libpng-1.6.44-1.fc42

List of Findings

Error: SHELLCHECK_WARNING (CWE-563): [#def1]
/usr/bin/libpng16-config:16:1: warning[SC2034]: exec_prefix appears unused. Verify use (or export if used externally).
#   14|   version=`pkg-config --modversion libpng`
#   15|   prefix=`pkg-config --variable prefix libpng`
#   16|-> exec_prefix=`pkg-config --variable exec_prefix libpng`
#   17|   libdir=`pkg-config --variable libdir libpng`
#   18|   includedir=`pkg-config --variable includedir libpng`

Error: GCC_ANALYZER_WARNING (CWE-775): [#def2]
libpng-1.6.44-build/libpng-1.6.44/contrib/libtests/timepng.c: scope_hint: In function ‘add_one_file’
libpng-1.6.44-build/libpng-1.6.44/contrib/libtests/timepng.c:274:10: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(name, "rb")’
#  272|         fpos_t pos;
#  273|   
#  274|->       if (fgetpos(fp, &pos))
#  275|         {
#  276|            /* Fatal error reading the start: */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
libpng-1.6.44-build/libpng-1.6.44/contrib/libtests/timepng.c:274:10: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(name, "rb")’
#  272|         fpos_t pos;
#  273|   
#  274|->       if (fgetpos(fp, &pos))
#  275|         {
#  276|            /* Fatal error reading the start: */

Error: GCC_ANALYZER_WARNING (CWE-775): [#def4]
libpng-1.6.44-build/libpng-1.6.44/contrib/libtests/timepng.c: scope_hint: In function ‘main’
libpng-1.6.44-build/libpng-1.6.44/contrib/libtests/timepng.c:400:16: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(argv[2], "rb")’
#  398|         }
#  399|   
#  400|->       nfiles = atoi(argv[3]);
#  401|         if (nfiles <= 0)
#  402|         {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
libpng-1.6.44-build/libpng-1.6.44/contrib/libtests/timepng.c:400:16: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(argv[2], "rb")’
#  398|         }
#  399|   
#  400|->       nfiles = atoi(argv[3]);
#  401|         if (nfiles <= 0)
#  402|         {

Error: GCC_ANALYZER_WARNING (CWE-126): [#def6]
libpng-1.6.44-build/libpng-1.6.44/contrib/tools/pngcp.c: scope_hint: In function ‘option_index’
libpng-1.6.44-build/libpng-1.6.44/contrib/tools/pngcp.c:718:69: warning[-Wanalyzer-out-of-bounds]: buffer over-read
libpng-1.6.44-build/libpng-1.6.44/pngconf.h:51: included_from: Included from here.
libpng-1.6.44-build/libpng-1.6.44/png.h:334: included_from: Included from here.
libpng-1.6.44-build/libpng-1.6.44/contrib/tools/pngcp.c:53: included_from: Included from here.
libpng-1.6.44-build/libpng-1.6.44/contrib/tools/pngcp.c:74: included_from: Included from here.
libpng-1.6.44-build/libpng-1.6.44/contrib/tools/pngcp.c:718:69: note: read of 1 byte from after the end of ‘"verbose"’
libpng-1.6.44-build/libpng-1.6.44/contrib/tools/pngcp.c:718:69: note: valid subscripts for ‘"verbose"’ are ‘[0]’ to ‘[7]’
#  716|   
#  717|      for (j=0; j<option_count; ++j)
#  718|->       if (strncmp(options[j].name, opt, len) == 0 && options[j].name[len] == 0)
#  719|            return j;
#  720|

Scan Properties

analyzer-version-clippy	1.82.0
analyzer-version-cppcheck	2.16.0
analyzer-version-gcc	14.2.1
analyzer-version-gcc-analyzer	15.0.0
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-244.us-west-2.compute.internal
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	libpng-1.6.44-1.fc42
store-results-to	/tmp/tmp556l5yif/libpng-1.6.44-1.fc42.tar.xz
time-created	2024-11-13 01:43:52
time-finished	2024-11-13 01:45:53
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmp556l5yif/libpng-1.6.44-1.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp556l5yif/libpng-1.6.44-1.fc42.src.rpm'
tool-version	csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9