Fixed findings

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-457): [#def1]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c: scope_hint: In function ‘pkinit_decode_data_pkcs11’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c:3894:14: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘obj’
# 3892|       mech.ulParameterLen = 0;
# 3893|   
# 3894|->     if ((r = id_cryptoctx->p11->C_DecryptInit(id_cryptoctx->session, &mech,
# 3895|                                                 obj)) != CKR_OK) {
# 3896|           pkiDebug("C_DecryptInit: 0x%x\n", (int) r);

Error: COMPILER_WARNING (CWE-697): [#def2]
krb5-1.21.3-build/krb5-1.21.3/src/util/support/threads.c: scope_hint: In function ‘krb5int_pthread_loaded’
krb5-1.21.3-build/krb5-1.21.3/src/util/support/threads.c:154:27: warning[-Waddress]: the comparison will always evaluate as ‘false’ for the address of ‘pthread_equal’ will never be NULL
#  154 |         || &pthread_equal == 0
#      |                           ^~
/usr/include/features.h:511: included_from: Included from here.
/usr/include/assert.h:35: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:56: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/util/support/threads.c:28: included_from: Included from here.
/usr/include/pthread.h:1340:1: note: ‘pthread_equal’ declared here
# 1340 | __NTH (pthread_equal (pthread_t __thread1, pthread_t __thread2))
#      | ^~~~~
#  152|           || &pthread_mutex_init == 0
#  153|           || &pthread_self == 0
#  154|->         || &pthread_equal == 0
#  155|           /* Any program that's really multithreaded will have to be
#  156|              able to create threads.  */

Scan Properties

analyzer-version-clippy1.82.0
analyzer-version-cppcheck2.16.0
analyzer-version-gcc14.2.1
analyzer-version-gcc-analyzer15.0.0
analyzer-version-shellcheck0.10.0
analyzer-version-unicontrol0.0.2
diffbase-analyzer-version-clippy1.82.0
diffbase-analyzer-version-cppcheck2.16.0
diffbase-analyzer-version-gcc14.2.1
diffbase-analyzer-version-gcc-analyzer15.0.0
diffbase-analyzer-version-shellcheck0.10.0
diffbase-analyzer-version-unicontrol0.0.2
diffbase-enabled-pluginsclippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code0
diffbase-hostip-172-16-1-99.us-west-2.compute.internal
diffbase-mock-configfedora-rawhide-gcc-latest-x86_64
diffbase-project-namekrb5-1.21.3-3.fc42
diffbase-store-results-to/tmp/tmps_4l_du0/krb5-1.21.3-3.fc42.tar.xz
diffbase-time-created2024-11-13 01:17:57
diffbase-time-finished2024-11-13 01:26:28
diffbase-toolcsmock
diffbase-tool-args'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmps_4l_du0/krb5-1.21.3-3.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmps_4l_du0/krb5-1.21.3-3.fc42.src.rpm'
diffbase-tool-versioncsmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9
enabled-pluginsclippy, cppcheck, gcc, shellcheck, unicontrol
exit-code0
hostip-172-16-1-99.us-west-2.compute.internal
mock-configfedora-rawhide-gcc-latest-x86_64
project-namekrb5-1.21.3-2.fc41
store-results-to/tmp/tmpodzcvs69/krb5-1.21.3-2.fc41.tar.xz
time-created2024-11-13 01:08:41
time-finished2024-11-13 01:17:32
titleFixed findings
toolcsmock
tool-args'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmpodzcvs69/krb5-1.21.3-2.fc41.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpodzcvs69/krb5-1.21.3-2.fc41.src.rpm'
tool-versioncsmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9