iceauth-1.0.10-1.fc42

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-476): [#def1]
iceauth-1.0.10-build/iceauth-1.0.10/process.c: scope_hint: In function ‘split_into_words’
iceauth-1.0.10-build/iceauth-1.0.10/process.c:311:15: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  309|   	jword = skip_space (src);
#  310|   	src = skip_nonspace (jword);
#  311|-> 	savec = *src;
#  312|   	*src = '\0';
#  313|   	if (cur == total) {

Error: GCC_ANALYZER_WARNING (CWE-762): [#def2]
iceauth-1.0.10-build/iceauth-1.0.10/process.c:316:20: warning[-Wanalyzer-mismatching-deallocation]: ‘argv’ should have been deallocated with ‘free’ but was deallocated with ‘reallocarray’
#  314|   	    char **prevargv = argv;
#  315|   	    total += WORDSTOALLOC;
#  316|-> 	    argv = reallocarray (argv, total, sizeof (char *));
#  317|   	    if (!argv) {
#  318|   		free (prevargv);

Error: COMPILER_WARNING (CWE-252): [#def3]
iceauth-1.0.10-build/iceauth-1.0.10/process.c: scope_hint: In function ‘catchsig’
iceauth-1.0.10-build/iceauth-1.0.10/process.c:489:29: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
#  489 | #define WRITES(fd, S) (void)write((fd), (S), strlen((S)))
#      |                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
iceauth-1.0.10-build/iceauth-1.0.10/process.c:509:38: note: in expansion of macro ‘WRITES’
#  509 |     if (verbose && iceauth_modified) WRITES(STDERR_FILENO, "\r\n");
#      |                                      ^~~~~~
#  487|   
#  488|   /* poor man's puts(), for under signal handlers */
#  489|-> #define WRITES(fd, S) (void)write((fd), (S), strlen((S)))
#  490|   
#  491|   /* ARGSUSED */

Scan Properties