Newly introduced findings

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
libbpf-1.5.0-build/libbpf-1.5.0/include/linux/err.h:25:29: warning[-Wanalyzer-malloc-leak]: leak of ‘btf_new_empty(0)’
libbpf-1.5.0-build/libbpf-1.5.0/include/linux/err.h:11:27: note: in definition of macro ‘IS_ERR_VALUE’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘libbpf_ptr’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:22: included_from: Included from here.
libbpf-1.5.0-build/libbpf-1.5.0/include/linux/err.h:11:27: note: in definition of macro ‘IS_ERR_VALUE’
#   23|   static inline bool IS_ERR(const void *ptr)
#   24|   {
#   25|-> 	return IS_ERR_VALUE((unsigned long)ptr);
#   26|   }
#   27|   

Error: GCC_ANALYZER_WARNING (CWE-122): [#def2]
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘libbpf_add_mem’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:171:9: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘libbpf_add_mem’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘libbpf_add_mem’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘libbpf_add_mem’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘libbpf_add_mem’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘libbpf_add_mem’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘libbpf_add_mem’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘libbpf_add_mem’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:171:9: note: write of 15 bytes to beyond the end of the region
#  169|   
#  170|   	/* zero out newly allocated portion of memory */
#  171|-> 	memset(new_data + (*cap_cnt) * elem_sz, 0, (new_cnt - *cap_cnt) * elem_sz);
#  172|   
#  173|   	*data = new_data;

Error: GCC_ANALYZER_WARNING (CWE-122): [#def3]
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:2193:21: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:2193:21: note: write of 3 bytes to beyond the end of the region
# 2191|   	 * adding each member
# 2192|   	 */
# 2193|-> 	t->name_off = name_off;
# 2194|   	t->info = btf_type_info(kind, 0, 0);
# 2195|   	t->size = bytes_sz;

Error: GCC_ANALYZER_WARNING (CWE-122): [#def4]
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:2194:17: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:2194:17: note: write of 4 bytes to beyond the end of the region
# 2192|   	 */
# 2193|   	t->name_off = name_off;
# 2194|-> 	t->info = btf_type_info(kind, 0, 0);
# 2195|   	t->size = bytes_sz;
# 2196|   

Error: GCC_ANALYZER_WARNING (CWE-122): [#def5]
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:2195:17: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_composite’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:2195:17: note: write of 4 bytes to beyond the end of the region
# 2193|   	t->name_off = name_off;
# 2194|   	t->info = btf_type_info(kind, 0, 0);
# 2195|-> 	t->size = bytes_sz;
# 2196|   
# 2197|   	return btf_commit_type(btf, sz);

Error: GCC_ANALYZER_WARNING (CWE-122): [#def6]
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:2330:21: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:2330:21: note: write of 3 bytes to beyond the end of the region
# 2328|   
# 2329|   	/* start out with vlen=0; it will be adjusted when adding enum values */
# 2330|-> 	t->name_off = name_off;
# 2331|   	t->info = btf_type_info(kind, 0, is_signed);
# 2332|   	t->size = byte_sz;

Error: GCC_ANALYZER_WARNING (CWE-122): [#def7]
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:2331:17: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:2331:17: note: write of 4 bytes to beyond the end of the region
# 2329|   	/* start out with vlen=0; it will be adjusted when adding enum values */
# 2330|   	t->name_off = name_off;
# 2331|-> 	t->info = btf_type_info(kind, 0, is_signed);
# 2332|   	t->size = byte_sz;
# 2333|   

Error: GCC_ANALYZER_WARNING (CWE-122): [#def8]
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:2332:17: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c: scope_hint: In function ‘btf_add_enum_common’
libbpf-1.5.0-build/libbpf-1.5.0/src/btf.c:2332:17: note: write of 4 bytes to beyond the end of the region
# 2330|   	t->name_off = name_off;
# 2331|   	t->info = btf_type_info(kind, 0, is_signed);
# 2332|-> 	t->size = byte_sz;
# 2333|   
# 2334|   	return btf_commit_type(btf, sz);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def9]
libbpf-1.5.0-build/libbpf-1.5.0/src/libbpf_internal.h: scope_hint: In function ‘libbpf_ptr’
libbpf-1.5.0-build/libbpf-1.5.0/src/libbpf_internal.h:607:35: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
#  605|   		errno = -PTR_ERR(ret);
#  606|   
#  607|-> 	return IS_ERR(ret) ? NULL : ret;
#  608|   }
#  609|

Scan Properties

analyzer-version-clippy	1.82.0
analyzer-version-cppcheck	2.16.0
analyzer-version-gcc	14.2.1
analyzer-version-gcc-analyzer	15.0.0
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
diffbase-analyzer-version-clippy	1.82.0
diffbase-analyzer-version-cppcheck	2.16.0
diffbase-analyzer-version-gcc	14.2.1
diffbase-analyzer-version-gcc-analyzer	15.0.0
diffbase-analyzer-version-shellcheck	0.10.0
diffbase-analyzer-version-unicontrol	0.0.2
diffbase-enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code	0
diffbase-host	ip-172-16-1-134.us-west-2.compute.internal
diffbase-mock-config	fedora-rawhide-gcc-latest-x86_64
diffbase-project-name	libbpf-1.4.6-1.fc41
diffbase-store-results-to	/tmp/tmp3n8bhbxc/libbpf-1.4.6-1.fc41.tar.xz
diffbase-time-created	2024-11-13 01:15:34
diffbase-time-finished	2024-11-13 01:17:46
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmp3n8bhbxc/libbpf-1.4.6-1.fc41.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp3n8bhbxc/libbpf-1.4.6-1.fc41.src.rpm'
diffbase-tool-version	csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-134.us-west-2.compute.internal
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	libbpf-1.5.0-1.fc42
store-results-to	/tmp/tmpg8468kpt/libbpf-1.5.0-1.fc42.tar.xz
time-created	2024-11-13 01:17:58
time-finished	2024-11-13 01:20:07
title	Newly introduced findings
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmpg8468kpt/libbpf-1.5.0-1.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpg8468kpt/libbpf-1.5.0-1.fc42.src.rpm'
tool-version	csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9