debugedit-5.1-1.fc42

List of Findings

Error: SHELLCHECK_WARNING (CWE-569): [#def1]
/usr/bin/find-debuginfo:289:23: warning[SC1083]: This { is literal. Check expression (missing ;/\n?) or quote it.
#  287|   # RPM_ARCH to create an unique (dir) name. Warn if they aren't set.
#  288|   for n in RPM_BUILD_ROOT RPM_BUILD_DIR RPM_PACKAGE_NAME; do
#  289|->   if eval test -z \"\${$n-}\"; then
#  290|       echo >&2 "$n is not set"
#  291|       exit 1

Error: SHELLCHECK_WARNING (CWE-569): [#def2]
/usr/bin/find-debuginfo:289:27: warning[SC1083]: This } is literal. Check expression (missing ;/\n?) or quote it.
#  287|   # RPM_ARCH to create an unique (dir) name. Warn if they aren't set.
#  288|   for n in RPM_BUILD_ROOT RPM_BUILD_DIR RPM_PACKAGE_NAME; do
#  289|->   if eval test -z \"\${$n-}\"; then
#  290|       echo >&2 "$n is not set"
#  291|       exit 1

Error: SHELLCHECK_WARNING (CWE-569): [#def3]
/usr/bin/find-debuginfo:323:1: warning[SC2188]: This redirection doesn't have a command. Move to its command (or use 'true' as no-op).
#  321|   ELFBINSFILE="$BUILDDIR/elfbins.list"
#  322|   
#  323|-> > "$SOURCEFILE"
#  324|   > "$LISTFILE"
#  325|   > "$LINKSFILE"

Error: SHELLCHECK_WARNING (CWE-569): [#def4]
/usr/bin/find-debuginfo:324:1: warning[SC2188]: This redirection doesn't have a command. Move to its command (or use 'true' as no-op).
#  322|   
#  323|   > "$SOURCEFILE"
#  324|-> > "$LISTFILE"
#  325|   > "$LINKSFILE"
#  326|   > "$ELFBINSFILE"

Error: SHELLCHECK_WARNING (CWE-569): [#def5]
/usr/bin/find-debuginfo:325:1: warning[SC2188]: This redirection doesn't have a command. Move to its command (or use 'true' as no-op).
#  323|   > "$SOURCEFILE"
#  324|   > "$LISTFILE"
#  325|-> > "$LINKSFILE"
#  326|   > "$ELFBINSFILE"
#  327|   

Error: SHELLCHECK_WARNING (CWE-569): [#def6]
/usr/bin/find-debuginfo:326:1: warning[SC2188]: This redirection doesn't have a command. Move to its command (or use 'true' as no-op).
#  324|   > "$LISTFILE"
#  325|   > "$LINKSFILE"
#  326|-> > "$ELFBINSFILE"
#  327|   
#  328|   debugdir="${RPM_BUILD_ROOT}/usr/lib/debug"

Error: SHELLCHECK_WARNING (CWE-571): [#def7]
/usr/bin/find-debuginfo:352:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  350|     local binary="$2"
#  351|   
#  352|->   local dynsyms=`mktemp`
#  353|     local funcsyms=`mktemp`
#  354|     local keep_symbols=`mktemp`

Error: SHELLCHECK_WARNING (CWE-571): [#def8]
/usr/bin/find-debuginfo:353:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  351|   
#  352|     local dynsyms=`mktemp`
#  353|->   local funcsyms=`mktemp`
#  354|     local keep_symbols=`mktemp`
#  355|     local mini_debuginfo=`mktemp`

Error: SHELLCHECK_WARNING (CWE-571): [#def9]
/usr/bin/find-debuginfo:354:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  352|     local dynsyms=`mktemp`
#  353|     local funcsyms=`mktemp`
#  354|->   local keep_symbols=`mktemp`
#  355|     local mini_debuginfo=`mktemp`
#  356|   

Error: SHELLCHECK_WARNING (CWE-571): [#def10]
/usr/bin/find-debuginfo:355:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  353|     local funcsyms=`mktemp`
#  354|     local keep_symbols=`mktemp`
#  355|->   local mini_debuginfo=`mktemp`
#  356|   
#  357|     # In the minisymtab we don't need the .debug_ sections (already removed

Error: SHELLCHECK_WARNING (CWE-571): [#def11]
/usr/bin/find-debuginfo:363:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  361|     # too aggressive. Field $2 is the section name, $3 is the section type
#  362|     # and $8 are the section flags.
#  363|->   local remove_sections=`readelf -W -S "$debuginfo" \
#  364|   	| awk '{ if (index($2,".debug_") != 1 \
#  365|   		     && ($3 == "PROGBITS" || $3 == "NOTE" || $3 == "NOBITS") \

Error: SHELLCHECK_WARNING (CWE-398): [#def12]
/usr/bin/find-debuginfo:449:12: warning[SC2229]: This does not read 'var'. Remove $/${} for that, or use ${var?} to quiet.
#  447|         continue
#  448|       else
#  449|->       read "$var" < <(echo 1)
#  450|       fi
#  451|     fi

Error: SHELLCHECK_WARNING (CWE-569): [#def13]
/usr/bin/find-debuginfo:557:3: warning[SC2188]: This redirection doesn't have a command. Move to its command (or use 'true' as no-op).
#  555|     local res=0
#  556|   
#  557|->   >"$SOURCEFILE"
#  558|     >"$ELFBINSFILE"
#  559|     # can't use read -n <n>, because it reads bytes one by one, allowing for

Error: SHELLCHECK_WARNING (CWE-569): [#def14]
/usr/bin/find-debuginfo:558:3: warning[SC2188]: This redirection doesn't have a command. Move to its command (or use 'true' as no-op).
#  556|   
#  557|     >"$SOURCEFILE"
#  558|->   >"$ELFBINSFILE"
#  559|     # can't use read -n <n>, because it reads bytes one by one, allowing for
#  560|     # races

Error: SHELLCHECK_WARNING (CWE-156): [#def15]
/usr/bin/find-debuginfo:566:13: warning[SC2046]: Quote this to prevent word splitting.
#  564|         break
#  565|       fi
#  566|->     do_file $(sed -n "$(( 0x$filenum )) p" "$temp/primary")
#  567|       res=$?
#  568|       if [ $res != 0 ]; then

Error: SHELLCHECK_WARNING (CWE-252): [#def16]
/usr/bin/find-debuginfo:617:27: warning[SC2164]: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
#  615|   if $run_dwz \
#  616|      && [ -d "${RPM_BUILD_ROOT}/usr/lib/debug" ]; then
#  617|->   readarray dwz_files < <(cd "${RPM_BUILD_ROOT}/usr/lib/debug"; find -type f -name \*.debug | LC_ALL=C sort)
#  618|     if [ ${#dwz_files[@]} -gt 0 ]; then
#  619|       $quiet || echo "DWARF-compressing ${#dwz_files[@]} files" 2>&1

Error: SHELLCHECK_WARNING: [#def17]
/usr/bin/find-debuginfo:630:11: error[SC2157]: Argument to -n is always true due to literal strings.
#  628|       dwz_multifile_name="${dwz_multifile_name}${dwz_multifile_suffix}"
#  629|       dwz_opts="-h -q -r"
#  630|->     [ -n "-j" ] && dwz_opts="${dwz_opts} -j ${n_jobs}"
#  631|       [ ${#dwz_files[@]} -gt 1 ] && [ "$dwz_single_file_mode" = "false" ] \
#  632|         && dwz_opts="${dwz_opts} -m .dwz/${dwz_multifile_name}"

Error: SHELLCHECK_WARNING (CWE-88): [#def18]
/usr/bin/find-debuginfo:639:63: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#  637|         && dwz_opts="${dwz_opts} -L ${dwz_max_die_limit}"
#  638|       if type dwz >/dev/null 2>&1; then
#  639|->       ( cd "${RPM_BUILD_ROOT}/usr/lib/debug" && dwz $dwz_opts ${dwz_files[@]} )
#  640|       else
#  641|         echo >&2 "*** ERROR: DWARF compression requested, but no dwz installed"

Error: SHELLCHECK_WARNING (CWE-252): [#def19]
/usr/bin/find-debuginfo:651:6: warning[SC2164]: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
#  649|       # dwz invalidates .gnu_debuglink CRC32 in the main files.
#  650|       cat "$ELFBINSFILE" |
#  651|->     (cd "$RPM_BUILD_ROOT"; \
#  652|        tr '\n' '\0' | xargs -0 sepdebugcrcfix usr/lib/debug)
#  653|     fi

Error: SHELLCHECK_WARNING (CWE-252): [#def20]
/usr/bin/find-debuginfo:687:4: warning[SC2164]: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
#  685|     # directory (which is why we match against ^ or /).
#  686|     LC_ALL=C sort -z -u "$SOURCEFILE" | grep -E -v -z '(^|/)<[a-z _-]+>$' |
#  687|->   (cd "${debug_base_name}"; cpio -pd0mL --quiet "${RPM_BUILD_ROOT}${debug_dest_name}")
#  688|     # stupid cpio creates new directories in mode 0700,
#  689|     # and non-standard modes may be inherented from original directories, fixup

Error: SHELLCHECK_WARNING (CWE-252): [#def21]
/usr/bin/find-debuginfo:697:4: warning[SC2164]: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
#  695|     ((nout > 0)) ||
#  696|     test ! -d "${RPM_BUILD_ROOT}/usr/lib" ||
#  697|->   (cd "${RPM_BUILD_ROOT}/usr/lib"; find debug -type d) |
#  698|     sed 's,^,%dir /usr/lib/,' >> "$LISTFILE"
#  699|   

Error: SHELLCHECK_WARNING (CWE-252): [#def22]
/usr/bin/find-debuginfo:700:4: warning[SC2164]: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
#  698|     sed 's,^,%dir /usr/lib/,' >> "$LISTFILE"
#  699|   
#  700|->   (cd "${RPM_BUILD_ROOT}/usr"
#  701|      test ! -d lib/debug || find lib/debug ! -type d
#  702|      test ! -d src/debug -o -n "$srcout" || find src/debug -mindepth 1 -maxdepth 1

Error: SHELLCHECK_WARNING (CWE-569): [#def23]
/usr/bin/find-debuginfo:708:3: warning[SC2188]: This redirection doesn't have a command. Move to its command (or use 'true' as no-op).
#  706|   if [ -n "$srcout" ]; then
#  707|     srcout="$BUILDDIR/$srcout"
#  708|->   > "$srcout"
#  709|     if [ -d "${RPM_BUILD_ROOT}/usr/src/debug" ]; then
#  710|       (cd "${RPM_BUILD_ROOT}/usr"

Error: SHELLCHECK_WARNING (CWE-252): [#def24]
/usr/bin/find-debuginfo:710:6: warning[SC2164]: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
#  708|     > "$srcout"
#  709|     if [ -d "${RPM_BUILD_ROOT}/usr/src/debug" ]; then
#  710|->     (cd "${RPM_BUILD_ROOT}/usr"
#  711|        find src/debug -mindepth 1 -maxdepth 1
#  712|       ) | sed 's,^,/usr/,' >> "$srcout"

Error: SHELLCHECK_WARNING (CWE-569): [#def25]
/usr/bin/find-debuginfo:763:3: warning[SC2188]: This redirection doesn't have a command. Move to its command (or use 'true' as no-op).
#  761|   i=0
#  762|   while ((i < nout)); do
#  763|->   > ${outs[$i]}
#  764|     filtered_list ${outs[$i]} ${lists[$i]}
#  765|     pattern_list ${outs[$i]} "${ptns[$i]}"

Error: CPPCHECK_WARNING (CWE-457): [#def26]
debugedit-5.1-build/debugedit-5.1/tools/debugedit.c:2270: error[uninitvar]: Uninitialized variables: &key.cu, &key.new_idx, &key.size_diff, &key.replace_dirs, &key.replace_files, &key.unit_length, &key.version, &key.header_length, &key.min_instr_len, &key.max_op_per_instr, &key.default_is_stmt, &key.line_base, &key.line_range, &key.opcode_base
# 2268|     struct line_table key;
# 2269|     key.old_idx = idx;
# 2270|->   struct line_table *table = bsearch (&key, lines->table,
# 2271|   				      lines->used,
# 2272|   				      sizeof (struct line_table),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
debugedit-5.1-build/debugedit-5.1/tools/debugedit.c: scope_hint: In function ‘main’
debugedit-5.1-build/debugedit-5.1/tools/debugedit.c:3384:16: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopen_dso(fd,  file)’
# 3382|     size_t phnum;
# 3383|   
# 3384|->   if (dest_dir == NULL && (!do_build_id || no_recompute_build_id))
# 3385|       elf = elf_begin (fd, ELF_C_READ, NULL);
# 3386|     else

Error: GCC_ANALYZER_WARNING (CWE-457): [#def28]
debugedit-5.1-build/debugedit-5.1/tools/debugedit.c: scope_hint: In function ‘fdopen_dso’
debugedit-5.1-build/debugedit-5.1/tools/debugedit.c:3456:25: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*dso.filename’
# 3454|     if (dso)
# 3455|       {
# 3456|->       free ((char *) dso->filename);
# 3457|         destroy_strings (&dso->debug_str);
# 3458|         destroy_strings (&dso->debug_line_str);

Error: GCC_ANALYZER_WARNING (CWE-457): [#def29]
debugedit-5.1-build/debugedit-5.1/tools/debugedit.c: scope_hint: In function ‘main’
debugedit-5.1-build/debugedit-5.1/tools/debugedit.c:3728:27: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>.shdr[i].sh_type’
# 3726|         const char *name;
# 3727|   
# 3728|->       switch (dso->shdr[i].sh_type)
# 3729|   	{
# 3730|   	case SHT_MIPS_DWARF:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def30]
debugedit-5.1-build/debugedit-5.1/tools/debugedit.c:3941:6: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 3939|       }
# 3940|   
# 3941|->   if (elf_update (dso->elf, ELF_C_NULL) < 0)
# 3942|       {
# 3943|         error (1, 0, "Failed to update file: %s", elf_errmsg (elf_errno ()));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def31]
debugedit-5.1-build/debugedit-5.1/tools/debugedit.c:3963:6: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
# 3961|         error (1, 0, "Failed to write file: %s", elf_errmsg (elf_errno()));
# 3962|       }
# 3963|->   if (elf_end (dso->elf) < 0)
# 3964|       {
# 3965|         error (1, 0, "elf_end failed: %s", elf_errmsg (elf_errno()));

Error: CPPCHECK_WARNING (CWE-823): [#def32]
debugedit-5.1-build/debugedit-5.1/tools/hashtab.c:186: error[arrayIndexOutOfBounds]: Array 'prime_tab[30]' accessed at index 30, which is out of bounds.
#  184|   
#  185|     /* If we've run out of primes, abort.  */
#  186|->   if (n > prime_tab[low].prime)
#  187|       {
#  188|         fprintf (stderr, "Cannot find prime bigger than %lu\n", n);
Scan Properties

analyzer-version-clippy	1.82.0
analyzer-version-cppcheck	2.16.0
analyzer-version-gcc	14.2.1
analyzer-version-gcc-analyzer	15.0.0
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-45.us-west-2.compute.internal
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	debugedit-5.1-1.fc42
store-results-to	/tmp/tmp0yzqtzpv/debugedit-5.1-1.fc42.tar.xz
time-created	2024-11-12 23:30:01
time-finished	2024-11-12 23:31:28
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmp0yzqtzpv/debugedit-5.1-1.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp0yzqtzpv/debugedit-5.1-1.fc42.src.rpm'
tool-version	csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9