krb5-1.21.3-3.fc42

List of Findings

Error: SHELLCHECK_WARNING (CWE-88): [#def1]
/usr/bin/k5srvutil:37:10: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   35|       
#   36|   cmd_error() {
#   37|->     echo $@ 2>&1
#   38|       }
#   39|   

Error: SHELLCHECK_WARNING (CWE-563): [#def2]
/usr/bin/krb5-config:39:1: warning[SC2034]: DL_LIB appears unused. Verify use (or export if used externally).
#   37|   PROG_RPATH_FLAGS=''
#   38|   PTHREAD_CFLAGS='-pthread'
#   39|-> DL_LIB=''
#   40|   DEFCCNAME='FILE:/tmp/krb5cc_%{uid}'
#   41|   DEFKTNAME='FILE:/etc/krb5.keytab'

Error: SHELLCHECK_WARNING (CWE-563): [#def3]
/usr/bin/krb5-config:43:1: warning[SC2034]: SELINUX_LIBS appears unused. Verify use (or export if used externally).
#   41|   DEFKTNAME='FILE:/etc/krb5.keytab'
#   42|   DEFCKTNAME='FILE:/var/kerberos/krb5/user/%{euid}/client.keytab'
#   43|-> SELINUX_LIBS='-lselinux '
#   44|   
#   45|   LIBS='-lkeyutils -lcrypto -lresolv '

Error: SHELLCHECK_WARNING (CWE-563): [#def4]
/usr/bin/krb5-config:45:1: warning[SC2034]: LIBS appears unused. Verify use (or export if used externally).
#   43|   SELINUX_LIBS='-lselinux '
#   44|   
#   45|-> LIBS='-lkeyutils -lcrypto -lresolv '
#   46|   GEN_LIB=
#   47|   

Error: SHELLCHECK_WARNING (CWE-563): [#def5]
/usr/bin/krb5-config:46:1: warning[SC2034]: GEN_LIB appears unused. Verify use (or export if used externally).
#   44|   
#   45|   LIBS='-lkeyutils -lcrypto -lresolv '
#   46|-> GEN_LIB=
#   47|   
#   48|   # Defaults for program

Error: SHELLCHECK_WARNING (CWE-571): [#def6]
/usr/libexec/krb5-tests-x86_64:8:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#    6|   export RPM_PACKAGE_RELEASE=3
#    7|   export RPM_ARCH=x86_64
#    8|-> export RPM_BUILD_NCPUS="$(getconf _NPROCESSORS_ONLN)"
#    9|   
#   10|   testdir="$(mktemp -d)"

Error: SHELLCHECK_WARNING (CWE-569): [#def7]
/usr/libexec/krb5-tests-x86_64:11:14: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled.
#    9|   
#   10|   testdir="$(mktemp -d)"
#   11|-> trap "rm -rf ${testdir}" EXIT
#   12|   
#   13|   build_flags="$(eval "echo $(rpm --eval '%{_smp_mflags}')")"

Error: SHELLCHECK_WARNING (CWE-563): [#def8]
/usr/share/krb5-tests/x86_64/build-tools/krb5-config:39:1: warning[SC2034]: DL_LIB appears unused. Verify use (or export if used externally).
#   37|   PROG_RPATH_FLAGS=''
#   38|   PTHREAD_CFLAGS='-pthread'
#   39|-> DL_LIB=''
#   40|   DEFCCNAME='FILE:/tmp/krb5cc_%{uid}'
#   41|   DEFKTNAME='FILE:/etc/krb5.keytab'

Error: SHELLCHECK_WARNING (CWE-563): [#def9]
/usr/share/krb5-tests/x86_64/build-tools/krb5-config:43:1: warning[SC2034]: SELINUX_LIBS appears unused. Verify use (or export if used externally).
#   41|   DEFKTNAME='FILE:/etc/krb5.keytab'
#   42|   DEFCKTNAME='FILE:/var/kerberos/krb5/user/%{euid}/client.keytab'
#   43|-> SELINUX_LIBS='-lselinux '
#   44|   
#   45|   LIBS='-lkeyutils -lcrypto -lresolv '

Error: SHELLCHECK_WARNING (CWE-563): [#def10]
/usr/share/krb5-tests/x86_64/build-tools/krb5-config:45:1: warning[SC2034]: LIBS appears unused. Verify use (or export if used externally).
#   43|   SELINUX_LIBS='-lselinux '
#   44|   
#   45|-> LIBS='-lkeyutils -lcrypto -lresolv '
#   46|   GEN_LIB=
#   47|   

Error: SHELLCHECK_WARNING (CWE-563): [#def11]
/usr/share/krb5-tests/x86_64/build-tools/krb5-config:46:1: warning[SC2034]: GEN_LIB appears unused. Verify use (or export if used externally).
#   44|   
#   45|   LIBS='-lkeyutils -lcrypto -lresolv '
#   46|-> GEN_LIB=
#   47|   
#   48|   # Defaults for program

Error: SHELLCHECK_WARNING (CWE-563): [#def12]
/usr/share/krb5-tests/x86_64/build-tools/krb5-config.in:39:1: warning[SC2034]: DL_LIB appears unused. Verify use (or export if used externally).
#   37|   PROG_RPATH_FLAGS='@PROG_RPATH_FLAGS@'
#   38|   PTHREAD_CFLAGS='@PTHREAD_CFLAGS@'
#   39|-> DL_LIB='@DL_LIB@'
#   40|   DEFCCNAME='@DEFCCNAME@'
#   41|   DEFKTNAME='@DEFKTNAME@'

Error: SHELLCHECK_WARNING (CWE-563): [#def13]
/usr/share/krb5-tests/x86_64/build-tools/krb5-config.in:43:1: warning[SC2034]: SELINUX_LIBS appears unused. Verify use (or export if used externally).
#   41|   DEFKTNAME='@DEFKTNAME@'
#   42|   DEFCKTNAME='@DEFCKTNAME@'
#   43|-> SELINUX_LIBS='@SELINUX_LIBS@'
#   44|   
#   45|   LIBS='@LIBS@'

Error: SHELLCHECK_WARNING (CWE-563): [#def14]
/usr/share/krb5-tests/x86_64/build-tools/krb5-config.in:45:1: warning[SC2034]: LIBS appears unused. Verify use (or export if used externally).
#   43|   SELINUX_LIBS='@SELINUX_LIBS@'
#   44|   
#   45|-> LIBS='@LIBS@'
#   46|   GEN_LIB=@GEN_LIB@
#   47|   

Error: SHELLCHECK_WARNING (CWE-563): [#def15]
/usr/share/krb5-tests/x86_64/build-tools/krb5-config.in:46:1: warning[SC2034]: GEN_LIB appears unused. Verify use (or export if used externally).
#   44|   
#   45|   LIBS='@LIBS@'
#   46|-> GEN_LIB=@GEN_LIB@
#   47|   
#   48|   # Defaults for program

Error: SHELLCHECK_WARNING (CWE-398): [#def16]
/usr/share/krb5-tests/x86_64/ccapi/test/test_ccapi.sh:8:1: warning[SC2113]: 'function' keyword is non-standard. Use 'foo()' instead of 'function foo'.
#    6|   failure_count=0
#    7|   
#    8|-> function run_test {
#    9|   	if [[ -e $TEST_DIR/$1 ]]; then
#   10|   		./$TEST_DIR/$1

Error: SHELLCHECK_WARNING: [#def17]
/usr/share/krb5-tests/x86_64/ccapi/test/test_ccapi.sh:9:5: warning[SC3010]: In POSIX sh, [[ ]] is undefined.
#    7|   
#    8|   function run_test {
#    9|-> 	if [[ -e $TEST_DIR/$1 ]]; then
#   10|   		./$TEST_DIR/$1
#   11|   		failure_count=`expr $failure_count + $?`

Error: SHELLCHECK_WARNING (CWE-563): [#def18]
/usr/share/krb5-tests/x86_64/config.status:22:3: warning[SC2034]: NULLCMD appears unused. Verify use (or export if used externally).
#   20|   then :
#   21|     emulate sh
#   22|->   NULLCMD=:
#   23|     # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
#   24|     # is contrary to our usage.  Disable this feature.

Error: SHELLCHECK_WARNING (CWE-398): [#def19]
/usr/share/krb5-tests/x86_64/config.status:25:12: error[SC2142]: Aliases can't use positional parameters. Use a function.
#   23|     # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
#   24|     # is contrary to our usage.  Disable this feature.
#   25|->   alias -g '${1+"$@"}'='"$@"'
#   26|     setopt NO_GLOB_SUBST
#   27|   else case e in #(

Error: SHELLCHECK_WARNING: [#def20]
/usr/share/krb5-tests/x86_64/config.status:27:11: warning[SC2194]: This word is constant. Did you forget the $ on a variable?
#   25|     alias -g '${1+"$@"}'='"$@"'
#   26|     setopt NO_GLOB_SUBST
#   27|-> else case e in #(
#   28|     e) case `(set -o) 2>/dev/null` in #(
#   29|     *posix*) :

Error: SHELLCHECK_WARNING: [#def21]
/usr/share/krb5-tests/x86_64/config.status:30:12: warning[SC3040]: In POSIX sh, set option posix is undefined.
#   28|     e) case `(set -o) 2>/dev/null` in #(
#   29|     *posix*) :
#   30|->     set -o posix ;; #(
#   31|     *) :
#   32|        ;;

Error: SHELLCHECK_WARNING (CWE-569): [#def22]
/usr/share/krb5-tests/x86_64/config.status:67:16: warning[SC1083]: This { is literal. Check expression (missing ;/\n?) or quote it.
#   65|   # in other old shells (e.g. bash 2.01 and pdksh 5.2.14).
#   66|   for as_var in BASH_ENV ENV MAIL MAILPATH CDPATH
#   67|-> do eval test \${$as_var+y} \
#   68|     && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
#   69|   done

Error: SHELLCHECK_WARNING (CWE-569): [#def23]
/usr/share/krb5-tests/x86_64/config.status:67:26: warning[SC1083]: This } is literal. Check expression (missing ;/\n?) or quote it.
#   65|   # in other old shells (e.g. bash 2.01 and pdksh 5.2.14).
#   66|   for as_var in BASH_ENV ENV MAIL MAILPATH CDPATH
#   67|-> do eval test \${$as_var+y} \
#   68|     && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
#   69|   done

Error: SHELLCHECK_WARNING (CWE-563): [#def24]
/usr/share/krb5-tests/x86_64/config.status:80:24: warning[SC2034]: FPATH appears unused. Verify use (or export if used externally).
#   78|     PATH_SEPARATOR=:
#   79|     (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
#   80|->     (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
#   81|         PATH_SEPARATOR=';'
#   82|     }

Error: SHELLCHECK_WARNING (CWE-563): [#def25]
/usr/share/krb5-tests/x86_64/config.status:159:1: warning[SC2034]: as_unset appears unused. Verify use (or export if used externally).
#  157|     { eval $1=; unset $1;}
#  158|   }
#  159|-> as_unset=as_fn_unset
#  160|   
#  161|   # as_fn_append VAR VALUE

Error: SHELLCHECK_WARNING: [#def26]
/usr/share/krb5-tests/x86_64/config.status:173:11: warning[SC2194]: This word is constant. Did you forget the $ on a variable?
#  171|       eval $1+=\$2
#  172|     }'
#  173|-> else case e in #(
#  174|     e) as_fn_append ()
#  175|     {

Error: SHELLCHECK_WARNING: [#def27]
/usr/share/krb5-tests/x86_64/config.status:192:11: warning[SC2194]: This word is constant. Did you forget the $ on a variable?
#  190|       as_val=$(( $* ))
#  191|     }'
#  192|-> else case e in #(
#  193|     e) as_fn_arith ()
#  194|     {

Error: SHELLCHECK_WARNING (CWE-563): [#def28]
/usr/share/krb5-tests/x86_64/config.status:195:5: warning[SC2034]: as_val appears unused. Verify use (or export if used externally).
#  193|     e) as_fn_arith ()
#  194|     {
#  195|->     as_val=`expr "$@" || test $? -eq 1`
#  196|     } ;;
#  197|   esac

Error: SHELLCHECK_WARNING (CWE-456): [#def29]
/usr/share/krb5-tests/x86_64/config.status:203:3: warning[SC2209]: Use var=$(command) to assign output (or quote to assign string).
#  201|   if expr a : '\(a\)' >/dev/null 2>&1 &&
#  202|      test "X`expr 00001 : '.*\(...\)'`" = X001; then
#  203|->   as_expr=expr
#  204|   else
#  205|     as_expr=false

Error: SHELLCHECK_WARNING (CWE-456): [#def30]
/usr/share/krb5-tests/x86_64/config.status:209:3: warning[SC2209]: Use var=$(command) to assign output (or quote to assign string).
#  207|   
#  208|   if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
#  209|->   as_basename=basename
#  210|   else
#  211|     as_basename=false

Error: SHELLCHECK_WARNING (CWE-456): [#def31]
/usr/share/krb5-tests/x86_64/config.status:215:3: warning[SC2209]: Use var=$(command) to assign output (or quote to assign string).
#  213|   
#  214|   if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
#  215|->   as_dirname=dirname
#  216|   else
#  217|     as_dirname=false

Error: SHELLCHECK_WARNING (CWE-480): [#def32]
/usr/share/krb5-tests/x86_64/config.status:250:8: warning[SC1007]: Remove space after = if trying to assign a value (for empty string, use var='' ... ).
#  248|   # These variables are no longer used directly by Autoconf, but are AC_SUBSTed
#  249|   # for compatibility with existing Makefiles.
#  250|-> ECHO_C= ECHO_N= ECHO_T=
#  251|   case `echo -n x` in #(((((
#  252|   -n*)

Error: SHELLCHECK_WARNING (CWE-480): [#def33]
/usr/share/krb5-tests/x86_64/config.status:250:16: warning[SC1007]: Remove space after = if trying to assign a value (for empty string, use var='' ... ).
#  248|   # These variables are no longer used directly by Autoconf, but are AC_SUBSTed
#  249|   # for compatibility with existing Makefiles.
#  250|-> ECHO_C= ECHO_N= ECHO_T=
#  251|   case `echo -n x` in #(((((
#  252|   -n*)

Error: SHELLCHECK_WARNING: [#def34]
/usr/share/krb5-tests/x86_64/config.status:251:12: warning[SC3037]: In POSIX sh, echo flags are undefined.
#  249|   # for compatibility with existing Makefiles.
#  250|   ECHO_C= ECHO_N= ECHO_T=
#  251|-> case `echo -n x` in #(((((
#  252|   -n*)
#  253|     case `echo 'xy\c'` in

Error: SHELLCHECK_WARNING (CWE-563): [#def35]
/usr/share/krb5-tests/x86_64/config.status:255:8: warning[SC2034]: ECHO_C appears unused. Verify use (or export if used externally).
#  253|     case `echo 'xy\c'` in
#  254|     *c*) ECHO_T='	';;	# ECHO_T is single tab character.
#  255|->   xy)  ECHO_C='\c';;
#  256|     *)   echo `echo ksh88 bug on AIX 6.1` > /dev/null
#  257|          ECHO_T='	';;

Error: SHELLCHECK_WARNING (CWE-156): [#def36]
/usr/share/krb5-tests/x86_64/config.status:256:13: warning[SC2046]: Quote this to prevent word splitting.
#  254|     *c*) ECHO_T='	';;	# ECHO_T is single tab character.
#  255|     xy)  ECHO_C='\c';;
#  256|->   *)   echo `echo ksh88 bug on AIX 6.1` > /dev/null
#  257|          ECHO_T='	';;
#  258|     esac;;

Error: SHELLCHECK_WARNING (CWE-563): [#def37]
/usr/share/krb5-tests/x86_64/config.status:257:8: warning[SC2034]: ECHO_T appears unused. Verify use (or export if used externally).
#  255|     xy)  ECHO_C='\c';;
#  256|     *)   echo `echo ksh88 bug on AIX 6.1` > /dev/null
#  257|->        ECHO_T='	';;
#  258|     esac;;
#  259|   *)

Error: SHELLCHECK_WARNING (CWE-563): [#def38]
/usr/share/krb5-tests/x86_64/config.status:260:3: warning[SC2034]: ECHO_N appears unused. Verify use (or export if used externally).
#  258|     esac;;
#  259|   *)
#  260|->   ECHO_N='-n';;
#  261|   esac
#  262|   

Error: SHELLCHECK_WARNING (CWE-563): [#def39]
/usr/share/krb5-tests/x86_64/config.status:266:1: warning[SC2034]: as_echo appears unused. Verify use (or export if used externally).
#  264|   # the shell variables $as_echo and $as_echo_n.  New code should use
#  265|   # AS_ECHO(["message"]) and AS_ECHO_N(["message"]), respectively.
#  266|-> as_echo='printf %s\n'
#  267|   as_echo_n='printf %s'
#  268|   

Error: SHELLCHECK_WARNING (CWE-563): [#def40]
/usr/share/krb5-tests/x86_64/config.status:267:1: warning[SC2034]: as_echo_n appears unused. Verify use (or export if used externally).
#  265|   # AS_ECHO(["message"]) and AS_ECHO_N(["message"]), respectively.
#  266|   as_echo='printf %s\n'
#  267|-> as_echo_n='printf %s'
#  268|   
#  269|   rm -f conf$$ conf$$.exe conf$$.file

Error: SHELLCHECK_WARNING (CWE-456): [#def41]
/usr/share/krb5-tests/x86_64/config.status:286:5: warning[SC2209]: Use var=$(command) to assign output (or quote to assign string).
#  284|         as_ln_s='cp -pR'
#  285|     elif ln conf$$.file conf$$ 2>/dev/null; then
#  286|->     as_ln_s=ln
#  287|     else
#  288|       as_ln_s='cp -pR'

Error: SHELLCHECK_WARNING (CWE-563): [#def42]
/usr/share/krb5-tests/x86_64/config.status:291:3: warning[SC2034]: as_ln_s appears unused. Verify use (or export if used externally).
#  289|     fi
#  290|   else
#  291|->   as_ln_s='cp -pR'
#  292|   fi
#  293|   rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file

Error: SHELLCHECK_WARNING (CWE-563): [#def43]
/usr/share/krb5-tests/x86_64/config.status:359:1: warning[SC2034]: as_test_x appears unused. Verify use (or export if used externally).
#  357|     test -f "$1" && test -x "$1"
#  358|   } # as_fn_executable_p
#  359|-> as_test_x='test -x'
#  360|   as_executable_p=as_fn_executable_p
#  361|   

Error: SHELLCHECK_WARNING (CWE-563): [#def44]
/usr/share/krb5-tests/x86_64/config.status:360:1: warning[SC2034]: as_executable_p appears unused. Verify use (or export if used externally).
#  358|   } # as_fn_executable_p
#  359|   as_test_x='test -x'
#  360|-> as_executable_p=as_fn_executable_p
#  361|   
#  362|   # Sed expression to map a string onto a valid CPP name.

Error: SHELLCHECK_WARNING (CWE-563): [#def45]
/usr/share/krb5-tests/x86_64/config.status:364:1: warning[SC2034]: as_tr_cpp appears unused. Verify use (or export if used externally).
#  362|   # Sed expression to map a string onto a valid CPP name.
#  363|   as_sed_cpp="y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g"
#  364|-> as_tr_cpp="eval sed '$as_sed_cpp'" # deprecated
#  365|   
#  366|   # Sed expression to map a string onto a valid variable name.

Error: SHELLCHECK_WARNING (CWE-563): [#def46]
/usr/share/krb5-tests/x86_64/config.status:368:1: warning[SC2034]: as_tr_sh appears unused. Verify use (or export if used externally).
#  366|   # Sed expression to map a string onto a valid variable name.
#  367|   as_sed_sh="y%*+%pp%;s%[^_$as_cr_alnum]%_%g"
#  368|-> as_tr_sh="eval sed '$as_sed_sh'" # deprecated
#  369|   
#  370|   

Error: SHELLCHECK_WARNING (CWE-569): [#def47]
/usr/share/krb5-tests/x86_64/config.status:378:8: warning[SC2124]: Assigning an array to a string! Assign as array, or use * instead of @ to concatenate.
#  376|   # report actual input values of CONFIG_FILES etc. instead of their
#  377|   # values after options handling.
#  378|-> ac_log="
#  379|   This file was extended by Kerberos 5 $as_me 1.21.3, which was
#  380|   generated by GNU Autoconf 2.72.  Invocation command line was

Error: SHELLCHECK_WARNING (CWE-456): [#def48]
/usr/share/krb5-tests/x86_64/config.status:436:19: warning[SC2209]: Use var=$(command) to assign output (or quote to assign string).
#  434|   INSTALL='/usr/bin/install -c'
#  435|   AWK='gawk'
#  436|-> test -n "$AWK" || AWK=awk
#  437|   # The default lists apply if the user does not specify any file.
#  438|   ac_need_defaults=:

Error: SHELLCHECK_WARNING (CWE-456): [#def49]
/usr/share/krb5-tests/x86_64/config.status:455:5: warning[SC2209]: Use var=$(command) to assign output (or quote to assign string).
#  453|       ac_option=$1
#  454|       ac_optarg=$2
#  455|->     ac_shift=shift
#  456|       ;;
#  457|     esac

Error: SHELLCHECK_WARNING (CWE-456): [#def50]
/usr/share/krb5-tests/x86_64/config.status:513:7: warning[SC2121]: To assign a variable, use just 'var=value', no 'set ..'.
#  511|   
#  512|   if $ac_cs_recheck; then
#  513|->   set X /bin/sh './configure'  '--build=x86_64-redhat-linux' '--host=x86_64-redhat-linux' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' 'CC=gcc' 'CFLAGS=-O2 -flto=auto -ffat-lto-objects -fexce [...]
#  514|     shift
#  515|     \printf "%s\n" "running CONFIG_SHELL=/bin/sh $*" >&6
/usr/share/krb5-tests/x86_64/config.status:513:7: note: trimmed 1 message(s) with length over 512

Error: SHELLCHECK_WARNING (CWE-457): [#def51]
/usr/share/krb5-tests/x86_64/config.status:532:25: warning[SC2154]: ac_config_targets is referenced but not assigned (did you mean 'ac_config_target'?).
#  530|   
#  531|   # Handling of arguments.
#  532|-> for ac_config_target in $ac_config_targets
#  533|   do
#  534|     case $ac_config_target in

Error: SHELLCHECK_WARNING (CWE-480): [#def52]
/usr/share/krb5-tests/x86_64/config.status:688:7: warning[SC1007]: Remove space after = if trying to assign a value (for empty string, use var='' ... ).
#  686|   $debug ||
#  687|   {
#  688|->   tmp= ac_tmp=
#  689|     trap 'exit_status=$?
#  690|     : "${ac_tmp:=$tmp}"

Error: SHELLCHECK_WARNING (CWE-457): [#def53]
/usr/share/krb5-tests/x86_64/config.status:689:8: warning[SC2154]: exit_status is referenced but not assigned.
#  687|   {
#  688|     tmp= ac_tmp=
#  689|->   trap 'exit_status=$?
#  690|     : "${ac_tmp:=$tmp}"
#  691|     { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status

Error: SHELLCHECK_WARNING (CWE-398): [#def54]
/usr/share/krb5-tests/x86_64/config.status:693:27: warning[SC2172]: Trapping signals by number is not well defined. Prefer signal names.
#  691|     { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status
#  692|   ' 0
#  693|->   trap 'as_fn_exit 1' 1 2 13 15
#  694|   }
#  695|   # Create a (secure) tmp directory for tmp files.

Error: SHELLCHECK_WARNING: [#def55]
/usr/share/krb5-tests/x86_64/config.status:702:16: warning[SC3028]: In POSIX sh, RANDOM is undefined.
#  700|   }  ||
#  701|   {
#  702|->   tmp=./conf$$-$RANDOM
#  703|     (umask 077 && mkdir "$tmp")
#  704|   } || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5

Error: SHELLCHECK_WARNING (CWE-456): [#def56]
/usr/share/krb5-tests/x86_64/config.status:1312:7: warning[SC2121]: To assign a variable, use just 'var=value', no 'set ..'.
# 1310|     ac_save_IFS=$IFS
# 1311|     IFS=:
# 1312|->   set x $ac_tag
# 1313|     IFS=$ac_save_IFS
# 1314|     shift

Error: SHELLCHECK_WARNING (CWE-563): [#def57]
/usr/share/krb5-tests/x86_64/config.status:1319:7: warning[SC2034]: ac_source appears unused. Verify use (or export if used externally).
# 1317|   
# 1318|     case $ac_mode in
# 1319|->   :L) ac_source=$1;;
# 1320|     :[FH])
# 1321|       ac_file_inputs=

Error: SHELLCHECK_WARNING (CWE-480): [#def58]
/usr/share/krb5-tests/x86_64/config.status:1393:18: warning[SC1007]: Remove space after = if trying to assign a value (for empty string, use var='' ... ).
# 1391|   
# 1392|   case "$ac_dir" in
# 1393|-> .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
# 1394|   *)
# 1395|     ac_dir_suffix=/`printf "%s\n" "$ac_dir" | sed 's|^\.[\\/]||'`

Error: SHELLCHECK_WARNING (CWE-563): [#def59]
/usr/share/krb5-tests/x86_64/config.status:1406:1: warning[SC2034]: ac_top_builddir appears unused. Verify use (or export if used externally).
# 1404|   ac_abs_builddir=$ac_pwd$ac_dir_suffix
# 1405|   # for backward compatibility:
# 1406|-> ac_top_builddir=$ac_top_build_prefix
# 1407|   
# 1408|   case $srcdir in

Error: SHELLCHECK_WARNING (CWE-563): [#def60]
/usr/share/krb5-tests/x86_64/config.status:1461:1: warning[SC2034]: ac_sed_extra appears unused. Verify use (or export if used externally).
# 1459|     s&\${datarootdir}&${prefix}/share&g' ;;
# 1460|   esac
# 1461|-> ac_sed_extra="/^[	 ]*VPATH[	 ]*=[	 ]*/{
# 1462|   h
# 1463|   s///

Error: SHELLCHECK_WARNING (CWE-569): [#def61]
/usr/share/krb5-tests/x86_64/config/config.sub:245:8: warning[SC2221]: This pattern always overrides a later one on line 247.
#  243|   					| semi \
#  244|   					| sequent* \
#  245|-> 					| siemens \
#  246|   					| sgi* \
#  247|   					| siemens \

Error: SHELLCHECK_WARNING (CWE-569): [#def62]
/usr/share/krb5-tests/x86_64/config/config.sub:247:8: warning[SC2222]: This pattern never matches because of a previous pattern on line 245.
#  245|   					| siemens \
#  246|   					| sgi* \
#  247|-> 					| siemens \
#  248|   					| sim \
#  249|   					| sni \

Error: SHELLCHECK_WARNING: [#def63]
/usr/share/krb5-tests/x86_64/config/install-sh:142:33: warning[SC2320]: This $? refers to echo/printf, not a previous command. Assign to variable to avoid it being overwritten.
#  140|           shift;;
#  141|   
#  142|->     --help) echo "$usage"; exit $?;;
#  143|   
#  144|       -m) mode=$2

Error: SHELLCHECK_WARNING: [#def64]
/usr/share/krb5-tests/x86_64/config/install-sh:173:47: warning[SC2320]: This $? refers to echo/printf, not a previous command. Assign to variable to avoid it being overwritten.
#  171|       -T) is_target_a_directory=never;;
#  172|   
#  173|->     --version) echo "$0 $scriptversion"; exit $?;;
#  174|   
#  175|       --) shift

Error: SHELLCHECK_WARNING (CWE-456): [#def65]
/usr/share/krb5-tests/x86_64/config/install-sh:204:11: warning[SC2121]: To assign a variable, use just 'var=value', no 'set ..'.
#  202|       if test -n "$dst_arg"; then
#  203|         # $@ is not empty: it contains at least $arg.
#  204|->       set fnord "$@" "$dst_arg"
#  205|         shift # fnord
#  206|       fi

Error: SHELLCHECK_WARNING (CWE-569): [#def66]
/usr/share/krb5-tests/x86_64/config/install-sh:237:18: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled.
#  235|   if test -z "$dir_arg"; then
#  236|     do_exit='(exit $ret); exit $ret'
#  237|->   trap "ret=129; $do_exit" 1
#  238|     trap "ret=130; $do_exit" 2
#  239|     trap "ret=141; $do_exit" 13

Error: SHELLCHECK_WARNING (CWE-569): [#def67]
/usr/share/krb5-tests/x86_64/config/install-sh:238:18: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled.
#  236|     do_exit='(exit $ret); exit $ret'
#  237|     trap "ret=129; $do_exit" 1
#  238|->   trap "ret=130; $do_exit" 2
#  239|     trap "ret=141; $do_exit" 13
#  240|     trap "ret=143; $do_exit" 15

Error: SHELLCHECK_WARNING (CWE-569): [#def68]
/usr/share/krb5-tests/x86_64/config/install-sh:239:18: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled.
#  237|     trap "ret=129; $do_exit" 1
#  238|     trap "ret=130; $do_exit" 2
#  239|->   trap "ret=141; $do_exit" 13
#  240|     trap "ret=143; $do_exit" 15
#  241|   

Error: SHELLCHECK_WARNING (CWE-398): [#def69]
/usr/share/krb5-tests/x86_64/config/install-sh:239:28: warning[SC2172]: Trapping signals by number is not well defined. Prefer signal names.
#  237|     trap "ret=129; $do_exit" 1
#  238|     trap "ret=130; $do_exit" 2
#  239|->   trap "ret=141; $do_exit" 13
#  240|     trap "ret=143; $do_exit" 15
#  241|   

Error: SHELLCHECK_WARNING (CWE-569): [#def70]
/usr/share/krb5-tests/x86_64/config/install-sh:240:18: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled.
#  238|     trap "ret=130; $do_exit" 2
#  239|     trap "ret=141; $do_exit" 13
#  240|->   trap "ret=143; $do_exit" 15
#  241|   
#  242|     # Set umask so as not to create temps with too-generous modes.

Error: SHELLCHECK_WARNING: [#def71]
/usr/share/krb5-tests/x86_64/config/install-sh:339:27: warning[SC3028]: In POSIX sh, RANDOM is undefined.
#  337|   	# The $RANDOM variable is not portable (e.g., dash).  Use it
#  338|   	# here however when possible just to lower collision chance.
#  339|-> 	tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
#  340|   
#  341|   	trap '

Error: SHELLCHECK_WARNING (CWE-457): [#def72]
/usr/share/krb5-tests/x86_64/config/install-sh:341:7: warning[SC2154]: ret is referenced but not assigned.
#  339|   	tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
#  340|   
#  341|-> 	trap '
#  342|   	  ret=$?
#  343|   	  rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" 2>/dev/null

Error: SHELLCHECK_WARNING (CWE-456): [#def73]
/usr/share/krb5-tests/x86_64/config/install-sh:403:11: warning[SC2121]: To assign a variable, use just 'var=value', no 'set ..'.
#  401|         IFS=/
#  402|         set -f
#  403|->       set fnord $dstdir
#  404|         shift
#  405|         set +f

Error: SHELLCHECK_WARNING (CWE-456): [#def74]
/usr/share/krb5-tests/x86_64/config/install-sh:488:12: warning[SC2121]: To assign a variable, use just 'var=value', no 'set ..'.
#  486|          new=`LC_ALL=C ls -dlL "$dsttmp"  2>/dev/null` &&
#  487|          set -f &&
#  488|->        set X $old && old=:$2:$4:$5:$6 &&
#  489|          set X $new && new=:$2:$4:$5:$6 &&
#  490|          set +f &&

Error: SHELLCHECK_WARNING (CWE-456): [#def75]
/usr/share/krb5-tests/x86_64/config/install-sh:489:12: warning[SC2121]: To assign a variable, use just 'var=value', no 'set ..'.
#  487|          set -f &&
#  488|          set X $old && old=:$2:$4:$5:$6 &&
#  489|->        set X $new && new=:$2:$4:$5:$6 &&
#  490|          set +f &&
#  491|          test "$old" = "$new" &&

Error: SHELLCHECK_WARNING (CWE-456): [#def76]
/usr/share/krb5-tests/x86_64/config/mkinstalldirs:13:8: warning[SC2121]: To assign a variable, use just 'var=value', no 'set ..'.
#   11|   for file
#   12|   do
#   13|->    set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'`
#   14|      shift
#   15|   

Error: SHELLCHECK_WARNING (CWE-156): [#def77]
/usr/share/krb5-tests/x86_64/config/mkinstalldirs:13:14: warning[SC2046]: Quote this to prevent word splitting.
#   11|   for file
#   12|   do
#   13|->    set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'`
#   14|      shift
#   15|   

Error: SHELLCHECK_WARNING (CWE-88): [#def78]
/usr/share/krb5-tests/x86_64/kadmin/cli/k5srvutil.sh:37:10: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   35|       
#   36|   cmd_error() {
#   37|->     echo $@ 2>&1
#   38|       }
#   39|   

Error: SHELLCHECK_WARNING (CWE-456): [#def79]
/usr/share/krb5-tests/x86_64/lib/krb5/krb/transit-tests:26:5: warning[SC2121]: To assign a variable, use just 'var=value', no 'set ..'.
#   24|   eval $check
#   25|   
#   26|-> set EDU ATHENA.MIT.EDU ,
#   27|   expected="MIT.EDU"
#   28|   eval $check

Error: SHELLCHECK_WARNING (CWE-456): [#def80]
/usr/share/krb5-tests/x86_64/lib/krb5/krb/transit-tests:30:5: warning[SC2121]: To assign a variable, use just 'var=value', no 'set ..'.
#   28|   eval $check
#   29|   
#   30|-> set x x "/COM,/HP,/APOLLO, /COM/DEC"
#   31|   expected="/COM /COM/HP /COM/HP/APOLLO /COM/DEC"
#   32|   eval $check

Error: SHELLCHECK_WARNING (CWE-456): [#def81]
/usr/share/krb5-tests/x86_64/lib/krb5/krb/transit-tests:34:5: warning[SC2121]: To assign a variable, use just 'var=value', no 'set ..'.
#   32|   eval $check
#   33|   
#   34|-> set x x EDU,MIT.,ATHENA.,WASHINGTON.EDU,CS.
#   35|   expected="EDU MIT.EDU ATHENA.MIT.EDU WASHINGTON.EDU CS.WASHINGTON.EDU"
#   36|   eval $check

Error: SHELLCHECK_WARNING (CWE-563): [#def82]
/usr/share/krb5-tests/x86_64/lib/krb5/krb/transit-tests:50:1: warning[SC2034]: expected appears unused. Verify use (or export if used externally).
#   48|   
#   49|   set XYZZY.ATHENA.MIT.EDU XYZZY.CS.CMU.EDU ,EDU,
#   50|-> expected="EDU MIT.EDU ATHENA.MIT.EDU CMU.EDU CS.CMU.EDU"
#   51|   eval $check
#   52|   

Error: SHELLCHECK_WARNING (CWE-563): [#def83]
/usr/share/krb5-tests/x86_64/tests/pkinit-certs/make-certs.sh:13:1: warning[SC2034]: TLS_SERVER_EKU appears unused. Verify use (or export if used externally).
#   11|   PKINIT_KDC_EKU=1.3.6.1.5.2.3.5
#   12|   PKINIT_CLIENT_EKU=1.3.6.1.5.2.3.4
#   13|-> TLS_SERVER_EKU=1.3.6.1.5.5.7.3.1
#   14|   TLS_CLIENT_EKU=1.3.6.1.5.5.7.3.2
#   15|   EMAIL_PROTECTION_EKU=1.3.6.1.5.5.7.3.4

Error: SHELLCHECK_WARNING (CWE-563): [#def84]
/usr/share/krb5-tests/x86_64/tests/pkinit-certs/make-certs.sh:14:1: warning[SC2034]: TLS_CLIENT_EKU appears unused. Verify use (or export if used externally).
#   12|   PKINIT_CLIENT_EKU=1.3.6.1.5.2.3.4
#   13|   TLS_SERVER_EKU=1.3.6.1.5.5.7.3.1
#   14|-> TLS_CLIENT_EKU=1.3.6.1.5.5.7.3.2
#   15|   EMAIL_PROTECTION_EKU=1.3.6.1.5.5.7.3.4
#   16|   # Add TLS EKUs to these if we're testing with NSS and we still have to

Error: SHELLCHECK_WARNING (CWE-563): [#def85]
/usr/share/krb5-tests/x86_64/tests/pkinit-certs/make-certs.sh:15:1: warning[SC2034]: EMAIL_PROTECTION_EKU appears unused. Verify use (or export if used externally).
#   13|   TLS_SERVER_EKU=1.3.6.1.5.5.7.3.1
#   14|   TLS_CLIENT_EKU=1.3.6.1.5.5.7.3.2
#   15|-> EMAIL_PROTECTION_EKU=1.3.6.1.5.5.7.3.4
#   16|   # Add TLS EKUs to these if we're testing with NSS and we still have to
#   17|   # piggy-back on the TLS trust settings.

Error: SHELLCHECK_WARNING (CWE-563): [#def86]
/usr/share/krb5-tests/x86_64/tests/proxy-certs/make-certs.sh:4:1: warning[SC2034]: NAMETYPE appears unused. Verify use (or export if used externally).
#    2|   
#    3|   PWD=`pwd`
#    4|-> NAMETYPE=1
#    5|   KEYSIZE=2048
#    6|   DAYS=4000

Error: SHELLCHECK_WARNING (CWE-563): [#def87]
/usr/share/krb5-tests/x86_64/tests/proxy-certs/make-certs.sh:7:1: warning[SC2034]: REALM appears unused. Verify use (or export if used externally).
#    5|   KEYSIZE=2048
#    6|   DAYS=4000
#    7|-> REALM=KRBTEST.COM
#    8|   TLS_SERVER_EKU=1.3.6.1.5.5.7.3.1
#    9|   PROXY_EKU_LIST=$TLS_SERVER_EKU

Error: SHELLCHECK_WARNING (CWE-156): [#def88]
/usr/share/krb5-tests/x86_64/tests/proxy-certs/make-certs.sh:119:47: warning[SC2046]: Quote this to prevent word splitting.
#  117|   SUBJECT=proxy openssl x509 -outform der -in proxy-ideal.pem -out bad.der
#  118|   length=`od -Ad bad.der | tail -n 1 | awk '{print $1}'`
#  119|-> dd if=/dev/zero bs=1 of=bad.der count=16 seek=`expr $length - 16`
#  120|   SUBJECT=proxy openssl x509 -inform der -in bad.der -out tmp.pem
#  121|   cat privkey.pem tmp.pem > proxy-badsig.pem

Error: SHELLCHECK_WARNING (CWE-156): [#def89]
/usr/share/krb5-tests/x86_64/util/check-ac-syms:28:57: warning[SC2046]: Quote this to prevent word splitting.
#   26|   
#   27|   if test -s acsyms.extra; then
#   28|->   echo ERROR: Symbol or symbols defined here but not in `basename $3`: `cat acsyms.extra`
#   29|     rm -f acsyms.extra
#   30|     exit 1

Error: SHELLCHECK_WARNING (CWE-156): [#def90]
/usr/share/krb5-tests/x86_64/util/check-ac-syms:28:72: warning[SC2046]: Quote this to prevent word splitting.
#   26|   
#   27|   if test -s acsyms.extra; then
#   28|->   echo ERROR: Symbol or symbols defined here but not in `basename $3`: `cat acsyms.extra`
#   29|     rm -f acsyms.extra
#   30|     exit 1

Error: SHELLCHECK_WARNING (CWE-477): [#def91]
/usr/share/krb5-tests/x86_64/util/et/compile_et.sh:26:15: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
#   24|   
#   25|   # --localedir requires --textdomain.
#   26|-> if [ $# -ne 1 -o \( -n "$LOCALEDIR" -a -z "$TEXTDOMAIN" \) ]; then
#   27|       echo $usage 1>&2 ; exit 1
#   28|   fi

Error: SHELLCHECK_WARNING (CWE-477): [#def92]
/usr/share/krb5-tests/x86_64/util/et/compile_et.sh:26:37: warning[SC2166]: Prefer [ p ] && [ q ] as [ p -a q ] is not well defined.
#   24|   
#   25|   # --localedir requires --textdomain.
#   26|-> if [ $# -ne 1 -o \( -n "$LOCALEDIR" -a -z "$TEXTDOMAIN" \) ]; then
#   27|       echo $usage 1>&2 ; exit 1
#   28|   fi

Error: SHELLCHECK_WARNING (CWE-456): [#def93]
/usr/share/krb5-tests/x86_64/util/et/config_script:17:2: warning[SC2209]: Use var=$(command) to assign output (or quote to assign string).
#   15|   
#   16|   if test "${AWK}x" = "x" ; then
#   17|-> 	AWK=awk
#   18|   fi
#   19|   if test "${SED}x" = "x" ; then

Error: SHELLCHECK_WARNING (CWE-456): [#def94]
/usr/share/krb5-tests/x86_64/util/et/config_script:20:2: warning[SC2209]: Use var=$(command) to assign output (or quote to assign string).
#   18|   fi
#   19|   if test "${SED}x" = "x" ; then
#   20|-> 	SED=sed
#   21|   fi
#   22|   sed -e "s;@DIR@;${DIR};" -e "s;@AWK@;${AWK};" -e "s;@SED@;${SED};" $FILE

Error: SHELLCHECK_WARNING (CWE-563): [#def95]
/usr/share/krb5-tests/x86_64/util/getsyms:9:2: warning[SC2034]: types appears unused. Verify use (or export if used externally).
#    7|   	libs=""
#    8|   	headers=""
#    9|-> 	types=""
#   10|   	funcs=""
#   11|   	AC_MACRODIR=./util/autoconf

Error: SHELLCHECK_WARNING (CWE-477): [#def96]
/usr/share/krb5-tests/x86_64/util/lndir:39:15: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
#   37|   esac
#   38|   
#   39|-> if [ $# -lt 1 -o $# -gt 2 ]
#   40|   then
#   41|   	echo "$USAGE"

Error: SHELLCHECK_WARNING (CWE-252): [#def97]
/usr/share/krb5-tests/x86_64/util/lndir:61:1: warning[SC2164]: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
#   59|   fi
#   60|   
#   61|-> cd $DIRTO
#   62|   
#   63|   if [ ! -d $DIRFROM ]

Error: SHELLCHECK_WARNING (CWE-156): [#def98]
/usr/share/krb5-tests/x86_64/util/lndir:72:6: warning[SC2046]: Quote this to prevent word splitting.
#   70|   pwd=`pwd`
#   71|   
#   72|-> if [ `(cd $DIRFROM; pwd)` = $pwd ]
#   73|   then
#   74|   	echo "$pwd: FROM and TO are identical!"

Error: SHELLCHECK_WARNING (CWE-398): [#def99]
/usr/share/krb5-tests/x86_64/util/lndir:78:13: warning[SC2045]: Iterating over ls output is fragile. Use globs.
#   76|   fi
#   77|   
#   78|-> for file in `ls -a $DIRFROM`
#   79|   do
#   80|   	if [ ! -d $DIRFROM/$file ]

Error: SHELLCHECK_WARNING (CWE-477): [#def100]
/usr/share/krb5-tests/x86_64/util/lndir:84:27: warning[SC2166]: Prefer [ p ] && [ q ] as [ p -a q ] is not well defined.
#   82|   		ln -s $DIRFROM/$file .
#   83|   	else
#   84|-> 	       if [ $file != RCS -a $file != CVS -a $file != . -a $file != .. ]
#   85|   		then
#   86|   			echo $file:

Error: SHELLCHECK_WARNING (CWE-477): [#def101]
/usr/share/krb5-tests/x86_64/util/lndir:84:43: warning[SC2166]: Prefer [ p ] && [ q ] as [ p -a q ] is not well defined.
#   82|   		ln -s $DIRFROM/$file .
#   83|   	else
#   84|-> 	       if [ $file != RCS -a $file != CVS -a $file != . -a $file != .. ]
#   85|   		then
#   86|   			echo $file:

Error: SHELLCHECK_WARNING (CWE-477): [#def102]
/usr/share/krb5-tests/x86_64/util/lndir:84:57: warning[SC2166]: Prefer [ p ] && [ q ] as [ p -a q ] is not well defined.
#   82|   		ln -s $DIRFROM/$file .
#   83|   	else
#   84|-> 	       if [ $file != RCS -a $file != CVS -a $file != . -a $file != .. ]
#   85|   		then
#   86|   			echo $file:

Error: SHELLCHECK_WARNING (CWE-252): [#def103]
/usr/share/krb5-tests/x86_64/util/lndir:88:5: warning[SC2164]: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
#   86|   			echo $file:
#   87|   			mkdir $file
#   88|-> 			(cd $file
#   89|   			 pwd=`pwd`
#   90|   			 case "$DIRFROM" in

Error: SHELLCHECK_WARNING (CWE-156): [#def104]
/usr/share/krb5-tests/x86_64/util/lndir:94:10: warning[SC2046]: Quote this to prevent word splitting.
#   92|   				 *)  DIRFROM=../$DIRFROM ;;
#   93|   			 esac
#   94|-> 			 if [ `(cd $DIRFROM/$file; pwd)` = $pwd ]
#   95|   			 then
#   96|   				echo "$pwd: FROM and TO are identical!"

Error: SHELLCHECK_WARNING (CWE-156): [#def105]
/usr/share/krb5-tests/x86_64/util/mkrel:115:7: warning[SC2046]: Quote this to prevent word splitting.
#  113|   if test $newstyle = t; then
#  114|   	echo "parsing new style patchlevel.h..."
#  115|-> 	eval `sed -n 's/#define \([A-Z0-9_]*\)[ \t]*\(.*\)/\1=\2/p' < $reldir/src/patchlevel.h`
#  116|   	if test "$KRB5_RELTAG" != $reltag && \
#  117|   		test "$KRB5_RELTAG" != `echo $reltag|sed 's%[^/]*/%%'` ; then

Error: SHELLCHECK_WARNING (CWE-156): [#def106]
/usr/share/krb5-tests/x86_64/util/mkrel:117:26: warning[SC2046]: Quote this to prevent word splitting.
#  115|   	eval `sed -n 's/#define \([A-Z0-9_]*\)[ \t]*\(.*\)/\1=\2/p' < $reldir/src/patchlevel.h`
#  116|   	if test "$KRB5_RELTAG" != $reltag && \
#  117|-> 		test "$KRB5_RELTAG" != `echo $reltag|sed 's%[^/]*/%%'` ; then
#  118|   		echo "WARNING: patchlevel.h '$KRB5_RELTAG' != $reltag"
#  119|   	fi

Error: SHELLCHECK_WARNING (CWE-398): [#def107]
/usr/share/krb5-tests/x86_64/util/mkrel:176:1: warning[SC2038]: Use 'find .. -print0 | xargs -0 ..' or 'find .. -exec .. +' to allow non-alphanumeric filenames.
#  174|   
#  175|   echo "Nuking unneeded files..."
#  176|-> find $reldir \( -name TODO -o -name todo -o -name .cvsignore \
#  177|   	-o -name .gitignore -o -name BADSYMS -o -name .Sanitize \
#  178|   	-o -name .rconf \) -print | xargs rm -f || true

Error: SHELLCHECK_WARNING (CWE-252): [#def108]
/usr/share/krb5-tests/x86_64/util/ss/config_script:19:6: warning[SC2164]: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
#   17|   	DIR=.
#   18|   fi
#   19|-> DIR=`cd ${DIR}; pwd`
#   20|   if test "${AWK}x" = "x" ; then
#   21|   	AWK=awk

Error: SHELLCHECK_WARNING (CWE-456): [#def109]
/usr/share/krb5-tests/x86_64/util/ss/config_script:21:2: warning[SC2209]: Use var=$(command) to assign output (or quote to assign string).
#   19|   DIR=`cd ${DIR}; pwd`
#   20|   if test "${AWK}x" = "x" ; then
#   21|-> 	AWK=awk
#   22|   fi
#   23|   if test "${SED}x" = "x" ; then

Error: SHELLCHECK_WARNING (CWE-456): [#def110]
/usr/share/krb5-tests/x86_64/util/ss/config_script:24:2: warning[SC2209]: Use var=$(command) to assign output (or quote to assign string).
#   22|   fi
#   23|   if test "${SED}x" = "x" ; then
#   24|-> 	SED=sed
#   25|   fi
#   26|   

Error: SHELLCHECK_WARNING (CWE-569): [#def111]
/usr/share/krb5-tests/x86_64/util/trim-valgrind-logs:3:7: warning[SC2125]: Brace expansions and globs are literal in assignments. Quote it or use an array.
#    1|   #!/usr/bin/sh
#    2|   
#    3|-> files=vg.*
#    4|   
#    5|   logname() {

Error: SHELLCHECK_WARNING (CWE-569): [#def112]
/usr/share/krb5-tests/x86_64/util/trim-valgrind-logs:15:11: warning[SC2048]: Use "$@" (with quotes) to prevent whitespace problems.
#   13|   		return
#   14|   	fi
#   15|-> 	for f in $* ; do
#   16|   		echo $f : `logname $f`
#   17|   	done

Error: SHELLCHECK_WARNING (CWE-156): [#def113]
/usr/share/krb5-tests/x86_64/util/trim-valgrind-logs:16:13: warning[SC2046]: Quote this to prevent word splitting.
#   14|   	fi
#   15|   	for f in $* ; do
#   16|-> 		echo $f : `logname $f`
#   17|   	done
#   18|   }

Error: SHELLCHECK_WARNING (CWE-569): [#def114]
/usr/share/krb5-tests/x86_64/util/trim-valgrind-logs:31:11: warning[SC2048]: Use "$@" (with quotes) to prevent whitespace problems.
#   29|   		return
#   30|   	fi
#   31|-> 	for f in $* ; do
#   32|   		n=`logname $f`
#   33|   		for d in $discard_list; do

Error: SHELLCHECK_WARNING (CWE-569): [#def115]
/usr/share/krb5-tests/x86_64/util/trim-valgrind-logs:47:36: warning[SC2048]: Use "$@" (with quotes) to prevent whitespace problems.
#   45|   		return
#   46|   	fi
#   47|-> 	grep -l "ERROR SUMMARY: 0 errors" $* | while read name ; do
#   48|   		echo rm $name : no errors in `logname $name`
#   49|   		rm $name

Error: SHELLCHECK_WARNING (CWE-156): [#def116]
/usr/share/krb5-tests/x86_64/util/trim-valgrind-logs:48:32: warning[SC2046]: Quote this to prevent word splitting.
#   46|   	fi
#   47|   	grep -l "ERROR SUMMARY: 0 errors" $* | while read name ; do
#   48|-> 		echo rm $name : no errors in `logname $name`
#   49|   		rm $name
#   50|   	done

Error: SHELLCHECK_WARNING (CWE-569): [#def117]
/usr/share/krb5-tests/x86_64/util/trim-valgrind-logs:57:36: warning[SC2048]: Use "$@" (with quotes) to prevent whitespace problems.
#   55|   	    return
#   56|   	fi
#   57|-> 	grep -l "ERROR SUMMARY: 0 errors" $* | \
#   58|   	    grep -l "definitely lost: 0 bytes" $* | \
#   59|   	    xargs grep -l "possibly lost: 0 bytes" | \

Error: SHELLCHECK_WARNING (CWE-569): [#def118]
/usr/share/krb5-tests/x86_64/util/trim-valgrind-logs:58:41: warning[SC2048]: Use "$@" (with quotes) to prevent whitespace problems.
#   56|   	fi
#   57|   	grep -l "ERROR SUMMARY: 0 errors" $* | \
#   58|-> 	    grep -l "definitely lost: 0 bytes" $* | \
#   59|   	    xargs grep -l "possibly lost: 0 bytes" | \
#   60|   	    xargs grep -l "still reachable: 0 bytes in 0 blocks" | \

Error: SHELLCHECK_WARNING (CWE-156): [#def119]
/usr/share/krb5-tests/x86_64/util/trim-valgrind-logs:62:44: warning[SC2046]: Quote this to prevent word splitting.
#   60|   	    xargs grep -l "still reachable: 0 bytes in 0 blocks" | \
#   61|   	    while read name ; do
#   62|-> 	    echo rm $name : no leaks or errors in `logname $name`
#   63|   	    rm $name
#   64|   	done

Error: GCC_ANALYZER_WARNING (CWE-775): [#def120]
krb5-1.21.3-build/krb5-1.21.3/src/appl/gss-sample/gss-server.c: scope_hint: In function ‘main’
krb5-1.21.3-build/krb5-1.21.3/src/appl/gss-sample/gss-server.c:709:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘logfile’
#  707|                * to /dev/null. */
#  708|               if (!strcmp(*argv, "/dev/null")) {
#  709|->                 logfile = display_file = NULL;
#  710|               } else {
#  711|                   logfile = fopen(*argv, "a");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def121]
krb5-1.21.3-build/krb5-1.21.3/src/appl/gss-sample/gss-server.c:709:25: warning[-Wanalyzer-malloc-leak]: leak of ‘logfile’
#  707|                * to /dev/null. */
#  708|               if (!strcmp(*argv, "/dev/null")) {
#  709|->                 logfile = display_file = NULL;
#  710|               } else {
#  711|                   logfile = fopen(*argv, "a");

Error: GCC_ANALYZER_WARNING (CWE-666): [#def122]
krb5-1.21.3-build/krb5-1.21.3/src/appl/simple/client/sim_client.c: scope_hint: In function ‘main’
krb5-1.21.3-build/krb5-1.21.3/src/appl/simple/client/sim_client.c:215:9: warning[-Wanalyzer-fd-phase-mismatch]: ‘connect’ on file descriptor ‘sock’ in wrong phase
#  213|          properly bound for getsockname() below. */
#  214|   
#  215|->     if (connect(sock, (struct sockaddr *)&s_sock, sizeof(s_sock)) == -1) {
#  216|           com_err(progname, errno, "while connecting to server");
#  217|           exit(1);

Error: COMPILER_WARNING: [#def123]
krb5-1.21.3-build/krb5-1.21.3/src/clients/kinit/kinit.c: scope_hint: In function ‘extended_com_err_fn’
krb5-1.21.3-build/krb5-1.21.3/src/clients/kinit/kinit.c:191:5: warning[-Wsuggest-attribute=format]: function ‘extended_com_err_fn’ might be a candidate for ‘gnu_printf’ format attribute
#  191 |     vfprintf(stderr, fmt, args);
#      |     ^~~~~~~~
#  189|       fprintf(stderr, "%s: %s ", myprog, emsg);
#  190|       krb5_free_error_message(errctx, emsg);
#  191|->     vfprintf(stderr, fmt, args);
#  192|       fprintf(stderr, "\n");
#  193|   }

Error: COMPILER_WARNING: [#def124]
krb5-1.21.3-build/krb5-1.21.3/src/clients/klist/klist.c: scope_hint: In function ‘extended_com_err_fn’
krb5-1.21.3-build/krb5-1.21.3/src/clients/klist/klist.c:119:5: warning[-Wsuggest-attribute=format]: function ‘extended_com_err_fn’ might be a candidate for ‘gnu_printf’ format attribute
#  119 |     vfprintf(stderr, fmt, args);
#      |     ^~~~~~~~
#  117|       fprintf(stderr, "%s: %s%s", prog, msg, (*fmt == '\0') ? "" : " ");
#  118|       krb5_free_error_message(context, msg);
#  119|->     vfprintf(stderr, fmt, args);
#  120|       fprintf(stderr, "\n");
#  121|   }

Error: COMPILER_WARNING (CWE-252): [#def125]
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/authorization.c: scope_hint: In function ‘fcmd_resolve’
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/authorization.c:348:13: warning[-Wunused-result]: ignoring return value of ‘asprintf’ declared with attribute ‘warn_unused_result’
#  348 |             asprintf(&err, _("Error: bad entry - %s in %s file, must be "
#      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  349 |                              "either full path or just the cmd name\n"),
#      |                              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  350 |                      fcmd, KRB5_USERS_NAME);
#      |                      ~~~~~~~~~~~~~~~~~~~~~~
#  346|           /* must be either full path or just the cmd name */
#  347|           if (strchr(fcmd, '/')){
#  348|->             asprintf(&err, _("Error: bad entry - %s in %s file, must be "
#  349|                                "either full path or just the cmd name\n"),
#  350|                        fcmd, KRB5_USERS_NAME);

Error: COMPILER_WARNING (CWE-252): [#def126]
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/authorization.c:371:13: warning[-Wunused-result]: ignoring return value of ‘asprintf’ declared with attribute ‘warn_unused_result’
#  371 |             asprintf(&err, _("Error: bad entry - %s in %s file, CMD_PATH "
#      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  372 |                              "contains no paths \n"), fcmd, KRB5_USERS_NAME);
#      |                              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  369|   
#  370|           if (! tc){
#  371|->             asprintf(&err, _("Error: bad entry - %s in %s file, CMD_PATH "
#  372|                                "contains no paths \n"), fcmd, KRB5_USERS_NAME);
#  373|               *out_err = err;

Error: COMPILER_WARNING (CWE-252): [#def127]
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/authorization.c:380:17: warning[-Wunused-result]: ignoring return value of ‘asprintf’ declared with attribute ‘warn_unused_result’
#  380 |                 asprintf(&err, _("Error: bad path %s in CMD_PATH for %s must "
#      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  381 |                                  "start with '/' \n"), tc, KRB5_USERS_NAME );
#      |                                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  378|           do{
#  379|               if (*tc != '/'){  /* must be full path */
#  380|->                 asprintf(&err, _("Error: bad path %s in CMD_PATH for %s must "
#  381|                                    "start with '/' \n"), tc, KRB5_USERS_NAME );
#  382|                   *out_err = err;

Error: CPPCHECK_WARNING (CWE-401): [#def128]
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/heuristic.c:57: error[memleak]: Memory leak: temp_list
#   55|       retval = get_line(fp, &line);
#   56|       if (retval)
#   57|->         return retval;
#   58|   
#   59|       while (line){

Error: CPPCHECK_WARNING (CWE-401): [#def129]
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/heuristic.c:69: error[memleakOnRealloc]: Common realloc mistake: 'temp_list' nulled but not freed upon failure
#   67|           if(count == (chunk_count * CHUNK -1)){
#   68|               chunk_count ++;
#   69|->             if (!(temp_list = (char **) realloc(temp_list,
#   70|                                                   chunk_count * CHUNK * sizeof(char *)))){
#   71|                   return ENOMEM;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def130]
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/main.c: scope_hint: In function ‘resolve_target_cache’
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/main.c:992:10: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘sep’
#  990|       /* Check if the configured default name uses a switchable type. */
#  991|       sep = strchr(target, ':');
#  992|->     *sep = '\0';
#  993|       switchable = krb5_cc_support_switch(context, target);
#  994|       *sep = ':';

Error: COMPILER_WARNING (CWE-252): [#def131]
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/main.c: scope_hint: In function ‘set_env_var’
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/main.c:1088:5: warning[-Wunused-result]: ignoring return value of ‘asprintf’ declared with attribute ‘warn_unused_result’
# 1088 |     asprintf(&env_var_buf,"%s=%s",name, value);
#      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 1086|       char * env_var_buf;
# 1087|   
# 1088|->     asprintf(&env_var_buf,"%s=%s",name, value);
# 1089|       return putenv(env_var_buf);
# 1090|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def132]
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/xmalloc.c: scope_hint: In function ‘xstrdup’
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/xmalloc.c:64:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xmalloc(len)’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#   62|       size_t len = strlen (src) + 1;
#   63|       char *dst = xmalloc (len);
#   64|->     memcpy (dst, src, len);
#   65|       return dst;
#   66|   }

Error: COMPILER_WARNING: [#def133]
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/xmalloc.c: scope_hint: In function ‘xasprintf’
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/xmalloc.c:74:5: warning[-Wsuggest-attribute=format]: function ‘xasprintf’ might be a candidate for ‘gnu_printf’ format attribute
#   74 |     if (vasprintf(&out, format, args) < 0) {
#      |     ^~
#   72|   
#   73|       va_start (args, format);
#   74|->     if (vasprintf(&out, format, args) < 0) {
#   75|           perror (prog_name);
#   76|           exit (1);

Error: COMPILER_WARNING: [#def134]
krb5-1.21.3-build/krb5-1.21.3/src/clients/kvno/kvno.c: scope_hint: In function ‘extended_com_err_fn’
krb5-1.21.3-build/krb5-1.21.3/src/clients/kvno/kvno.c:191:5: warning[-Wsuggest-attribute=format]: function ‘extended_com_err_fn’ might be a candidate for ‘gnu_printf’ format attribute
#  191 |     vfprintf(stderr, fmt, args);
#      |     ^~~~~~~~
#  189|       fprintf(stderr, "%s: %s ", myprog, emsg);
#  190|       krb5_free_error_message(context, emsg);
#  191|->     vfprintf(stderr, fmt, args);
#  192|       fprintf(stderr, "\n");
#  193|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def135]
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/generic/gssapi_generic.h:31: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/generic/gssapiP_generic.h:42: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/gssapiP_krb5.h:65: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/k5unseal.c:51: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/k5unseal.c: scope_hint: In function ‘kg_unseal_v1’
krb5-1.21.3-build/krb5-1.21.3/src/include/gssapi/gssapi.h:283:31: warning[-Wanalyzer-malloc-leak]: leak of ‘token.value’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/k5unseal.c:96:16: note: in expansion of macro ‘GSS_S_DEFECTIVE_TOKEN’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/k5unseal.c: scope_hint: In function ‘kg_unseal_v1’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/k5unseal.c:96:16: note: in expansion of macro ‘GSS_S_DEFECTIVE_TOKEN’
#  281|   #define GSS_S_NO_CRED (((OM_uint32) 7ul) << GSS_C_ROUTINE_ERROR_OFFSET)
#  282|   #define GSS_S_NO_CONTEXT (((OM_uint32) 8ul) << GSS_C_ROUTINE_ERROR_OFFSET)
#  283|-> #define GSS_S_DEFECTIVE_TOKEN (((OM_uint32) 9ul) << GSS_C_ROUTINE_ERROR_OFFSET)
#  284|   #define GSS_S_DEFECTIVE_CREDENTIAL \
#  285|        (((OM_uint32) 10ul) << GSS_C_ROUTINE_ERROR_OFFSET)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def136]
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:2280:11: warning[-Wanalyzer-malloc-leak]: leak of ‘k5alloc((long unsigned int)(length + 1), &code)’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c: scope_hint: In function ‘krb5_gss_import_name’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/gssapiP_krb5.h:65: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:212:13: note: in expansion of macro ‘g_OID_equal’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:237:13: note: in expansion of macro ‘BOUNDS_CHECK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:250:13: note: in expansion of macro ‘BOUNDS_CHECK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:257:13: note: in expansion of macro ‘BOUNDS_CHECK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:257:13: note: in expansion of macro ‘BOUNDS_CHECK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:264:13: note: in expansion of macro ‘BOUNDS_CHECK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:264:13: note: in expansion of macro ‘BOUNDS_CHECK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:269:13: note: in expansion of macro ‘BOUNDS_CHECK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:275:13: note: in expansion of macro ‘BOUNDS_CHECK’
# 2278|   
# 2279|       /* Allocate at least one byte since zero-byte allocs may return NULL. */
# 2280|->     ptr = calloc(nmemb ? nmemb : 1, size ? size : 1);
# 2281|       *code = (ptr == NULL) ? ENOMEM : 0;
# 2282|       return ptr;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def137]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c:85: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h: scope_hint: In function ‘lookup_princ_by_cert’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:2307:17: warning[-Wanalyzer-malloc-leak]: leak of ‘k5memdup0(*client_cert.data, (long unsigned int)*client_cert.length, & ret)’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘lookup_princ_by_cert’
# 2305|   k5memdup0(const void *in, size_t len, krb5_error_code *code)
# 2306|   {
# 2307|->     void *ptr = k5alloc(len + 1, code);
# 2308|   
# 2309|       if (ptr != NULL && len > 0)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def138]
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h: scope_hint: In function ‘krb5_gss_import_name’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:2307:17: warning[-Wanalyzer-malloc-leak]: leak of ‘k5memdup0(*input_name_buffer.value, *input_name_buffer.length, & code)’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:212:13: note: in expansion of macro ‘g_OID_equal’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:237:13: note: in expansion of macro ‘BOUNDS_CHECK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:250:13: note: in expansion of macro ‘BOUNDS_CHECK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:257:13: note: in expansion of macro ‘BOUNDS_CHECK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:257:13: note: in expansion of macro ‘BOUNDS_CHECK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:264:13: note: in expansion of macro ‘BOUNDS_CHECK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:264:13: note: in expansion of macro ‘BOUNDS_CHECK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:269:13: note: in expansion of macro ‘BOUNDS_CHECK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_name.c:275:13: note: in expansion of macro ‘BOUNDS_CHECK’
# 2305|   k5memdup0(const void *in, size_t len, krb5_error_code *code)
# 2306|   {
# 2307|->     void *ptr = k5alloc(len + 1, code);
# 2308|   
# 2309|       if (ptr != NULL && len > 0)

Error: GCC_ANALYZER_WARNING (CWE-688): [#def139]
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:130: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/kdb5_mkey.c:7: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/kdb5_mkey.c: scope_hint: In function ‘kdb5_add_mkey’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:1028:24: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/kdb5_mkey.c:341:5: note: in expansion of macro ‘zap’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:1028:39: note: in definition of macro ‘zap’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/kdb5_mkey.c:341:5: note: in expansion of macro ‘zap’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:57: included_from: Included from here.
/usr/include/string.h:466:13: note: argument 1 of ‘explicit_bzero’ must be non-null
# 1026|   }
# 1027|   #elif defined(HAVE_EXPLICIT_BZERO)
# 1028|-> # define zap(ptr, len) explicit_bzero(ptr, len)
# 1029|   #elif defined(HAVE_EXPLICIT_MEMSET)
# 1030|   # define zap(ptr, len) explicit_memset(ptr, 0, len)

Error: COMPILER_WARNING (CWE-252): [#def140]
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/ksu.h:30: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/main.c:30: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/main.c: scope_hint: In function ‘main’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-util.h:67:34: warning[-Wunused-result]: ignoring return value of ‘seteuid’ declared with attribute ‘warn_unused_result’
#   67 | #  define krb5_seteuid(EUID)    (seteuid((uid_t)(EUID)))
#      |                                 ~^~~~~~~~~~~~~~~~~~~~~~~
krb5-1.21.3-build/krb5-1.21.3/src/clients/ksu/main.c:571:13: note: in expansion of macro ‘krb5_seteuid’
#  571 |             krb5_seteuid(0); /*So we have some chance of sweeping up*/
#      |             ^~~~~~~~~~~~
#   65|   
#   66|   #if defined(HAVE_SETEUID)
#   67|-> #  define krb5_seteuid(EUID)    (seteuid((uid_t)(EUID)))
#   68|   #elif defined(HAVE_SETRESUID)
#   69|   #  define krb5_seteuid(EUID)    setresuid(getuid(), (uid_t)(EUID), geteuid())

Error: GCC_ANALYZER_WARNING (CWE-401): [#def141]
krb5-1.21.3-build/krb5-1.21.3/src/include/kadm5/admin.h:49: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/clnt/client_init.c:41: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/clnt/client_init.c: scope_hint: In function ‘setup_gss’
krb5-1.21.3-build/krb5-1.21.3/src/include/kadm5/kadm_err.h:54:50: warning[-Wanalyzer-malloc-leak]: leak of ‘ccname_orig’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/clnt/client_init.c:627:20: note: in expansion of macro ‘KADM5_GSS_ERROR’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/clnt/client_init.c:627:20: note: in expansion of macro ‘KADM5_GSS_ERROR’
#   52|   #define KADM5_AUTH_LIST                          (43787564L)
#   53|   #define KADM5_AUTH_CHANGEPW                      (43787565L)
#   54|-> #define KADM5_GSS_ERROR                          (43787566L)
#   55|   #define KADM5_BAD_TL_TYPE                        (43787567L)
#   56|   #define KADM5_MISSING_CONF_PARAMS                (43787568L)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def142]
krb5-1.21.3-build/krb5-1.21.3/src/include/krb5.h:8: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:161: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/hostrealm/test/main.c:46: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/hostrealm/test/main.c: scope_hint: In function ‘split_comps.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/include/krb5/krb5.h:8896:50: warning[-Wanalyzer-malloc-leak]: leak of ‘list’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/hostrealm/test/main.c:64:16: note: in expansion of macro ‘KRB5_PLUGIN_NO_HANDLE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/hostrealm/test/main.c:64:16: note: in expansion of macro ‘KRB5_PLUGIN_NO_HANDLE’
# 8894|   #define KRB5_CC_NOSUPP                           (-1765328137L)
# 8895|   #define KRB5_DELTAT_BADFORMAT                    (-1765328136L)
# 8896|-> #define KRB5_PLUGIN_NO_HANDLE                    (-1765328135L)
# 8897|   #define KRB5_PLUGIN_OP_NOTSUPP                   (-1765328134L)
# 8898|   #define KRB5_ERR_INVALID_UTF8                    (-1765328133L)

Error: GCC_ANALYZER_WARNING (CWE-457): [#def143]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:218:32: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  216|   
#  217|   time	: tUNUMBER tMERIDIAN {
#  218|-> 	    yyHour = $1;
#  219|   	    yyMinutes = 0;
#  220|   	    yySeconds = 0;

Error: GCC_ANALYZER_WARNING (CWE-127): [#def144]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:224:32: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:224:32: note: valid subscripts for ‘yyvsa’ are ‘[0]’ to ‘[199]’
#  222|   	}
#  223|   	| tUNUMBER ':' tUNUMBER o_merid {
#  224|-> 	    yyHour = $1;
#  225|   	    yyMinutes = $3;
#  226|   	    yySeconds = 0;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def145]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:225:35: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  223|   	| tUNUMBER ':' tUNUMBER o_merid {
#  224|   	    yyHour = $1;
#  225|-> 	    yyMinutes = $3;
#  226|   	    yySeconds = 0;
#  227|   	    yyMeridian = $4;

Error: GCC_ANALYZER_WARNING (CWE-127): [#def146]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:230:32: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:230:32: note: valid subscripts for ‘yyvsa’ are ‘[0]’ to ‘[199]’
#  228|   	}
#  229|   	| tUNUMBER ':' tUNUMBER tSNUMBER {
#  230|-> 	    yyHour = $1;
#  231|   	    yyMinutes = $3;
#  232|   	    yyMeridian = MER24;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def147]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:231:35: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  229|   	| tUNUMBER ':' tUNUMBER tSNUMBER {
#  230|   	    yyHour = $1;
#  231|-> 	    yyMinutes = $3;
#  232|   	    yyMeridian = MER24;
#  233|   	    yyDSTmode = DSToff;

Error: GCC_ANALYZER_WARNING (CWE-127): [#def148]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:237:32: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:237:32: note: valid subscripts for ‘yyvsa’ are ‘[0]’ to ‘[199]’
#  235|   	}
#  236|   	| tUNUMBER ':' tUNUMBER ':' tUNUMBER o_merid {
#  237|-> 	    yyHour = $1;
#  238|   	    yyMinutes = $3;
#  239|   	    yySeconds = $5;

Error: GCC_ANALYZER_WARNING (CWE-127): [#def149]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:238:35: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:238:35: note: valid subscripts for ‘yyvsa’ are ‘[0]’ to ‘[199]’
#  236|   	| tUNUMBER ':' tUNUMBER ':' tUNUMBER o_merid {
#  237|   	    yyHour = $1;
#  238|-> 	    yyMinutes = $3;
#  239|   	    yySeconds = $5;
#  240|   	    yyMeridian = $6;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def150]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:239:35: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  237|   	    yyHour = $1;
#  238|   	    yyMinutes = $3;
#  239|-> 	    yySeconds = $5;
#  240|   	    yyMeridian = $6;
#  241|   	}

Error: GCC_ANALYZER_WARNING (CWE-127): [#def151]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:243:32: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:243:32: note: valid subscripts for ‘yyvsa’ are ‘[0]’ to ‘[199]’
#  241|   	}
#  242|   	| tUNUMBER ':' tUNUMBER ':' tUNUMBER tSNUMBER {
#  243|-> 	    yyHour = $1;
#  244|   	    yyMinutes = $3;
#  245|   	    yySeconds = $5;

Error: GCC_ANALYZER_WARNING (CWE-127): [#def152]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:244:35: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:244:35: note: valid subscripts for ‘yyvsa’ are ‘[0]’ to ‘[199]’
#  242|   	| tUNUMBER ':' tUNUMBER ':' tUNUMBER tSNUMBER {
#  243|   	    yyHour = $1;
#  244|-> 	    yyMinutes = $3;
#  245|   	    yySeconds = $5;
#  246|   	    yyMeridian = MER24;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def153]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:245:35: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  243|   	    yyHour = $1;
#  244|   	    yyMinutes = $3;
#  245|-> 	    yySeconds = $5;
#  246|   	    yyMeridian = MER24;
#  247|   	    yyDSTmode = DSToff;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def154]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:262:36: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  260|   	|
#  261|   	  tZONE tDST {
#  262|-> 	    yyTimezone = $1;
#  263|   	    yyDSTmode = DSTon;
#  264|   	}

Error: GCC_ANALYZER_WARNING (CWE-457): [#def155]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:273:37: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  271|   	| tDAY ',' {
#  272|   	    yyDayOrdinal = 1;
#  273|-> 	    yyDayNumber = $1;
#  274|   	}
#  275|   	| tUNUMBER tDAY {

Error: GCC_ANALYZER_WARNING (CWE-457): [#def156]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:276:38: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  274|   	}
#  275|   	| tUNUMBER tDAY {
#  276|-> 	    yyDayOrdinal = $1;
#  277|   	    yyDayNumber = $2;
#  278|   	}

Error: GCC_ANALYZER_WARNING (CWE-127): [#def157]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:282:33: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:282:33: note: valid subscripts for ‘yyvsa’ are ‘[0]’ to ‘[199]’
#  280|   
#  281|   date	: tUNUMBER '/' tUNUMBER {
#  282|-> 	    yyMonth = $1;
#  283|   	    yyDay = $3;
#  284|   	}

Error: GCC_ANALYZER_WARNING (CWE-457): [#def158]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:282:33: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693950].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:778:1: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
#  280|   
#  281|   date	: tUNUMBER '/' tUNUMBER {
#  282|-> 	    yyMonth = $1;
#  283|   	    yyDay = $3;
#  284|   	}

Error: GCC_ANALYZER_WARNING (CWE-127): [#def159]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:286:33: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:286:33: note: valid subscripts for ‘yyvsa’ are ‘[0]’ to ‘[199]’
#  284|   	}
#  285|   	| tUNUMBER '/' tUNUMBER '/' tUNUMBER {
#  286|-> 	    yyMonth = $1;
#  287|   	    yyDay = $3;
#  288|   	    yyYear = $5;

Error: GCC_ANALYZER_WARNING (CWE-127): [#def160]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:287:31: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:287:31: note: valid subscripts for ‘yyvsa’ are ‘[0]’ to ‘[199]’
#  285|   	| tUNUMBER '/' tUNUMBER '/' tUNUMBER {
#  286|   	    yyMonth = $1;
#  287|-> 	    yyDay = $3;
#  288|   	    yyYear = $5;
#  289|   	}

Error: GCC_ANALYZER_WARNING (CWE-457): [#def161]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:287:31: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693950].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:778:1: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
#  285|   	| tUNUMBER '/' tUNUMBER '/' tUNUMBER {
#  286|   	    yyMonth = $1;
#  287|-> 	    yyDay = $3;
#  288|   	    yyYear = $5;
#  289|   	}

Error: GCC_ANALYZER_WARNING (CWE-127): [#def162]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:292:32: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:292:32: note: valid subscripts for ‘yyvsa’ are ‘[0]’ to ‘[199]’
#  290|   	| tUNUMBER tSNUMBER tSNUMBER {
#  291|   	    /* ISO 8601 format.  yyyy-mm-dd.  */
#  292|-> 	    yyYear = $1;
#  293|   	    yyMonth = -$2;
#  294|   	    yyDay = -$3;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def163]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:292:32: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693950].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:778:1: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
#  290|   	| tUNUMBER tSNUMBER tSNUMBER {
#  291|   	    /* ISO 8601 format.  yyyy-mm-dd.  */
#  292|-> 	    yyYear = $1;
#  293|   	    yyMonth = -$2;
#  294|   	    yyDay = -$3;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def164]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:293:34: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  291|   	    /* ISO 8601 format.  yyyy-mm-dd.  */
#  292|   	    yyYear = $1;
#  293|-> 	    yyMonth = -$2;
#  294|   	    yyDay = -$3;
#  295|   	}

Error: GCC_ANALYZER_WARNING (CWE-127): [#def165]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:298:31: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:298:31: note: valid subscripts for ‘yyvsa’ are ‘[0]’ to ‘[199]’
#  296|   	| tUNUMBER tMONTH tSNUMBER {
#  297|   	    /* e.g. 17-JUN-1992.  */
#  298|-> 	    yyDay = $1;
#  299|   	    yyMonth = $2;
#  300|   	    yyYear = -$3;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def166]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:298:31: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693950].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:778:1: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
#  296|   	| tUNUMBER tMONTH tSNUMBER {
#  297|   	    /* e.g. 17-JUN-1992.  */
#  298|-> 	    yyDay = $1;
#  299|   	    yyMonth = $2;
#  300|   	    yyYear = -$3;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def167]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:299:33: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  297|   	    /* e.g. 17-JUN-1992.  */
#  298|   	    yyDay = $1;
#  299|-> 	    yyMonth = $2;
#  300|   	    yyYear = -$3;
#  301|   	}

Error: GCC_ANALYZER_WARNING (CWE-457): [#def168]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:303:33: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  301|   	}
#  302|   	| tMONTH tUNUMBER {
#  303|-> 	    yyMonth = $1;
#  304|   	    yyDay = $2;
#  305|   	}

Error: GCC_ANALYZER_WARNING (CWE-127): [#def169]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:307:33: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:307:33: note: valid subscripts for ‘yyvsa’ are ‘[0]’ to ‘[199]’
#  305|   	}
#  306|   	| tMONTH tUNUMBER ',' tUNUMBER {
#  307|-> 	    yyMonth = $1;
#  308|   	    yyDay = $2;
#  309|   	    yyYear = $4;

Error: GCC_ANALYZER_WARNING (CWE-127): [#def170]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:308:31: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:308:31: note: valid subscripts for ‘yyvsa’ are ‘[0]’ to ‘[199]’
#  306|   	| tMONTH tUNUMBER ',' tUNUMBER {
#  307|   	    yyMonth = $1;
#  308|-> 	    yyDay = $2;
#  309|   	    yyYear = $4;
#  310|   	}

Error: GCC_ANALYZER_WARNING (CWE-457): [#def171]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:308:31: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693950].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:778:1: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
#  306|   	| tMONTH tUNUMBER ',' tUNUMBER {
#  307|   	    yyMonth = $1;
#  308|-> 	    yyDay = $2;
#  309|   	    yyYear = $4;
#  310|   	}

Error: GCC_ANALYZER_WARNING (CWE-457): [#def172]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:313:31: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  311|   	| tUNUMBER tMONTH {
#  312|   	    yyMonth = $2;
#  313|-> 	    yyDay = $1;
#  314|   	}
#  315|   	| tUNUMBER tMONTH tUNUMBER {

Error: GCC_ANALYZER_WARNING (CWE-457): [#def173]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:316:33: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  314|   	}
#  315|   	| tUNUMBER tMONTH tUNUMBER {
#  316|-> 	    yyMonth = $2;
#  317|   	    yyDay = $1;
#  318|   	    yyYear = $3;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def174]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:317:31: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693950].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:778:1: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
#  315|   	| tUNUMBER tMONTH tUNUMBER {
#  316|   	    yyMonth = $2;
#  317|-> 	    yyDay = $1;
#  318|   	    yyYear = $3;
#  319|   	}

Error: GCC_ANALYZER_WARNING (CWE-457): [#def175]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:330:39: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  328|   
#  329|   relunit	: tUNUMBER tMINUTE_UNIT {
#  330|-> 	    yyRelSeconds += $1 * $2 * 60L;
#  331|   	}
#  332|   	| tSNUMBER tMINUTE_UNIT {

Error: GCC_ANALYZER_WARNING (CWE-457): [#def176]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:333:39: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  331|   	}
#  332|   	| tSNUMBER tMINUTE_UNIT {
#  333|-> 	    yyRelSeconds += $1 * $2 * 60L;
#  334|   	}
#  335|   	| tMINUTE_UNIT {

Error: GCC_ANALYZER_WARNING (CWE-457): [#def177]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:339:39: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  337|   	}
#  338|   	| tSNUMBER tSEC_UNIT {
#  339|-> 	    yyRelSeconds += $1;
#  340|   	}
#  341|   	| tUNUMBER tSEC_UNIT {

Error: GCC_ANALYZER_WARNING (CWE-457): [#def178]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:342:39: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  340|   	}
#  341|   	| tUNUMBER tSEC_UNIT {
#  342|-> 	    yyRelSeconds += $1;
#  343|   	}
#  344|   	| tSEC_UNIT {

Error: GCC_ANALYZER_WARNING (CWE-457): [#def179]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:348:37: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  346|   	}
#  347|   	| tSNUMBER tMONTH_UNIT {
#  348|-> 	    yyRelMonth += $1 * $2;
#  349|   	}
#  350|   	| tUNUMBER tMONTH_UNIT {

Error: GCC_ANALYZER_WARNING (CWE-457): [#def180]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:351:37: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyvsp[2305843009213693951].Number’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1291:17: note: in expansion of macro ‘YYTRANSLATE’
#  349|   	}
#  350|   	| tUNUMBER tMONTH_UNIT {
#  351|-> 	    yyRelMonth += $1 * $2;
#  352|   	}
#  353|   	| tMONTH_UNIT {

Error: COMPILER_WARNING: [#def181]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c: scope_hint: In function ‘extended_com_err_fn’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:240:5: warning[-Wsuggest-attribute=format]: function ‘extended_com_err_fn’ might be a candidate for ‘gnu_printf’ format attribute
#  240 |     vfprintf(stderr, fmt, args);
#      |     ^~~~~~~~
#  238|           error("%s: ", myprog);
#  239|       }
#  240|->     vfprintf(stderr, fmt, args);
#  241|       error("\n");
#  242|   }

Error: COMPILER_WARNING (CWE-252): [#def182]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c: scope_hint: In function ‘kadmin_startup’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:356:13: warning[-Wunused-result]: ignoring return value of ‘asprintf’ declared with attribute ‘warn_unused_result’
#  356 |             asprintf(&db_name, "dbname=%s", optarg);
#      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  354|               /* db_name has to be passed as part of the db_args. */
#  355|               free(db_name);
#  356|->             asprintf(&db_name, "dbname=%s", optarg);
#  357|   
#  358|               db_args_size++;

Error: COMPILER_WARNING (CWE-252): [#def183]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c: scope_hint: In function ‘kadmin_delprinc’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:692:9: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’
#  692 |         fgets(reply, sizeof (reply), stdin);
#      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  690|           printf(_("Are you sure you want to delete the principal \"%s\"? "
#  691|                    "(yes/no): "), canon);
#  692|->         fgets(reply, sizeof (reply), stdin);
#  693|           if (strcmp("yes\n", reply)) {
#  694|               fprintf(stderr, _("Principal \"%s\" not deleted\n"), canon);

Error: COMPILER_WARNING (CWE-252): [#def184]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c: scope_hint: In function ‘kadmin_renameprinc’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:753:9: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’
#  753 |         fgets(reply, sizeof(reply), stdin);
#      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  751|           printf(_("Are you sure you want to rename the principal \"%s\" "
#  752|                    "to \"%s\"? (yes/no): "), ocanon, ncanon);
#  753|->         fgets(reply, sizeof(reply), stdin);
#  754|           if (strcmp("yes\n", reply)) {
#  755|               fprintf(stderr, _("Principal \"%s\" not renamed\n"), ocanon);

Error: COMPILER_WARNING (CWE-252): [#def185]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c: scope_hint: In function ‘kadmin_delpol’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1716:9: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’
# 1716 |         fgets(reply, sizeof(reply), stdin);
#      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 1714|           printf(_("Are you sure you want to delete the policy \"%s\"? "
# 1715|                    "(yes/no): "), argv[1]);
# 1716|->         fgets(reply, sizeof(reply), stdin);
# 1717|           if (strcmp("yes\n", reply)) {
# 1718|               fprintf(stderr, _("Policy \"%s\" not deleted.\n"), argv[1]);

Error: COMPILER_WARNING (CWE-704): [#def186]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:10:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_addprinc’ does not match original declaration
#   10 | extern void kadmin_addprinc __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1193:1: note: type mismatch in parameter 3
# 1193 | kadmin_addprinc(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1193:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1193:1: note: ‘kadmin_addprinc’ was previously declared here
#    8|       (char const *)0
#    9|   };
#   10|-> extern void kadmin_addprinc __SS_PROTO;
#   11|   static char const * const ssu00002[] = {
#   12|   "delete_principal",

Error: COMPILER_WARNING (CWE-704): [#def187]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:16:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_delprinc’ does not match original declaration
#   16 | extern void kadmin_delprinc __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:666:1: note: type mismatch in parameter 3
#  666 | kadmin_delprinc(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:666:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:666:1: note: ‘kadmin_delprinc’ was previously declared here
#   14|       (char const *)0
#   15|   };
#   16|-> extern void kadmin_delprinc __SS_PROTO;
#   17|   static char const * const ssu00003[] = {
#   18|   "modify_principal",

Error: COMPILER_WARNING (CWE-704): [#def188]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:22:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_modprinc’ does not match original declaration
#   22 | extern void kadmin_modprinc __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1316:1: note: type mismatch in parameter 3
# 1316 | kadmin_modprinc(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1316:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1316:1: note: ‘kadmin_modprinc’ was previously declared here
#   20|       (char const *)0
#   21|   };
#   22|-> extern void kadmin_modprinc __SS_PROTO;
#   23|   static char const * const ssu00004[] = {
#   24|   "rename_principal",

Error: COMPILER_WARNING (CWE-704): [#def189]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:28:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_renameprinc’ does not match original declaration
#   28 | extern void kadmin_renameprinc __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:714:1: note: type mismatch in parameter 3
#  714 | kadmin_renameprinc(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:714:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:714:1: note: ‘kadmin_renameprinc’ was previously declared here
#   26|       (char const *)0
#   27|   };
#   28|-> extern void kadmin_renameprinc __SS_PROTO;
#   29|   static char const * const ssu00005[] = {
#   30|   "change_password",

Error: COMPILER_WARNING (CWE-704): [#def190]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:34:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_cpw’ does not match original declaration
#   34 | extern void kadmin_cpw __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:787:1: note: type mismatch in parameter 3
#  787 | kadmin_cpw(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:787:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:787:1: note: ‘kadmin_cpw’ was previously declared here
#   32|       (char const *)0
#   33|   };
#   34|-> extern void kadmin_cpw __SS_PROTO;
#   35|   static char const * const ssu00006[] = {
#   36|   "get_principal",

Error: COMPILER_WARNING (CWE-704): [#def191]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:40:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_getprinc’ does not match original declaration
#   40 | extern void kadmin_getprinc __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1389:1: note: type mismatch in parameter 3
# 1389 | kadmin_getprinc(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1389:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1389:1: note: ‘kadmin_getprinc’ was previously declared here
#   38|       (char const *)0
#   39|   };
#   40|-> extern void kadmin_getprinc __SS_PROTO;
#   41|   static char const * const ssu00007[] = {
#   42|   "list_principals",

Error: COMPILER_WARNING (CWE-704): [#def192]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:48:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_getprincs’ does not match original declaration
#   48 | extern void kadmin_getprincs __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1525:1: note: type mismatch in parameter 3
# 1525 | kadmin_getprincs(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1525:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1525:1: note: ‘kadmin_getprincs’ was previously declared here
#   46|       (char const *)0
#   47|   };
#   48|-> extern void kadmin_getprincs __SS_PROTO;
#   49|   static char const * const ssu00008[] = {
#   50|   "add_policy",

Error: COMPILER_WARNING (CWE-704): [#def193]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:54:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_addpol’ does not match original declaration
#   54 | extern void kadmin_addpol __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1662:1: note: type mismatch in parameter 3
# 1662 | kadmin_addpol(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1662:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1662:1: note: ‘kadmin_addpol’ was previously declared here
#   52|       (char const *)0
#   53|   };
#   54|-> extern void kadmin_addpol __SS_PROTO;
#   55|   static char const * const ssu00009[] = {
#   56|   "modify_policy",

Error: COMPILER_WARNING (CWE-704): [#def194]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:60:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_modpol’ does not match original declaration
#   60 | extern void kadmin_modpol __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1683:1: note: type mismatch in parameter 3
# 1683 | kadmin_modpol(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1683:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1683:1: note: ‘kadmin_modpol’ was previously declared here
#   58|       (char const *)0
#   59|   };
#   60|-> extern void kadmin_modpol __SS_PROTO;
#   61|   static char const * const ssu00010[] = {
#   62|   "delete_policy",

Error: COMPILER_WARNING (CWE-704): [#def195]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:66:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_delpol’ does not match original declaration
#   66 | extern void kadmin_delpol __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1704:1: note: type mismatch in parameter 3
# 1704 | kadmin_delpol(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1704:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1704:1: note: ‘kadmin_delpol’ was previously declared here
#   64|       (char const *)0
#   65|   };
#   66|-> extern void kadmin_delpol __SS_PROTO;
#   67|   static char const * const ssu00011[] = {
#   68|   "get_policy",

Error: COMPILER_WARNING (CWE-704): [#def196]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:72:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_getpol’ does not match original declaration
#   72 | extern void kadmin_getpol __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1730:1: note: type mismatch in parameter 3
# 1730 | kadmin_getpol(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1730:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1730:1: note: ‘kadmin_getpol’ was previously declared here
#   70|       (char const *)0
#   71|   };
#   72|-> extern void kadmin_getpol __SS_PROTO;
#   73|   static char const * const ssu00012[] = {
#   74|   "list_policies",

Error: COMPILER_WARNING (CWE-704): [#def197]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:80:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_getpols’ does not match original declaration
#   80 | extern void kadmin_getpols __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1776:1: note: type mismatch in parameter 3
# 1776 | kadmin_getpols(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1776:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1776:1: note: ‘kadmin_getpols’ was previously declared here
#   78|       (char const *)0
#   79|   };
#   80|-> extern void kadmin_getpols __SS_PROTO;
#   81|   static char const * const ssu00013[] = {
#   82|   "get_privs",

Error: COMPILER_WARNING (CWE-704): [#def198]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:86:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_getprivs’ does not match original declaration
#   86 | extern void kadmin_getprivs __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1798:1: note: type mismatch in parameter 3
# 1798 | kadmin_getprivs(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1798:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1798:1: note: ‘kadmin_getprivs’ was previously declared here
#   84|       (char const *)0
#   85|   };
#   86|-> extern void kadmin_getprivs __SS_PROTO;
#   87|   static char const * const ssu00014[] = {
#   88|   "ktadd",

Error: COMPILER_WARNING (CWE-704): [#def199]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:92:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_keytab_add’ does not match original declaration
#   92 | extern void kadmin_keytab_add __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/keytab.c:114:1: note: type mismatch in parameter 3
#  114 | kadmin_keytab_add(int argc, char **argv)
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/keytab.c:114:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/keytab.c:114:1: note: ‘kadmin_keytab_add’ was previously declared here
#   90|       (char const *)0
#   91|   };
#   92|-> extern void kadmin_keytab_add __SS_PROTO;
#   93|   static char const * const ssu00015[] = {
#   94|   "ktremove",

Error: COMPILER_WARNING (CWE-704): [#def200]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:98:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_keytab_remove’ does not match original declaration
#   98 | extern void kadmin_keytab_remove __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/keytab.c:206:1: note: type mismatch in parameter 3
#  206 | kadmin_keytab_remove(int argc, char **argv)
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/keytab.c:206:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/keytab.c:206:1: note: ‘kadmin_keytab_remove’ was previously declared here
#   96|       (char const *)0
#   97|   };
#   98|-> extern void kadmin_keytab_remove __SS_PROTO;
#   99|   static char const * const ssu00016[] = {
#  100|   "lock",

Error: COMPILER_WARNING (CWE-704): [#def201]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:103:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_lock’ does not match original declaration
#  103 | extern void kadmin_lock __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:636:1: note: type mismatch in parameter 3
#  636 | kadmin_lock(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:636:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:636:1: note: ‘kadmin_lock’ was previously declared here
#  101|       (char const *)0
#  102|   };
#  103|-> extern void kadmin_lock __SS_PROTO;
#  104|   static char const * const ssu00017[] = {
#  105|   "unlock",

Error: COMPILER_WARNING (CWE-704): [#def202]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:108:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_unlock’ does not match original declaration
#  108 | extern void kadmin_unlock __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:651:1: note: type mismatch in parameter 3
#  651 | kadmin_unlock(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:651:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:651:1: note: ‘kadmin_unlock’ was previously declared here
#  106|       (char const *)0
#  107|   };
#  108|-> extern void kadmin_unlock __SS_PROTO;
#  109|   static char const * const ssu00018[] = {
#  110|   "purgekeys",

Error: COMPILER_WARNING (CWE-704): [#def203]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:113:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_purgekeys’ does not match original declaration
#  113 | extern void kadmin_purgekeys __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1823:1: note: type mismatch in parameter 3
# 1823 | kadmin_purgekeys(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1823:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1823:1: note: ‘kadmin_purgekeys’ was previously declared here
#  111|       (char const *)0
#  112|   };
#  113|-> extern void kadmin_purgekeys __SS_PROTO;
#  114|   static char const * const ssu00019[] = {
#  115|   "get_strings",

Error: COMPILER_WARNING (CWE-704): [#def204]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:119:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_getstrings’ does not match original declaration
#  119 | extern void kadmin_getstrings __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1875:1: note: type mismatch in parameter 3
# 1875 | kadmin_getstrings(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1875:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1875:1: note: ‘kadmin_getstrings’ was previously declared here
#  117|       (char const *)0
#  118|   };
#  119|-> extern void kadmin_getstrings __SS_PROTO;
#  120|   static char const * const ssu00020[] = {
#  121|   "set_string",

Error: COMPILER_WARNING (CWE-704): [#def205]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:125:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_setstring’ does not match original declaration
#  125 | extern void kadmin_setstring __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1921:1: note: type mismatch in parameter 3
# 1921 | kadmin_setstring(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1921:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1921:1: note: ‘kadmin_setstring’ was previously declared here
#  123|       (char const *)0
#  124|   };
#  125|-> extern void kadmin_setstring __SS_PROTO;
#  126|   static char const * const ssu00021[] = {
#  127|   "del_string",

Error: COMPILER_WARNING (CWE-704): [#def206]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin_ct.c:131:13: warning[-Wlto-type-mismatch]: type of ‘kadmin_delstring’ does not match original declaration
#  131 | extern void kadmin_delstring __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1962:1: note: type mismatch in parameter 3
# 1962 | kadmin_delstring(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1962:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/kadmin.c:1962:1: note: ‘kadmin_delstring’ was previously declared here
#  129|       (char const *)0
#  130|   };
#  131|-> extern void kadmin_delstring __SS_PROTO;
#  132|   static char const * const ssu00022[] = {
#  133|   "list_requests",

Error: GCC_ANALYZER_WARNING (CWE-457): [#def207]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/y.tab.c: scope_hint: In function ‘getdate_yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/y.tab.c:686:7: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyss’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/y.tab.c:671:9: note: in expansion of macro ‘YYCOPY’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/y.tab.c:1224:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/y.tab.c:671:9: note: in expansion of macro ‘YYCOPY’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/y.tab.c:1224:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/y.tab.c:671:9: note: in expansion of macro ‘YYCOPY’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/y.tab.c:1224:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
#  684|   #  if defined __GNUC__ && 1 < __GNUC__
#  685|   #   define YYCOPY(Dst, Src, Count) \
#  686|->       __builtin_memcpy (Dst, Src, YY_CAST (YYSIZE_T, (Count)) * sizeof (*(Src)))
#  687|   #  else
#  688|   #   define YYCOPY(Dst, Src, Count)              \

Error: GCC_ANALYZER_WARNING (CWE-457): [#def208]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/y.tab.c:1351:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
# 1349|        unconditionally makes the parser a bit smaller, and it avoids a
# 1350|        GCC warning that YYVAL may be used uninitialized.  */
# 1351|->   yyval = yyvsp[1-yylen];
# 1352|   
# 1353|   

Error: COMPILER_WARNING (CWE-252): [#def209]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/dump.c: scope_hint: In function ‘update_ok_file’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/dump.c:239:5: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
#  239 |     write(fd, "", 1);
#      |     ^~~~~~~~~~~~~~~~
#  237|   update_ok_file(krb5_context context, int fd)
#  238|   {
#  239|->     write(fd, "", 1);
#  240|       krb5_lock_file(context, fd, KRB5_LOCKMODE_UNLOCK);
#  241|       close(fd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def210]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/dump.c: scope_hint: In function ‘load_db’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/dump.c:1659:5: warning[-Wanalyzer-file-leak]: leak of FILE ‘f’
# 1657|           fclose(f);
# 1658|   
# 1659|->     return;
# 1660|   
# 1661|   error:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def211]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/dump.c:1659:5: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
# 1657|           fclose(f);
# 1658|   
# 1659|->     return;
# 1660|   
# 1661|   error:

Error: GCC_ANALYZER_WARNING (CWE-476): [#def212]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/kdb5_create.c: scope_hint: In function ‘kdb5_create’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/kdb5_create.c:193:60: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
krb5-1.21.3-build/krb5-1.21.3/src/include/krb5.h:8: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:161: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/kdb5_create.c:56: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/krb5/krb5.h:268:80: note: in definition of macro ‘krb5_princ_set_realm_data’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/kdb5_create.c:193:5: note: in expansion of macro ‘krb5_princ_component’
#  191|       krb5_princ_set_realm_data(util_context, &tgt_princ, global_params.realm);
#  192|       krb5_princ_set_realm_length(util_context, &tgt_princ, strlen(global_params.realm));
#  193|->     krb5_princ_component(util_context, &tgt_princ,1)->data = global_params.realm;
#  194|       krb5_princ_component(util_context, &tgt_princ,1)->length = strlen(global_params.realm);
#  195|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def213]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/kdb5_create.c:194:62: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
krb5-1.21.3-build/krb5-1.21.3/src/include/krb5/krb5.h:268:80: note: in definition of macro ‘krb5_princ_set_realm_data’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/kdb5_create.c:193:5: note: in expansion of macro ‘krb5_princ_component’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/kdb5_create.c:193:5: note: in expansion of macro ‘krb5_princ_component’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/kdb5_create.c:194:5: note: in expansion of macro ‘krb5_princ_component’
#  192|       krb5_princ_set_realm_length(util_context, &tgt_princ, strlen(global_params.realm));
#  193|       krb5_princ_component(util_context, &tgt_princ,1)->data = global_params.realm;
#  194|->     krb5_princ_component(util_context, &tgt_princ,1)->length = strlen(global_params.realm);
#  195|   
#  196|       printf(_("Initializing database '%s' for realm '%s',\n"

Error: COMPILER_WARNING: [#def214]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/kdb5_util.c: scope_hint: In function ‘extended_com_err_fn’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/kdb5_util.c:177:5: warning[-Wsuggest-attribute=format]: function ‘extended_com_err_fn’ might be a candidate for ‘gnu_printf’ format attribute
#  177 |     vfprintf (stderr, fmt, args);
#      |     ^~~~~~~~
#  175|           fprintf (stderr, "%s: ", myprog);
#  176|       }
#  177|->     vfprintf (stderr, fmt, args);
#  178|       fprintf (stderr, "\n");
#  179|   }

Error: COMPILER_WARNING: [#def215]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/tdumputil.c: scope_hint: In function ‘writequoted’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/dbutil/tdumputil.c:109:5: warning[-Wsuggest-attribute=format]: function ‘writequoted’ might be a candidate for ‘gnu_printf’ format attribute
#  109 |     ret = vasprintf(&s, fmt, ap);
#      |     ^~~
#  107|   
#  108|       assert(fl.quotechar != '\0');
#  109|->     ret = vasprintf(&s, fmt, ap);
#  110|       if (ret < 0)
#  111|           return ret;

Error: COMPILER_WARNING (CWE-704): [#def216]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil_ct.c:9:13: warning[-Wlto-type-mismatch]: type of ‘ktutil_clear_list’ does not match original declaration
#    9 | extern void ktutil_clear_list __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:66:1: note: type mismatch in parameter 3
#   66 | ktutil_clear_list(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:66:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:66:1: note: ‘ktutil_clear_list’ was previously declared here
#    7|       (char const *)0
#    8|   };
#    9|-> extern void ktutil_clear_list __SS_PROTO;
#   10|   static char const * const ssu00002[] = {
#   11|   "read_kt",

Error: COMPILER_WARNING (CWE-704): [#def217]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil_ct.c:15:13: warning[-Wlto-type-mismatch]: type of ‘ktutil_read_v5’ does not match original declaration
#   15 | extern void ktutil_read_v5 __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:81:1: note: type mismatch in parameter 3
#   81 | ktutil_read_v5(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:81:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:81:1: note: ‘ktutil_read_v5’ was previously declared here
#   13|       (char const *)0
#   14|   };
#   15|-> extern void ktutil_read_v5 __SS_PROTO;
#   16|   static char const * const ssu00003[] = {
#   17|   "read_st",

Error: COMPILER_WARNING (CWE-704): [#def218]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil_ct.c:21:13: warning[-Wlto-type-mismatch]: type of ‘ktutil_read_v4’ does not match original declaration
#   21 | extern void ktutil_read_v4 __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:95:1: note: type mismatch in parameter 3
#   95 | ktutil_read_v4(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:95:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:95:1: note: ‘ktutil_read_v4’ was previously declared here
#   19|       (char const *)0
#   20|   };
#   21|-> extern void ktutil_read_v4 __SS_PROTO;
#   22|   static char const * const ssu00004[] = {
#   23|   "write_kt",

Error: COMPILER_WARNING (CWE-704): [#def219]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil_ct.c:27:13: warning[-Wlto-type-mismatch]: type of ‘ktutil_write_v5’ does not match original declaration
#   27 | extern void ktutil_write_v5 __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:102:1: note: type mismatch in parameter 3
#  102 | ktutil_write_v5(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:102:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:102:1: note: ‘ktutil_write_v5’ was previously declared here
#   25|       (char const *)0
#   26|   };
#   27|-> extern void ktutil_write_v5 __SS_PROTO;
#   28|   static char const * const ssu00005[] = {
#   29|   "write_st",

Error: COMPILER_WARNING (CWE-704): [#def220]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil_ct.c:33:13: warning[-Wlto-type-mismatch]: type of ‘ktutil_write_v4’ does not match original declaration
#   33 | extern void ktutil_write_v4 __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:116:1: note: type mismatch in parameter 3
#  116 | ktutil_write_v4(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:116:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:116:1: note: ‘ktutil_write_v4’ was previously declared here
#   31|       (char const *)0
#   32|   };
#   33|-> extern void ktutil_write_v4 __SS_PROTO;
#   34|   static char const * const ssu00006[] = {
#   35|   "add_entry",

Error: COMPILER_WARNING (CWE-704): [#def221]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil_ct.c:39:13: warning[-Wlto-type-mismatch]: type of ‘ktutil_add_entry’ does not match original declaration
#   39 | extern void ktutil_add_entry __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:123:1: note: type mismatch in parameter 3
#  123 | ktutil_add_entry(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:123:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:123:1: note: ‘ktutil_add_entry’ was previously declared here
#   37|       (char const *)0
#   38|   };
#   39|-> extern void ktutil_add_entry __SS_PROTO;
#   40|   static char const * const ssu00007[] = {
#   41|   "delete_entry",

Error: COMPILER_WARNING (CWE-704): [#def222]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil_ct.c:45:13: warning[-Wlto-type-mismatch]: type of ‘ktutil_delete_entry’ does not match original declaration
#   45 | extern void ktutil_delete_entry __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:180:1: note: type mismatch in parameter 3
#  180 | ktutil_delete_entry(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:180:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:180:1: note: ‘ktutil_delete_entry’ was previously declared here
#   43|       (char const *)0
#   44|   };
#   45|-> extern void ktutil_delete_entry __SS_PROTO;
#   46|   static char const * const ssu00008[] = {
#   47|   "list",

Error: COMPILER_WARNING (CWE-704): [#def223]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil_ct.c:51:13: warning[-Wlto-type-mismatch]: type of ‘ktutil_list’ does not match original declaration
#   51 | extern void ktutil_list __SS_PROTO;
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:194:1: note: type mismatch in parameter 3
#  194 | ktutil_list(int argc, char *argv[])
#      | ^
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:194:1: note: type ‘void’ should match type ‘int’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil.c:194:1: note: ‘ktutil_list’ was previously declared here
#   49|       (char const *)0
#   50|   };
#   51|-> extern void ktutil_list __SS_PROTO;
#   52|   static char const * const ssu00009[] = {
#   53|   "list_requests",

Error: COMPILER_WARNING (CWE-252): [#def224]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil_funcs.c: scope_hint: In function ‘ktutil_add’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/ktutil/ktutil_funcs.c:206:9: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’
#  206 |         fgets(buf, BUFSIZ, stdin);
#      |         ^~~~~~~~~~~~~~~~~~~~~~~~~
#  204|       } else {
#  205|           printf(_("Key for %s (hex): "), princ_full);
#  206|->         fgets(buf, BUFSIZ, stdin);
#  207|           /*
#  208|            * We need to get rid of the trailing '\n' from fgets.

Error: GCC_ANALYZER_WARNING (CWE-401): [#def225]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/server/ipropd_svc.c: scope_hint: In function ‘ipropx_resync’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/server/ipropd_svc.c:122:23: warning[-Wanalyzer-malloc-leak]: leak of ‘buf_to_string(&client_desc)’
#  120|   {
#  121|       OM_uint32 min_stat;
#  122|->     char *s = malloc(b->length+1);
#  123|   
#  124|       if (s) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def226]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/server/ipropd_svc.c:122:23: warning[-Wanalyzer-malloc-leak]: leak of ‘buf_to_string(&service_desc)’
#  120|   {
#  121|       OM_uint32 min_stat;
#  122|->     char *s = malloc(b->length+1);
#  123|   
#  124|       if (s) {

Error: GCC_ANALYZER_WARNING (CWE-688): [#def227]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/server/schpw.c: scope_hint: In function ‘process_chpw_request’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/server/schpw.c:268:20: warning[-Wanalyzer-null-argument]: use of NULL ‘targetstr’ where non-null expected
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/server/schpw.c:2: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/server/schpw.c: scope_hint: In function ‘process_chpw_request’
<built-in>: note: argument 1 of ‘__builtin_strlen’ must be non-null
#  266|               targetp = targetstr;
#  267|           } else {
#  268|->             tlen = strlen(targetstr);
#  269|               trunc_name(&tlen, &tdots);
#  270|               targetp = clientstr;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def228]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/server/server_stubs.c: scope_hint: In function ‘stub_cleanup’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/server/server_stubs.c:306:5: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘handle’
#  304|       OM_uint32 minor_stat;
#  305|   
#  306|->     auth_end(handle->context);
#  307|       free_server_handle(handle);
#  308|       free(princ_str);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def229]
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/server/server_stubs.c: scope_hint: In function ‘get_policy_2_svc’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/server/server_stubs.c:1353:42: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘handle’
# 1351|   
# 1352|   exit_func:
# 1353|->     (void)kadm5_free_principal_ent(handle->lhandle, &caller_ent);
# 1354|       stub_cleanup(handle, NULL, &client_name, &service_name);
# 1355|       return TRUE;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def230]
krb5-1.21.3-build/krb5-1.21.3/src/kdc/dispatch.c: scope_hint: In function ‘make_too_big_error’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/dispatch.c:181:18: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘realm’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/dispatch.c:26: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/kdc/dispatch.c: scope_hint: In function ‘make_too_big_error’
#  179|   make_too_big_error(kdc_realm_t *realm, krb5_data **out)
#  180|   {
#  181|->     krb5_context context = realm->realm_context;
#  182|       krb5_error errpkt;
#  183|       krb5_error_code retval;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def231]
krb5-1.21.3-build/krb5-1.21.3/src/kdc/do_tgs_req.c: scope_hint: In function ‘prepare_error_tgs’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/do_tgs_req.c:200:28: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘request’
#  198|           return(retval);
#  199|       errpkt.error = errcode_to_protocol(code);
#  200|->     errpkt.server = request->server;
#  201|       if (ticket && ticket->enc_part2)
#  202|           errpkt.client = ticket->enc_part2->client;

Error: CPPCHECK_WARNING (CWE-758): [#def232]
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_authdata.c:131: warning[objectIndex]: The address of variable 'ad_type' might be accessed at non-zero index.
#  129|   
#  130|       for (i = 0; i < count; i++) {
#  131|->         switch (ad_types[i]) {
#  132|           case KRB5_AUTHDATA_SIGNTICKET:
#  133|           case KRB5_AUTHDATA_KDC_ISSUED:

Error: GCC_ANALYZER_WARNING (CWE-122): [#def233]
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c: scope_hint: In function ‘sort_pa_order’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c:665:27: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c: scope_hint: In function ‘sort_pa_order’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c:665:27: note: write of 4 bytes to beyond the end of the region
#  663|       for (j = 0; j < n_preauth_systems; j++) {
#  664|           if (preauth_systems[j].return_padata != NULL)
#  665|->             pa_order[i++] = j;
#  666|       }
#  667|       n_repliers = i;

Error: GCC_ANALYZER_WARNING (CWE-126): [#def234]
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c:674:37: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c: scope_hint: In function ‘sort_pa_order’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c:674:37: note: read of 4 bytes from after the end of the region
#  672|           /* If this module replaces the key, then it's okay to leave it where it
#  673|            * is in the order. */
#  674|->         if (preauth_systems[pa_order[i]].flags & PA_REPLACES_KEY)
#  675|               continue;
#  676|           /* If not, search for a module which does, and swap in the first one we

Error: GCC_ANALYZER_WARNING (CWE-126): [#def235]
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c:679:41: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c: scope_hint: In function ‘sort_pa_order’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c:679:41: note: read of 4 bytes from after the end of the region
#  677|            * find. */
#  678|           for (j = i + 1; j < n_repliers; j++) {
#  679|->             if (preauth_systems[pa_order[j]].flags & PA_REPLACES_KEY) {
#  680|                   k = pa_order[j];
#  681|                   pa_order[j] = pa_order[i];

Error: GCC_ANALYZER_WARNING (CWE-122): [#def236]
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c:681:29: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c: scope_hint: In function ‘sort_pa_order’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c:681:29: note: write of 4 bytes to beyond the end of the region
#  679|               if (preauth_systems[pa_order[j]].flags & PA_REPLACES_KEY) {
#  680|                   k = pa_order[j];
#  681|->                 pa_order[j] = pa_order[i];
#  682|                   pa_order[i] = k;
#  683|                   break;

Error: GCC_ANALYZER_WARNING (CWE-126): [#def237]
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c:704:62: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c: scope_hint: In function ‘sort_pa_order’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c:704:62: note: read of 4 bytes from after the end of the region
#  702|               for (j = i + 1; j < n_key_replacers; j++) {
#  703|                   if (pa_list_includes(request->padata,
#  704|->                                      preauth_systems[pa_order[j]].type)) {
#  705|                       k = pa_order[j];
#  706|                       pa_order[j] = pa_order[i];

Error: GCC_ANALYZER_WARNING (CWE-126): [#def238]
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c: scope_hint: In function ‘return_padata’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c:1438:30: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c: scope_hint: In function ‘return_padata’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_preauth.c:1438:30: note: read of 4 bytes from after the end of the region
# 1436|       null_item.length = 0;
# 1437|   
# 1438|->     for (pa_type = pa_order; *pa_type != -1; pa_type++) {
# 1439|           ap = &preauth_systems[*pa_type];
# 1440|           if (key_modified && (ap->flags & PA_REPLACES_KEY))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def239]
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_transit.c: scope_hint: In function ‘add_to_transited’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_transit.c:134:17: warning[-Wanalyzer-malloc-leak]: leak of ‘data2string(&*tgs.realm)’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-thread.h:136: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:236: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:130: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_transit.c:33: included_from: Included from here.
#  132|   {
#  133|       char *s;
#  134|->     s = malloc(d->length + 1);
#  135|       if (s) {
#  136|           if (d->length > 0)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def240]
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_util.c: scope_hint: In function ‘verify_for_user_checksum’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_util.c:1278:57: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
krb5-1.21.3-build/krb5-1.21.3/src/include/krb5.h:8: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:161: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_util.c:54: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_util.c:1274:13: note: in expansion of macro ‘krb5_princ_component’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_util.c:1278:14: note: in expansion of macro ‘krb5_princ_component’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_util.c:1278:14: note: in expansion of macro ‘krb5_princ_component’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_util.c:1274:13: note: in expansion of macro ‘krb5_princ_component’
krb5-1.21.3-build/krb5-1.21.3/src/include/krb5/krb5.h:269:42: note: in definition of macro ‘krb5_princ_size’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_util.c:1278:14: note: in expansion of macro ‘krb5_princ_component’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/kdc_util.c:1278:14: note: in expansion of macro ‘krb5_princ_component’
# 1276|                      krb5_princ_component(context, req->user, i)->length);
# 1277|           }
# 1278|->         p += krb5_princ_component(context, req->user, i)->length;
# 1279|       }
# 1280|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def241]
krb5-1.21.3-build/krb5-1.21.3/src/kdc/rtest.c: scope_hint: In function ‘main’
krb5-1.21.3-build/krb5-1.21.3/src/kdc/rtest.c:88:5: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#   86|       else
#   87|           otrans.data = 0;
#   88|->     memcpy(otrans.data,argv[1], otrans.length);
#   89|   
#   90|       tgs = make_princ(ctx, argv[2], argv[0]);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def242]
krb5-1.21.3-build/krb5-1.21.3/src/kdc/rtest.c:88:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘otrans.data’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#   86|       else
#   87|           otrans.data = 0;
#   88|->     memcpy(otrans.data,argv[1], otrans.length);
#   89|   
#   90|       tgs = make_princ(ctx, argv[2], argv[0]);

Error: COMPILER_WARNING (CWE-252): [#def243]
krb5-1.21.3-build/krb5-1.21.3/src/kprop/kprop.c: scope_hint: In function ‘update_last_prop_file’
krb5-1.21.3-build/krb5-1.21.3/src/kprop/kprop.c:591:5: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
#  591 |     write(fd, "", 1);
#      |     ^~~~~~~~~~~~~~~~
#  589|           return;
#  590|       }
#  591|->     write(fd, "", 1);
#  592|       free(file_last_prop);
#  593|       close(fd);

Error: COMPILER_WARNING (CWE-252): [#def244]
krb5-1.21.3-build/krb5-1.21.3/src/kprop/kpropd.c: scope_hint: In function ‘alarm_handler’
krb5-1.21.3-build/krb5-1.21.3/src/kprop/kpropd.c:216:5: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
#  216 |     write(STDERR_FILENO, timeout_msg, strlen(timeout_msg));
#      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  214|       static char *timeout_msg = "Full propagation timed out\n";
#  215|   
#  216|->     write(STDERR_FILENO, timeout_msg, strlen(timeout_msg));
#  217|       exit(1);
#  218|   }

Error: COMPILER_WARNING (CWE-252): [#def245]
krb5-1.21.3-build/krb5-1.21.3/src/kprop/kpropd.c: scope_hint: In function ‘main’
krb5-1.21.3-build/krb5-1.21.3/src/kprop/kpropd.c:276:13: warning[-Wunused-result]: ignoring return value of ‘daemon’ declared with attribute ‘warn_unused_result’
#  276 |             daemon(0, 0);
#      |             ^~~~~~~~~~~~
#  274|           /* "ready" is a sentinel for the test framework. */
#  275|           if (!debug && !nodaemon) {
#  276|->             daemon(0, 0);
#  277|           } else {
#  278|               printf(_("ready\n"));

Error: COMPILER_WARNING: [#def246]
krb5-1.21.3-build/krb5-1.21.3/src/kprop/kpropd.c: scope_hint: In function ‘parse_args’
krb5-1.21.3-build/krb5-1.21.3/src/kprop/kpropd.c:1138:26: warning[-Wsuggest-attribute=format]: argument 1 of ‘set_com_err_hook’ might be a candidate for a format attribute
# 1138 |         set_com_err_hook(kpropd_com_err_proc);
#      |                          ^~~~~~~~~~~~~~~~~~~
# 1136|       openlog("kpropd", LOG_PID | LOG_ODELAY, SYSLOG_CLASS);
# 1137|       if (!debug)
# 1138|->         set_com_err_hook(kpropd_com_err_proc);
# 1139|   
# 1140|       if (realm == NULL) {

Error: COMPILER_WARNING (CWE-563): [#def247]
krb5-1.21.3-build/krb5-1.21.3/src/lib/apputils/net-server.c: scope_hint: In function ‘loop_add_address’
krb5-1.21.3-build/krb5-1.21.3/src/lib/apputils/net-server.c:193:39: warning[-Wunused-value]: right-hand operand of comma expression has no effect
#  193 |     (set.data[idx] = set.data[--set.n], 0)
#      |     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~
krb5-1.21.3-build/krb5-1.21.3/src/lib/apputils/net-server.c:328:13: note: in expansion of macro ‘DEL’
#  328 |             DEL(bind_addresses, i);
#      |             ^~~
#  191|   
#  192|   #define DEL(set, idx)                           \
#  193|->     (set.data[idx] = set.data[--set.n], 0)
#  194|   
#  195|   #define FREE_SET_DATA(set)                                      \

Error: GCC_ANALYZER_WARNING (CWE-401): [#def248]
krb5-1.21.3-build/krb5-1.21.3/src/lib/apputils/net-server.c: scope_hint: In function ‘add_fd’
krb5-1.21.3-build/krb5-1.21.3/src/lib/apputils/net-server.c:575:13: warning[-Wanalyzer-malloc-leak]: leak of ‘newconn’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:130: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/apputils/net-server.c:27: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/apputils/net-server.c:1155:5: note: in expansion of macro ‘set_cloexec_fd’
krb5-1.21.3-build/krb5-1.21.3/src/lib/apputils/net-server.c:649:12: note: in expansion of macro ‘ioctlsocket’
krb5-1.21.3-build/krb5-1.21.3/src/lib/apputils/net-server.c: scope_hint: In function ‘add_fd’
#  573|       newconn->type = conntype;
#  574|   
#  575|->     *ev_out = make_event(ctx, flags, callback, sock, newconn);
#  576|       return 0;
#  577|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def249]
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/gssapiP_krb5.h:65: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/lucid_context.c:29: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/lucid_context.c: scope_hint: In function ‘free_external_lucid_ctx_v1’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/generic/gssapiP_generic.h:64:18: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/lucid_context.c:289:9: note: in expansion of macro ‘xfree’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/lucid_context.c:251:23: note: in expansion of macro ‘xmalloc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/lucid_context.c:289:9: note: in expansion of macro ‘xfree’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/lucid_context.c:289:9: note: in expansion of macro ‘xfree’
#   62|   #undef xfree
#   63|   #endif
#   64|-> #define xfree(p) free(p)
#   65|   
#   66|   /** helper functions **/

Error: GCC_ANALYZER_WARNING (CWE-476): [#def250]
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/accept_sec_context.c: scope_hint: In function ‘kg_accept_krb5’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/accept_sec_context.c:1163:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 1161|       if (major_status == GSS_S_COMPLETE ||
# 1162|           (major_status == GSS_S_CONTINUE_NEEDED && code != KRB5KRB_AP_ERR_MSG_TYPE)) {
# 1163|->         ctx->k5_context = context;
# 1164|           context = NULL;
# 1165|           goto done;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def251]
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/iakerb.c: scope_hint: In function ‘iakerb_gss_accept_sec_context’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/iakerb.c:785:16: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘ctx’
#  783|   
#  784|       if (iakerb_is_iakerb_token(input_token)) {
#  785|->         if (ctx->gssc != GSS_C_NO_CONTEXT) {
#  786|               /* We shouldn't get an IAKERB token now. */
#  787|               code = G_WRONG_TOKID;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def252]
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/iakerb.c:828:30: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  826|                                                          &exts);
#  827|           if (major_status == GSS_S_COMPLETE)
#  828|->             ctx->established = 1;
#  829|       }
#  830|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def253]
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_cred.c: scope_hint: In function ‘json_to_etypes’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_cred.c:100:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘etypes’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_cred.c:33: included_from: Included from here.
#   98|           if (n == NULL)
#   99|               goto invalid;
#  100|->         etypes[i] = k5_json_number_value(n);
#  101|       }
#  102|       *etypes_out = etypes;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def254]
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_cred.c: scope_hint: In function ‘json_to_address’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_cred.c:221:15: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘addr_out’
#  219|       size_t len;
#  220|   
#  221|->     *addr_out = NULL;
#  222|       if (k5_json_get_tid(v) != K5_JSON_TID_ARRAY)
#  223|           return -1;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def255]
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_cred.c: scope_hint: In function ‘json_to_addresses’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_cred.c:271:14: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘addrs’
#  269|               goto invalid;
#  270|       }
#  271|->     addrs[i] = NULL;
#  272|       *addresses_out = addrs;
#  273|       return 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def256]
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_cred.c: scope_hint: In function ‘json_to_authdata_element’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_cred.c:290:13: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ad_out’
#  288|       size_t len;
#  289|   
#  290|->     *ad_out = NULL;
#  291|       if (k5_json_get_tid(v) != K5_JSON_TID_ARRAY)
#  292|           return -1;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def257]
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_cred.c: scope_hint: In function ‘json_to_authdata’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/import_cred.c:340:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘authdata’
#  338|               goto invalid;
#  339|       }
#  340|->     authdata[i] = NULL;
#  341|       *authdata_out = authdata;
#  342|       return 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def258]
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/init_sec_context.c: scope_hint: In function ‘kg_new_connection’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/init_sec_context.c:573:20: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘k_cred’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/init_sec_context.c:106: included_from: Included from here.
#  571|           goto cleanup;
#  572|   
#  573|->     ctx->krb_times = k_cred->times;
#  574|   
#  575|       /*

Error: GCC_ANALYZER_WARNING (CWE-688): [#def259]
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/krb5/k5unseal.c:270:12: warning[-Wanalyzer-null-argument]: use of NULL ‘plain’ where non-null expected
<built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null
#  268|       (void) memcpy(data_ptr, ptr-2, 8);
#  269|   
#  270|->     (void) memcpy(data_ptr+8, plain, plainlen);
#  271|   
#  272|       plaind.length = 8 + plainlen;

Error: CPPCHECK_WARNING (CWE-401): [#def260]
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/spnego/spnego_mech.c:3608: error[memleak]: Memory leak: buffer.value
# 3606|   	}
# 3607|   
# 3608|-> 	return (buffer);
# 3609|   }
# 3610|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def261]
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/spnego/spnego_mech.c: scope_hint: In function ‘make_spnego_tokenTarg_msg’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/spnego/spnego_mech.c:3767:17: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘f2len’
krb5-1.21.3-build/krb5-1.21.3/src/lib/gssapi/spnego/spnego_mech.c:63: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-der.h: scope_hint: In function ‘make_spnego_tokenTarg_msg’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-der.h: scope_hint: In function ‘make_spnego_tokenTarg_msg’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-der.h: scope_hint: In function ‘make_spnego_tokenTarg_msg’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-der.h: scope_hint: In function ‘make_spnego_tokenTarg_msg’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-der.h: scope_hint: In function ‘make_spnego_tokenTarg_msg’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-der.h: scope_hint: In function ‘make_spnego_tokenTarg_msg’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-der.h: scope_hint: In function ‘make_spnego_tokenTarg_msg’
# 3765|   	if (token != NULL && token->length > 0) {
# 3766|   		/* Add the mechToken field. */
# 3767|-> 		k5_der_add_taglen(&buf, CONTEXT | 0x02, f2len);
# 3768|   		k5_der_add_value(&buf, OCTET_STRING, token->value,
# 3769|   				 token->length);

Error: GCC_ANALYZER_WARNING (CWE-457): [#def262]
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c: scope_hint: In function ‘get_string_param’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:325:20: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘svalue’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:496:5: note: in expansion of macro ‘GET_STRING_PARAM’
#  323|       } else if (aprofile != NULL &&
#  324|                  !krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
#  325|->         *param_out = svalue;
#  326|           *mask_out |= mask_bit;
#  327|           return 1;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def263]
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c: scope_hint: In function ‘get_port_param.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:356:20: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘ivalue’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:496:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:496:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:505:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:505:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:505:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:509:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:509:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:513:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:513:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:517:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:517:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:519:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:519:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:521:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:521:5: note: in expansion of macro ‘GET_STRING_PARAM’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/alt_prof.c:530:5: note: in expansion of macro ‘GET_PORT_PARAM’
#  354|       } else if (aprofile != NULL &&
#  355|                  !krb5_aprof_get_int32(aprofile, hierarchy, TRUE, &ivalue)) {
#  356|->         *param_out = ivalue;
#  357|           *mask_out |= mask_bit;
#  358|       } else if (default_value) {

Error: CPPCHECK_WARNING (CWE-457): [#def264]
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/chpass_util.c:106: warning[uninitvar]: Uninitialized variable: pwsize
#  104|               }
#  105|           }
#  106|->         if (pwsize == 0) {
#  107|   #ifdef ZEROPASSWD
#  108|               memset(buffer, 0, sizeof(buffer));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def265]
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c: scope_hint: In function ‘krb5_klog_init’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:435:36: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopen(fileno(stderr), "w")’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:64: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:130: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:33: included_from: Included from here.
#  433|                       log_control.log_entries[i].lfu_filep =
#  434|                           fdopen(fileno(stderr), "w");
#  435|->                     if (log_control.log_entries[i].lfu_filep) {
#  436|                           log_control.log_entries[i].log_type = K_LOG_STDERR;
#  437|                           log_control.log_entries[i].lfu_fname =

Error: GCC_ANALYZER_WARNING (CWE-775): [#def266]
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:447:36: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/dev/console", "a+")’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:446:25: note: in expansion of macro ‘CONSOLE_OPEN’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:446:25: note: in expansion of macro ‘CONSOLE_OPEN’
#  445|                       log_control.log_entries[i].ldu_filep =
#  446|                           CONSOLE_OPEN("a+");
#  447|->                     if (log_control.log_entries[i].ldu_filep) {
#  448|                           set_cloexec_file(log_control.log_entries[i].ldu_filep);
#  449|                           log_control.log_entries[i].log_type = K_LOG_CONSOLE;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def267]
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:447:36: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/dev/console", "a+")’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:446:25: note: in expansion of macro ‘CONSOLE_OPEN’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:446:25: note: in expansion of macro ‘CONSOLE_OPEN’
#  445|                       log_control.log_entries[i].ldu_filep =
#  446|                           CONSOLE_OPEN("a+");
#  447|->                     if (log_control.log_entries[i].ldu_filep) {
#  448|                           set_cloexec_file(log_control.log_entries[i].ldu_filep);
#  449|                           log_control.log_entries[i].log_type = K_LOG_CONSOLE;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def268]
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:463:40: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(cp + 7, "w")’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:154:39: note: in definition of macro ‘DEVICE_OPEN’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:462:29: note: in expansion of macro ‘DEVICE_OPEN’
#  461|                           log_control.log_entries[i].ldu_filep =
#  462|                               DEVICE_OPEN(&cp[7], "w");
#  463|->                         if (log_control.log_entries[i].ldu_filep) {
#  464|                               set_cloexec_file(log_control.log_entries[i].ldu_filep);
#  465|                               log_control.log_entries[i].log_type = K_LOG_DEVICE;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def269]
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:463:40: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(cp + 7, "w")’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:154:39: note: in definition of macro ‘DEVICE_OPEN’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:462:29: note: in expansion of macro ‘DEVICE_OPEN’
#  461|                           log_control.log_entries[i].ldu_filep =
#  462|                               DEVICE_OPEN(&cp[7], "w");
#  463|->                         if (log_control.log_entries[i].ldu_filep) {
#  464|                               set_cloexec_file(log_control.log_entries[i].ldu_filep);
#  465|                               log_control.log_entries[i].log_type = K_LOG_DEVICE;

Error: COMPILER_WARNING: [#def270]
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c: scope_hint: In function ‘krb5_klog_init’
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/logger.c:519:37: warning[-Wsuggest-attribute=format]: argument 1 of ‘set_com_err_hook’ might be a candidate for a format attribute
#  519 |             (void) set_com_err_hook(klog_com_err_proc);
#      |                                     ^~~~~~~~~~~~~~~~~
#  517|           }
#  518|           if (do_com_err)
#  519|->             (void) set_com_err_hook(klog_com_err_proc);
#  520|       }
#  521|       return((log_control.log_nentries) ? 0 : ENOENT);

Error: CPPCHECK_WARNING (CWE-457): [#def271]
krb5-1.21.3-build/krb5-1.21.3/src/lib/kadm5/srv/svr_principal.c:1325: error[legacyUninitvar]: Uninitialized variable: hist_kvno
# 1323|               /* If hist_kvno has changed since the last password change, we
# 1324|                * can't check the history. */
# 1325|->             if (adb.admin_history_kvno == hist_kvno) {
# 1326|                   ret = check_pw_reuse(handle->context, hist_keyblocks,
# 1327|                                        kdb->n_key_data, kdb->key_data,

Error: GCC_ANALYZER_WARNING (CWE-476): [#def272]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krad/attr.c: scope_hint: In function ‘user_password_encode’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krad/attr.c:195:57: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘sum.contents’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krad/attr.c:30: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/krad/attr.c:31: included_from: Included from here.
#  193|   
#  194|           for (i = 0; i < BLOCKSIZE; i++)
#  195|->             outbuf[blck * BLOCKSIZE + i] ^= sum.contents[i];
#  196|           krb5_free_checksum_contents(ctx, &sum);
#  197|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def273]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krad/attr.c: scope_hint: In function ‘user_password_decode.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krad/attr.c:254:29: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘sum.contents’
#  252|           for (i = 0; i < BLOCKSIZE; i++) {
#  253|               outbuf[blck * BLOCKSIZE + i] = in->data[blck * BLOCKSIZE + i] ^
#  254|->                 sum.contents[i];
#  255|           }
#  256|           krb5_free_checksum_contents(ctx, &sum);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def274]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krad/packet.c: scope_hint: In function ‘auth_generate_response’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krad/packet.c:197:5: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘hash.contents’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krad/internal.h:33: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/krad/packet.c:30: included_from: Included from here.
#  195|           return retval;
#  196|   
#  197|->     memcpy(rauth, hash.contents, AUTH_FIELD_SIZE);
#  198|       krb5_free_checksum_contents(ctx, &hash);
#  199|       return 0;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def275]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/ccache/cc_file.c: scope_hint: In function ‘delete_cred’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/ccache/cc_file.c:1082:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(*data.filename, 524290)’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:64: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:130: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/ccache/cc_file.c:63: included_from: Included from here.
# 1080|       }
# 1081|   
# 1082|->     start_offset = ftell(fcursor->fp);
# 1083|       if (start_offset == -1) {
# 1084|           ret = interpret_errno(context, errno);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def276]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/ccache/cc_keyring.c: scope_hint: In function ‘set_primary_name’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/ccache/cc_keyring.c:539:20: warning[-Wanalyzer-null-argument]: use of NULL ‘subsidiary_name’ where non-null expected
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/ccache/cc-int.h:33: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/ccache/cc_keyring.c:97: included_from: Included from here.
<built-in>: note: argument 1 of ‘__builtin_strlen’ must be non-null
#  537|   {
#  538|       key_serial_t key;
#  539|->     uint32_t len = strlen(subsidiary_name), plen = 8 + len;
#  540|       unsigned char *payload;
#  541|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def277]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/ccache/cccursor.c: scope_hint: In function ‘krb5_cccol_cursor_free’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/ccache/cccursor.c:136:15: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘*c.ops’
#  134|   
#  135|       if (c->ptcursor != NULL)
#  136|->         c->ops->ptcursor_free(context, &c->ptcursor);
#  137|       if (c->typecursor != NULL)
#  138|           krb5int_cc_typecursor_free(context, &c->typecursor);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def278]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c: scope_hint: In function ‘krb5_ktfileint_internal_read_entry.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:1024:14: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:566:5: note: in expansion of macro ‘KTLOCK’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:236: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:130: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:56: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:566:5: note: in expansion of macro ‘KTLOCK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c: scope_hint: In function ‘krb5_ktfileint_internal_read_entry.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:131: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:739:19: note: in expansion of macro ‘WRITABLEFOPEN’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-label.h:25:50: note: in definition of macro ‘WRITABLEFOPEN’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:739:33: note: in expansion of macro ‘KTFILENAME’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:64: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:772:25: note: in expansion of macro ‘KTFILEBUFP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:806:28: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c: scope_hint: In function ‘krb5_ktfileint_internal_read_entry.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:921:13: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:937:23: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:944:9: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:967:52: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:971:9: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/include/port-sockets.h:159: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:165: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:985:41: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:1023:9: note: in expansion of macro ‘KTVERSION’
# 1022|       /* read in the principal type, if we can get it */
# 1023|       if (KTVERSION(id) != KRB5_KT_VNO_1) {
# 1024|->         if (!fread(&ret_entry->principal->type,
# 1025|                      sizeof(ret_entry->principal->type), 1, KTFILEP(id))) {
# 1026|               error = KRB5_KT_END;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def279]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:1033:10: warning[-Wanalyzer-malloc-leak]: leak of ‘*ret_entry.principal’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:921:13: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:937:23: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:944:9: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:967:52: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:971:9: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:985:41: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:1001:13: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:1015:61: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:1023:9: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:1033:72: note: in expansion of macro ‘KTFILEP’
# 1031|   
# 1032|       /* read in the timestamp */
# 1033|->     if (!fread(&ret_entry->timestamp, sizeof(ret_entry->timestamp), 1, KTFILEP(id))) {
# 1034|           error = KRB5_KT_END;
# 1035|           goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def280]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:1033:10: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:566:5: note: in expansion of macro ‘KTLOCK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:566:5: note: in expansion of macro ‘KTLOCK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c: scope_hint: In function ‘krb5_ktfileint_internal_read_entry.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:739:19: note: in expansion of macro ‘WRITABLEFOPEN’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-label.h:25:50: note: in definition of macro ‘WRITABLEFOPEN’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:739:33: note: in expansion of macro ‘KTFILENAME’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:772:25: note: in expansion of macro ‘KTFILEBUFP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:806:28: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c: scope_hint: In function ‘krb5_ktfileint_internal_read_entry.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:921:13: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:937:23: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:944:9: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:967:52: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:971:9: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:985:41: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:1023:9: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:1033:72: note: in expansion of macro ‘KTFILEP’
# 1031|   
# 1032|       /* read in the timestamp */
# 1033|->     if (!fread(&ret_entry->timestamp, sizeof(ret_entry->timestamp), 1, KTFILEP(id))) {
# 1034|           error = KRB5_KT_END;
# 1035|           goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def281]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:1033:10: warning[-Wanalyzer-malloc-leak]: leak of ‘cur_entry.principal’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:566:5: note: in expansion of macro ‘KTLOCK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:566:5: note: in expansion of macro ‘KTLOCK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c: scope_hint: In function ‘krb5_ktfileint_internal_read_entry.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:739:19: note: in expansion of macro ‘WRITABLEFOPEN’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-label.h:25:50: note: in definition of macro ‘WRITABLEFOPEN’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:739:33: note: in expansion of macro ‘KTFILENAME’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:772:25: note: in expansion of macro ‘KTFILEBUFP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:806:28: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c: scope_hint: In function ‘krb5_ktfileint_internal_read_entry.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:921:13: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:937:23: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:944:9: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:967:52: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:971:9: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:985:41: note: in expansion of macro ‘KTFILEP’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:1023:9: note: in expansion of macro ‘KTVERSION’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_file.c:1033:72: note: in expansion of macro ‘KTFILEP’
# 1031|   
# 1032|       /* read in the timestamp */
# 1033|->     if (!fread(&ret_entry->timestamp, sizeof(ret_entry->timestamp), 1, KTFILEP(id))) {
# 1034|           error = KRB5_KT_END;
# 1035|           goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def282]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_memory.c: scope_hint: In function ‘krb5_mkt_add’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_memory.c:575:12: warning[-Wanalyzer-malloc-leak]: leak of ‘cursor’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_memory.c:533:5: note: in expansion of macro ‘KTLOCK’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:236: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:130: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_memory.c:27: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_memory.c:533:5: note: in expansion of macro ‘KTLOCK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_memory.c:565:9: note: in expansion of macro ‘KTLINK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_memory.c:574:5: note: in expansion of macro ‘KTUNLOCK’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/keytab/kt_memory.c:574:5: note: in expansion of macro ‘KTUNLOCK’
#  573|   done:
#  574|       KTUNLOCK(id);
#  575|->     return err;
#  576|   }
#  577|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def283]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/authdata.c: scope_hint: In function ‘krb5_authdata_context_init’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/authdata.c:424:16: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘tables’
#  422|       /* fill in the structure */
#  423|       for (i = 0, k = 0, code = 0; i < n_tables - internal_count; i++) {
#  424|->         code = k5_ad_init_modules(kcontext, context, tables[i], &k);
#  425|           if (code != 0)
#  426|               goto cleanup;

Error: CPPCHECK_WARNING (CWE-401): [#def284]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/authdata_exp.c:74: error[memleakOnRealloc]: Common realloc mistake: 'authdata' nulled but not freed upon failure
#   72|               ;
#   73|   
#   74|->         authdata = realloc(authdata, (len + j + 1) * sizeof(krb5_authdata *));
#   75|           if (authdata == NULL)
#   76|               return ENOMEM;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def285]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/chpw.c: scope_hint: In function ‘krb5int_rd_chpw_rep’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/chpw.c:212:14: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘clear’
#  210|           return ret;
#  211|   
#  212|->     if (clear->length < 2) {
#  213|           ret = KRB5KRB_AP_ERR_MODIFIED;
#  214|           goto cleanup;

Error: COMPILER_WARNING: [#def286]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/conv_princ.c: scope_hint: In function ‘krb5_524_conv_principal’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/conv_princ.c:246:13: warning[-Wstringop-truncation]: ‘strncpy’ specified bound depends on the length of the source argument
#  246 |             strncpy(realm, tmp_realm, tmp_realm_len);
#      |             ^
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/conv_princ.c:241:30: note: length computed here
#  241 |             tmp_realm_len =  strlen(tmp_realm);
#      |                              ^~~~~~~~~~~~~~~~~
#  244|                   return KRB5_INVALID_PRINCIPAL;
#  245|               }
#  246|->             strncpy(realm, tmp_realm, tmp_realm_len);
#  247|               realm[tmp_realm_len] = '\0';
#  248|               profile_release_string(tmp_realm);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def287]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c: scope_hint: In function ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:382:21: warning[-Wanalyzer-malloc-leak]: leak of ‘yyptr’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:368:25: note: in expansion of macro ‘YYMALLOC’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1187:29: note: in expansion of macro ‘YYSTACK_ALLOC’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1235:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1245:17: note: in expansion of macro ‘YYTRANSLATE’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1235:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:368:25: note: in expansion of macro ‘YYMALLOC’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1187:29: note: in expansion of macro ‘YYSTACK_ALLOC’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:443:25: note: in definition of macro ‘YYCOPY’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1190:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:368:25: note: in expansion of macro ‘YYMALLOC’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1187:29: note: in expansion of macro ‘YYSTACK_ALLOC’
#  380|   #  endif
#  381|   #  ifndef YYMALLOC
#  382|-> #   define YYMALLOC malloc
#  383|   #   if ! defined malloc && ! defined EXIT_SUCCESS
#  384|   void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */

Error: GCC_ANALYZER_WARNING (CWE-457): [#def288]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:443:7: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyss’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:428:9: note: in expansion of macro ‘YYCOPY’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1190:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:443:25: note: in definition of macro ‘YYCOPY’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1190:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:428:9: note: in expansion of macro ‘YYCOPY’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1190:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
#  441|   #  if defined __GNUC__ && 1 < __GNUC__
#  442|   #   define YYCOPY(Dst, Src, Count) \
#  443|->       __builtin_memcpy (Dst, Src, (Count) * sizeof (*(Src)))
#  444|   #  else
#  445|   #   define YYCOPY(Dst, Src, Count)              \

Error: GCC_ANALYZER_WARNING (CWE-457): [#def289]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1307:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>.val’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1235:16: note: in expansion of macro ‘yylex’
# 1305|        unconditionally makes the parser a bit smaller, and it avoids a
# 1306|        GCC warning that YYVAL may be used uninitialized.  */
# 1307|->   yyval = yyvsp[1-yylen];
# 1308|   
# 1309|   

Error: GCC_ANALYZER_WARNING (CWE-127): [#def290]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1428:20: warning[-Wanalyzer-out-of-bounds]: buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1235:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1428:20: note: valid subscripts for ‘yypgoto’ are ‘[0]’ to ‘[9]’
# 1426|     yyn = yyr1[yyn];
# 1427|   
# 1428|->   yystate = yypgoto[yyn - YYNTOKENS] + *yyssp;
# 1429|     if (0 <= yystate && yystate <= YYLAST && yycheck[yystate] == *yyssp)
# 1430|       yystate = yytable[yystate];

Error: GCC_ANALYZER_WARNING (CWE-127): [#def291]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1432:24: warning[-Wanalyzer-out-of-bounds]: buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1235:16: note: in expansion of macro ‘yylex’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/deltat.c:1432:24: note: valid subscripts for ‘yydefgoto’ are ‘[0]’ to ‘[9]’
# 1430|       yystate = yytable[yystate];
# 1431|     else
# 1432|->     yystate = yydefgoto[yyn - YYNTOKENS];
# 1433|   
# 1434|     goto yynewstate;

Error: CPPCHECK_WARNING (CWE-457): [#def292]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/fast.c:663: error[legacyUninitvar]: Uninitialized variable: valid
#  661|                                               KRB5_KEYUSAGE_AS_REQ,
#  662|                                               request, checksum, &valid);
#  663|->         if (retval == 0 &&valid == 0)
#  664|               retval = KRB5_KDCREP_MODIFIED;
#  665|           if (retval == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def293]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/get_in_tkt.c: scope_hint: In function ‘make_preauth_list’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/get_in_tkt.c:381:13: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
#  379|               for (; i>=0; i--)
#  380|                   free(preauthp[i]);
#  381|->             free(preauthp);
#  382|               return (ENOMEM);
#  383|           }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def294]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/gic_opt.c: scope_hint: In function ‘k5_gic_opt_shallow_copy’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/gic_opt.c:472:15: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘opte’
#  470|           opte->opt.flags = DEFAULT_FLAGS;
#  471|       else if (opt->flags & GIC_OPT_EXTENDED)
#  472|->         *opte = *(struct extended_options *)opt;
#  473|       else
#  474|           opte->opt = *opt;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def295]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/gic_opt.c:474:19: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘opte’
#  472|           *opte = *(struct extended_options *)opt;
#  473|       else
#  474|->         opte->opt = *opt;
#  475|       opte->opt.flags |= GIC_OPT_SHALLOW_COPY;
#  476|       return (krb5_get_init_creds_opt *)opte;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def296]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/libdef_parse.c: scope_hint: In function ‘krb5int_libdefault_boolean’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/libdef_parse.c:146:15: warning[-Wanalyzer-malloc-leak]: leak of ‘string’
#  144|   
#  145|       if (retval)
#  146|->         return(retval);
#  147|   
#  148|       *ret_value = _krb5_conf_boolean(string);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def297]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/mk_cred.c: scope_hint: In function ‘create_krbcred’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/mk_cred.c:113:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/mk_cred.c: scope_hint: In function ‘create_krbcred’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/mk_cred.c: scope_hint: In function ‘create_krbcred’
#  111|   
#  112|           tinfos[i].magic = KV5M_CRED_INFO;
#  113|->         tinfos[i].times = creds[i]->times;
#  114|           tinfos[i].flags = creds[i]->ticket_flags;
#  115|           tinfos[i].session = &creds[i]->keyblock;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def298]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/pac.c: scope_hint: In function ‘k5_pac_add_buffer’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/pac.c:68:8: warning[-Wanalyzer-malloc-leak]: leak of ‘nbufs’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-thread.h:136: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:236: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:130: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/pac.c:27: included_from: Included from here.
/usr/include/asm-generic/errno.h:5: included_from: Included from here.
/usr/include/asm/errno.h:1: included_from: Included from here.
/usr/include/linux/errno.h:1: included_from: Included from here.
/usr/include/bits/errno.h:26: included_from: Included from here.
/usr/include/errno.h:28: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:64: included_from: Included from here.
#   66|                       pac->data.length + PAC_INFO_BUFFER_LENGTH +
#   67|                       data->length + pad);
#   68|->     if (ndata == NULL)
#   69|           return ENOMEM;
#   70|       pac->data.data = ndata;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def299]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/preauth2.c: scope_hint: In function ‘copy_cookie’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/preauth2.c:866:16: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/preauth2.c: scope_hint: In function ‘copy_cookie’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:178: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/preauth2.c:33: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-trace.h:314:5: note: in expansion of macro ‘TRACE’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/preauth2.c:867:5: note: in expansion of macro ‘TRACE_PREAUTH_COOKIE’
#  864|       cookie = krb5int_find_pa_data(context, in_padata, KRB5_PADATA_FX_COOKIE);
#  865|       if (cookie == NULL)
#  866|->         return 0;
#  867|       TRACE_PREAUTH_COOKIE(context, cookie->length, cookie->contents);
#  868|       pa = k5alloc(sizeof(*pa), &ret);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def300]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/preauth_otp.c: scope_hint: In function ‘codec_decode_challenge’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/preauth_otp.c:367:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
#  365|               free_tokeninfo(chl->tokeninfo[i]);
#  366|           free(chl->tokeninfo);
#  367|->         free(chl);
#  368|       }
#  369|       k5_json_release(obj);

Error: GCC_ANALYZER_WARNING (CWE-457): [#def301]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/preauth_otp.c: scope_hint: In function ‘codec_decode_answer’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/preauth_otp.c:410:20: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘tmp’
#  408|               }
#  409|   
#  410|->             *value = tmp;
#  411|               *ti = tis[i];
#  412|               retval = 0;

Error: CPPCHECK_WARNING (CWE-401): [#def302]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/rd_req_dec.c:663: error[memleakOnRealloc]: Common realloc mistake: 'desired_etypes' nulled but not freed upon failure
#  661|           desired_etypes = (krb5_enctype *)calloc(4, sizeof(krb5_enctype));
#  662|       else
#  663|->         desired_etypes = (krb5_enctype *)realloc(desired_etypes,
#  664|                                                    (rfc4537_etypes_len + 4) *
#  665|                                                    sizeof(krb5_enctype));

Error: GCC_ANALYZER_WARNING (CWE-476): [#def303]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/s4u_creds.c: scope_hint: In function ‘k5_get_proxy_cred_from_kdc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/s4u_creds.c:1177:5: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘creds’
# 1175|           return code;
# 1176|   
# 1177|->     krb5_free_principal(context, creds->server);
# 1178|       creds->server = NULL;
# 1179|       code = krb5_copy_principal(context, in_creds->server, &creds->server);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def304]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/send_tgs.c:249:66: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘ap_req_asn1’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/send_tgs.c: scope_hint: In function ‘k5_make_tgs_req’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-trace.h:434:5: note: in expansion of macro ‘TRACE’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/send_tgs.c:176:5: note: in expansion of macro ‘TRACE_SEND_TGS_SUBKEY’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/send_tgs.c: scope_hint: In function ‘k5_make_tgs_req’
#  247|           goto cleanup;
#  248|       padata[0]->pa_type = KRB5_PADATA_AP_REQ;
#  249|->     padata[0]->contents = k5memdup(ap_req_asn1->data, ap_req_asn1->length,
#  250|                                      &ret);
#  251|       if (padata[0] == NULL)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def305]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/send_tgs.c: scope_hint: In function ‘k5_make_tgs_req’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/send_tgs.c:249:66: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘authdata_asn1’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/send_tgs.c: scope_hint: In function ‘k5_make_tgs_req’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:178: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-trace.h:434:5: note: in expansion of macro ‘TRACE’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/send_tgs.c:176:5: note: in expansion of macro ‘TRACE_SEND_TGS_SUBKEY’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/send_tgs.c: scope_hint: In function ‘k5_make_tgs_req’
#  247|           goto cleanup;
#  248|       padata[0]->pa_type = KRB5_PADATA_AP_REQ;
#  249|->     padata[0]->contents = k5memdup(ap_req_asn1->data, ap_req_asn1->length,
#  250|                                      &ret);
#  251|       if (padata[0] == NULL)

Error: COMPILER_WARNING (CWE-704): [#def306]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/ser_ctx.c:30:17: warning[-Wlto-type-mismatch]: type of ‘profile_ser_size’ does not match original declaration
#   30 | krb5_error_code profile_ser_size(krb5_context, profile_t, size_t *);
#      |                 ^
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_init.c:524:11: note: return value type mismatch
#  524 | errcode_t profile_ser_size(const char *unused, profile_t profile,
#      |           ^
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_init.c:524:11: note: type ‘errcode_t’ should match type ‘krb5_error_code’
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_init.c:524:11: note: ‘profile_ser_size’ was previously declared here
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_init.c:524:11: note: code may be misoptimized unless ‘-fno-strict-aliasing’ is used
#   28|   #include "int-proto.h"
#   29|   
#   30|-> krb5_error_code profile_ser_size(krb5_context, profile_t, size_t *);
#   31|   krb5_error_code profile_ser_externalize(krb5_context, profile_t,
#   32|                                           krb5_octet **, size_t *);

Error: COMPILER_WARNING (CWE-704): [#def307]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/ser_ctx.c:31:17: warning[-Wlto-type-mismatch]: type of ‘profile_ser_externalize’ does not match original declaration
#   31 | krb5_error_code profile_ser_externalize(krb5_context, profile_t,
#      |                 ^
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_init.c:546:11: note: return value type mismatch
#  546 | errcode_t profile_ser_externalize(const char *unused, profile_t profile,
#      |           ^
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_init.c:546:11: note: type ‘errcode_t’ should match type ‘krb5_error_code’
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_init.c:546:11: note: ‘profile_ser_externalize’ was previously declared here
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_init.c:546:11: note: code may be misoptimized unless ‘-fno-strict-aliasing’ is used
#   29|   
#   30|   krb5_error_code profile_ser_size(krb5_context, profile_t, size_t *);
#   31|-> krb5_error_code profile_ser_externalize(krb5_context, profile_t,
#   32|                                           krb5_octet **, size_t *);
#   33|   krb5_error_code profile_ser_internalize(krb5_context, profile_t *,

Error: COMPILER_WARNING (CWE-704): [#def308]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/krb/ser_ctx.c:33:17: warning[-Wlto-type-mismatch]: type of ‘profile_ser_internalize’ does not match original declaration
#   33 | krb5_error_code profile_ser_internalize(krb5_context, profile_t *,
#      |                 ^
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_init.c:600:11: note: return value type mismatch
#  600 | errcode_t profile_ser_internalize(const char *unused, profile_t *profilep,
#      |           ^
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_init.c:600:11: note: type ‘errcode_t’ should match type ‘krb5_error_code’
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_init.c:600:11: note: ‘profile_ser_internalize’ was previously declared here
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_init.c:600:11: note: code may be misoptimized unless ‘-fno-strict-aliasing’ is used
#   31|   krb5_error_code profile_ser_externalize(krb5_context, profile_t,
#   32|                                           krb5_octet **, size_t *);
#   33|-> krb5_error_code profile_ser_internalize(krb5_context, profile_t *,
#   34|                                           krb5_octet **, size_t *);
#   35|   

Error: GCC_ANALYZER_WARNING (CWE-685): [#def309]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/expand_path.c: scope_hint: In function ‘k5_expand_path_tokens_extra’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/expand_path.c:468:12: warning[-Wanalyzer-va-list-exhausted]: ‘ap’ has no more arguments (1 consumed)
#  466|       /* Count extra tokens. */
#  467|       va_start(ap, path_out);
#  468|->     while (va_arg(ap, const char *) != NULL)
#  469|           nargs++;
#  470|       va_end(ap);

Error: GCC_ANALYZER_WARNING (CWE-685): [#def310]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/expand_path.c:481:31: warning[-Wanalyzer-va-list-exhausted]: ‘ap’ has no more arguments (1 consumed)
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/expand_path.c: scope_hint: In function ‘k5_expand_path_tokens_extra’
#  479|           va_start(ap, path_out);
#  480|           for (i = 0; i < nargs; i++) {
#  481|->             extra_tokens[i] = strdup(va_arg(ap, const char *));
#  482|               if (extra_tokens[i] == NULL) {
#  483|                   ret = ENOMEM;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def311]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/init_os_ctx.c: scope_hint: In function ‘add_kdc_config_file’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/init_os_ctx.c:357:5: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*pfiles’
#  355|       if (newfiles == NULL)
#  356|           return ENOMEM;
#  357|->     memcpy(newfiles + 1, *pfiles, (count-1) * sizeof(*newfiles));
#  358|       newfiles[0] = strdup(file);
#  359|       if (newfiles[0] == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def312]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/locate_kdc.c: scope_hint: In function ‘new_server_entry’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/locate_kdc.c:130:8: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/locate_kdc.c:27: included_from: Included from here.
#  128|   
#  129|       newservers = realloc(list->servers, newspace);
#  130|->     if (newservers == NULL)
#  131|           return NULL;
#  132|       list->servers = newservers;

Error: COMPILER_WARNING (CWE-252): [#def313]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c: scope_hint: In function ‘hash_bytes’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:100:16: warning[-Wunused-result]: ignoring return value of ‘asprintf’ declared with attribute ‘warn_unused_result’
#  100 |         (void) asprintf(&s, "%02X%02X", cksum.contents[0], cksum.contents[1]);
#      |                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   98|           return NULL;
#   99|       if (cksum.length >= 2)
#  100|->         (void) asprintf(&s, "%02X%02X", cksum.contents[0], cksum.contents[1]);
#  101|       krb5_free_checksum_contents(context, &cksum);
#  102|       return s;

Error: GCC_ANALYZER_WARNING (CWE-686): [#def314]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c: scope_hint: In function ‘trace_format’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:214:13: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘int’ but received ‘char *’ for variadic argument 2 of ‘ap’
#  212|           /* Process the format word. */
#  213|           if (strcmp(tmpbuf, "int") == 0) {
#  214|->             k5_buf_add_fmt(&buf, "%d", va_arg(ap, int));
#  215|           } else if (strcmp(tmpbuf, "long") == 0) {
#  216|               k5_buf_add_fmt(&buf, "%ld", va_arg(ap, long));

Error: GCC_ANALYZER_WARNING (CWE-685): [#def315]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:214:13: warning[-Wanalyzer-va-list-exhausted]: ‘ap’ has no more arguments (2 consumed)
#  212|           /* Process the format word. */
#  213|           if (strcmp(tmpbuf, "int") == 0) {
#  214|->             k5_buf_add_fmt(&buf, "%d", va_arg(ap, int));
#  215|           } else if (strcmp(tmpbuf, "long") == 0) {
#  216|               k5_buf_add_fmt(&buf, "%ld", va_arg(ap, long));

Error: GCC_ANALYZER_WARNING (CWE-686): [#def316]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:216:13: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘long int’ but received ‘char *’ for variadic argument 2 of ‘ap’
#  214|               k5_buf_add_fmt(&buf, "%d", va_arg(ap, int));
#  215|           } else if (strcmp(tmpbuf, "long") == 0) {
#  216|->             k5_buf_add_fmt(&buf, "%ld", va_arg(ap, long));
#  217|           } else if (strcmp(tmpbuf, "str") == 0) {
#  218|               p = va_arg(ap, const char *);

Error: GCC_ANALYZER_WARNING (CWE-686): [#def317]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:216:13: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘long int’ but received ‘unsigned int’ for variadic argument 1 of ‘ap’
#  214|               k5_buf_add_fmt(&buf, "%d", va_arg(ap, int));
#  215|           } else if (strcmp(tmpbuf, "long") == 0) {
#  216|->             k5_buf_add_fmt(&buf, "%ld", va_arg(ap, long));
#  217|           } else if (strcmp(tmpbuf, "str") == 0) {
#  218|               p = va_arg(ap, const char *);

Error: GCC_ANALYZER_WARNING (CWE-685): [#def318]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:216:13: warning[-Wanalyzer-va-list-exhausted]: ‘ap’ has no more arguments (2 consumed)
#  214|               k5_buf_add_fmt(&buf, "%d", va_arg(ap, int));
#  215|           } else if (strcmp(tmpbuf, "long") == 0) {
#  216|->             k5_buf_add_fmt(&buf, "%ld", va_arg(ap, long));
#  217|           } else if (strcmp(tmpbuf, "str") == 0) {
#  218|               p = va_arg(ap, const char *);

Error: GCC_ANALYZER_WARNING (CWE-686): [#def319]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:218:15: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘const char *’ but received ‘unsigned int’ for variadic argument 1 of ‘ap’
#  216|               k5_buf_add_fmt(&buf, "%ld", va_arg(ap, long));
#  217|           } else if (strcmp(tmpbuf, "str") == 0) {
#  218|->             p = va_arg(ap, const char *);
#  219|               buf_add_printable(&buf, (p == NULL) ? "(null)" : p);
#  220|           } else if (strcmp(tmpbuf, "lenstr") == 0) {

Error: GCC_ANALYZER_WARNING (CWE-685): [#def320]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:218:15: warning[-Wanalyzer-va-list-exhausted]: ‘ap’ has no more arguments (2 consumed)
#  216|               k5_buf_add_fmt(&buf, "%ld", va_arg(ap, long));
#  217|           } else if (strcmp(tmpbuf, "str") == 0) {
#  218|->             p = va_arg(ap, const char *);
#  219|               buf_add_printable(&buf, (p == NULL) ? "(null)" : p);
#  220|           } else if (strcmp(tmpbuf, "lenstr") == 0) {

Error: GCC_ANALYZER_WARNING (CWE-686): [#def321]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:221:17: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘size_t’ {aka ‘long unsigned int’} but received ‘char *’ for variadic argument 2 of ‘ap’
#  219|               buf_add_printable(&buf, (p == NULL) ? "(null)" : p);
#  220|           } else if (strcmp(tmpbuf, "lenstr") == 0) {
#  221|->             len = va_arg(ap, size_t);
#  222|               p = va_arg(ap, const char *);
#  223|               if (p == NULL && len != 0)

Error: GCC_ANALYZER_WARNING (CWE-686): [#def322]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:221:17: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘size_t’ {aka ‘long unsigned int’} but received ‘unsigned int’ for variadic argument 1 of ‘ap’
#  219|               buf_add_printable(&buf, (p == NULL) ? "(null)" : p);
#  220|           } else if (strcmp(tmpbuf, "lenstr") == 0) {
#  221|->             len = va_arg(ap, size_t);
#  222|               p = va_arg(ap, const char *);
#  223|               if (p == NULL && len != 0)

Error: GCC_ANALYZER_WARNING (CWE-685): [#def323]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:221:17: warning[-Wanalyzer-va-list-exhausted]: ‘ap’ has no more arguments (2 consumed)
#  219|               buf_add_printable(&buf, (p == NULL) ? "(null)" : p);
#  220|           } else if (strcmp(tmpbuf, "lenstr") == 0) {
#  221|->             len = va_arg(ap, size_t);
#  222|               p = va_arg(ap, const char *);
#  223|               if (p == NULL && len != 0)

Error: GCC_ANALYZER_WARNING (CWE-686): [#def324]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:228:17: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘size_t’ {aka ‘long unsigned int’} but received ‘char *’ for variadic argument 2 of ‘ap’
#  226|                   buf_add_printable_len(&buf, p, len);
#  227|           } else if (strcmp(tmpbuf, "hexlenstr") == 0) {
#  228|->             len = va_arg(ap, size_t);
#  229|               p = va_arg(ap, const char *);
#  230|               if (p == NULL && len != 0)

Error: GCC_ANALYZER_WARNING (CWE-686): [#def325]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:228:17: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘size_t’ {aka ‘long unsigned int’} but received ‘unsigned int’ for variadic argument 1 of ‘ap’
#  226|                   buf_add_printable_len(&buf, p, len);
#  227|           } else if (strcmp(tmpbuf, "hexlenstr") == 0) {
#  228|->             len = va_arg(ap, size_t);
#  229|               p = va_arg(ap, const char *);
#  230|               if (p == NULL && len != 0)

Error: GCC_ANALYZER_WARNING (CWE-685): [#def326]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:228:17: warning[-Wanalyzer-va-list-exhausted]: ‘ap’ has no more arguments (2 consumed)
#  226|                   buf_add_printable_len(&buf, p, len);
#  227|           } else if (strcmp(tmpbuf, "hexlenstr") == 0) {
#  228|->             len = va_arg(ap, size_t);
#  229|               p = va_arg(ap, const char *);
#  230|               if (p == NULL && len != 0)

Error: GCC_ANALYZER_WARNING (CWE-686): [#def327]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:237:17: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘size_t’ {aka ‘long unsigned int’} but received ‘char *’ for variadic argument 2 of ‘ap’
#  235|               }
#  236|           } else if (strcmp(tmpbuf, "hashlenstr") == 0) {
#  237|->             len = va_arg(ap, size_t);
#  238|               p = va_arg(ap, const char *);
#  239|               if (p == NULL && len != 0)

Error: GCC_ANALYZER_WARNING (CWE-686): [#def328]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:237:17: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘size_t’ {aka ‘long unsigned int’} but received ‘unsigned int’ for variadic argument 1 of ‘ap’
#  235|               }
#  236|           } else if (strcmp(tmpbuf, "hashlenstr") == 0) {
#  237|->             len = va_arg(ap, size_t);
#  238|               p = va_arg(ap, const char *);
#  239|               if (p == NULL && len != 0)

Error: GCC_ANALYZER_WARNING (CWE-685): [#def329]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:237:17: warning[-Wanalyzer-va-list-exhausted]: ‘ap’ has no more arguments (2 consumed)
#  235|               }
#  236|           } else if (strcmp(tmpbuf, "hashlenstr") == 0) {
#  237|->             len = va_arg(ap, size_t);
#  238|               p = va_arg(ap, const char *);
#  239|               if (p == NULL && len != 0)

Error: GCC_ANALYZER_WARNING (CWE-686): [#def330]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:248:16: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘struct remote_address *’ but received ‘unsigned int’ for variadic argument 1 of ‘ap’
#  246|               }
#  247|           } else if (strcmp(tmpbuf, "raddr") == 0) {
#  248|->             ra = va_arg(ap, struct remote_address *);
#  249|               if (ra->transport == UDP)
#  250|                   k5_buf_add(&buf, "dgram");

Error: GCC_ANALYZER_WARNING (CWE-685): [#def331]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:248:16: warning[-Wanalyzer-va-list-exhausted]: ‘ap’ has no more arguments (2 consumed)
#  246|               }
#  247|           } else if (strcmp(tmpbuf, "raddr") == 0) {
#  248|->             ra = va_arg(ap, struct remote_address *);
#  249|               if (ra->transport == UDP)
#  250|                   k5_buf_add(&buf, "dgram");

Error: GCC_ANALYZER_WARNING (CWE-686): [#def332]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:268:15: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘const krb5_data *’ {aka ‘const struct _krb5_data *’} but received ‘unsigned int’ for variadic argument 1 of ‘ap’
#  266|                   k5_buf_add_fmt(&buf, " %s:%s", addrbuf, portbuf);
#  267|           } else if (strcmp(tmpbuf, "data") == 0) {
#  268|->             d = va_arg(ap, krb5_data *);
#  269|               if (d == NULL || (d->length != 0 && d->data == NULL))
#  270|                   k5_buf_add(&buf, "(null)");

Error: GCC_ANALYZER_WARNING (CWE-685): [#def333]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:268:15: warning[-Wanalyzer-va-list-exhausted]: ‘ap’ has no more arguments (2 consumed)
#  266|                   k5_buf_add_fmt(&buf, " %s:%s", addrbuf, portbuf);
#  267|           } else if (strcmp(tmpbuf, "data") == 0) {
#  268|->             d = va_arg(ap, krb5_data *);
#  269|               if (d == NULL || (d->length != 0 && d->data == NULL))
#  270|                   k5_buf_add(&buf, "(null)");

Error: GCC_ANALYZER_WARNING (CWE-686): [#def334]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:274:15: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘const krb5_data *’ {aka ‘const struct _krb5_data *’} but received ‘unsigned int’ for variadic argument 1 of ‘ap’
#  272|                   buf_add_printable_len(&buf, d->data, d->length);
#  273|           } else if (strcmp(tmpbuf, "hexdata") == 0) {
#  274|->             d = va_arg(ap, krb5_data *);
#  275|               if (d == NULL)
#  276|                   k5_buf_add(&buf, "(null)");

Error: GCC_ANALYZER_WARNING (CWE-685): [#def335]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:274:15: warning[-Wanalyzer-va-list-exhausted]: ‘ap’ has no more arguments (2 consumed)
#  272|                   buf_add_printable_len(&buf, d->data, d->length);
#  273|           } else if (strcmp(tmpbuf, "hexdata") == 0) {
#  274|->             d = va_arg(ap, krb5_data *);
#  275|               if (d == NULL)
#  276|                   k5_buf_add(&buf, "(null)");

Error: COMPILER_WARNING (CWE-252): [#def336]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c: scope_hint: In function ‘file_trace_cb’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/os/trace.c:451:12: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
#  451 |     (void) write(*fd, info->message, strlen(info->message));
#      |            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  449|       }
#  450|   
#  451|->     (void) write(*fd, info->message, strlen(info->message));
#  452|   }
#  453|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def337]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucdata/ucdata.c: scope_hint: In function ‘uccanoncompatdecomp’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucdata/ucdata.c:949:22: warning[-Wanalyzer-malloc-leak]: leak of ‘*out’
#  947|               if ( size - i < num) {
#  948|                   size = inlen + i - j + num - 1;
#  949|->                 *out = (krb5_ui_4 *) realloc(*out, size * sizeof(**out));
#  950|                   if (*out == NULL)
#  951|                       return *outlen = -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def338]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucdata/ucdata.c:969:22: warning[-Wanalyzer-malloc-leak]: leak of ‘*out’
#  967|               if (size - i < num) {
#  968|                   size = inlen + i - j + num - 1;
#  969|->                 *out = (krb5_ui_4 *) realloc(*out, size * sizeof(**out));
#  970|                   if (*out == NULL)
#  971|                       return *outlen = -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def339]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucdata/ucdata.c:980:22: warning[-Wanalyzer-malloc-leak]: leak of ‘*out’
#  978|               if (size - i < 1) {
#  979|                   size = inlen + i - j;
#  980|->                 *out = (krb5_ui_4 *) realloc(*out, size * sizeof(**out));
#  981|                   if (*out == NULL)
#  982|                       return *outlen = -1;

Error: GCC_ANALYZER_WARNING (CWE-122): [#def340]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucdata/ucdata.c:980:38: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
#  978|               if (size - i < 1) {
#  979|                   size = inlen + i - j;
#  980|->                 *out = (krb5_ui_4 *) realloc(*out, size * sizeof(**out));
#  981|                   if (*out == NULL)
#  982|                       return *outlen = -1;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def341]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucstr.c: scope_hint: In function ‘krb5int_ucstrncmp’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucstr.c:33:13: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*u1’
#   31|   {
#   32|       for (; 0 < n; ++u1, ++u2, --n) {
#   33|-> 	if (*u1 != *u2) {
#   34|   	    return *u1 < *u2 ? -1 : +1;
#   35|   	}

Error: GCC_ANALYZER_WARNING (CWE-457): [#def342]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucstr.c:33:20: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*u2’
#   31|   {
#   32|       for (; 0 < n; ++u1, ++u2, --n) {
#   33|-> 	if (*u1 != *u2) {
#   34|   	    return *u1 < *u2 ? -1 : +1;
#   35|   	}

Error: GCC_ANALYZER_WARNING (CWE-457): [#def343]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucstr.c: scope_hint: In function ‘krb5int_ucstrncasecmp’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucstr.c:50:28: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*u1’
#   48|   {
#   49|       for (; 0 < n; ++u1, ++u2, --n) {
#   50|-> 	krb5_unicode uu1 = uctolower(*u1);
#   51|   	krb5_unicode uu2 = uctolower(*u2);
#   52|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def344]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucstr.c:51:28: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*u2’
#   49|       for (; 0 < n; ++u1, ++u2, --n) {
#   50|   	krb5_unicode uu1 = uctolower(*u1);
#   51|-> 	krb5_unicode uu2 = uctolower(*u2);
#   52|   
#   53|   	if (uu1 != uu2) {

Error: GCC_ANALYZER_WARNING (CWE-465): [#def345]
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucstr.c: scope_hint: In function ‘k5_utf8_validate’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucstr.c:77:12: warning[-Wanalyzer-deref-before-check]: check of ‘*data.data’ for NULL after already dereferencing it
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucstr.c:19: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-utf8.h:100:51: note: in definition of macro ‘KRB5_UTF8_BV’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-utf8.h:102:31: note: in expansion of macro ‘KRB5_UTF8_ISASCII’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucstr.c:73:15: note: in expansion of macro ‘KRB5_UTF8_CHARLEN’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-utf8.h:101:33: note: in expansion of macro ‘KRB5_UTF8_BV’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-utf8.h:102:31: note: in expansion of macro ‘KRB5_UTF8_ISASCII’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucstr.c:73:15: note: in expansion of macro ‘KRB5_UTF8_CHARLEN’
krb5-1.21.3-build/krb5-1.21.3/src/lib/krb5/unicode/ucstr.c:21: included_from: Included from here.
#   75|   	    return FALSE;
#   76|   	bytes = k5_input_get_bytes(&in, len);
#   77|-> 	if (bytes == NULL)
#   78|   	    return FALSE;
#   79|   	if (KRB5_UTF8_CHARLEN2(bytes, tmplen) != len)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def346]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/auth_unix.c: scope_hint: In function ‘gssrpc_authunix_create’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/auth_unix.c:119:24: warning[-Wanalyzer-malloc-leak]: leak of ‘auth’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/auth_unix.c:53: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/auth_unix.c:115:24: note: in expansion of macro ‘mem_alloc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/auth_unix.c:122:31: note: in expansion of macro ‘mem_alloc’
#  117|   	if (auth == NULL) {
#  118|   		(void)fprintf(stderr, "authunix_create: out of memory\n");
#  119|-> 		return (NULL);
#  120|   	}
#  121|   #endif

Error: GCC_ANALYZER_WARNING (CWE-401): [#def347]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/auth_unix.c:119:24: warning[-Wanalyzer-malloc-leak]: leak of ‘au’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/auth_unix.c:122:31: note: in expansion of macro ‘mem_alloc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/auth_unix.c:122:31: note: in expansion of macro ‘mem_alloc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/auth_unix.c:54: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/auth_unix.c:151:43: note: in expansion of macro ‘XDR_GETPOS’
#  117|   	if (auth == NULL) {
#  118|   		(void)fprintf(stderr, "authunix_create: out of memory\n");
#  119|-> 		return (NULL);
#  120|   	}
#  121|   #endif

Error: CPPCHECK_WARNING (CWE-401): [#def348]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/auth_unix.c:126: error[memleak]: Memory leak: auth
#  124|   	if (au == NULL) {
#  125|   		(void)fprintf(stderr, "authunix_create: out of memory\n");
#  126|-> 		return (NULL);
#  127|   	}
#  128|   #endif

Error: CPPCHECK_WARNING (CWE-401): [#def349]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/auth_unix.c:158: error[memleak]: Memory leak: auth
#  156|   	if ((au->au_origcred.oa_base = mem_alloc((u_int) len)) == NULL) {
#  157|   		(void)fprintf(stderr, "authunix_create: out of memory\n");
#  158|-> 		return (NULL);
#  159|   	}
#  160|   #endif

Error: GCC_ANALYZER_WARNING (CWE-688): [#def350]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/clnt_perror.c: scope_hint: In function ‘gssrpc_clnt_perror’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/clnt_perror.c:180:16: warning[-Wanalyzer-null-argument]: use of NULL ‘buf’ where non-null expected
krb5-1.21.3-build/krb5-1.21.3/src/include/gssrpc/types.h:128: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/clnt_perror.c:46: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/clnt_perror.c:178:1: note: in expansion of macro ‘clnt_perror’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/clnt_perror.c:76:1: note: in expansion of macro ‘clnt_sperror’
<built-in>: note: argument 1 of ‘__builtin_fputs’ must be non-null
#  178|   clnt_perror(CLIENT *rpch, char *s)
#  179|   {
#  180|-> 	(void) fprintf(stderr,"%s",clnt_sperror(rpch,s));
#  181|   }
#  182|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def351]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/clnt_perror.c: scope_hint: In function ‘gssrpc_clnt_pcreateerror’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/clnt_perror.c:311:16: warning[-Wanalyzer-null-argument]: use of NULL ‘buf’ where non-null expected
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/clnt_perror.c:309:1: note: in expansion of macro ‘clnt_pcreateerror’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/clnt_perror.c:253:1: note: in expansion of macro ‘clnt_spcreateerror’
<built-in>: note: argument 1 of ‘__builtin_fputs’ must be non-null
#  309|   clnt_pcreateerror(char *s)
#  310|   {
#  311|-> 	(void) fprintf(stderr,"%s",clnt_spcreateerror(s));
#  312|   }
#  313|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def352]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/clnt_tcp.c: scope_hint: In function ‘gssrpc_clnttcp_create’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/clnt_tcp.c:171:49: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*sockp’
krb5-1.21.3-build/krb5-1.21.3/src/include/gssrpc/rpc.h:42: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/clnt_tcp.c:57: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/clnt_tcp.c:144:32: note: in expansion of macro ‘mem_alloc’
#  169|   		*sockp = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
#  170|   		(void)bindresvport_sa(*sockp, NULL);
#  171|-> 		if (*sockp < 0 || raddr == NULL ||
#  172|   		    connect(*sockp, (struct sockaddr *)raddr,
#  173|   			    sizeof(*raddr)) < 0) {

Error: GCC_ANALYZER_WARNING (CWE-688): [#def353]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc.c: scope_hint: In function ‘gssrpc_xprt_register’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc.c:109:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xports’ where non-null expected
krb5-1.21.3-build/krb5-1.21.3/src/include/gssrpc/rpc.h:42: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc.c:50: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc.c:108:25: note: in expansion of macro ‘mem_alloc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc.c:108:25: note: in expansion of macro ‘mem_alloc’
<built-in>: note: argument 1 of ‘__builtin_memset’ must be non-null
#  107|   		xports = (SVCXPRT **)
#  108|   			mem_alloc(FD_SETSIZE * sizeof(SVCXPRT *));
#  109|-> 		memset(xports, 0, FD_SETSIZE * sizeof(SVCXPRT *));
#  110|   	}
#  111|   	if (sock < FD_SETSIZE) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def354]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc.c:463:17: warning[-Wanalyzer-malloc-leak]: leak of ‘cookedcred’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc.c:460:22: note: in expansion of macro ‘mem_alloc’
#  461|   
#  462|   	if (rawcred == NULL || rawverf == NULL || cookedcred == NULL)
#  463|-> 		return;
#  464|   
#  465|   	msg.rm_call.cb_cred.oa_base = rawcred;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def355]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc.c: scope_hint: In function ‘svc_do_xprt’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc.c:463:17: warning[-Wanalyzer-malloc-leak]: leak of ‘rawcred’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc.c:458:19: note: in expansion of macro ‘mem_alloc’
#  461|   
#  462|   	if (rawcred == NULL || rawverf == NULL || cookedcred == NULL)
#  463|-> 		return;
#  464|   
#  465|   	msg.rm_call.cb_cred.oa_base = rawcred;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def356]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc.c:463:17: warning[-Wanalyzer-malloc-leak]: leak of ‘rawverf’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc.c:459:19: note: in expansion of macro ‘mem_alloc’
#  461|   
#  462|   	if (rawcred == NULL || rawverf == NULL || cookedcred == NULL)
#  463|-> 		return;
#  464|   
#  465|   	msg.rm_call.cb_cred.oa_base = rawcred;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def357]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_auth_gss.c: scope_hint: In function ‘gssrpc__svcauth_gss’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_auth_gss.c:409:32: warning[-Wanalyzer-malloc-leak]: leak of ‘auth’
#  407|   		if ((auth = calloc(sizeof(*auth), 1)) == NULL) {
#  408|   			fprintf(stderr, "svcauth_gss: out_of_memory\n");
#  409|-> 			return (AUTH_FAILED);
#  410|   		}
#  411|   		if ((gd = calloc(sizeof(*gd), 1)) == NULL) {

Error: CPPCHECK_WARNING (CWE-401): [#def358]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_auth_gss.c:413: error[memleak]: Memory leak: auth
#  411|   		if ((gd = calloc(sizeof(*gd), 1)) == NULL) {
#  412|   			fprintf(stderr, "svcauth_gss: out_of_memory\n");
#  413|-> 			return (AUTH_FAILED);
#  414|   		}
#  415|   		auth->svc_ah_ops = &svc_auth_gss_ops;

Error: GCC_ANALYZER_WARNING (CWE-415): [#def359]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_auth_gssapi.c: scope_hint: In function ‘cleanup’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_auth_gssapi.c:674:11: warning[-Wanalyzer-double-free]: double-‘free’ of ‘c’
#  672|   	  c = c->next;
#  673|   	  destroy_client(c2->client);
#  674|-> 	  free(c2);
#  675|        }
#  676|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def360]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_auth_gssapi.c: scope_hint: In function ‘create_client’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_auth_gssapi.c:721:9: warning[-Wanalyzer-malloc-leak]: leak of ‘client_data’
#  719|   
#  720|        c = (client_list *) malloc(sizeof(client_list));
#  721|->      if (c == NULL)
#  722|   	  return NULL;
#  723|        c->client = client_data;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def361]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_auth_gssapi.c: scope_hint: In function ‘gssrpc_svcauth_gssapi_unset_names’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_auth_gssapi.c:1004:37: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’
krb5-1.21.3-build/krb5-1.21.3/src/include/gssrpc/types.h:128: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/gssrpc/rpc.h:42: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_auth_gssapi.c:17: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_auth_gssapi.c:929:8: note: in expansion of macro ‘svcauth_gssapi_set_names’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_auth_gssapi.c:986:6: note: in expansion of macro ‘svcauth_gssapi_unset_names’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_auth_gssapi.c:997:6: note: in expansion of macro ‘svcauth_gssapi_unset_names’
# 1002|        if (server_creds_list) {
# 1003|   	  for (i = 0; i < server_creds_count; i++)
# 1004|-> 	       if (server_creds_list[i])
# 1005|   		    gss_release_cred(&minor_stat, &server_creds_list[i]);
# 1006|   	  free(server_creds_list);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def362]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_tcp.c: scope_hint: In function ‘gssrpc_svctcp_create’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_tcp.c:153:33: warning[-Wanalyzer-malloc-leak]: leak of ‘r’
krb5-1.21.3-build/krb5-1.21.3/src/include/gssrpc/types.h:128: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/gssrpc/rpc.h:42: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_tcp.c:48: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_tcp.c:167:13: note: in expansion of macro ‘bindresvport_sa’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_tcp.c:184:38: note: in expansion of macro ‘mem_alloc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_tcp.c:184:38: note: in expansion of macro ‘mem_alloc’
#  151|   		if ((sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) {
#  152|   			perror("svctcp_.c - udp socket creation problem");
#  153|-> 			return ((SVCXPRT *)NULL);
#  154|   		}
#  155|   		set_cloexec_fd(sock);

Error: CPPCHECK_WARNING (CWE-401): [#def363]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_tcp.c:194: error[memleak]: Memory leak: r
#  192|   	if (xprt == NULL) {
#  193|   		(void) fprintf(stderr, "svctcp_create: out of memory\n");
#  194|-> 		return (NULL);
#  195|   	}
#  196|   	xprt->xp_p2 = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def364]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:125:33: warning[-Wanalyzer-malloc-leak]: leak of ‘su’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:139:13: note: in expansion of macro ‘bindresvport_sa’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:150:27: note: in expansion of macro ‘mem_alloc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:155:36: note: in expansion of macro ‘mem_alloc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:155:36: note: in expansion of macro ‘mem_alloc’
krb5-1.21.3-build/krb5-1.21.3/src/include/gssrpc/types.h:51: included_from: Included from here.
#  123|   		if ((sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
#  124|   			perror("svcudp_create: socket creation problem");
#  125|-> 			return ((SVCXPRT *)NULL);
#  126|   		}
#  127|   		set_cloexec_fd(sock);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def365]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c: scope_hint: In function ‘gssrpc_svcudp_bufcreate’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:125:33: warning[-Wanalyzer-malloc-leak]: leak of ‘xprt’
krb5-1.21.3-build/krb5-1.21.3/src/include/gssrpc/types.h:128: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/gssrpc/rpc.h:42: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:46: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:139:13: note: in expansion of macro ‘bindresvport_sa’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:150:27: note: in expansion of macro ‘mem_alloc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:150:27: note: in expansion of macro ‘mem_alloc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:155:36: note: in expansion of macro ‘mem_alloc’
#  123|   		if ((sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
#  124|   			perror("svcudp_create: socket creation problem");
#  125|-> 			return ((SVCXPRT *)NULL);
#  126|   		}
#  127|   		set_cloexec_fd(sock);

Error: CPPCHECK_WARNING (CWE-401): [#def366]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:158: error[memleak]: Memory leak: xprt
#  156|   	if (su == NULL) {
#  157|   		(void)fprintf(stderr, "svcudp_create: out of memory\n");
#  158|-> 		return (NULL);
#  159|   	}
#  160|   	su->su_iosz = ((MAX(sendsz, recvsz) + 3) / 4) * 4;

Error: CPPCHECK_WARNING (CWE-401): [#def367]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:163: error[memleak]: Memory leak: su
#  161|   	if ((rpc_buffer(xprt) = mem_alloc(su->su_iosz)) == NULL) {
#  162|   		(void)fprintf(stderr, "svcudp_create: out of memory\n");
#  163|-> 		return (NULL);
#  164|   	}
#  165|   	xdrmem_create(

Error: CPPCHECK_WARNING (CWE-401): [#def368]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:163: error[memleak]: Memory leak: xprt
#  161|   	if ((rpc_buffer(xprt) = mem_alloc(su->su_iosz)) == NULL) {
#  162|   		(void)fprintf(stderr, "svcudp_create: out of memory\n");
#  163|-> 		return (NULL);
#  164|   	}
#  165|   	xdrmem_create(

Error: GCC_ANALYZER_WARNING (CWE-401): [#def369]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:346:16: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:433:17: note: in expansion of macro ‘CACHE_PERROR’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:349:18: note: in expansion of macro ‘mem_alloc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:418:14: note: in expansion of macro ‘ALLOC’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:349:18: note: in expansion of macro ‘mem_alloc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:425:26: note: in expansion of macro ‘ALLOC’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:352:47: note: in definition of macro ‘BZERO’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:433:17: note: in expansion of macro ‘CACHE_PERROR’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:433:17: note: in expansion of macro ‘CACHE_PERROR’
#  344|   
#  345|   #define CACHE_PERROR(msg)	\
#  346|-> 	(void) fprintf(stderr,"%s\n", msg)
#  347|   
#  348|   #define ALLOC(type, size)	\

Error: GCC_ANALYZER_WARNING (CWE-401): [#def370]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c: scope_hint: In function ‘gssrpc_svcudp_enablecache’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:346:16: warning[-Wanalyzer-malloc-leak]: leak of ‘uc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:427:17: note: in expansion of macro ‘CACHE_PERROR’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:349:18: note: in expansion of macro ‘mem_alloc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:418:14: note: in expansion of macro ‘ALLOC’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:349:18: note: in expansion of macro ‘mem_alloc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:418:14: note: in expansion of macro ‘ALLOC’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:427:17: note: in expansion of macro ‘CACHE_PERROR’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:427:17: note: in expansion of macro ‘CACHE_PERROR’
#  344|   
#  345|   #define CACHE_PERROR(msg)	\
#  346|-> 	(void) fprintf(stderr,"%s\n", msg)
#  347|   
#  348|   #define ALLOC(type, size)	\

Error: CPPCHECK_WARNING (CWE-401): [#def371]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:428: error[memleak]: Memory leak: uc
#  426|   	if (uc->uc_entries == NULL) {
#  427|   		CACHE_PERROR("enablecache: could not allocate cache data");
#  428|-> 		return(0);
#  429|   	}
#  430|   	BZERO(uc->uc_entries, cache_ptr, size * SPARSENESS);

Error: CPPCHECK_WARNING (CWE-401): [#def372]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/svc_udp.c:434: error[memleak]: Memory leak: uc
#  432|   	if (uc->uc_fifo == NULL) {
#  433|   		CACHE_PERROR("enablecache: could not allocate cache fifo");
#  434|-> 		return(0);
#  435|   	}
#  436|   	BZERO(uc->uc_fifo, cache_ptr, size);

Error: COMPILER_WARNING (CWE-252): [#def373]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/unit-test/server.c: scope_hint: In function ‘rpc_test_echo_1_svc’
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/unit-test/server.c:161:6: warning[-Wunused-result]: ignoring return value of ‘asprintf’ declared with attribute ‘warn_unused_result’
#  161 |      asprintf(&res, "Echo: %s", *arg);
#      |      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#  159|        if (res)
#  160|   	  free(res);
#  161|->      asprintf(&res, "Echo: %s", *arg);
#  162|        return &res;
#  163|   }

Error: CPPCHECK_WARNING (CWE-401): [#def374]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/xdr_rec.c:167: error[memleak]: Memory leak: rstrm
#  165|   	if (rstrm->the_buffer == NULL) {
#  166|   		(void)fprintf(stderr, "xdrrec_create: out of memory\n");
#  167|-> 		return;
#  168|   	}
#  169|   	for (rstrm->out_base = rstrm->the_buffer;

Error: CPPCHECK_WARNING (CWE-457): [#def375]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/xdr_rec.c:215: error[uninitvar]: Uninitialized variable: mylong
#  213|   		rstrm->in_finger += BYTES_PER_XDR_UNIT;
#  214|   	} else {
#  215|-> 		if (! xdrrec_getbytes(xdrs, (caddr_t)&mylong,
#  216|   				      BYTES_PER_XDR_UNIT))
#  217|   			return (FALSE);

Error: CPPCHECK_WARNING (CWE-457): [#def376]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/xdr_rec.c:537: error[uninitvar]: Uninitialized variable: header
#  535|   	uint32_t header;
#  536|   
#  537|-> 	if (! get_input_bytes(rstrm, (caddr_t)&header, sizeof(header)))
#  538|   		return (FALSE);
#  539|   	header = ntohl(header);

Error: CPPCHECK_WARNING (CWE-457): [#def377]
krb5-1.21.3-build/krb5-1.21.3/src/lib/rpc/xdr_stdio.c:104: error[uninitvar]: Uninitialized variable: tmp
#  102|   {
#  103|           uint32_t tmp;
#  104|-> 	if (fread((caddr_t)&tmp,
#  105|   		  sizeof(uint32_t), 1, (FILE *)xdrs->x_private) != 1)
#  106|   		return (FALSE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def378]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/hostrealm/test/main.c:72:12: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
#   70|               goto oom;
#   71|           newptr = realloc(list, (count + 2) * sizeof(*list));
#   72|->         if (newptr == NULL)
#   73|               goto oom;
#   74|           list = newptr;

Error: COMPILER_WARNING: [#def379]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kadm5_auth/test/main.c: scope_hint: In function ‘welcomer_end’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kadm5_auth/test/main.c:257:33: warning[-Wformat-truncation=]: ‘%d’ directive output may be truncated writing between 1 and 11 bytes into a region of size 10
#  257 |     snprintf(buf, sizeof(buf), "%d", atoi(val) + 1);
#      |                                 ^~
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kadm5_auth/test/main.c:257:32: note: directive argument in the range [-2147483647, 2147483647]
#  257 |     snprintf(buf, sizeof(buf), "%d", atoi(val) + 1);
#      |                                ^~~~
/usr/include/bits/stdio2.h:68:10: note: ‘__snprintf_chk’ output between 2 and 12 bytes into a destination of size 10
#   68 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
#      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   69 |                                    __glibc_objsize (__s), __fmt,
#      |                                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   70 |                                    __va_arg_pack ());
#      |                                    ~~~~~~~~~~~~~~~~~
#  255|       if (krb5_dbe_get_string(context, ent, "ends", &val) != 0 || val == NULL)
#  256|           goto cleanup;
#  257|->     snprintf(buf, sizeof(buf), "%d", atoi(val) + 1);
#  258|       if (krb5_dbe_set_string(context, ent, "ends", buf) != 0)
#  259|           goto cleanup;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def380]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/adb_openclose.c: scope_hint: In function ‘osa_adb_release_lock’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/adb_openclose.c:306:16: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopen(krb5int_labeled_open(*db_20(D)->lock.filename, 194, 384), "w+")’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:131: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/adb_openclose.c:8: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-label.h:24:52: note: in definition of macro ‘THREEPARAMOPEN’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:130: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/adb_openclose.c:305:13: note: in expansion of macro ‘set_cloexec_fd’
#  304|                   return OSA_ADB_NOLOCKFILE;
#  305|               set_cloexec_fd(fd);
#  306|->             if ((db->lock->lockfile = fdopen(fd, "w+")) == NULL)
#  307|                   return OSA_ADB_NOLOCKFILE;
#  308|           } else if ((ret = krb5_lock_file(db->lock->context,

Error: GCC_ANALYZER_WARNING (CWE-688): [#def381]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/btree/bt_split.c: scope_hint: In function ‘bt_psplit’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/btree/bt_split.c:674:25: warning[-Wanalyzer-null-argument]: use of NULL ‘src’ where non-null expected
<built-in>: note: argument 2 of ‘__builtin_memmove’ must be non-null
#  672|   
#  673|   			l->linp[off] = l->upper -= nbytes;
#  674|-> 			memmove((char *)l + l->upper, src, nbytes);
#  675|   		}
#  676|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def382]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/hash_bigkey.c: scope_hint: In function ‘collect_key’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/hash_bigkey.c:403:9: warning[-Wanalyzer-null-argument]: use of NULL ‘*hashp.bigkey_buf’ where non-null expected
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/hash_bigkey.c:70: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/hash_bigkey.c:280:1: note: in expansion of macro ‘__get_bigkey’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/hash_bigkey.c:69: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/page.h:112:9: note: in expansion of macro ‘REFERENCE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/page.h:139:26: note: in expansion of macro ‘KEY_OFF’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/hash_bigkey.c:380:13: note: in expansion of macro ‘BIGKEYLEN’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/page.h:112:9: note: in expansion of macro ‘REFERENCE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/page.h:139:26: note: in expansion of macro ‘KEY_OFF’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/hash_bigkey.c:386:24: note: in expansion of macro ‘BIGKEYLEN’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#  401|   	assert(save_addr == ADDR(pagep));
#  402|   #endif
#  403|-> 	memcpy(hashp->bigkey_buf + len, BIGKEY(pagep), BIGKEYLEN(pagep));
#  404|   	__put_page(hashp, next_pagep, A_RAW, 0);
#  405|   

Error: COMPILER_WARNING (CWE-252): [#def383]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/hash_page.c: scope_hint: In function ‘overflow_page’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/hash_page.c:1056:31: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
# 1056 |                         (void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1);
#      |                               ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 1054|   	if (offset > SPLITMASK) {
# 1055|   		if (++splitnum >= NCACHED) {
# 1056|-> 			(void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1);
# 1057|   			return (0);
# 1058|   		}

Error: COMPILER_WARNING (CWE-252): [#def384]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/hash_page.c:1068:31: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
# 1068 |                         (void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1);
#      |                               ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 1066|   		free_page++;
# 1067|   		if (free_page >= NCACHED) {
# 1068|-> 			(void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1);
# 1069|   			return (0);
# 1070|   		}

Error: COMPILER_WARNING (CWE-252): [#def385]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/hash_page.c:1092:39: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
# 1092 |                                 (void)write(STDERR_FILENO,
#      |                                       ^~~~~~~~~~~~~~~~~~~~
# 1093 |                                     OVMSG, sizeof(OVMSG) - 1);
#      |                                     ~~~~~~~~~~~~~~~~~~~~~~~~~
# 1090|   		if (offset > SPLITMASK) {
# 1091|   			if (++splitnum >= NCACHED) {
# 1092|-> 				(void)write(STDERR_FILENO,
# 1093|   				    OVMSG, sizeof(OVMSG) - 1);
# 1094|   				return (0);

Error: COMPILER_WARNING (CWE-252): [#def386]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/hash_page.c:1119:23: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
# 1119 |                 (void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1);
#      |                       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 1117|   
# 1118|   	if (OADDR_TO_PAGE(addr) > MAX_PAGES(hashp)) {
# 1119|-> 		(void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1);
# 1120|   		return (0);
# 1121|   	}

Error: COMPILER_WARNING (CWE-252): [#def387]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/hash/hash_page.c:1152:23: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
# 1152 |                 (void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1);
#      |                       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# 1150|   
# 1151|   	if (OADDR_TO_PAGE(addr) > MAX_PAGES(hashp)) {
# 1152|-> 		(void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1);
# 1153|   		return (0);
# 1154|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def388]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/mpool/mpool.c: scope_hint: In function ‘kdb2_mpool_get’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/mpool/mpool.c:338:15: warning[-Wanalyzer-malloc-leak]: leak of ‘mpool_bkt(mp)’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/mpool/mpool.c:48: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/mpool/mpool.c:172:1: note: in expansion of macro ‘mpool_get’
#  336|   
#  337|   	/* If under the max cached, always create a new page. */
#  338|-> 	if (mp->curcache < mp->maxcache)
#  339|   		goto new;
#  340|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def389]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/recno/rec_put.c: scope_hint: In function ‘__kdb2_rec_put’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/db2/libdb2/recno/rec_put.c:90:28: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
#   88|   			    malloc(t->bt_reclen) :
#   89|   			    realloc(t->bt_rdata.data, t->bt_reclen);
#   90|-> 			if (t->bt_rdata.data == NULL)
#   91|   				return (RET_ERROR);
#   92|   			t->bt_rdata.size = t->bt_reclen;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def390]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_list.c: scope_hint: In function ‘krb5_parse_list’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_list.c:118:12: warning[-Wanalyzer-malloc-leak]: leak of ‘*plist’
#  116|            plist++, count++) {
#  117|           *plist = strdup(token);
#  118|->         if (*plist == NULL) {
#  119|               retval = ENOMEM;
#  120|               goto cleanup;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def391]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_realm.c: scope_hint: In function ‘kdb_ldap_tgt_keysalt_iterate’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_realm.c:1211:16: warning[-Wanalyzer-malloc-leak]: leak of ‘*entry.key_data’
# 1209|   
# 1210|       memset(entry->key_data + entry->n_key_data, 0, sizeof(krb5_key_data));
# 1211|->     ind = entry->n_key_data++;
# 1212|   
# 1213|       if (!(kret = krb5_c_make_random_key(context, ksent->ks_enctype,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def392]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_realm.c: scope_hint: In function ‘kdb_ldap_create_principal’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_realm.c:1350:24: warning[-Wanalyzer-malloc-leak]: leak of ‘tl_data’
# 1348|                                                  kdb_ldap_tgt_keysalt_iterate,
# 1349|                                                  (krb5_pointer) &iargs)))
# 1350|->                 return retval;
# 1351|           }
# 1352|           break;

Error: COMPILER_WARNING: [#def393]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_util.c: scope_hint: In function ‘extended_com_err_fn’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_util.c:230:5: warning[-Wsuggest-attribute=format]: function ‘extended_com_err_fn’ might be a candidate for ‘gnu_printf’ format attribute
#  230 |     vfprintf (stderr, fmt, args);
#      |     ^~~~~~~~
#  228|       fprintf (stderr, "%s: %s ", myprog, emsg);
#  229|       krb5_free_error_message (util_context, emsg);
#  230|->     vfprintf (stderr, fmt, args);
#  231|       fprintf (stderr, "\n");
#  232|   }

Error: GCC_ANALYZER_WARNING (CWE-457): [#def394]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c: scope_hint: In function ‘getdate_yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:686:7: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyss’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:671:9: note: in expansion of macro ‘YYCOPY’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1224:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:671:9: note: in expansion of macro ‘YYCOPY’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1224:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:671:9: note: in expansion of macro ‘YYCOPY’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1224:9: note: in expansion of macro ‘YYSTACK_RELOCATE’
#  684|   #  if defined __GNUC__ && 1 < __GNUC__
#  685|   #   define YYCOPY(Dst, Src, Count) \
#  686|->       __builtin_memcpy (Dst, Src, YY_CAST (YYSIZE_T, (Count)) * sizeof (*(Src)))
#  687|   #  else
#  688|   #   define YYCOPY(Dst, Src, Count)              \

Error: GCC_ANALYZER_WARNING (CWE-457): [#def395]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1351:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’
krb5-1.21.3-build/krb5-1.21.3/src/kadmin/cli/getdate.y:948:9: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1116:1: note: in expansion of macro ‘yyparse’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/ldap_util/y.tab.c:1270:16: note: in expansion of macro ‘yylex’
# 1349|        unconditionally makes the parser a bit smaller, and it avoids a
# 1350|        GCC warning that YYVAL may be used uninitialized.  */
# 1351|->   yyval = yyvsp[1-yylen];
# 1352|   
# 1353|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def396]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_main.h:34: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:36: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c: scope_hint: In function ‘krb5_ldap_delete_realm’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h:99:10: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘rparam’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h:95:51: note: in expansion of macro ‘LDAP_SEARCH_1’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:259:13: note: in expansion of macro ‘LDAP_SEARCH’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:219:5: note: in expansion of macro ‘SETUP_CONTEXT’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:727:5: note: in expansion of macro ‘SETUP_CONTEXT’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:736:5: note: in expansion of macro ‘GET_HANDLE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:736:5: note: in expansion of macro ‘GET_HANDLE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:736:5: note: in expansion of macro ‘GET_HANDLE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:740:5: note: in expansion of macro ‘CHECK_NULL’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:767:5: note: in expansion of macro ‘CHECK_NULL’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h:99:32: note: in definition of macro ‘LDAP_SEARCH_1’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:769:5: note: in expansion of macro ‘LDAP_SEARCH’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:231:5: note: in expansion of macro ‘GET_HANDLE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:231:5: note: in expansion of macro ‘GET_HANDLE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:231:5: note: in expansion of macro ‘GET_HANDLE’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-thread.h:136: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:236: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:130: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h:35: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h:99:38: note: in definition of macro ‘LDAP_SEARCH_1’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:259:13: note: in expansion of macro ‘LDAP_SEARCH’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h:99:38: note: in definition of macro ‘LDAP_SEARCH_1’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:259:13: note: in expansion of macro ‘LDAP_SEARCH’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h:95:51: note: in expansion of macro ‘LDAP_SEARCH_1’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c:259:13: note: in expansion of macro ‘LDAP_SEARCH’
#   97|   #define LDAP_SEARCH_1(base, scope, filter, attrs, status_check)         \
#   98|       tempst = 0;                                                         \
#   99|->     st = ldap_search_ext_s(ld, base, scope, filter, attrs, 0, NULL,     \
#  100|                              NULL, &timelimit, LDAP_NO_LIMIT, &result);   \
#  101|       if (translate_ldap_error(st, OP_SEARCH) == KRB5_KDB_ACCESS_ERROR) { \

Error: GCC_ANALYZER_WARNING (CWE-127): [#def397]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c: scope_hint: In function ‘remove_overlapping_subtrees’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c:1335:33: warning[-Wanalyzer-out-of-bounds]: heap-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c:34: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c:1169:5: note: in expansion of macro ‘SETUP_CONTEXT’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c:1169:5: note: in expansion of macro ‘SETUP_CONTEXT’
# 1333|                   (sscope == 2 && is_subtree(list[j], jlen, list[i], ilen))) {
# 1334|                   free(list[j]);
# 1335|->                 list[j--] = list[count - 1];
# 1336|                   list[--count] = NULL;
# 1337|               } else if (sscope == 2 &&

Error: GCC_ANALYZER_WARNING (CWE-124): [#def398]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c:1336:31: warning[-Wanalyzer-out-of-bounds]: heap-based buffer underwrite
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c:1169:5: note: in expansion of macro ‘SETUP_CONTEXT’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c:1169:5: note: in expansion of macro ‘SETUP_CONTEXT’
# 1334|                   free(list[j]);
# 1335|                   list[j--] = list[count - 1];
# 1336|->                 list[--count] = NULL;
# 1337|               } else if (sscope == 2 &&
# 1338|                          is_subtree(list[i], ilen, list[j], jlen)) {

Error: GCC_ANALYZER_WARNING (CWE-127): [#def399]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c:1340:33: warning[-Wanalyzer-out-of-bounds]: heap-based buffer under-read
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c:1169:5: note: in expansion of macro ‘SETUP_CONTEXT’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c:1169:5: note: in expansion of macro ‘SETUP_CONTEXT’
# 1338|                          is_subtree(list[i], ilen, list[j], jlen)) {
# 1339|                   free(list[i]);
# 1340|->                 list[i--] = list[count - 1];
# 1341|                   list[--count] = NULL;
# 1342|                   break;

Error: GCC_ANALYZER_WARNING (CWE-124): [#def400]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c:1341:31: warning[-Wanalyzer-out-of-bounds]: heap-based buffer underwrite
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c:1169:5: note: in expansion of macro ‘SETUP_CONTEXT’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c:1169:5: note: in expansion of macro ‘SETUP_CONTEXT’
# 1339|                   free(list[i]);
# 1340|                   list[i--] = list[count - 1];
# 1341|->                 list[--count] = NULL;
# 1342|                   break;
# 1343|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def401]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c: scope_hint: In function ‘krb5_ldap_iterate’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c:220:20: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘subtree’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_main.h:34: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c:35: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c:153:5: note: in expansion of macro ‘SETUP_CONTEXT’
#  218|   
#  219|       for (;ntree; --ntree)
#  220|->         if (subtree[ntree-1])
#  221|               free (subtree[ntree-1]);
#  222|       free(subtree);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def402]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘test_get_principal’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c:154:11: warning[-Wanalyzer-malloc-leak]: leak of ‘get_string(h, "alias",  search_name, 0)’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘test_get_principal’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘test_get_principal’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘test_get_principal’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘test_get_principal’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘test_get_principal’
#  152|       if (ret)
#  153|           abort();
#  154|->     val = estrdup(values[0]);
#  155|       profile_free_list(values);
#  156|       return val;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def403]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c:154:11: warning[-Wanalyzer-malloc-leak]: leak of ‘get_string(h, "princs",  ename, "flags")’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘test_get_principal’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘test_get_principal’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘test_get_principal’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘test_get_principal’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘test_get_principal’
/usr/include/bits/types/stack_t.h:23: included_from: Included from here.
/usr/include/signal.h:313: included_from: Included from here.
/usr/include/sys/param.h:28: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/port-sockets.h:168: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:165: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘test_get_principal’
#  152|       if (ret)
#  153|           abort();
#  154|->     val = estrdup(values[0]);
#  155|       profile_free_list(values);
#  156|       return val;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def404]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keyblock’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c:213:21: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘rndin.data’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keyblock’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keyblock’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keyblock’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keyblock’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keyblock’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keyblock’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keyblock’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keyblock’
#  211|       for (pos = 0; pos < keybytes; pos += n) {
#  212|           n = (cksum.length < keybytes - pos) ? cksum.length : keybytes - pos;
#  213|->         memcpy(rndin.data + pos, cksum.contents, n);
#  214|       }
#  215|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def405]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keys’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c:247:20: warning[-Wanalyzer-malloc-leak]: leak of ‘ealloc((long unsigned int)nstrings * 4)’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keys’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keys’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keys’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keys’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keys’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/kdb/test/kdb_test.c: scope_hint: In function ‘make_keys’
#  245|       nkeys = 0;
#  246|       for (i = 0; i < nstrings; i++) {
#  247|->         s = strings[i];
#  248|           /* Read a leading kvno if present; otherwise assume kvno 1. */
#  249|           if (isdigit(*s)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def406]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_clnt.c: scope_hint: In function ‘pkinit_client_profile’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_clnt.c:746:38: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(*cb.get_cc_config(context,  rock, "X509_user_identity"))’
#  744|           free(reqctx->idopts->identity);
#  745|           reqctx->idopts->identity = strdup(configured_identity);
#  746|->         reqctx->do_identity_matching = FALSE;
#  747|       }
#  748|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def407]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_clnt.c: scope_hint: In function ‘handle_gic_opt’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_clnt.c:1357:19: warning[-Wanalyzer-malloc-leak]: leak of ‘*((struct _pkinit_context)*((struct krb5_clpreauth_moddata_st *)plgctx)).idopts.identity’
# 1355|           }
# 1356|           plgctx->idopts->identity = strdup(value);
# 1357|->         if (plgctx->idopts->identity == NULL) {
# 1358|               krb5_set_error_message(context, ENOMEM,
# 1359|                                      "Could not duplicate X509_user_identity value\n");

Error: CPPCHECK_WARNING (CWE-457): [#def408]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c:285: error[legacyUninitvar]: Uninitialized variable: codes
#  283|   
#  284|       dh = EVP_PKEY_get0_DH(params);
#  285|->     return (dh == NULL) ? 0 : (DH_check(dh, &codes) && codes == 0);
#  286|   }
#  287|   #endif

Error: CPPCHECK_WARNING (CWE-401): [#def409]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c:3283: error[memleak]: Memory leak: rdat.data
# 3281|           if (asprintf(&prompt, "%.*s PIN%s", (int) sizeof (tip->label),
# 3282|                        tip->label, warning) < 0)
# 3283|->             return ENOMEM;
# 3284|           rdat.data = malloc(tip->ulMaxPinLen + 2);
# 3285|           rdat.length = tip->ulMaxPinLen + 1;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def410]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c: scope_hint: In function ‘pkinit_open_session’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c:3408:14: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘tinfo.flags’
# 3406|   
# 3407|       /* Login if needed */
# 3408|->     if (tinfo.flags & CKF_LOGIN_REQUIRED) {
# 3409|           if (cctx->p11_module_name != NULL) {
# 3410|               if (cctx->slotid != PK_NOSLOT) {

Error: COMPILER_WARNING: [#def411]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c: scope_hint: In function ‘pkinit_get_certs_dir.isra.0’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c:3972:50: warning[-Wformat-truncation=]: ‘%s’ directive output may be truncated writing likely 5 or more bytes into a region of size between 1 and 1023
# 3972 |         snprintf(certname, sizeof(certname), "%s/%s", dirname, dentry->d_name);
#      |                                                  ^~
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c:3972:46: note: assuming directive output of 5 bytes
# 3972 |         snprintf(certname, sizeof(certname), "%s/%s", dirname, dentry->d_name);
#      |                                              ^~~~~~~
/usr/include/bits/stdio2.h:68:10: note: ‘__snprintf_chk’ output 2 or more bytes (assuming 1029) into a destination of size 1024
#   68 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
#      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   69 |                                    __glibc_objsize (__s), __fmt,
#      |                                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   70 |                                    __va_arg_pack ());
#      |                                    ~~~~~~~~~~~~~~~~~
# 3970|               continue;
# 3971|           }
# 3972|->         snprintf(certname, sizeof(certname), "%s/%s", dirname, dentry->d_name);
# 3973|           snprintf(keyname, sizeof(keyname), "%s/%s", dirname, dentry->d_name);
# 3974|           len = strlen(keyname);

Error: COMPILER_WARNING: [#def412]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c: scope_hint: In function ‘load_cas_and_crls_dir.isra.0’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c:4854:50: warning[-Wformat-truncation=]: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size between 1 and 1023
# 4854 |         snprintf(filename, sizeof(filename), "%s/%s", dirname, dentry->d_name);
#      |                                                  ^~
/usr/include/bits/stdio2.h:68:10: note: ‘__snprintf_chk’ output between 2 and 1279 bytes into a destination of size 1024
#   68 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
#      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   69 |                                    __glibc_objsize (__s), __fmt,
#      |                                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   70 |                                    __va_arg_pack ());
#      |                                    ~~~~~~~~~~~~~~~~~
# 4852|           if (dentry->d_name[0] == '.')
# 4853|               continue;
# 4854|->         snprintf(filename, sizeof(filename), "%s/%s", dirname, dentry->d_name);
# 4855|   
# 4856|           retval = load_cas_and_crls(context, plg_cryptoctx, req_cryptoctx,

Error: GCC_ANALYZER_WARNING (CWE-457): [#def413]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_matching.c: scope_hint: In function ‘parse_rule_component’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_matching.c:295:17: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘kw_type’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_trace.h:36: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit.h:40: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_matching.c:38: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_trace.h:145:5: note: in expansion of macro ‘TRACE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_matching.c:645:9: note: in expansion of macro ‘TRACE_PKINIT_CERT_RULE’
#  293|       }
#  294|       rc->next = NULL;
#  295|->     rc->kw_type = kw_type;
#  296|       rc->kwval_type = kwval_type;
#  297|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def414]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_matching.c:372:12: warning[-Wanalyzer-malloc-leak]: leak of ‘rc’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_trace.h:145:5: note: in expansion of macro ‘TRACE’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_matching.c:645:9: note: in expansion of macro ‘TRACE_PKINIT_CERT_RULE’
#  370|           free_rule_component(context, rc);
#  371|       pkiDebug("%s: returning %d\n", __FUNCTION__, retval);
#  372|->     return retval;
#  373|   }
#  374|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def415]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_srv.c: scope_hint: In function ‘pkinit_server_verify_padata’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/pkinit/pkinit_srv.c:630:13: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘reqctx’
#  628|       if (retval && data->pa_type == KRB5_PADATA_PK_AS_REQ) {
#  629|           pkiDebug("pkinit_verify_padata failed: creating e-data\n");
#  630|->         if (pkinit_create_edata(context, plgctx->cryptoctx, reqctx->cryptoctx,
#  631|                                   plgctx->idctx, plgctx->opts, retval, &e_data))
#  632|               pkiDebug("pkinit_create_edata failed\n");

Error: GCC_ANALYZER_WARNING (CWE-457): [#def416]
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/spake/spake_kdc.c: scope_hint: In function ‘verify_response’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/spake/spake_kdc.c:401:15: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘stage’
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/spake/spake_kdc.c:34: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/krb5.h:8: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-int.h:161: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/spake/spake_kdc.c:33: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/plugins/preauth/spake/spake_kdc.c:105:16: note: in expansion of macro ‘KRB5KDC_ERR_PREAUTH_FAILED’
#  399|       if (ret)
#  400|           goto cleanup;
#  401|->     if (stage != 0) {
#  402|           /* The received cookie wasn't sent with a challenge. */
#  403|           ret = KRB5KDC_ERR_PREAUTH_FAILED;

Error: CPPCHECK_WARNING (CWE-401): [#def417]
krb5-1.21.3-build/krb5-1.21.3/src/tests/asn.1/trval.c:151: error[memleakOnRealloc]: Common realloc mistake: 'p' nulled but not freed upon failure
#  149|           if ((unsigned int) len == maxlen) {
#  150|               maxlen += BUFSIZ;
#  151|->             p = (unsigned char *)realloc(p, maxlen);
#  152|           }
#  153|           if (do_hex) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def418]
krb5-1.21.3-build/krb5-1.21.3/src/tests/asn.1/t_trval.c:37: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/tests/asn.1/trval.c: scope_hint: In function ‘trval’
krb5-1.21.3-build/krb5-1.21.3/src/tests/asn.1/trval.c:163:18: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘p’
#  161|               cc = (n1 << 4) + n2;
#  162|           }
#  163|->         p[len++] = cc;
#  164|       }
#  165|       fprintf(fout, "<%d>", len);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def419]
krb5-1.21.3-build/krb5-1.21.3/src/tests/asn.1/trval.c: scope_hint: In function ‘trval2’
krb5-1.21.3-build/krb5-1.21.3/src/tests/asn.1/trval.c:190:14: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘enc’
#  188|   
#  189|   context_restart:
#  190|->     eid = enc[0];
#  191|       elen = enc[1];
#  192|   

Error: COMPILER_WARNING: [#def420]
krb5-1.21.3-build/krb5-1.21.3/src/tests/create/kdb5_mkdums.c: scope_hint: In function ‘main’
krb5-1.21.3-build/krb5-1.21.3/src/tests/create/kdb5_mkdums.c:188:13: warning[-Wstringop-truncation]: ‘__strncat_chk’ output may be truncated copying between 0 and 4095 bytes from a string of length 8191
#  188 |             strncat(tmp, tmp2, sizeof(tmp) - 1 - strlen(tmp));
#      |             ^
#  186|                               principal_string, i);
#  187|               tmp2[sizeof(tmp2) - 1] = '\0';
#  188|->             strncat(tmp, tmp2, sizeof(tmp) - 1 - strlen(tmp));
#  189|               str_newprinc = tmp;
#  190|               add_princ(test_context, str_newprinc);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def421]
krb5-1.21.3-build/krb5-1.21.3/src/tests/create/kdb5_mkdums.c: scope_hint: In function ‘add_princ’
krb5-1.21.3-build/krb5-1.21.3/src/tests/create/kdb5_mkdums.c:218:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newentry’
#  216|       if (newentry == NULL) {
#  217|           com_err(progname, ENOMEM, "while allocating DB entry");
#  218|->         return;
#  219|       }
#  220|       snprintf(princ_name, sizeof(princ_name), "%s@%s", str_newprinc, cur_realm);

Error: CPPCHECK_WARNING (CWE-401): [#def422]
krb5-1.21.3-build/krb5-1.21.3/src/tests/create/kdb5_mkdums.c:223: error[memleak]: Memory leak: newentry
#  221|       if ((retval = krb5_parse_name(context, princ_name, &newprinc))) {
#  222|           com_err(progname, retval, "while parsing '%s'", princ_name);
#  223|->         return;
#  224|       }
#  225|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def423]
krb5-1.21.3-build/krb5-1.21.3/src/tests/gss-threads/gss-server.c: scope_hint: In function ‘main’
krb5-1.21.3-build/krb5-1.21.3/src/tests/gss-threads/gss-server.c:734:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘logfile’
#  732|                */
#  733|               if (!strcmp(*argv, "/dev/null")) {
#  734|->                 logfile = display_file = NULL;
#  735|               } else {
#  736|                   logfile = fopen(*argv, "a");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def424]
krb5-1.21.3-build/krb5-1.21.3/src/tests/gss-threads/gss-server.c:734:25: warning[-Wanalyzer-malloc-leak]: leak of ‘logfile’
#  732|                */
#  733|               if (!strcmp(*argv, "/dev/null")) {
#  734|->                 logfile = display_file = NULL;
#  735|               } else {
#  736|                   logfile = fopen(*argv, "a");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def425]
krb5-1.21.3-build/krb5-1.21.3/src/tests/gss-threads/gss-server.c:786:44: warning[-Wanalyzer-malloc-leak]: leak of ‘work’
#  784|           if (stmp >= 0) {
#  785|               do {
#  786|->                 struct _work_plan * work = malloc(sizeof(struct _work_plan));
#  787|   
#  788|                   if (work == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def426]
krb5-1.21.3-build/krb5-1.21.3/src/tests/gssapi/t_credstore.c: scope_hint: In function ‘main’
krb5-1.21.3-build/krb5-1.21.3/src/tests/gssapi/t_credstore.c:86:41: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘store.elements’
#   84|           if (*(argv + 1) == NULL)
#   85|               usage();
#   86|->         store.elements[store.count].key = *argv;
#   87|           store.elements[store.count].value = *(argv + 1);
#   88|           store.count++;

Error: GCC_ANALYZER_WARNING (CWE-126): [#def427]
krb5-1.21.3-build/krb5-1.21.3/src/tests/gssapi/t_imp_name.c: scope_hint: In function ‘buf_eq_str’
krb5-1.21.3-build/krb5-1.21.3/src/tests/gssapi/t_imp_name.c:57:18: warning[-Wanalyzer-out-of-bounds]: buffer over-read
krb5-1.21.3-build/krb5-1.21.3/src/tests/gssapi/t_imp_name.c:57:18: note: read of 2 bytes from after the end of ‘"p:user@MIT.EDU"’
krb5-1.21.3-build/krb5-1.21.3/src/tests/gssapi/t_imp_name.c:57:18: note: valid subscripts for ‘"p:user@MIT.EDU"’ are ‘[0]’ to ‘[14]’
krb5-1.21.3-build/krb5-1.21.3/src/tests/gssapi/t_imp_name.c:32: included_from: Included from here.
/usr/include/string.h:407:15: note: argument 1 of ‘strlen’ must be a pointer to a null-terminated string
#   55|   buf_eq_str(gss_buffer_t buf, const char *str, int buf_includes_nullterm)
#   56|   {
#   57|->     size_t len = strlen(str) + (buf_includes_nullterm ? 1 : 0);
#   58|   
#   59|       return (buf->length == len && memcmp(buf->value, str, len) == 0);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def428]
krb5-1.21.3-build/krb5-1.21.3/src/tests/gssapi/t_iov.c: scope_hint: In function ‘concat_iov’
krb5-1.21.3-build/krb5-1.21.3/src/tests/gssapi/t_iov.c:60:9: warning[-Wanalyzer-null-argument]: use of NULL ‘buf’ where non-null expected
krb5-1.21.3-build/krb5-1.21.3/src/include/gssapi/gssapi_krb5.h:28: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/tests/gssapi/common.h:36: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/tests/gssapi/t_iov.c:37: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/gssapi/gssapi_ext.h:276:47: note: in definition of macro ‘GSS_IOV_BUFFER_TYPE’
krb5-1.21.3-build/krb5-1.21.3/src/include/gssapi/gssapi_ext.h:276:47: note: in definition of macro ‘GSS_IOV_BUFFER_TYPE’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#   58|           if (GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_SIGN_ONLY)
#   59|               continue;
#   60|->         memcpy(buf + len, iov[i].buffer.value, iov[i].buffer.length);
#   61|           len += iov[i].buffer.length;
#   62|       }

Error: GCC_ANALYZER_WARNING (CWE-457): [#def429]
krb5-1.21.3-build/krb5-1.21.3/src/tests/gssapi/t_spnego.c: scope_hint: In function ‘der_wrap’
krb5-1.21.3-build/krb5-1.21.3/src/tests/gssapi/t_spnego.c:89:5: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘&lenbuf’
krb5-1.21.3-build/krb5-1.21.3/src/tests/gssapi/t_spnego.c:30: included_from: Included from here.
#   87|       assert(wrapped != NULL);
#   88|       *wrapped = tag;
#   89|->     memcpy(wrapped + 1, lenbuf, llen);
#   90|       memcpy(wrapped + 1 + llen, *tok, *len);
#   91|       free(*tok);

Error: GCC_ANALYZER_WARNING (CWE-457): [#def430]
krb5-1.21.3-build/krb5-1.21.3/src/tests/hammer/kdc5_hammer.c: scope_hint: In function ‘main’
krb5-1.21.3-build/krb5-1.21.3/src/tests/hammer/kdc5_hammer.c:182:33: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘prefix[0]’
#  180|       }
#  181|   
#  182|->     if (!(num_to_check && prefix[0])) usage(prog, 1);
#  183|   
#  184|       if (!cur_realm) {

Error: COMPILER_WARNING: [#def431]
krb5-1.21.3-build/krb5-1.21.3/src/tests/hammer/kdc5_hammer.c: scope_hint: In function ‘main’
krb5-1.21.3-build/krb5-1.21.3/src/tests/hammer/kdc5_hammer.c:210:54: warning[-Wformat-truncation=]: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size between 0 and 8192
#  210 |           (void) snprintf(ctmp2, sizeof(ctmp2), "%s%s%d-DEPTH-%d",
#      |                                                      ^~
krb5-1.21.3-build/krb5-1.21.3/src/tests/hammer/kdc5_hammer.c:210:49: note: directive argument in the range [1, 2147483647]
#  210 |           (void) snprintf(ctmp2, sizeof(ctmp2), "%s%s%d-DEPTH-%d",
#      |                                                 ^~~~~~~~~~~~~~~~~
krb5-1.21.3-build/krb5-1.21.3/src/tests/hammer/kdc5_hammer.c:210:49: note: directive argument in the range [1, 2147483647]
/usr/include/bits/stdio2.h:68:10: note: ‘__snprintf_chk’ output between 10 and 8220 bytes into a destination of size 8192
#   68 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
#      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   69 |                                    __glibc_objsize (__s), __fmt,
#      |                                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   70 |                                    __va_arg_pack ());
#      |                                    ~~~~~~~~~~~~~~~~~
#  208|   	ctmp[0] = '\0';
#  209|   	for (i = 1; i <= depth; i++) {
#  210|-> 	  (void) snprintf(ctmp2, sizeof(ctmp2), "%s%s%d-DEPTH-%d",
#  211|   			  (i != 1) ? "/" : "", prefix, n, i);
#  212|   	  ctmp2[sizeof(ctmp2) - 1] = '\0';

Error: COMPILER_WARNING: [#def432]
krb5-1.21.3-build/krb5-1.21.3/src/tests/hammer/kdc5_hammer.c: scope_hint: In function ‘main’
krb5-1.21.3-build/krb5-1.21.3/src/tests/hammer/kdc5_hammer.c:226:56: warning[-Wformat-truncation=]: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size between 0 and 8192
#  226 |             (void) snprintf(stmp2, sizeof(stmp2), "%s%s%d-DEPTH-%d",
#      |                                                        ^~
krb5-1.21.3-build/krb5-1.21.3/src/tests/hammer/kdc5_hammer.c:226:51: note: directive argument in the range [1, 2147483647]
#  226 |             (void) snprintf(stmp2, sizeof(stmp2), "%s%s%d-DEPTH-%d",
#      |                                                   ^~~~~~~~~~~~~~~~~
krb5-1.21.3-build/krb5-1.21.3/src/tests/hammer/kdc5_hammer.c:226:51: note: directive argument in the range [1, 2147483647]
/usr/include/bits/stdio2.h:68:10: note: ‘__snprintf_chk’ output between 10 and 8220 bytes into a destination of size 8192
#   68 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
#      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   69 |                                    __glibc_objsize (__s), __fmt,
#      |                                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   70 |                                    __va_arg_pack ());
#      |                                    ~~~~~~~~~~~~~~~~~
#  224|   	  stmp[0] = '\0';
#  225|   	  for (j = 1; j <= depth; j++) {
#  226|-> 	    (void) snprintf(stmp2, sizeof(stmp2), "%s%s%d-DEPTH-%d",
#  227|   			    (j != 1) ? "/" : "", prefix, n, j);
#  228|   	    stmp2[sizeof (stmp2) - 1] = '\0';

Error: COMPILER_WARNING: [#def433]
krb5-1.21.3-build/krb5-1.21.3/src/tests/softpkcs11/main.c: scope_hint: In function ‘application_error’
krb5-1.21.3-build/krb5-1.21.3/src/tests/softpkcs11/main.c:161:5: warning[-Wsuggest-attribute=format]: function ‘application_error’ might be a candidate for ‘gnu_printf’ format attribute
#  161 |     vprintf(fmt, ap);
#      |     ^~~~~~~
#  159|       va_list ap;
#  160|       va_start(ap, fmt);
#  161|->     vprintf(fmt, ap);
#  162|       va_end(ap);
#  163|       if (soft_token.flags.app_error_fatal)

Error: COMPILER_WARNING: [#def434]
krb5-1.21.3-build/krb5-1.21.3/src/tests/softpkcs11/main.c: scope_hint: In function ‘st_logf’
krb5-1.21.3-build/krb5-1.21.3/src/tests/softpkcs11/main.c:174:5: warning[-Wsuggest-attribute=format]: function ‘st_logf’ might be a candidate for ‘gnu_printf’ format attribute
#  174 |     vfprintf(soft_token.logfile, fmt, ap);
#      |     ^~~~~~~~
#  172|           return;
#  173|       va_start(ap, fmt);
#  174|->     vfprintf(soft_token.logfile, fmt, ap);
#  175|       va_end(ap);
#  176|       fflush(soft_token.logfile);

Error: COMPILER_WARNING: [#def435]
krb5-1.21.3-build/krb5-1.21.3/src/tests/softpkcs11/main.c: scope_hint: In function ‘snprintf_fill’
krb5-1.21.3-build/krb5-1.21.3/src/tests/softpkcs11/main.c:185:5: warning[-Wsuggest-attribute=format]: function ‘snprintf_fill’ might be a candidate for ‘gnu_printf’ format attribute
#  185 |     len = vsnprintf(str, size, fmt, ap);
#      |     ^~~
#  183|       va_list ap;
#  184|       va_start(ap, fmt);
#  185|->     len = vsnprintf(str, size, fmt, ap);
#  186|       va_end(ap);
#  187|       if (len < 0 || len > size)

Error: COMPILER_WARNING: [#def436]
krb5-1.21.3-build/krb5-1.21.3/src/tests/verify/kdb5_verify.c: scope_hint: In function ‘main’
krb5-1.21.3-build/krb5-1.21.3/src/tests/verify/kdb5_verify.c:189:13: warning[-Wstringop-truncation]: ‘__strncat_chk’ output may be truncated copying between 0 and 4095 bytes from a string of length 8191
#  189 |             strncat(tmp, tmp2, sizeof(tmp) - 1 - strlen(tmp));
#      |             ^
#  187|                               principal_string, i);
#  188|               tmp2[sizeof(tmp2) - 1] = '\0';
#  189|->             strncat(tmp, tmp2, sizeof(tmp) - 1 - strlen(tmp));
#  190|               str_princ = tmp;
#  191|               if (check_princ(context, str_princ)) errors++;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def437]
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_parse.c: scope_hint: In function ‘add_data_to_buffer.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_parse.c:607:5: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_parse.c: scope_hint: In function ‘add_data_to_buffer.part.0’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#  605|           b->max = newsize;
#  606|       }
#  607|->     memcpy(b->base + b->cur, d, len);
#  608|       b->cur += len;          /* ignore overflow */
#  609|   }

Error: GCC_ANALYZER_WARNING (CWE-457): [#def438]
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_parse.c:607:5: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘d’
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_parse.c: scope_hint: In function ‘add_data_to_buffer.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_parse.c: scope_hint: In function ‘add_data_to_buffer.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_parse.c: scope_hint: In function ‘add_data_to_buffer.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_parse.c: scope_hint: In function ‘add_data_to_buffer.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_parse.c: scope_hint: In function ‘add_data_to_buffer.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_parse.c: scope_hint: In function ‘add_data_to_buffer.part.0’
krb5-1.21.3-build/krb5-1.21.3/src/util/profile/prof_parse.c: scope_hint: In function ‘add_data_to_buffer.part.0’
#  605|           b->max = newsize;
#  606|       }
#  607|->     memcpy(b->base + b->cur, d, len);
#  608|       b->cur += len;          /* ignore overflow */
#  609|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def439]
krb5-1.21.3-build/krb5-1.21.3/src/util/support/dir_filenames.c: scope_hint: In function ‘add_filename’
krb5-1.21.3-build/krb5-1.21.3/src/util/support/dir_filenames.c:52:8: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
#   50|   
#   51|       newlist = realloc(*fnames, (*n_fnames + 2) * sizeof(*newlist));
#   52|->     if (newlist == NULL)
#   53|           return ENOMEM;
#   54|       *fnames = newlist;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def440]
krb5-1.21.3-build/krb5-1.21.3/src/util/support/dir_filenames.c: scope_hint: In function ‘k5_dir_filenames’
krb5-1.21.3-build/krb5-1.21.3/src/util/support/dir_filenames.c:130:5: warning[-Wanalyzer-null-argument]: use of NULL ‘fnames’ where non-null expected
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:61: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/util/support/dir_filenames.c:33: included_from: Included from here.
/usr/include/stdlib.h:970:13: note: argument 1 of ‘qsort’ must be non-null
#  128|   
#  129|       closedir(dir);
#  130|->     qsort(fnames, n_fnames, sizeof(*fnames), compare_with_strcmp);
#  131|       *fnames_out = fnames;
#  132|       return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def441]
krb5-1.21.3-build/krb5-1.21.3/src/util/support/threads.c: scope_hint: In function ‘krb5int_setspecific’
krb5-1.21.3-build/krb5-1.21.3/src/util/support/threads.c:321:23: warning[-Wanalyzer-malloc-leak]: leak of ‘t’
krb5-1.21.3-build/krb5-1.21.3/src/util/support/threads.c:28: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:284:9: note: in expansion of macro ‘k5_call_init_function’
krb5-1.21.3-build/krb5-1.21.3/src/util/support/threads.c:267:11: note: in expansion of macro ‘CALL_INIT_FUNCTION’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:284:9: note: in expansion of macro ‘k5_call_init_function’
krb5-1.21.3-build/krb5-1.21.3/src/util/support/threads.c:267:11: note: in expansion of macro ‘CALL_INIT_FUNCTION’
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-thread.h:136: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/include/k5-platform.h:236: included_from: Included from here.
krb5-1.21.3-build/krb5-1.21.3/src/util/support/threads.c:298:9: note: in expansion of macro ‘K5_PTHREADS_LOADED’
#  319|   #endif
#  320|   
#  321|->     t->values[keynum] = value;
#  322|       return 0;
#  323|   }