Newly introduced findings

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-476): [#def1]
libssh2-1.11.1-build/libssh2-1.11.1/src/transport.c:628:44: warning[-Wanalyzer-null-dereference]: dereference of NULL 'remote_mac'
libssh2-1.11.1-build/libssh2-1.11.1/src/transport.c:441:16: note: in expansion of macro 'CRYPT_FLAG_R'
libssh2-1.11.1-build/libssh2-1.11.1/src/transport.c:441:16: note: in expansion of macro 'CRYPT_FLAG_R'
libssh2-1.11.1-build/libssh2-1.11.1/src/transport.c:600:31: note: in expansion of macro 'CRYPT_FLAG_R'
#  626|                        (5 bytes) packet length and padding length fields */
#  627|                       total_num = p->packet_length - 1 +
#  628|->                     (encrypted ? remote_mac->mac_len : 0);
#  629|                   }
#  630|               }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def2]
libssh2-1.11.1-build/libssh2-1.11.1/src/transport.c: scope_hint: In function '_libssh2_transport_send'
libssh2-1.11.1-build/libssh2-1.11.1/src/transport.c:1241:21: warning[-Wanalyzer-null-dereference]: dereference of NULL 'local_mac'
libssh2-1.11.1-build/libssh2-1.11.1/src/transport.c:1051:9: note: in expansion of macro 'CRYPT_FLAG_R'
libssh2-1.11.1-build/libssh2-1.11.1/src/transport.c:1051:9: note: in expansion of macro 'CRYPT_FLAG_R'
libssh2-1.11.1-build/libssh2-1.11.1/src/transport.c:1189:12: note: in expansion of macro 'CRYPT_FLAG_L'
libssh2-1.11.1-build/libssh2-1.11.1/src/transport.c:1189:12: note: in expansion of macro 'CRYPT_FLAG_L'
# 1239|               /* Call crypt one last time so it can be filled in with the MAC */
# 1240|               if(CRYPT_FLAG_L(session, INTEGRATED_MAC)) {
# 1241|->                 int authlen = local_mac->mac_len;
# 1242|                   assert((size_t)total_length <=
# 1243|                          packet_length + session->local.crypt->blocksize);

Scan Properties

analyzer-version-clippy	1.82.0
analyzer-version-cppcheck	2.16.0
analyzer-version-gcc	14.2.1
analyzer-version-gcc-analyzer	15.0.0
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
diffbase-analyzer-version-clippy	1.82.0
diffbase-analyzer-version-cppcheck	2.16.0
diffbase-analyzer-version-gcc	14.2.1
diffbase-analyzer-version-gcc-analyzer	15.0.0
diffbase-analyzer-version-shellcheck	0.10.0
diffbase-analyzer-version-unicontrol	0.0.2
diffbase-enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code	0
diffbase-host	ip-172-16-1-40.us-west-2.compute.internal
diffbase-mock-config	fedora-rawhide-gcc-latest-x86_64
diffbase-project-name	libssh2-1.11.0-8.fc41
diffbase-store-results-to	/tmp/tmpdabufa65/libssh2-1.11.0-8.fc41.tar.xz
diffbase-time-created	2024-11-13 01:51:24
diffbase-time-finished	2024-11-13 01:53:44
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmpdabufa65/libssh2-1.11.0-8.fc41.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpdabufa65/libssh2-1.11.0-8.fc41.src.rpm'
diffbase-tool-version	csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-40.us-west-2.compute.internal
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	libssh2-1.11.1-1.fc42
store-results-to	/tmp/tmp4sq4suy9/libssh2-1.11.1-1.fc42.tar.xz
time-created	2024-11-13 01:54:07
time-finished	2024-11-13 01:55:43
title	Newly introduced findings
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmp4sq4suy9/libssh2-1.11.1-1.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp4sq4suy9/libssh2-1.11.1-1.fc42.src.rpm'
tool-version	csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9