Newly introduced findings

List of Findings

Error: CPPCHECK_WARNING (CWE-476): [#def1]
curl-8.10.1-build/curl-8.10.1/lib/conncache.c:1042: warning[nullPointer]: Possible null pointer dereference: cpool
# 1040|     DEBUGASSERT(data || cpool);
# 1041|     if(!data)
# 1042|->     data = cpool->idata;
# 1043|   
# 1044|     /* the transfer must be detached from the connection */

Error: CPPCHECK_WARNING (CWE-457): [#def2]
curl-8.10.1-build/curl-8.10.1/lib/request.c:319: error[uninitvar]: Uninitialized variable: &tmp
#  317|       char tmp;
#  318|       size_t nwritten;
#  319|->     result = xfer_send(data, &tmp, 0, 0, &nwritten);
#  320|       if(result)
#  321|         return result;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
curl-8.10.1-build/curl-8.10.1/src/tool_getparam.c:66:7: warning[-Wanalyzer-malloc-leak]: leak of ‘*config.cookiejar’
curl-8.10.1-build/curl-8.10.1/lib/curl_multibyte.h:73:51: note: in definition of macro ‘curlx_convert_tchar_to_UTF8’
#   64|   
#   65|       *str = strdup(val);
#   66|->     if(!*str)
#   67|         return PARAM_NO_MEM;
#   68|     }

Error: CPPCHECK_WARNING (CWE-457): [#def4]
curl-8.10.1-build/curl-8.10.1/src/tool_getparam.c:1012: error[uninitvar]: Uninitialized variables: &key.desc, &key.letter, &key.cmd
# 1010|     key.lname = opt;
# 1011|   
# 1012|->   return bsearch(&key, aliases, sizeof(aliases)/sizeof(aliases[0]),
# 1013|                    sizeof(aliases[0]), findarg);
# 1014|   }

Scan Properties

analyzer-version-clippy1.82.0
analyzer-version-cppcheck2.16.0
analyzer-version-gcc14.2.1
analyzer-version-gcc-analyzer15.0.0
analyzer-version-shellcheck0.10.0
analyzer-version-unicontrol0.0.2
diffbase-analyzer-version-clippy1.82.0
diffbase-analyzer-version-cppcheck2.16.0
diffbase-analyzer-version-gcc14.2.1
diffbase-analyzer-version-gcc-analyzer15.0.0
diffbase-analyzer-version-shellcheck0.10.0
diffbase-analyzer-version-unicontrol0.0.2
diffbase-enabled-pluginsclippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code0
diffbase-hostip-172-16-1-179.us-west-2.compute.internal
diffbase-mock-configfedora-rawhide-gcc-latest-x86_64
diffbase-project-namecurl-8.9.1-2.fc41
diffbase-store-results-to/tmp/tmpfduq7v5a/curl-8.9.1-2.fc41.tar.xz
diffbase-time-created2024-11-12 23:38:15
diffbase-time-finished2024-11-12 23:43:12
diffbase-toolcsmock
diffbase-tool-args'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmpfduq7v5a/curl-8.9.1-2.fc41.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpfduq7v5a/curl-8.9.1-2.fc41.src.rpm'
diffbase-tool-versioncsmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9
enabled-pluginsclippy, cppcheck, gcc, shellcheck, unicontrol
exit-code0
hostip-172-16-1-179.us-west-2.compute.internal
mock-configfedora-rawhide-gcc-latest-x86_64
project-namecurl-8.10.1-2.fc42
store-results-to/tmp/tmpiqeixm6_/curl-8.10.1-2.fc42.tar.xz
time-created2024-11-12 23:43:23
time-finished2024-11-12 23:47:56
titleNewly introduced findings
toolcsmock
tool-args'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmpiqeixm6_/curl-8.10.1-2.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpiqeixm6_/curl-8.10.1-2.fc42.src.rpm'
tool-versioncsmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9