parser a bit smaller, and it avoids a
# 1351|        GCC warning that YYVAL may be used uninitialized.  */
# 1352|->   yyval = yyvsp[1-yylen];
# 1353|   
# 1354|   

Error: CPPCHECK_WARNING (CWE-457): [#def5]
chrony-4.6-build/chrony-4.6-pre1/hwclock.c:192: warning[uninitvar]: Uninitialized variable: min_delay
#  190|       }
#  191|   
#  192|->     if (i == 0 || min_delay > delay) {
#  193|         min_delay = delay;
#  194|         min_reading = i;

Error: CPPCHECK_WARNING (CWE-457): [#def6]
chrony-4.6-build/chrony-4.6-pre1/keys.c:339: error[uninitvar]: Uninitialized variable: buf
#  337|     switch (key->class) {
#  338|       case NTP_MAC:
#  339|->       return HSH_Hash(key->data.ntp_mac.hash_id, buf, 0, buf, 0, buf, sizeof (buf));
#  340|       case CMAC:
#  341|         return CMC_Hash(key->data.cmac, buf, 0, buf, sizeof (buf));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def7]
chrony-4.6-build/chrony-4.6-pre1/main.c: scope_hint: In function ‘go_daemon’
chrony-4.6-build/chrony-4.6-pre1/main.c:386:10: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 0)’
#  384|         /* Open /dev/null as new stdin/out/err */
#  385|         errno = 0;
#  386|->       if (open(DEV_NULL, O_RDONLY) != STDIN_FILENO ||
#  387|             open(DEV_NULL, O_WRONLY) != STDOUT_FILENO ||
#  388|             open(DEV_NULL, O_RDWR) != STDERR_FILENO)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def8]
chrony-4.6-build/chrony-4.6-pre1/main.c:386:52: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 1)’
#  384|         /* Open /dev/null as new stdin/out/err */
#  385|         errno = 0;
#  386|->       if (open(DEV_NULL, O_RDONLY) != STDIN_FILENO ||
#  387|             open(DEV_NULL, O_WRONLY) != STDOUT_FILENO ||
#  388|             open(DEV_NULL, O_RDWR) != STDERR_FILENO)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def9]
chrony-4.6-build/chrony-4.6-pre1/main.c:387:53: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 2)’
#  385|         errno = 0;
#  386|         if (open(DEV_NULL, O_RDONLY) != STDIN_FILENO ||
#  387|->           open(DEV_NULL, O_WRONLY) != STDOUT_FILENO ||
#  388|             open(DEV_NULL, O_RDWR) != STDERR_FILENO)
#  389|           LOG_FATAL("Could not open %s : %s", DEV_NULL, strerror(errno));

Scan Properties

analyzer-version-clippy	1.82.0
analyzer-version-cppcheck	2.16.0
analyzer-version-gcc	14.2.1
analyzer-version-gcc-analyzer	15.0.0
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-226.us-west-2.compute.internal
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	chrony-4.6-0.1.pre1.fc41
store-results-to	/tmp/tmppl4efsne/chrony-4.6-0.1.pre1.fc41.tar.xz
time-created	2024-11-12 23:25:33
time-finished	2024-11-12 23:27:15
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmppl4efsne/chrony-4.6-0.1.pre1.fc41.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmppl4efsne/chrony-4.6-0.1.pre1.fc41.src.rpm'
tool-version	csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9