cups-2.4.11-2.fc42

List of Findings

Error: SHELLCHECK_WARNING (CWE-563): [#def1]
/usr/bin/cups-config:17:1: warning[SC2034]: prefix appears unused. Verify use (or export if used externally).
#   15|   BUILD="cups-2.4.11"
#   16|   
#   17|-> prefix=/usr
#   18|   exec_prefix=/usr
#   19|   bindir=/usr/bin

Error: SHELLCHECK_WARNING (CWE-563): [#def2]
/usr/bin/cups-config:18:1: warning[SC2034]: exec_prefix appears unused. Verify use (or export if used externally).
#   16|   
#   17|   prefix=/usr
#   18|-> exec_prefix=/usr
#   19|   bindir=/usr/bin
#   20|   includedir=/usr/include

Error: SHELLCHECK_WARNING (CWE-563): [#def3]
/usr/bin/cups-config:19:1: warning[SC2034]: bindir appears unused. Verify use (or export if used externally).
#   17|   prefix=/usr
#   18|   exec_prefix=/usr
#   19|-> bindir=/usr/bin
#   20|   includedir=/usr/include
#   21|   # Fetch libdir from gnutls's pkg-config script.  This is a bit

Error: SHELLCHECK_WARNING (CWE-563): [#def4]
/usr/bin/cups-config:24:1: warning[SC2034]: datarootdir appears unused. Verify use (or export if used externally).
#   22|   # of a cheat, but the cups-devel package requires gnutls-devel anyway.
#   23|   libdir=`pkg-config --variable=libdir gnutls`
#   24|-> datarootdir=/usr/share
#   25|   datadir=/usr/share
#   26|   sysconfdir=/etc

Error: SHELLCHECK_WARNING (CWE-563): [#def5]
/usr/bin/cups-config:25:1: warning[SC2034]: datadir appears unused. Verify use (or export if used externally).
#   23|   libdir=`pkg-config --variable=libdir gnutls`
#   24|   datarootdir=/usr/share
#   25|-> datadir=/usr/share
#   26|   sysconfdir=/etc
#   27|   cups_datadir=/usr/share/cups

Error: SHELLCHECK_WARNING (CWE-563): [#def6]
/usr/bin/cups-config:26:1: warning[SC2034]: sysconfdir appears unused. Verify use (or export if used externally).
#   24|   datarootdir=/usr/share
#   25|   datadir=/usr/share
#   26|-> sysconfdir=/etc
#   27|   cups_datadir=/usr/share/cups
#   28|   cups_serverbin=/usr/lib/cups

Error: CPPCHECK_WARNING (CWE-401): [#def7]
cups-2.4.11-build/cups-2.4.11/backend/dnssd.c:883: error[memleak]: Memory leak: device.fullName
#  881|         }
#  882|   
#  883|->       return (device);
#  884|       }
#  885|   

Error: CPPCHECK_WARNING (CWE-252): [#def8]
cups-2.4.11-build/cups-2.4.11/backend/snmp.c:797: error[leakReturnValNotUsed]: Return value of allocation function 'add_array' is not stored.
#  795|   
#  796|     if (address)
#  797|->     add_array(Addresses, address);
#  798|   
#  799|     if ((debug = getenv("CUPS_DEBUG_LEVEL")) != NULL)

Error: CPPCHECK_WARNING (CWE-252): [#def9]
cups-2.4.11-build/cups-2.4.11/backend/snmp.c:830: error[leakReturnValNotUsed]: Return value of allocation function 'add_array' is not stored.
#  828|         {
#  829|           if (!address)
#  830|->           add_array(Addresses, value);
#  831|         }
#  832|         else if (!_cups_strcasecmp(line, "Community"))

Error: CPPCHECK_WARNING (CWE-252): [#def10]
cups-2.4.11-build/cups-2.4.11/backend/snmp.c:833: error[leakReturnValNotUsed]: Return value of allocation function 'add_array' is not stored.
#  831|         }
#  832|         else if (!_cups_strcasecmp(line, "Community"))
#  833|->         add_array(Communities, value);
#  834|         else if (!_cups_strcasecmp(line, "DebugLevel"))
#  835|           DebugLevel = atoi(value);

Error: CPPCHECK_WARNING (CWE-252): [#def11]
cups-2.4.11-build/cups-2.4.11/backend/snmp.c:879: error[leakReturnValNotUsed]: Return value of allocation function 'add_array' is not stored.
#  877|     {
#  878|       fputs("INFO: Using default SNMP Community public\n", stderr);
#  879|->     add_array(Communities, "public");
#  880|     }
#  881|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def12]
cups-2.4.11-build/cups-2.4.11/cgi-bin/help-index.c: scope_hint: In function ‘help_load_file’
cups-2.4.11-build/cups-2.4.11/cgi-bin/help-index.c:1041:16: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘node’
# 1039|         */
# 1040|   
# 1041|->       for (ptr = node->text, text = node->text; *ptr;)
# 1042|   	if (isspace(*ptr & 255))
# 1043|   	{

Error: GCC_ANALYZER_WARNING (CWE-476): [#def13]
cups-2.4.11-build/cups-2.4.11/cgi-bin/help-index.c:1041:49: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ptr’
# 1039|         */
# 1040|   
# 1041|->       for (ptr = node->text, text = node->text; *ptr;)
# 1042|   	if (isspace(*ptr & 255))
# 1043|   	{

Error: CPPCHECK_WARNING (CWE-457): [#def14]
cups-2.4.11-build/cups-2.4.11/cgi-bin/help-index.c:1250: error[uninitvar]: Uninitialized variable: diff
# 1248|     else if (n1->section && n2->section &&
# 1249|              (diff = strcmp(n1->section, n2->section)) != 0)
# 1250|->     return (diff);
# 1251|   
# 1252|     return (_cups_strcasecmp(n1->text, n2->text));

Error: GCC_ANALYZER_WARNING (CWE-688): [#def15]
cups-2.4.11-build/cups-2.4.11/cgi-bin/ipp-var.c: scope_hint: In function ‘cgiGetAttributes’
cups-2.4.11-build/cups-2.4.11/cgi-bin/ipp-var.c:120:14: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘attrs[i]’ where non-null expected
cups-2.4.11-build/cups-2.4.11/cups/http.h:21: included_from: Included from here.
cups-2.4.11-build/cups-2.4.11/cups/ipp.h:19: included_from: Included from here.
cups-2.4.11-build/cups-2.4.11/cups/cups.h:28: included_from: Included from here.
cups-2.4.11-build/cups-2.4.11/cgi-bin/cgi.h:27: included_from: Included from here.
cups-2.4.11-build/cups-2.4.11/cgi-bin/cgi-private.h:16: included_from: Included from here.
cups-2.4.11-build/cups-2.4.11/cgi-bin/ipp-var.c:16: included_from: Included from here.
/usr/include/string.h:156:12: note: argument 1 of ‘strcmp’ must be non-null
#  118|   
#  119|         for (i = 0; i < num_attrs; i ++)
#  120|->         if (!strcmp(attrs[i], name))
#  121|   	  break;
#  122|   

Error: COMPILER_WARNING: [#def16]
cups-2.4.11-build/cups-2.4.11/cgi-bin/search.c: scope_hint: In function ‘cgiCompileSearch’
cups-2.4.11-build/cups-2.4.11/cgi-bin/search.c:191:29: warning[-Wuse-after-free]: pointer ‘s_68’ may be used after ‘realloc’
#  191 |         sptr = temp + (sptr - s);
#      |                       ~~~~~~^~~~
cups-2.4.11-build/cups-2.4.11/cgi-bin/search.c:179:24: note: call to ‘realloc’ here
#  179 |         temp = (char *)realloc(s, slen);
#      |                        ^~~~~~~~~~~~~~~~
#  189|   	}
#  190|   
#  191|->         sptr = temp + (sptr - s);
#  192|   	s    = temp;
#  193|         }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def17]
cups-2.4.11-build/cups-2.4.11/cgi-bin/var.c: scope_hint: In function ‘cgi_add_variable.part.0’
cups-2.4.11-build/cups-2.4.11/cgi-bin/var.c:642:7: warning[-Wanalyzer-malloc-leak]: leak of ‘temp_vars’
#  640|         if (form_alloc == 0)
#  641|           free(temp_vars);
#  642|->       return;
#  643|       }
#  644|       form_vars = temp_vars;

Error: CPPCHECK_WARNING (CWE-457): [#def18]
cups-2.4.11-build/cups-2.4.11/cgi-bin/var.c:691: warning[uninitvar]: Uninitialized variables: &key.nvalues, &key.avalues, &key.values
#  689|     key.name = (char *)name;
#  690|   
#  691|->   return ((_cgi_var_t *)bsearch(&key, form_vars, (size_t)form_count, sizeof(_cgi_var_t),
#  692|                              (int (*)(const void *, const void *))cgi_compare_variables));
#  693|   }

Error: CPPCHECK_WARNING (CWE-401): [#def19]
cups-2.4.11-build/cups-2.4.11/cups/array.c:426: error[memleak]: Memory leak: da.elements
#  424|     */
#  425|   
#  426|->   return (da);
#  427|   }
#  428|   

Error: CPPCHECK_WARNING (CWE-401): [#def20]
cups-2.4.11-build/cups-2.4.11/cups/array.c:772: error[memleak]: Memory leak: a.hash
#  770|     a->freefunc = ff;
#  771|   
#  772|->   return (a);
#  773|   }
#  774|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def21]
cups-2.4.11-build/cups-2.4.11/cups/array.c: scope_hint: In function ‘cups_array_find’
cups-2.4.11-build/cups-2.4.11/cups/array.c:1218:20: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’
# 1216|         */
# 1217|   
# 1218|->       if ((diff = (*(a->compare))(e, a->elements[prev], a->data)) == 0 ||
# 1219|             (diff < 0 && prev == 0) ||
# 1220|   	  (diff > 0 && prev == (a->num_elements - 1)))

Error: GCC_ANALYZER_WARNING (CWE-457): [#def22]
cups-2.4.11-build/cups-2.4.11/cups/array.c:1264:18: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’
# 1262|       {
# 1263|         current = (left + right) / 2;
# 1264|->       diff    = (*(a->compare))(e, a->elements[current], a->data);
# 1265|   
# 1266|         DEBUG_printf(("9cups_array_find: left=%d, right=%d, current=%d, diff=%d",

Error: GCC_ANALYZER_WARNING (CWE-122): [#def23]
cups-2.4.11-build/cups-2.4.11/cups/dest.c: scope_hint: In function ‘cups_compare_dests’
cups-2.4.11-build/cups-2.4.11/cups/dest.c:2598:42: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
# 2596|   
# 2597|   
# 2598|->   if ((diff = _cups_strcasecmp(a->name, b->name)) != 0)
# 2599|       return (diff);
# 2600|     else if (a->instance && b->instance)

Error: CPPCHECK_WARNING (CWE-457): [#def24]
cups-2.4.11-build/cups-2.4.11/cups/encode.c:894: error[uninitvar]: Uninitialized variables: &key.multivalue, &key.value_tag, &key.group_tag, &key.alt_group_tag, &key.operations
#  892|     key.name = name;
#  893|   
#  894|->   return ((_ipp_option_t *)bsearch(&key, ipp_options,
#  895|                                      sizeof(ipp_options) / sizeof(ipp_options[0]),
#  896|   				   sizeof(ipp_options[0]),

Error: GCC_ANALYZER_WARNING (CWE-465): [#def25]
cups-2.4.11-build/cups-2.4.11/cups/ipp.c: scope_hint: In function ‘ipp_set_value’
cups-2.4.11-build/cups-2.4.11/cups/ipp.c:6724:6: warning[-Wanalyzer-deref-before-check]: check of ‘temp’ for NULL after already dereferencing it
# 6722|     */
# 6723|   
# 6724|->   if ((temp = realloc(temp, sizeof(ipp_attribute_t) + (size_t)(alloc_values - 1) * sizeof(_ipp_value_t))) == NULL)
# 6725|     {
# 6726|       _cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Unable to reallocate IPP attribute value."), 1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def26]
cups-2.4.11-build/cups-2.4.11/cups/ppd-mark.c: scope_hint: In function ‘ppd_mark_option’
cups-2.4.11-build/cups-2.4.11/cups/ppd-mark.c:930:23: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
#  928|         for (i = 0, val = vals; i < num_vals; i ++, val ++)
#  929|         {
#  930|->         if ((cparam = ppdFindCustomParam(coption, val->name)) == NULL)
#  931|   	  continue;
#  932|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def27]
cups-2.4.11-build/cups-2.4.11/cups/ppd.c:528:18: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  526|     */
#  527|   
#  528|->   pg->ppd_status = PPD_OK;
#  529|     pg->ppd_line   = 0;
#  530|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def28]
cups-2.4.11-build/cups-2.4.11/cups/ppd.c: scope_hint: In function ‘_ppdOpenFile’
cups-2.4.11-build/cups-2.4.11/cups/ppd.c:2279:16: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 2277|     */
# 2278|   
# 2279|->   pg->ppd_line = 0;
# 2280|   
# 2281|    /*

Error: GCC_ANALYZER_WARNING (CWE-476): [#def29]
cups-2.4.11-build/cups-2.4.11/cups/ppd.c: scope_hint: In function ‘ppdSetConformance’
cups-2.4.11-build/cups-2.4.11/cups/ppd.c:2336:19: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 2334|   
# 2335|   
# 2336|->   pg->ppd_conform = c;
# 2337|   }
# 2338|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def30]
cups-2.4.11-build/cups-2.4.11/cups/ppd.c:2337:1: warning[-Wanalyzer-malloc-leak]: leak of ‘_ppdGlobals()’
cups-2.4.11-build/cups-2.4.11/cups/ppd.c: scope_hint: In function ‘ppdSetConformance’
cups-2.4.11-build/cups-2.4.11/cups/ppd.c:375:7: note: in expansion of macro ‘_cupsThreadSetData’
# 2335|   
# 2336|     pg->ppd_conform = c;
# 2337|-> }
# 2338|   
# 2339|   

Error: GCC_ANALYZER_WARNING (CWE-127): [#def31]
cups-2.4.11-build/cups-2.4.11/cups/ppd.c: scope_hint: In function ‘ppd_read’
cups-2.4.11-build/cups-2.4.11/cups/ppd.c:3196:42: warning[-Wanalyzer-out-of-bounds]: heap-based buffer under-read
# 3194|       }
# 3195|   
# 3196|->     if (lineptr > line->buffer && lineptr[-1] == '\n')
# 3197|         lineptr --;
# 3198|   

Error: CPPCHECK_WARNING (CWE-457): [#def32]
cups-2.4.11-build/cups-2.4.11/cups/pwg-media.c:415: warning[uninitvar]: Uninitialized variable: name
#  413|     */
#  414|   
#  415|->   snprintf(keyword, keysize, "%s_%s_%s", prefix, name, usize);
#  416|   
#  417|     return (1);

Error: GCC_ANALYZER_WARNING (CWE-457): [#def33]
cups-2.4.11-build/cups-2.4.11/cups/raster-stream.c: scope_hint: In function ‘cups_raster_read’
cups-2.4.11-build/cups-2.4.11/cups/raster-stream.c:1515:14: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*r_62(D)->bufptr’
# 1513|         */
# 1514|   
# 1515|->       *buf = *(r->bufptr)++;
# 1516|         remaining --;
# 1517|       }

Error: GCC_ANALYZER_WARNING (CWE-457): [#def34]
cups-2.4.11-build/cups-2.4.11/cups/raster-stream.c:1531:18: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*bufptr’
# 1529|   
# 1530|         for (bufptr = r->bufptr; count > 0; count --, total ++)
# 1531|-> 	*buf++ = *bufptr++;
# 1532|   
# 1533|         r->bufptr = bufptr;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def35]
cups-2.4.11-build/cups-2.4.11/cups/raster-stream.c:1541:7: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*r.bufptr’
# 1539|         */
# 1540|   
# 1541|->       memcpy(buf, r->bufptr, (size_t)count);
# 1542|         r->bufptr += count;
# 1543|         remaining -= count;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def36]
cups-2.4.11-build/cups-2.4.11/cups/cups-private.h:25: included_from: Included from here.
cups-2.4.11-build/cups-2.4.11/cups/ppd.c:18: included_from: Included from here.
cups-2.4.11-build/cups-2.4.11/cups/ppd.c: scope_hint: In function ‘_ppdOpenFile’
cups-2.4.11-build/cups-2.4.11/cups/thread-private.h:42:37: warning[-Wanalyzer-malloc-leak]: leak of ‘_ppdGlobals()’
cups-2.4.11-build/cups-2.4.11/cups/ppd.c:375:7: note: in expansion of macro ‘_cupsThreadSetData’
cups-2.4.11-build/cups-2.4.11/cups/ppd.c: scope_hint: In function ‘_ppdOpenFile’
cups-2.4.11-build/cups-2.4.11/cups/ppd.c:375:7: note: in expansion of macro ‘_cupsThreadSetData’
cups-2.4.11-build/cups-2.4.11/cups/ppd.c:375:7: note: in expansion of macro ‘_cupsThreadSetData’
#   40|   #    define _CUPS_THREADKEY_INITIALIZER 0
#   41|   #    define _cupsThreadGetData(k) pthread_getspecific(k)
#   42|-> #    define _cupsThreadSetData(k,p) pthread_setspecific(k,p)
#   43|   
#   44|   #  elif defined(_WIN32)			/* Windows threading */

Error: COMPILER_WARNING: [#def37]
cups-2.4.11-build/cups-2.4.11/filter/common.c:17:9: warning: "_GNU_SOURCE" redefined
#   17 | #define _GNU_SOURCE
#      |         ^~~~~~~~~~~
<command-line>: note: this is the location of the previous definition
#   15|   #include "config.h"
#   16|   #ifdef WITH_LSPP
#   17|-> #define _GNU_SOURCE
#   18|   #include <string.h>
#   19|   #endif /* WITH_LSPP */

Error: COMPILER_WARNING: [#def38]
cups-2.4.11-build/cups-2.4.11/filter/common.c:17:9: warning: ‘_GNU_SOURCE’ redefined
<command-line>: note: this is the location of the previous definition
#   15|   #include "config.h"
#   16|   #ifdef WITH_LSPP
#   17|-> #define _GNU_SOURCE
#   18|   #include <string.h>
#   19|   #endif /* WITH_LSPP */

Error: GCC_ANALYZER_WARNING: [#def39]
cups-2.4.11-build/cups-2.4.11/filter/common.c: scope_hint: In function ‘WriteLabelProlog’
cups-2.4.11-build/cups-2.4.11/filter/common.c:353:23: warning[-Wanalyzer-imprecise-fp-arithmetic]: use of floating-point arithmetic here might yield unexpected results
cups-2.4.11-build/cups-2.4.11/filter/common.c:353:23: note: only use operands of an integer type inside the size argument
#  351|         lines = 1 + (int)(label_len / max_width);
#  352|         line_len = (int)(label_len / lines);
#  353|->       wrapped_label = malloc(sizeof(*wrapped_label) * lines);
#  354|         label_index = i = n = 0;
#  355|         while (classification[label_index])

Error: GCC_ANALYZER_WARNING (CWE-476): [#def40]
cups-2.4.11-build/cups-2.4.11/filter/common.c:365:32: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wrapped_label’
#  363|             case '-':
#  364|               i++;
#  365|->             wrapped_label[n++] = strndup(&classification[label_index], (line_len + i));
#  366|               label_index += line_len + i;
#  367|               i = 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def41]
cups-2.4.11-build/cups-2.4.11/filter/common.c:375:30: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wrapped_label’
#  373|           if ((i + line_len) == max_width)
#  374|           {
#  375|->           wrapped_label[n++] = strndup(&(classification[label_index]), (line_len + i));
#  376|             label_index = label_index + line_len + i;
#  377|             i = 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def42]
cups-2.4.11-build/cups-2.4.11/filter/common.c:380:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wrapped_label’
#  378|           }
#  379|         }
#  380|->       wrapped_label[n] = strndup(&classification[label_index], label_len - label_index);
#  381|       }
#  382|       else

Error: GCC_ANALYZER_WARNING (CWE-476): [#def43]
cups-2.4.11-build/cups-2.4.11/filter/common.c:386:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wrapped_label’
#  384|         lines = 1;
#  385|         wrapped_label = malloc(sizeof(*wrapped_label));
#  386|->       wrapped_label[0] = (char*)classification;
#  387|       }
#  388|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def44]
cups-2.4.11-build/cups-2.4.11/filter/common.c:392:16: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’
#  390|       {
#  391|         printf("userdict/ESPp%c(", ('a' + n));
#  392|->       for (ptr = wrapped_label[n], i = 0; *ptr; ptr ++, i++)
#  393|           if (*ptr < 32 || *ptr > 126)
#  394|             printf("\\%03o", *ptr);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def45]
cups-2.4.11-build/cups-2.4.11/filter/common.c:392:43: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ptr’
#  390|       {
#  391|         printf("userdict/ESPp%c(", ('a' + n));
#  392|->       for (ptr = wrapped_label[n], i = 0; *ptr; ptr ++, i++)
#  393|           if (*ptr < 32 || *ptr > 126)
#  394|             printf("\\%03o", *ptr);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def46]
cups-2.4.11-build/cups-2.4.11/filter/common.c:452:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
#  450|       * Do some clean up at the end of the LSPP special case
#  451|       */
#  452|->     free(wrapped_label);
#  453|   
#  454|     }

Error: GCC_ANALYZER_WARNING: [#def47]
cups-2.4.11-build/cups-2.4.11/filter/pstops.c: scope_hint: In function ‘write_label_prolog’
cups-2.4.11-build/cups-2.4.11/filter/pstops.c:3224:23: warning[-Wanalyzer-imprecise-fp-arithmetic]: use of floating-point arithmetic here might yield unexpected results
cups-2.4.11-build/cups-2.4.11/filter/pstops.c:3224:23: note: only use operands of an integer type inside the size argument
# 3222|         lines = 1 + (int)(label_len / max_width);
# 3223|         line_len = (int)(label_len / lines);
# 3224|->       wrapped_label = malloc(sizeof(*wrapped_label) * lines);
# 3225|         label_index = i = n = 0;
# 3226|         while (classification[label_index])

Error: GCC_ANALYZER_WARNING (CWE-476): [#def48]
cups-2.4.11-build/cups-2.4.11/filter/pstops.c:3236:32: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wrapped_label’
# 3234|             case '-':
# 3235|               i++;
# 3236|->             wrapped_label[n++] = strndup(&classification[label_index], (line_len + i));
# 3237|               label_index += line_len + i;
# 3238|               i = 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def49]
cups-2.4.11-build/cups-2.4.11/filter/pstops.c:3246:30: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wrapped_label’
# 3244|           if ((i + line_len) == max_width)
# 3245|           {
# 3246|->           wrapped_label[n++] = strndup(&(classification[label_index]), (line_len + i));
# 3247|             label_index = label_index + line_len + i;
# 3248|             i = 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def50]
cups-2.4.11-build/cups-2.4.11/filter/pstops.c:3251:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wrapped_label’
# 3249|           }
# 3250|         }
# 3251|->       wrapped_label[n] = strndup(&classification[label_index], label_len - label_index);
# 3252|       }
# 3253|       else

Error: GCC_ANALYZER_WARNING (CWE-476): [#def51]
cups-2.4.11-build/cups-2.4.11/filter/pstops.c:3257:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wrapped_label’
# 3255|         lines = 1;
# 3256|         wrapped_label = malloc(sizeof(*wrapped_label));
# 3257|->       wrapped_label[0] = (char*)classification;
# 3258|       }
# 3259|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def52]
cups-2.4.11-build/cups-2.4.11/filter/pstops.c:3263:16: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’
# 3261|       {
# 3262|         printf("userdict/ESPp%c(", ('a' + n));
# 3263|->       for (ptr = wrapped_label[n], i = 0; *ptr; ptr ++, i++)
# 3264|           if (*ptr < 32 || *ptr > 126)
# 3265|             printf("\\%03o", *ptr);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def53]
cups-2.4.11-build/cups-2.4.11/filter/pstops.c:3263:43: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ptr’
# 3261|       {
# 3262|         printf("userdict/ESPp%c(", ('a' + n));
# 3263|->       for (ptr = wrapped_label[n], i = 0; *ptr; ptr ++, i++)
# 3264|           if (*ptr < 32 || *ptr > 126)
# 3265|             printf("\\%03o", *ptr);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def54]
cups-2.4.11-build/cups-2.4.11/filter/pstops.c:3319:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 3317|       * Do some clean up at the end of the LSPP special case
# 3318|       */
# 3319|->     free(wrapped_label);
# 3320|   
# 3321|     }

Error: GCC_ANALYZER_WARNING (CWE-688): [#def55]
cups-2.4.11-build/cups-2.4.11/filter/rastertopwg.c: scope_hint: In function ‘main’
cups-2.4.11-build/cups-2.4.11/filter/rastertopwg.c:454:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘line’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
#  452|       line = malloc(linesize);
#  453|   
#  454|->     memset(line, white, linesize);
#  455|       for (y = page_top; y > 0; y --)
#  456|         if (!cupsRasterWritePixels(outras, line, outheader.cupsBytesPerLine))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def56]
cups-2.4.11-build/cups-2.4.11/scheduler/auth.c: scope_hint: In function ‘pam_func’
cups-2.4.11-build/cups-2.4.11/scheduler/auth.c:2323:11: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 2321|   
# 2322|         default:
# 2323|->           free(replies);
# 2324|             return (PAM_CONV_ERR);
# 2325|       }

Error: GCC_ANALYZER_WARNING: [#def57]
cups-2.4.11-build/cups-2.4.11/scheduler/cupsfilter.c: scope_hint: In function ‘exec_filter’
cups-2.4.11-build/cups-2.4.11/scheduler/cupsfilter.c:904:9: warning[-Wanalyzer-fd-use-without-check]: ‘dup2’ on possibly invalid file descriptor ‘infd’
#  902|         if (infd > 0)
#  903|         {
#  904|->         dup2(infd, 0);
#  905|   	close(infd);
#  906|         }

Error: GCC_ANALYZER_WARNING: [#def58]
cups-2.4.11-build/cups-2.4.11/scheduler/cupsfilter.c:916:9: warning[-Wanalyzer-fd-use-without-check]: ‘dup2’ on possibly invalid file descriptor ‘outfd’
#  914|         if (outfd > 1)
#  915|         {
#  916|-> 	dup2(outfd, 1);
#  917|   	close(outfd);
#  918|         }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def59]
cups-2.4.11-build/cups-2.4.11/scheduler/cupsfilter.c:921:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 2)’
#  919|       }
#  920|   
#  921|->     if ((fd = open("/dev/null", O_RDWR)) > 3)
#  922|       {
#  923|         dup2(fd, 3);

Error: GCC_ANALYZER_WARNING: [#def60]
cups-2.4.11-build/cups-2.4.11/scheduler/cupsfilter.c:923:7: warning[-Wanalyzer-fd-use-without-check]: ‘dup2’ on possibly invalid file descriptor ‘open("/dev/null", 2)’
#  921|       if ((fd = open("/dev/null", O_RDWR)) > 3)
#  922|       {
#  923|->       dup2(fd, 3);
#  924|         close(fd);
#  925|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def61]
cups-2.4.11-build/cups-2.4.11/scheduler/cupsfilter.c:928:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 2)’
#  926|       fcntl(3, F_SETFL, O_NDELAY);
#  927|   
#  928|->     if ((fd = open("/dev/null", O_RDWR)) > 4)
#  929|       {
#  930|         dup2(fd, 4);

Error: GCC_ANALYZER_WARNING: [#def62]
cups-2.4.11-build/cups-2.4.11/scheduler/cupsfilter.c:930:7: warning[-Wanalyzer-fd-use-without-check]: ‘dup2’ on possibly invalid file descriptor ‘open("/dev/null", 2)’
#  928|       if ((fd = open("/dev/null", O_RDWR)) > 4)
#  929|       {
#  930|->       dup2(fd, 4);
#  931|         close(fd);
#  932|       }

Error: GCC_ANALYZER_WARNING (CWE-479): [#def63]
cups-2.4.11-build/cups-2.4.11/scheduler/cupsfilter.c: scope_hint: In function ‘sighandler’
cups-2.4.11-build/cups-2.4.11/scheduler/cupsfilter.c:1522:3: warning[-Wanalyzer-unsafe-call-within-signal-handler]: call to ‘exit’ from within signal handler
cups-2.4.11-build/cups-2.4.11/scheduler/cupsfilter.c:1522:3: note: ‘_exit’ is a possible signal-safe alternative for ‘exit’
# 1520|     */
# 1521|   
# 1522|->   exit(s);
# 1523|   }
# 1524|   

Error: CPPCHECK_WARNING (CWE-758): [#def64]
cups-2.4.11-build/cups-2.4.11/scheduler/job.c:5916: warning[objectIndex]: The address of variable 'none' might be accessed at non-zero index.
# 5914|   
# 5915|       for (i = 0; i < num_reasons; i ++)
# 5916|->       if (strcmp(job->printer_reasons->values[i].string.text, reasons[i]))
# 5917|           break;
# 5918|   

Error: CPPCHECK_WARNING (CWE-758): [#def65]
cups-2.4.11-build/cups-2.4.11/scheduler/job.c:5935: warning[objectIndex]: The address of variable 'none' might be accessed at non-zero index.
# 5933|   
# 5934|     for (i = 0; i < num_reasons; i ++)
# 5935|->     job->printer_reasons->values[i].string.text = _cupsStrAlloc(reasons[i]);
# 5936|   
# 5937|     job->dirty = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def66]
cups-2.4.11-build/cups-2.4.11/scheduler/log.c: scope_hint: In function ‘format_log_line’
cups-2.4.11-build/cups-2.4.11/scheduler/log.c:1307:18: warning[-Wanalyzer-malloc-leak]: leak of ‘log_line’
# 1305|     {
# 1306|       log_linesize = 8192;
# 1307|->     log_line     = malloc(log_linesize);
# 1308|   
# 1309|       if (!log_line)

Error: GCC_ANALYZER_WARNING (CWE-688): [#def67]
cups-2.4.11-build/cups-2.4.11/scheduler/main.c: scope_hint: In function ‘main’
cups-2.4.11-build/cups-2.4.11/scheduler/main.c:341:11: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘ConfigurationFile’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_strlen’ must be non-null
#  339|       size_t	len;			/* Size of buffer */
#  340|   
#  341|->     len = strlen(ConfigurationFile) + 15;
#  342|       if ((filename = malloc(len)) == NULL)
#  343|       {

Error: CPPCHECK_WARNING (CWE-476): [#def68]
cups-2.4.11-build/cups-2.4.11/scheduler/mime.c:180: error[ctunullpointer]: Null pointer dereference: mime
#  178|   
#  179|   
#  180|->   if (mime->error_cb)
#  181|     {
#  182|       va_start(ap, message);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def69]
cups-2.4.11-build/cups-2.4.11/scheduler/util.c: scope_hint: In function ‘cupsdPipeCommand’
cups-2.4.11-build/cups-2.4.11/scheduler/util.c:302:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 0)’
#  300|         setuid(user);			/* Run as restricted user */
#  301|   
#  302|->     if ((fd = open("/dev/null", O_RDONLY)) > 0)
#  303|       {
#  304|         dup2(fd, 0);			/* </dev/null */

Error: GCC_ANALYZER_WARNING: [#def70]
cups-2.4.11-build/cups-2.4.11/scheduler/util.c:304:7: warning[-Wanalyzer-fd-use-without-check]: ‘dup2’ on possibly invalid file descriptor ‘open("/dev/null", 0)’
#  302|       if ((fd = open("/dev/null", O_RDONLY)) > 0)
#  303|       {
#  304|->       dup2(fd, 0);			/* </dev/null */
#  305|         close(fd);
#  306|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def71]
cups-2.4.11-build/cups-2.4.11/tools/ippevepcl.c: scope_hint: In function ‘pcl_to_pcl’
cups-2.4.11-build/cups-2.4.11/tools/ippevepcl.c:271:14: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
#  269|       {
#  270|         fprintf(stderr, "ERROR: Unable to open \"%s\": %s\n", filename, strerror(errno));
#  271|->       return (1);
#  272|       }
#  273|     }

Error: GCC_ANALYZER_WARNING (CWE-686): [#def72]
cups-2.4.11-build/cups-2.4.11/tools/ippeveprinter.c:3004:15: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘int’ but received ‘char (*)[32]’ for variadic argument 1 of ‘ap’
# 3002|   
# 3003|   	format ++;
# 3004|-> 	width = va_arg(ap, int);
# 3005|   
# 3006|   	snprintf(tptr, sizeof(tformat) - (size_t)(tptr - tformat), "%d", width);

Error: GCC_ANALYZER_WARNING (CWE-686): [#def73]
cups-2.4.11-build/cups-2.4.11/tools/ippeveprinter.c: scope_hint: In function ‘html_printf’
cups-2.4.11-build/cups-2.4.11/tools/ippeveprinter.c:3004:15: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘int’ but received ‘char *’ for variadic argument 1 of ‘ap’
# 3002|   
# 3003|   	format ++;
# 3004|-> 	width = va_arg(ap, int);
# 3005|   
# 3006|   	snprintf(tptr, sizeof(tformat) - (size_t)(tptr - tformat), "%d", width);

Error: GCC_ANALYZER_WARNING (CWE-686): [#def74]
cups-2.4.11-build/cups-2.4.11/tools/ippeveprinter.c:3004:15: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘int’ but received ‘const char *’ for variadic argument 1 of ‘ap’
# 3002|   
# 3003|   	format ++;
# 3004|-> 	width = va_arg(ap, int);
# 3005|   
# 3006|   	snprintf(tptr, sizeof(tformat) - (size_t)(tptr - tformat), "%d", width);

Error: GCC_ANALYZER_WARNING (CWE-685): [#def75]
cups-2.4.11-build/cups-2.4.11/tools/ippeveprinter.c:3004:15: warning[-Wanalyzer-va-list-exhausted]: ‘ap’ has no more arguments (0 consumed)
# 3002|   
# 3003|   	format ++;
# 3004|-> 	width = va_arg(ap, int);
# 3005|   
# 3006|   	snprintf(tptr, sizeof(tformat) - (size_t)(tptr - tformat), "%d", width);

Error: GCC_ANALYZER_WARNING (CWE-686): [#def76]
cups-2.4.11-build/cups-2.4.11/tools/ippeveprinter.c:3036:16: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘int’ but received ‘char (*)[32]’ for variadic argument 1 of ‘ap’
# 3034|   
# 3035|   	  format ++;
# 3036|-> 	  prec = va_arg(ap, int);
# 3037|   
# 3038|   	  snprintf(tptr, sizeof(tformat) - (size_t)(tptr - tformat), "%d", prec);

Error: GCC_ANALYZER_WARNING (CWE-686): [#def77]
cups-2.4.11-build/cups-2.4.11/tools/ippeveprinter.c:3036:16: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘int’ but received ‘char *’ for variadic argument 1 of ‘ap’
# 3034|   
# 3035|   	  format ++;
# 3036|-> 	  prec = va_arg(ap, int);
# 3037|   
# 3038|   	  snprintf(tptr, sizeof(tformat) - (size_t)(tptr - tformat), "%d", prec);

Error: GCC_ANALYZER_WARNING (CWE-686): [#def78]
cups-2.4.11-build/cups-2.4.11/tools/ippeveprinter.c:3036:16: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘int’ but received ‘const char *’ for variadic argument 1 of ‘ap’
# 3034|   
# 3035|   	  format ++;
# 3036|-> 	  prec = va_arg(ap, int);
# 3037|   
# 3038|   	  snprintf(tptr, sizeof(tformat) - (size_t)(tptr - tformat), "%d", prec);

Error: GCC_ANALYZER_WARNING (CWE-685): [#def79]
cups-2.4.11-build/cups-2.4.11/tools/ippeveprinter.c:3036:16: warning[-Wanalyzer-va-list-exhausted]: ‘ap’ has no more arguments (0 consumed)
# 3034|   
# 3035|   	  format ++;
# 3036|-> 	  prec = va_arg(ap, int);
# 3037|   
# 3038|   	  snprintf(tptr, sizeof(tformat) - (size_t)(tptr - tformat), "%d", prec);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def80]
cups-2.4.11-build/cups-2.4.11/tools/ippeveps.c: scope_hint: In function ‘jpeg_to_ps’
cups-2.4.11-build/cups-2.4.11/tools/ippeveps.c:564:14: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
#  562|       {
#  563|         fprintf(stderr, "ERROR: Unable to open \"%s\": %s\n", filename, strerror(errno));
#  564|->       return (1);
#  565|       }
#  566|     }

Error: GCC_ANALYZER_WARNING (CWE-835): [#def81]
cups-2.4.11-build/cups-2.4.11/tools/ippeveps.c:589:61: warning[-Wanalyzer-infinite-loop]: infinite loop
#  587|     }
#  588|   
#  589|->   for (bufptr = buffer + 2, bufend = buffer + bytes; bufptr < bufend;)
#  590|     {
#  591|      /*

Error: GCC_ANALYZER_WARNING: [#def82]
cups-2.4.11-build/cups-2.4.11/tools/ippeveps.c: scope_hint: In function ‘pdf_to_ps’
cups-2.4.11-build/cups-2.4.11/tools/ippeveps.c:833:5: warning[-Wanalyzer-fd-use-without-check]: ‘dup2’ on possibly invalid file descriptor ‘1’
#  831|   
#  832|       close(1);
#  833|->     dup2(tempfd, 1);
#  834|       close(tempfd);
#  835|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def83]
cups-2.4.11-build/cups-2.4.11/tools/ippfind.c: scope_hint: In function ‘main’
cups-2.4.11-build/cups-2.4.11/tools/ippfind.c:345:14: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
#  343|                 i ++;
#  344|   
#  345|->           if (i >= argc)
#  346|             {
#  347|               _cupsLangPrintf(stderr, _("ippfind: Expected semi-colon after %s."),

Error: GCC_ANALYZER_WARNING (CWE-476): [#def84]
cups-2.4.11-build/cups-2.4.11/tools/ippfind.c: scope_hint: In function ‘browse_callback’
cups-2.4.11-build/cups-2.4.11/tools/ippfind.c:1590:29: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 1588|   
# 1589|   	if (flags & AVAHI_LOOKUP_RESULT_LOCAL)
# 1590|-> 	  service->is_local = 1;
# 1591|   	break;
# 1592|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def85]
cups-2.4.11-build/cups-2.4.11/tools/ippfind.c: scope_hint: In function ‘main’
cups-2.4.11-build/cups-2.4.11/tools/ippfind.c:2498:28: warning[-Wanalyzer-malloc-leak]: leak of ‘new_expr(16, invert, 0, 0,  argv + (long unsigned int)i * 8)’
# 2496|       int	num_args;			/* Number of arguments */
# 2497|   
# 2498|->     for (num_args = 1; args[num_args]; num_args ++)
# 2499|         if (!strcmp(args[num_args], ";"))
# 2500|           break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def86]
cups-2.4.11-build/cups-2.4.11/tools/ippfind.c: scope_hint: In function ‘new_expr’
cups-2.4.11-build/cups-2.4.11/tools/ippfind.c:2504:8: warning[-Wanalyzer-malloc-leak]: leak of ‘temp’
# 2502|       temp->num_args = num_args;
# 2503|       temp->args     = malloc((size_t)num_args * sizeof(char *));
# 2504|->     if (temp->args == NULL)
# 2505|         return (NULL);
# 2506|   

Error: CPPCHECK_WARNING (CWE-401): [#def87]
cups-2.4.11-build/cups-2.4.11/tools/ippfind.c:2510: error[memleak]: Memory leak: temp.args
# 2508|     }
# 2509|   
# 2510|->   return (temp);
# 2511|   }
# 2512|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def88]
cups-2.4.11-build/cups-2.4.11/tools/ippfind.c: scope_hint: In function ‘resolve_callback.part.0’
cups-2.4.11-build/cups-2.4.11/tools/ippfind.c:2668:27: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘strdup(hostTarget)’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_strlen’ must be non-null
# 2666|     service->port        = port;
# 2667|   
# 2668|->   value = service->host + strlen(service->host) - 1;
# 2669|     if (value >= service->host && *value == '.')
# 2670|       *value = '\0';

Scan Properties

analyzer-version-clippy1.82.0
analyzer-version-cppcheck2.16.0
analyzer-version-gcc14.2.1
analyzer-version-gcc-analyzer15.0.0
analyzer-version-shellcheck0.10.0
analyzer-version-unicontrol0.0.2
enabled-pluginsclippy, cppcheck, gcc, shellcheck, unicontrol
exit-code0
hostip-172-16-1-169.us-west-2.compute.internal
mock-configfedora-rawhide-gcc-latest-x86_64
project-namecups-2.4.11-2.fc42
store-results-to/tmp/tmph96oqazn/cups-2.4.11-2.fc42.tar.xz
time-created2024-11-12 23:28:47
time-finished2024-11-12 23:32:45
toolcsmock
tool-args'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmph96oqazn/cups-2.4.11-2.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmph96oqazn/cups-2.4.11-2.fc42.src.rpm'
tool-versioncsmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9