gnutls-3.8.8-1.fc42

List of Findings

Error: GCC_ANALYZER_WARNING: [#def1]
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c: scope_hint: In function 'main'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:113:9: warning[-Wanalyzer-fd-use-without-check]: 'listen' on possibly invalid file descriptor 'listen_sd'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:17: included_from: Included from here.
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:60:9: note: in expansion of macro 'CHECK'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:62:9: note: in expansion of macro 'CHECK'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:62:9: note: in expansion of macro 'CHECK'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:64:9: note: in expansion of macro 'CHECK'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:64:9: note: in expansion of macro 'CHECK'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:67:9: note: in expansion of macro 'CHECK'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:67:9: note: in expansion of macro 'CHECK'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:76:9: note: in expansion of macro 'CHECK'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:76:9: note: in expansion of macro 'CHECK'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:79:9: note: in expansion of macro 'CHECK'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:79:9: note: in expansion of macro 'CHECK'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:82:9: note: in expansion of macro 'CHECK'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/ex-serv-x509.c:82:9: note: in expansion of macro 'CHECK'
#  111|   	bind(listen_sd, (struct sockaddr *)&sa_serv, sizeof(sa_serv));
#  112|   
#  113|-> 	listen(listen_sd, 1024);
#  114|   
#  115|   	printf("Server ready. Listening to port '%d'.\n\n", PORT);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def2]
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/tlsproxy/tlsproxy.c: scope_hint: In function 'runlistener'
gnutls-3.8.8-build/gnutls-3.8.8/doc/examples/tlsproxy/tlsproxy.c:89:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'bindtoaddress(listenaddr)'
#   87|   
#   88|   	for (rp = result; rp != NULL; rp = rp->ai_next) {
#   89|-> 		fd = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol);
#   90|   
#   91|   		if (fd >= 0) {

Error: CPPCHECK_WARNING (CWE-457): [#def3]
gnutls-3.8.8-build/gnutls-3.8.8/gl/gl_anylinked_list2.h:952: error[uninitvar]: Uninitialized variables: result.count, result.i, result.j
#  950|   #endif
#  951|   
#  952|->   return result;
#  953|   }
#  954|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def4]
gnutls-3.8.8-build/gnutls-3.8.8/gl/gl_linkedhash_list.c:77: included_from: Included from here.
gnutls-3.8.8-build/gnutls-3.8.8/gl/gl_anylinked_list2.h: scope_hint: In function 'gl_linked_iterator'
gnutls-3.8.8-build/gnutls-3.8.8/gl/gl_anylinked_list2.h:952:10: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'result.count'
#  950|   #endif
#  951|   
#  952|->   return result;
#  953|   }
#  954|   

Error: CPPCHECK_WARNING (CWE-457): [#def5]
gnutls-3.8.8-build/gnutls-3.8.8/gl/gl_anylinked_list2.h:1023: warning[uninitvar]: Uninitialized variables: result.count, result.i, result.j
# 1021|   #endif
# 1022|   
# 1023|->   return result;
# 1024|   }
# 1025|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def6]
gnutls-3.8.8-build/gnutls-3.8.8/gl/gl_anylinked_list2.h: scope_hint: In function 'gl_linked_iterator_from_to'
gnutls-3.8.8-build/gnutls-3.8.8/gl/gl_anylinked_list2.h:1023:10: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'result.count'
# 1021|   #endif
# 1022|   
# 1023|->   return result;
# 1024|   }
# 1025|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
gnutls-3.8.8-build/gnutls-3.8.8/native_build/gl/sys/stat.h:54: included_from: Included from here.
gnutls-3.8.8-build/gnutls-3.8.8/gl/read-file.c:23: included_from: Included from here.
gnutls-3.8.8-build/gnutls-3.8.8/gl/read-file.c: scope_hint: In function '_gnutls_fread_file'
gnutls-3.8.8-build/gnutls-3.8.8/gl/read-file.c:62:57: warning[-Wanalyzer-malloc-leak]: leak of '_gnutls_fread_file(rpl_fopen(filename,  mode), flags,  length)'
gnutls-3.8.8-build/gnutls-3.8.8/gl/read-file.c:18: included_from: Included from here.
gnutls-3.8.8-build/gnutls-3.8.8/gl/read-file.c:190:1: note: in expansion of macro 'read_file'
gnutls-3.8.8-build/gnutls-3.8.8/gl/read-file.c:202:9: note: in expansion of macro 'fread_file'
gnutls-3.8.8-build/gnutls-3.8.8/gl/read-file.c:202:9: note: in expansion of macro 'fread_file'
gnutls-3.8.8-build/gnutls-3.8.8/gl/read-file.c:52:1: note: in expansion of macro 'fread_file'
#   60|       struct stat st;
#   61|   
#   62|->     if (fstat (fileno (stream), &st) >= 0 && S_ISREG (st.st_mode))
#   63|         {
#   64|           off_t pos = ftello (stream);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
gnutls-3.8.8-build/gnutls-3.8.8/gl/read-file.c:82:6: warning[-Wanalyzer-malloc-leak]: leak of '_gnutls_fread_file(rpl_fopen(filename,  mode), flags,  length)'
gnutls-3.8.8-build/gnutls-3.8.8/gl/read-file.c:190:1: note: in expansion of macro 'read_file'
gnutls-3.8.8-build/gnutls-3.8.8/gl/read-file.c:202:9: note: in expansion of macro 'fread_file'
gnutls-3.8.8-build/gnutls-3.8.8/gl/read-file.c:202:9: note: in expansion of macro 'fread_file'
gnutls-3.8.8-build/gnutls-3.8.8/gl/read-file.c:52:1: note: in expansion of macro 'fread_file'
#   80|     }
#   81|   
#   82|->   if (!(buf = malloc (alloc)))
#   83|       return NULL; /* errno is ENOMEM.  */
#   84|   

Error: CPPCHECK_WARNING (CWE-457): [#def9]
gnutls-3.8.8-build/gnutls-3.8.8/lib/ext/compress_certificate.c:243: error[uninitvar]: Uninitialized variable: bytes
#  241|   	}
#  242|   
#  243|-> 	ret = _gnutls_buffer_append_data_prefix(data, 8, bytes, bytes_len);
#  244|   	if (ret < 0)
#  245|   		return gnutls_assert_val(ret);

Error: CPPCHECK_WARNING (CWE-457): [#def10]
gnutls-3.8.8-build/gnutls-3.8.8/lib/pkcs11.c:4280: warning[uninitvar]: Uninitialized variable: finalized
# 4278|   cleanup:
# 4279|   	gnutls_free(data.data);
# 4280|-> 	if (finalized == 0)
# 4281|   		pkcs11_find_objects_final(sinfo);
# 4282|   

Error: CPPCHECK_WARNING (CWE-562): [#def11]
gnutls-3.8.8-build/gnutls-3.8.8/lib/x509/output.c:210: error[returnDanglingLifetime]: Returning pointer to local variable 'oid' that will be invalid when returning.
#  208|   		return NULL;
#  209|   
#  210|-> 	return gnutls_strdup(oid);
#  211|   }
#  212|   

Error: CPPCHECK_WARNING (CWE-562): [#def12]
gnutls-3.8.8-build/gnutls-3.8.8/lib/x509/output.c:232: error[returnDanglingLifetime]: Returning pointer to local variable 'oid' that will be invalid when returning.
#  230|   		return NULL;
#  231|   
#  232|-> 	return gnutls_strdup(oid);
#  233|   }
#  234|   

Error: CPPCHECK_WARNING (CWE-562): [#def13]
gnutls-3.8.8-build/gnutls-3.8.8/lib/x509/output.c:258: error[returnDanglingLifetime]: Returning pointer to local variable 'oid' that will be invalid when returning.
#  256|   		return NULL;
#  257|   
#  258|-> 	return gnutls_strdup(oid);
#  259|   }
#  260|   

Error: CPPCHECK_WARNING (CWE-562): [#def14]
gnutls-3.8.8-build/gnutls-3.8.8/lib/x509/output.c:280: error[returnDanglingLifetime]: Returning pointer to local variable 'oid' that will be invalid when returning.
#  278|   		return NULL;
#  279|   
#  280|-> 	return gnutls_strdup(oid);
#  281|   }
#  282|   

Error: CPPCHECK_WARNING (CWE-562): [#def15]
gnutls-3.8.8-build/gnutls-3.8.8/lib/x509/output.c:306: error[returnDanglingLifetime]: Returning pointer to local variable 'oid' that will be invalid when returning.
#  304|   		return NULL;
#  305|   
#  306|-> 	return gnutls_strdup(oid);
#  307|   }
#  308|   

Error: CPPCHECK_WARNING (CWE-190): [#def16]
gnutls-3.8.8-build/gnutls-3.8.8/lib/x509/verify-high.c:1426: error[integerOverflow]: Signed integer overflow for expression '-1-16'.
# 1424|   
# 1425|   	/* Allocate extra for retrieved certificates. */
# 1426|-> 	if (!INT_ADD_OK(cert_list_size, DEFAULT_MAX_VERIFY_DEPTH,
# 1427|   			&cert_list_max_size))
# 1428|   		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

Error: CPPCHECK_WARNING (CWE-190): [#def17]
gnutls-3.8.8-build/gnutls-3.8.8/lib/x509/verify-high.c:1426: error[integerOverflow]: Signed integer overflow for expression '-128-16'.
# 1424|   
# 1425|   	/* Allocate extra for retrieved certificates. */
# 1426|-> 	if (!INT_ADD_OK(cert_list_size, DEFAULT_MAX_VERIFY_DEPTH,
# 1427|   			&cert_list_max_size))
# 1428|   		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

Error: CPPCHECK_WARNING (CWE-190): [#def18]
gnutls-3.8.8-build/gnutls-3.8.8/lib/x509/verify-high.c:1426: error[integerOverflow]: Signed integer overflow for expression '-32768-16'.
# 1424|   
# 1425|   	/* Allocate extra for retrieved certificates. */
# 1426|-> 	if (!INT_ADD_OK(cert_list_size, DEFAULT_MAX_VERIFY_DEPTH,
# 1427|   			&cert_list_max_size))
# 1428|   		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

Error: CPPCHECK_WARNING (CWE-190): [#def19]
gnutls-3.8.8-build/gnutls-3.8.8/lib/x509/verify-high.c:1426: error[integerOverflow]: Signed integer overflow for expression '0-16'.
# 1424|   
# 1425|   	/* Allocate extra for retrieved certificates. */
# 1426|-> 	if (!INT_ADD_OK(cert_list_size, DEFAULT_MAX_VERIFY_DEPTH,
# 1427|   			&cert_list_max_size))
# 1428|   		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

Error: CPPCHECK_WARNING (CWE-401): [#def20]
gnutls-3.8.8-build/gnutls-3.8.8/src/certtool-common.c:83: error[memleakOnRealloc]: Common realloc mistake: 'lbuffer' nulled but not freed upon failure
#   81|   	} else if (size > lbuffer_size) {
#   82|   		lbuffer_size = MAX(64 * 1024, size + 1);
#   83|-> 		lbuffer = realloc(lbuffer, lbuffer_size);
#   84|   	}
#   85|   

Error: CPPCHECK_WARNING (CWE-457): [#def21]
gnutls-3.8.8-build/gnutls-3.8.8/src/cli.c:2132: warning[uninitvar]: Uninitialized variable: cert
# 2130|   	for (it = 0; it < cert_list_size; it++) {
# 2131|   		if (deinit_cert)
# 2132|-> 			gnutls_x509_crt_deinit(cert);
# 2133|   
# 2134|   		ret = gnutls_x509_crt_init(&cert);

Error: COMPILER_WARNING (CWE-252): [#def22]
gnutls-3.8.8-build/gnutls-3.8.8/src/danetool.c: scope_hint: In function 'cert_callback'
gnutls-3.8.8-build/gnutls-3.8.8/src/danetool.c:602:17: warning[-Wunused-result]: ignoring return value of 'write' declared with attribute 'warn_unused_result'
#  602 |                 write(priv->fd, t.data, t.size);
#      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  600|   		}
#  601|   
#  602|-> 		write(priv->fd, t.data, t.size);
#  603|   		gnutls_free(t.data);
#  604|   	}

Error: CPPCHECK_WARNING (CWE-457): [#def23]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/gl_anylinked_list2.h:952: error[uninitvar]: Uninitialized variables: result.count, result.i, result.j
#  950|   #endif
#  951|   
#  952|->   return result;
#  953|   }
#  954|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def24]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/gl_linked_list.c:29: included_from: Included from here.
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/gl_anylinked_list2.h: scope_hint: In function 'gl_linked_iterator'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/gl_anylinked_list2.h:952:10: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'result.count'
#  950|   #endif
#  951|   
#  952|->   return result;
#  953|   }
#  954|   

Error: CPPCHECK_WARNING (CWE-457): [#def25]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/gl_anylinked_list2.h:1023: warning[uninitvar]: Uninitialized variables: result.count, result.i, result.j
# 1021|   #endif
# 1022|   
# 1023|->   return result;
# 1024|   }
# 1025|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def26]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/gl_anylinked_list2.h: scope_hint: In function 'gl_linked_iterator_from_to'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/gl_anylinked_list2.h:1023:10: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'result.count'
# 1021|   #endif
# 1022|   
# 1023|->   return result;
# 1024|   }
# 1025|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/ialloc.h:60:37: warning[-Wanalyzer-malloc-leak]: leak of 'ximalloc(s + 1)'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c: scope_hint: In function 'ximalloc'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c: scope_hint: In function 'ximalloc'
#   58|   imalloc (idx_t s)
#   59|   {
#   60|->   return s <= SIZE_MAX ? malloc (s) : _gl_alloc_nomem ();
#   61|   }
#   62|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def28]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/ialloc.h:60:37: warning[-Wanalyzer-malloc-leak]: leak of 'ximalloc(s)'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c: scope_hint: In function 'ximalloc'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c: scope_hint: In function 'ximalloc'
#   58|   imalloc (idx_t s)
#   59|   {
#   60|->   return s <= SIZE_MAX ? malloc (s) : _gl_alloc_nomem ();
#   61|   }
#   62|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def29]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/ialloc.h:106:10: warning[-Wanalyzer-malloc-leak]: leak of 'xicalloc(s, 1)'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c: scope_hint: In function 'xicalloc'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c: scope_hint: In function 'xicalloc'
#  104|         s = 0;
#  105|       }
#  106|->   return calloc (n, s);
#  107|   }
#  108|   

Error: CPPCHECK_WARNING (CWE-562): [#def30]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/mktime.c:262: error[returnDanglingLifetime]: Returning pointer to local variable 'x' that will be invalid when returning.
#  260|   {
#  261|     __time64_t x = t;
#  262|->   return convert (&x, tm);
#  263|   }
#  264|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def31]
gnutls-3.8.8-build/gnutls-3.8.8/native_build/src/gl/sys/stat.h:54: included_from: Included from here.
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/read-file.c:23: included_from: Included from here.
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/read-file.c: scope_hint: In function '_gnutls_fread_file'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/read-file.c:62:57: warning[-Wanalyzer-malloc-leak]: leak of '_gnutls_fread_file(rpl_fopen(filename,  mode), flags,  length)'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/read-file.c:18: included_from: Included from here.
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/read-file.c:190:1: note: in expansion of macro 'read_file'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/read-file.c:202:9: note: in expansion of macro 'fread_file'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/read-file.c:202:9: note: in expansion of macro 'fread_file'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/read-file.c:52:1: note: in expansion of macro 'fread_file'
#   60|       struct stat st;
#   61|   
#   62|->     if (fstat (fileno (stream), &st) >= 0 && S_ISREG (st.st_mode))
#   63|         {
#   64|           off_t pos = ftello (stream);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def32]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/read-file.c:82:6: warning[-Wanalyzer-malloc-leak]: leak of '_gnutls_fread_file(rpl_fopen(filename,  mode), flags,  length)'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/read-file.c:190:1: note: in expansion of macro 'read_file'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/read-file.c:202:9: note: in expansion of macro 'fread_file'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/read-file.c:202:9: note: in expansion of macro 'fread_file'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/read-file.c:52:1: note: in expansion of macro 'fread_file'
#   80|     }
#   81|   
#   82|->   if (!(buf = malloc (alloc)))
#   83|       return NULL; /* errno is ENOMEM.  */
#   84|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def33]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/time_rz.c: scope_hint: In function 'tzfree'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/time_rz.c:63:64: warning[-Wanalyzer-malloc-leak]: leak of 'tzalloc(getenv("TZ"))'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/time_rz.c:27: included_from: Included from here.
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/time_rz.c:29: included_from: Included from here.
#   61|   {
#   62|     size_t name_size = name ? strlen (name) + 1 : 0;
#   63|->   size_t abbr_size = name_size < ABBR_SIZE_MIN ? ABBR_SIZE_MIN : name_size + 1;
#   64|     timezone_t tz = malloc (FLEXSIZEOF (struct tm_zone, abbrs, abbr_size));
#   65|     if (tz)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def34]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/time_rz.c: scope_hint: In function 'revert_tz'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/time_rz.c:181:12: warning[-Wanalyzer-malloc-leak]: leak of 'set_tz(tz)'
#  179|     if (env_tz
#  180|         ? tz->tz_is_set && strcmp (tz->abbrs, env_tz) == 0
#  181|->       : !tz->tz_is_set)
#  182|       return local_tz;
#  183|     else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def35]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c: scope_hint: In function 'xmalloc'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c:45:10: warning[-Wanalyzer-malloc-leak]: leak of 'xmalloc(n)'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c:22: included_from: Included from here.
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c:57:10: note: in expansion of macro 'XNMALLOC'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c:57:10: note: in expansion of macro 'XNMALLOC'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c: scope_hint: In function 'xmalloc'
#   43|   xmalloc (size_t s)
#   44|   {
#   45|->   return check_nonnull (malloc (s));
#   46|   }
#   47|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def36]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c:45:10: warning[-Wanalyzer-malloc-leak]: leak of 'xmalloc(s)'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c: scope_hint: In function 'xmalloc'
#   43|   xmalloc (size_t s)
#   44|   {
#   45|->   return check_nonnull (malloc (s));
#   46|   }
#   47|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def37]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c: scope_hint: In function 'xcalloc'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c:298:10: warning[-Wanalyzer-malloc-leak]: leak of 'xcalloc(s, 1)'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c: scope_hint: In function 'xcalloc'
#  296|   xcalloc (size_t n, size_t s)
#  297|   {
#  298|->   return check_nonnull (calloc (n, s));
#  299|   }
#  300|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def38]
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c: scope_hint: In function 'xmemdup'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c:314:10: warning[-Wanalyzer-malloc-leak]: leak of 'xmemdup(string,  strlen(string) + 1)'
gnutls-3.8.8-build/gnutls-3.8.8/src/gl/xmalloc.c: scope_hint: In function 'xmemdup'
#  312|   xmemdup (void const *p, size_t s)
#  313|   {
#  314|->   return memcpy (xmalloc (s), p, s);
#  315|   }
#  316|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def39]
gnutls-3.8.8-build/gnutls-3.8.8/src/ocsptool.c: scope_hint: In function 'verify_response'
gnutls-3.8.8-build/gnutls-3.8.8/src/ocsptool.c:532:32: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'chain[1]'
gnutls-3.8.8-build/gnutls-3.8.8/src/ocsptool.c:43: included_from: Included from here.
gnutls-3.8.8-build/gnutls-3.8.8/src/ocsptool.c:651:9: note: in expansion of macro 'optionProcess'
gnutls-3.8.8-build/gnutls-3.8.8/src/ocsptool-options.h:102:24: note: in expansion of macro 'HAVE_OPT_RESPONSE_INFO'
gnutls-3.8.8-build/gnutls-3.8.8/src/ocsptool.c:707:18: note: in expansion of macro 'HAVE_OPT'
gnutls-3.8.8-build/gnutls-3.8.8/src/ocsptool-options.h:102:24: note: in expansion of macro 'HAVE_OPT_GENERATE_REQUEST'
gnutls-3.8.8-build/gnutls-3.8.8/src/ocsptool.c:709:18: note: in expansion of macro 'HAVE_OPT'
gnutls-3.8.8-build/gnutls-3.8.8/src/ocsptool-options.h:102:24: note: in expansion of macro 'HAVE_OPT_VERIFY_RESPONSE'
gnutls-3.8.8-build/gnutls-3.8.8/src/ocsptool.c:711:18: note: in expansion of macro 'HAVE_OPT'
gnutls-3.8.8-build/gnutls-3.8.8/src/common.h:26: included_from: Included from here.
gnutls-3.8.8-build/gnutls-3.8.8/src/ocsptool.c:45: included_from: Included from here.
gnutls-3.8.8-build/gnutls-3.8.8/src/ocsptool.c:512:36: note: in expansion of macro 'read_file'
#  530|   			signer = chain[0];
#  531|   		else
#  532|-> 			signer = chain[1];
#  533|   
#  534|   		v = _verify_response(&dat, nonce, signer, 1);

Error: COMPILER_WARNING (CWE-252): [#def40]
gnutls-3.8.8-build/gnutls-3.8.8/src/serv.c: scope_hint: In function 'terminate'
gnutls-3.8.8-build/gnutls-3.8.8/src/serv.c:1140:9: warning[-Wunused-result]: ignoring return value of 'write' declared with attribute 'warn_unused_result'
# 1140 |         write(STDERR_FILENO, buf, p - buf);
#      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 1138|   	*p++ = '\n';
# 1139|   
# 1140|-> 	write(STDERR_FILENO, buf, p - buf);
# 1141|   	_exit(1);
# 1142|   }

Error: COMPILER_WARNING (CWE-252): [#def41]
gnutls-3.8.8-build/gnutls-3.8.8/tests/utils.c: scope_hint: In function '_fail'
gnutls-3.8.8-build/gnutls-3.8.8/tests/utils.c:96:9: warning[-Wunused-result]: ignoring return value of 'vasprintf' declared with attribute 'warn_unused_result'
#   96 |         vasprintf(&str, format, arg_ptr);
#      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   94|   #ifdef HAVE_VASPRINTF
#   95|   	char *str = NULL;
#   96|-> 	vasprintf(&str, format, arg_ptr);
#   97|   
#   98|   	if (str)
Scan Properties

analyzer-version-clippy	1.82.0
analyzer-version-cppcheck	2.16.0
analyzer-version-gcc	14.2.1
analyzer-version-gcc-analyzer	15.0.0
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-97.us-west-2.compute.internal
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	gnutls-3.8.8-1.fc42
store-results-to	/tmp/tmpfg2nl2ly/gnutls-3.8.8-1.fc42.tar.xz
time-created	2024-11-13 00:22:20
time-finished	2024-11-13 00:32:58
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmpfg2nl2ly/gnutls-3.8.8-1.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpfg2nl2ly/gnutls-3.8.8-1.fc42.src.rpm'
tool-version	csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9