dhcpcd-10.0.10-1.fc42

List of Findings

Error: SHELLCHECK_WARNING (CWE-457): [#def1]
/usr/libexec/dhcpcd-run-hooks:5:9: warning[SC2154]: interface is referenced but not assigned.
#    3|   
#    4|   # Handy variables and functions for our hooks to use
#    5|-> ifname="$interface${protocol+.}$protocol"
#    6|   from=from
#    7|   signature_base="# Generated by dhcpcd"

Error: SHELLCHECK_WARNING (CWE-563): [#def2]
/usr/libexec/dhcpcd-run-hooks:8:1: warning[SC2034]: signature appears unused. Verify use (or export if used externally).
#    6|   from=from
#    7|   signature_base="# Generated by dhcpcd"
#    8|-> signature="$signature_base $from $ifname"
#    9|   signature_base_end="# End of dhcpcd"
#   10|   signature_end="$signature_base_end $from $ifname"

Error: SHELLCHECK_WARNING (CWE-563): [#def3]
/usr/libexec/dhcpcd-run-hooks:10:1: warning[SC2034]: signature_end appears unused. Verify use (or export if used externally).
#    8|   signature="$signature_base $from $ifname"
#    9|   signature_base_end="# End of dhcpcd"
#   10|-> signature_end="$signature_base_end $from $ifname"
#   11|   state_dir=/run/dhcpcd/hook-state
#   12|   _detected_init=false

Error: SHELLCHECK_WARNING (CWE-563): [#def4]
/usr/libexec/dhcpcd-run-hooks:11:1: warning[SC2034]: state_dir appears unused. Verify use (or export if used externally).
#    9|   signature_base_end="# End of dhcpcd"
#   10|   signature_end="$signature_base_end $from $ifname"
#   11|-> state_dir=/run/dhcpcd/hook-state
#   12|   _detected_init=false
#   13|   

Error: SHELLCHECK_WARNING (CWE-457): [#def5]
/usr/libexec/dhcpcd-run-hooks:38:11: warning[SC2154]: interface_order is referenced but not assigned.
#   36|   {
#   37|   	ifaces=
#   38|-> 	for i in $interface_order; do
#   39|   		for x in "$1"/$i.*; do
#   40|   			[ -f "$x" ] && ifaces="$ifaces${ifaces:+ }${x##*/}"

Error: SHELLCHECK_WARNING (CWE-88): [#def6]
/usr/libexec/dhcpcd-run-hooks:71:23: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   69|   
#   70|   	if command -v sed >/dev/null 2>&1; then
#   71|-> 		sed -n "s/^$key//p" $@
#   72|   	else
#   73|   		for x do

Error: SHELLCHECK_WARNING (CWE-88): [#def7]
/usr/libexec/dhcpcd-run-hooks:93:24: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   91|   	shift; shift
#   92|   	if command -v sed >/dev/null 2>&1; then
#   93|-> 		sed "/^$m1/,/^$m2/d" $@
#   94|   	else
#   95|   		for x do

Error: SHELLCHECK_WARNING (CWE-457): [#def8]
/usr/libexec/dhcpcd-run-hooks:344:14: warning[SC2154]: skip_hooks is referenced but not assigned.
#  342|   		*/*~)	continue;;
#  343|   	esac
#  344|-> 	for skip in $skip_hooks; do
#  345|   		case "$hook" in
#  346|   			*/"$skip")			continue 2;;

Error: COMPILER_WARNING: [#def9]
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/bpf.c: scope_hint: In function ‘bpf_bootp’
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/bpf.c:709:2: warning[-Wcpp]: #warning A compromised PF_PACKET socket can be used as a raw socket
#  709 | #warning A compromised PF_PACKET socket can be used as a raw socket
#      |  ^~~~~~~
#  707|   #warning No BIOCSETWF support - a compromised BPF can be used as a raw socket
#  708|   #else
#  709|-> #warning A compromised PF_PACKET socket can be used as a raw socket
#  710|   #endif
#  711|   #endif

Error: CPPCHECK_WARNING (CWE-457): [#def10]
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/control.c:577: warning[uninitvar]: Uninitialized variable: buffer
#  575|   		len += l;
#  576|   	}
#  577|-> 	return write(ctx->control_fd, buffer, len);
#  578|   }
#  579|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def11]
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/control.c: scope_hint: In function ‘control_queue’
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/control.c:624:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
dhcpcd-10.0.10-build/dhcpcd-10.0.10/config.h:28: included_from: Included from here.
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/control.c:42: included_from: Included from here.
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#  622|   		d->data_size = data_len;
#  623|   	}
#  624|-> 	memcpy(d->data, data, data_len);
#  625|   	d->data_len = data_len;
#  626|   	d->data_flags = fd->flags & FD_SENDLEN;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def12]
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/dhcpcd.c: scope_hint: In function ‘dup_null’
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/dhcpcd.c:1915:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘err’
# 1913|   	if ((err = dup2(fd_null, fd)) == -1)
# 1914|   		logwarn("dup2 %d", fd);
# 1915|-> 	close(fd_null);
# 1916|   	return err;
# 1917|   }

Error: COMPILER_WARNING: [#def13]
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/if-linux.c:1203:17: warning[-Wstringop-overflow=]: writing 16 bytes into a region of size 0
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/if-linux.c: scope_hint: In function ‘if_address’
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/if-linux.c:1506:25: note: at offset 20 into destination object ‘hdr’ of size 16
# 1201|   	rta->rta_len = len;
# 1202|   	if (alen)
# 1203|-> 		memcpy(RTA_DATA(rta), data, alen);
# 1204|   	n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len);
# 1205|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/if-options.c: scope_hint: In function ‘add_environ’
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/if-options.c:229:36: warning[-Wanalyzer-malloc-leak]: leak of ‘n’
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/if-options.c:733:17: note: in expansion of macro ‘ARG_REQUIRED’
#  227|   			}
#  228|   			free(match);
#  229|-> 			return list[i];
#  230|   		}
#  231|   		i++;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def15]
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/if-options.c: scope_hint: In function ‘parse_option’
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/if-options.c:1717:29: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘edop’
# 1715|   	case O_EMBED:
# 1716|   		if (dop == NULL) {
# 1717|-> 			if (*edop) {
# 1718|   				dop = &(*edop)->embopts;
# 1719|   				dop_len = &(*edop)->embopts_len;

Error: CPPCHECK_WARNING (CWE-401): [#def16]
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/ipv4ll.c:247: error[memleak]: Memory leak: ia
#  245|   			return;
#  246|   		}
#  247|-> 		ia = ipv4_addaddr(ifp, &state->pickedaddr,
#  248|   		    &inaddr_llmask, &inaddr_llbcast,
#  249|   		    DHCP_INFINITE_LIFETIME, DHCP_INFINITE_LIFETIME);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def17]
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/ipv4ll.c: scope_hint: In function ‘ipv4ll_not_found’
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/ipv4ll.c:251:12: warning[-Wanalyzer-malloc-leak]: leak of ‘ia’
#  249|   		    DHCP_INFINITE_LIFETIME, DHCP_INFINITE_LIFETIME);
#  250|   	}
#  251|-> 	if (ia == NULL)
#  252|   		return;
#  253|   #ifdef IN_IFF_NOTREADY

Error: GCC_ANALYZER_WARNING (CWE-415): [#def18]
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/ipv6nd.c: scope_hint: In function ‘routeinfohead_free’
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/ipv6nd.c:2264:17: warning[-Wanalyzer-double-free]: double-‘free’ of ‘ri’
/usr/include/net/route.h:26: included_from: Included from here.
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/ipv6nd.c:33: included_from: Included from here.
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/if.h:73: included_from: Included from here.
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/arp.h:46: included_from: Included from here.
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/privsep.h:127: included_from: Included from here.
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/dhcpcd.h:96: included_from: Included from here.
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/ipv6nd.c:49: included_from: Included from here.
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/ipv6nd.c:1171:13: note: in expansion of macro ‘ipv6_linklocal’
dhcpcd-10.0.10-build/dhcpcd-10.0.10/config.h:28: included_from: Included from here.
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/dhcpcd.h:37: included_from: Included from here.
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/dhcp.h:46: included_from: Included from here.
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/privsep.h:128: included_from: Included from here.
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/dhcp-common.h:118:11: note: in definition of macro ‘has_option_mask’
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/ipv6nd.c:56: included_from: Included from here.
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/ipv6nd.c:1317:33: note: in expansion of macro ‘logwarnx’
# 2262|   	while ((ri = TAILQ_FIRST(head))) {
# 2263|   		TAILQ_REMOVE(head, ri, next);
# 2264|-> 		free(ri);
# 2265|   	}
# 2266|   }

Error: CPPCHECK_WARNING (CWE-590): [#def19]
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/privsep-root.c:634: error[autovarInvalidDeallocation]: Deallocation of an auto-variable (mtime) results in undefined behaviour.
#  632|   	err = ps_root_writeerror(ctx, err, rlen != 0 ? rdata : 0, rlen);
#  633|   	if (free_rdata)
#  634|-> 		free(rdata);
#  635|   	return err;
#  636|   }

Error: GCC_ANALYZER_WARNING (CWE-121): [#def20]
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/privsep.c: scope_hint: In function ‘ps_sendpsmmsg’
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/privsep.c:922:40: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/privsep.c:922:40: note: write of 8 bytes to beyond the end of ‘iov’
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/privsep.c:922:40: note: valid subscripts for ‘iov’ are ‘[0]’ to ‘[6]’
#  920|   			}
#  921|   			iovp++;
#  922|-> 			iovp->iov_base = msg->msg_iov[i].iov_base;
#  923|   			iovp->iov_len = msg->msg_iov[i].iov_len;
#  924|   		}

Error: GCC_ANALYZER_WARNING (CWE-121): [#def21]
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/privsep.c:923:39: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/privsep.c:923:39: note: write of 8 bytes to beyond the end of ‘iov’
dhcpcd-10.0.10-build/dhcpcd-10.0.10/src/privsep.c:923:39: note: valid subscripts for ‘iov’ are ‘[0]’ to ‘[6]’
#  921|   			iovp++;
#  922|   			iovp->iov_base = msg->msg_iov[i].iov_base;
#  923|-> 			iovp->iov_len = msg->msg_iov[i].iov_len;
#  924|   		}
#  925|   		iovlen += i;

Scan Properties