Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/client_examples/SDLvncviewer.c:437:13: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ # 435| # 436| if(credentialType != rfbCredentialTypeUser) { # 437|-> rfbClientErr("something else than username and password required for authentication\n"); # 438| return NULL; # 439| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/client_examples/SDLvncviewer.c: scope_hint: In function ‘get_credential’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/client_examples/SDLvncviewer.c:437:13: warning[-Wanalyzer-malloc-leak]: leak of ‘c’ # 435| # 436| if(credentialType != rfbCredentialTypeUser) { # 437|-> rfbClientErr("something else than username and password required for authentication\n"); # 438| return NULL; # 439| } Error: CPPCHECK_WARNING (CWE-401): [#def3] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/client_examples/SDLvncviewer.c:438: error[memleak]: Memory leak: c # 436| if(credentialType != rfbCredentialTypeUser) { # 437| rfbClientErr("something else than username and password required for authentication\n"); # 438|-> return NULL; # 439| } # 440| Error: CPPCHECK_WARNING (CWE-401): [#def4] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/client_examples/SDLvncviewer.c:438: error[memleak]: Memory leak: c.userCredential # 436| if(credentialType != rfbCredentialTypeUser) { # 437| rfbClientErr("something else than username and password required for authentication\n"); # 438|-> return NULL; # 439| } # 440| Error: COMPILER_WARNING (CWE-252): [#def5] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/client_examples/SDLvncviewer.c: scope_hint: In function ‘get_credential’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/client_examples/SDLvncviewer.c:443:9: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ # 443 | fgets(c->userCredential.username, RFB_BUF_SIZE, stdin); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 441| rfbClientLog("username and password required for authentication!\n"); # 442| printf("user: "); # 443|-> fgets(c->userCredential.username, RFB_BUF_SIZE, stdin); # 444| printf("pass: "); # 445| fgets(c->userCredential.password, RFB_BUF_SIZE, stdin); Error: COMPILER_WARNING (CWE-252): [#def6] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/client_examples/SDLvncviewer.c:445:9: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ # 445 | fgets(c->userCredential.password, RFB_BUF_SIZE, stdin); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 443| fgets(c->userCredential.username, RFB_BUF_SIZE, stdin); # 444| printf("pass: "); # 445|-> fgets(c->userCredential.password, RFB_BUF_SIZE, stdin); # 446| # 447| /* remove trailing newlines */ Error: GCC_ANALYZER_WARNING (CWE-688): [#def7] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/client_examples/SDLvncviewer.c:448:36: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc(8192)’ where non-null expected /usr/include/SDL2/SDL_stdinc.h:60: included_from: Included from here. /usr/include/SDL2/SDL_main.h:25: included_from: Included from here. /usr/include/SDL2/SDL.h:32: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/client_examples/SDLvncviewer.c:6: included_from: Included from here. /usr/include/string.h:293:15: note: argument 1 of ‘strcspn’ must be non-null # 446| # 447| /* remove trailing newlines */ # 448|-> c->userCredential.username[strcspn(c->userCredential.username, "\n")] = 0; # 449| c->userCredential.password[strcspn(c->userCredential.password, "\n")] = 0; # 450| Error: GCC_ANALYZER_WARNING (CWE-688): [#def8] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/client_examples/SDLvncviewer.c:449:36: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc(8192)’ where non-null expected /usr/include/string.h:293:15: note: argument 1 of ‘strcspn’ must be non-null # 447| /* remove trailing newlines */ # 448| c->userCredential.username[strcspn(c->userCredential.username, "\n")] = 0; # 449|-> c->userCredential.password[strcspn(c->userCredential.password, "\n")] = 0; # 450| # 451| return c; Error: COMPILER_WARNING (CWE-563): [#def9] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/client_examples/vnc2mpg.c:67:9: warning[-Wunused-variable]: unused variable ‘i’ # 67 | int i; # | ^ # 65| enum AVCodecID codec_id, int64_t br, int sr, int w, int h) # 66| { # 67|-> int i; # 68| # 69| /* find the encoder */ Error: COMPILER_WARNING (CWE-704): [#def10] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/client_examples/vnc2mpg.c: scope_hint: In function ‘add_video_stream’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/client_examples/vnc2mpg.c:70:16: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type # 68| # 69| /* find the encoder */ # 70|-> ost->codec = avcodec_find_encoder(codec_id); # 71| if (!(ost->codec)) { # 72| fprintf(stderr, "Could not find encoder for '%s'\n", Error: GCC_ANALYZER_WARNING (CWE-476): [#def11] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/cursors.c: scope_hint: In function ‘initBuffer’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/cursors.c:37:49: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buffer’ # 35| for(j=0;j<maxy;++j) { # 36| for(i=0;i<maxx;++i) { # 37|-> buffer[(j*maxx+i)*bpp+0]=(i+j)*128/(maxx+maxy); /* red */ # 38| buffer[(j*maxx+i)*bpp+1]=i*128/maxx; /* green */ # 39| buffer[(j*maxx+i)*bpp+2]=j*256/maxy; /* blue */ Error: GCC_ANALYZER_WARNING (CWE-476): [#def12] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/example.c: scope_hint: In function ‘initBuffer’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/example.c:54:31: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buffer’ # 52| for(j=0;j<maxy;++j) { # 53| for(i=0;i<maxx;++i) { # 54|-> buffer[(j*maxx+i)*bpp+0]=(i+j)*128/(maxx+maxy); /* red */ # 55| buffer[(j*maxx+i)*bpp+1]=i*128/maxx; /* green */ # 56| buffer[(j*maxx+i)*bpp+2]=j*256/maxy; /* blue */ Error: GCC_ANALYZER_WARNING (CWE-476): [#def13] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/example.c:58:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buffer’ # 56| buffer[(j*maxx+i)*bpp+2]=j*256/maxy; /* blue */ # 57| } # 58|-> buffer[j*maxx*bpp+0]=0xff; # 59| buffer[j*maxx*bpp+1]=0xff; # 60| buffer[j*maxx*bpp+2]=0xff; Error: COMPILER_WARNING (CWE-252): [#def14] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/pnmshow.c: scope_hint: In function ‘main’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/pnmshow.c:33:3: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ # 33 | fgets(buffer,1024,in); # | ^~~~~~~~~~~~~~~~~~~~~ # 31| } # 32| # 33|-> fgets(buffer,1024,in); # 34| if(!strncmp(buffer,"P6",2)) { # 35| picType=TRUECOLOUR; Error: COMPILER_WARNING (CWE-252): [#def15] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/pnmshow.c:50:5: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ # 50 | fgets(buffer,1024,in); # | ^~~~~~~~~~~~~~~~~~~~~ # 48| /* skip comments */ # 49| do { # 50|-> fgets(buffer,1024,in); # 51| } while(buffer[0]=='#'); # 52| Error: COMPILER_WARNING (CWE-252): [#def16] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/pnmshow.c:57:9: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ # 57 | fgets(buffer,1024,in); # | ^~~~~~~~~~~~~~~~~~~~~ # 55| rfbLog("Got width %d and height %d.\n",width,height); # 56| if(picType!=BW) # 57|-> fgets(buffer,1024,in); # 58| else # 59| width=1+((width-1)|7); Error: COMPILER_WARNING (CWE-252): [#def17] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/pnmshow.c:84:3: warning[-Wunused-result]: ignoring return value of ‘fread’ declared with attribute ‘warn_unused_result’ # 84 | fread(rfbScreen->frameBuffer,width*bitsPerPixelInFile/8,height,in); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 82| if(!rfbScreen->frameBuffer) # 83| exit(1); # 84|-> fread(rfbScreen->frameBuffer,width*bitsPerPixelInFile/8,height,in); # 85| fclose(in); # 86| Error: COMPILER_WARNING (CWE-252): [#def18] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/pnmshow24.c: scope_hint: In function ‘main’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/pnmshow24.c:41:3: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ # 41 | fgets(buffer,1024,in); # | ^~~~~~~~~~~~~~~~~~~~~ # 39| } # 40| # 41|-> fgets(buffer,1024,in); # 42| if(strncmp(buffer,"P6",2)) { # 43| printf("Not a ppm.\n"); Error: COMPILER_WARNING (CWE-252): [#def19] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/pnmshow24.c:49:5: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ # 49 | fgets(buffer,1024,in); # | ^~~~~~~~~~~~~~~~~~~~~ # 47| /* skip comments */ # 48| do { # 49|-> fgets(buffer,1024,in); # 50| } while(buffer[0]=='#'); # 51| Error: COMPILER_WARNING (CWE-252): [#def20] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/pnmshow24.c:55:3: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ # 55 | fgets(buffer,1024,in); # | ^~~~~~~~~~~~~~~~~~~~~ # 53| sscanf(buffer,"%d %d",&width,&height); # 54| rfbLog("Got width %d and height %d.\n",width,height); # 55|-> fgets(buffer,1024,in); # 56| # 57| /* vncviewers have problems with widths which are no multiple of 4. */ Error: COMPILER_WARNING (CWE-252): [#def21] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/pnmshow24.c:83:3: warning[-Wunused-result]: ignoring return value of ‘fread’ declared with attribute ‘warn_unused_result’ # 83 | fread(rfbScreen->frameBuffer,width*3,height,in); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 81| if(!rfbScreen->frameBuffer) # 82| return 1; # 83|-> fread(rfbScreen->frameBuffer,width*3,height,in); # 84| fclose(in); # 85| Error: COMPILER_WARNING (CWE-252): [#def22] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/vncev.c: scope_hint: In function ‘read_keys’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/examples/vncev.c:46:7: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ # 46 | fgets(buffer,1024,keysyms); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~ # 44| # 45| while(!feof(keysyms)) { # 46|-> fgets(buffer,1024,keysyms); # 47| if(!strncmp(buffer,"#define XK_",strlen("#define XK_"))) { # 48| for(i=strlen("#define XK_");buffer[i] && buffer[i]!=' ' Error: GCC_ANALYZER_WARNING (CWE-457): [#def23] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/rfbproto.c:2534: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/trle.c: scope_hint: In function ‘HandleTRLE24’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/trle.c:153:28: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘palette[<unknown>]’ # 151| for (i = x, shift = 8 - bpp; i < x + w; i++) { # 152| ((CARDBPP *)client->frameBuffer)[j + i] = # 153|-> palette[((*buffer) >> shift) & mask]; # 154| shift -= bpp; # 155| if (shift < 0) { Error: GCC_ANALYZER_WARNING (CWE-457): [#def24] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/trle.c:218:26: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘palette[<unknown>]’ # 216| if (!ReadFromRFBServer(client, (char *)buffer, 1)) # 217| return FALSE; # 218|-> color = palette[(*buffer) & 0x7f]; # 219| length = 1; # 220| if (*buffer & 0x80) { Error: GCC_ANALYZER_WARNING (CWE-457): [#def25] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/rfbproto.c:2536: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c: scope_hint: In function ‘HandleZRLETile24’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:315:87: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘palette[<unknown>]’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/rfbproto.c:2495:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:36:20: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:84:1: note: in expansion of macro ‘HandleZRLE’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/rfbproto.c:38: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:114:21: note: in expansion of macro ‘rfbClientSwap32IfLE’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/rfbproto.c:2495:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:37:24: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:201:44: note: in expansion of macro ‘HandleZRLETile’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/rfbproto.c:2495:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:37:24: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:236:12: note: in expansion of macro ‘HandleZRLETile’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/rfbproto.c:2495:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:37:24: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:259:31: note: in expansion of macro ‘HandleZRLETile’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/rfbproto.c:2495:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:37:24: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:236:12: note: in expansion of macro ‘HandleZRLETile’ # 313| for(j=y*client->width; j<(y+h)*client->width; j+=client->width) { # 314| for(i=x,shift=8-bpp; i<x+w; i++) { # 315|-> ((CARDBPP*)client->frameBuffer)[j+i] = palette[((*buffer)>>shift)&mask]; # 316| shift-=bpp; # 317| if(shift<0) { Error: GCC_ANALYZER_WARNING (CWE-457): [#def26] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:384:48: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘palette[<unknown>]’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/rfbproto.c:2495:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:36:20: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:84:1: note: in expansion of macro ‘HandleZRLE’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:114:21: note: in expansion of macro ‘rfbClientSwap32IfLE’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/rfbproto.c:2495:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:37:24: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:201:44: note: in expansion of macro ‘HandleZRLETile’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/rfbproto.c:2495:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:37:24: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:236:12: note: in expansion of macro ‘HandleZRLETile’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/rfbproto.c:2495:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:37:24: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:259:31: note: in expansion of macro ‘HandleZRLETile’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/rfbproto.c:2495:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:37:24: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncclient/zrle.c:236:12: note: in expansion of macro ‘HandleZRLETile’ # 382| if(buffer>=buffer_end) # 383| return -10; # 384|-> color = palette[(*buffer)&0x7f]; # 385| length=1; # 386| if(*buffer&0x80) { Error: COMPILER_WARNING (CWE-1023): [#def27] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/auth.c:432:5: warning[-Wswitch]: enumeration value ‘RFB_AUTHENTICATION’ not handled in switch # 430| } # 431| # 432|-> switch (cl->state) { # 433| case RFB_CHANNEL_SECURITY_TYPE: # 434| handlerListHead = channelSecurityHandlers; Error: COMPILER_WARNING (CWE-1023): [#def28] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/auth.c:432:5: warning[-Wswitch]: enumeration value ‘RFB_INITIALISATION_SHARED’ not handled in switch # 430| } # 431| # 432|-> switch (cl->state) { # 433| case RFB_CHANNEL_SECURITY_TYPE: # 434| handlerListHead = channelSecurityHandlers; Error: COMPILER_WARNING (CWE-1023): [#def29] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/auth.c:432:5: warning[-Wswitch]: enumeration value ‘RFB_INITIALISATION’ not handled in switch # 430| } # 431| # 432|-> switch (cl->state) { # 433| case RFB_CHANNEL_SECURITY_TYPE: # 434| handlerListHead = channelSecurityHandlers; Error: COMPILER_WARNING (CWE-1023): [#def30] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/auth.c:432:5: warning[-Wswitch]: enumeration value ‘RFB_NORMAL’ not handled in switch # 430| } # 431| # 432|-> switch (cl->state) { # 433| case RFB_CHANNEL_SECURITY_TYPE: # 434| handlerListHead = channelSecurityHandlers; Error: COMPILER_WARNING (CWE-1023): [#def31] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/auth.c: scope_hint: In function ‘rfbProcessClientSecurityType’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/auth.c:432:5: warning[-Wswitch]: enumeration value ‘RFB_PROTOCOL_VERSION’ not handled in switch # 432 | switch (cl->state) { # | ^~~~~~ # 430| } # 431| # 432|-> switch (cl->state) { # 433| case RFB_CHANNEL_SECURITY_TYPE: # 434| handlerListHead = channelSecurityHandlers; Error: COMPILER_WARNING (CWE-1023): [#def32] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/auth.c:432:5: warning[-Wswitch]: enumeration value ‘RFB_SHUTDOWN’ not handled in switch # 430| } # 431| # 432|-> switch (cl->state) { # 433| case RFB_CHANNEL_SECURITY_TYPE: # 434| handlerListHead = channelSecurityHandlers; Error: GCC_ANALYZER_WARNING (CWE-457): [#def33] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/auth.c: scope_hint: In function ‘rfbProcessClientSecurityType’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/auth.c:442:37: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘handler’ # 440| # 441| /* Make sure it was present in the list sent by the server. */ # 442|-> for (handler = handlerListHead; handler; handler = handler->next) { # 443| if (chosenType == handler->type) { # 444| rfbLog("rfbProcessClientSecurityType: executing handler for type %d\n", chosenType); Error: COMPILER_WARNING (CWE-457): [#def34] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/auth.c:442:37: warning[-Wmaybe-uninitialized]: ‘handlerListHead’ may be used uninitialized # 442 | for (handler = handlerListHead; handler; handler = handler->next) { # | ^~~~~~~ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/auth.c:419:25: note: ‘handlerListHead’ was declared here # 419 | rfbSecurityHandler* handlerListHead; # | ^~~~~~~~~~~~~~~ # 440| # 441| /* Make sure it was present in the list sent by the server. */ # 442|-> for (handler = handlerListHead; handler; handler = handler->next) { # 443| if (chosenType == handler->type) { # 444| rfbLog("rfbProcessClientSecurityType: executing handler for type %d\n", chosenType); Error: GCC_ANALYZER_WARNING (CWE-688): [#def35] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/cursor.c: scope_hint: In function ‘rfbShowCursor’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/cursor.c:596:23: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘dest’ where non-null expected libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/rfb/rfb.h:43: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/cursor.c:25: included_from: Included from here. /usr/include/string.h:64:12: note: argument 1 of ‘memcmp’ must be non-null # 594| const char* src=s->frameBuffer+(y1+j)*rowstride+x1*bpp; # 595| unsigned int count=x2*bpp; # 596|-> if(wasChanged || memcmp(dest,src,count)) { # 597| wasChanged=TRUE; # 598| memcpy(dest,src,count); Error: GCC_ANALYZER_WARNING (CWE-688): [#def36] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/httpd.c: scope_hint: In function ‘httpProcessInput’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/httpd.c:350:41: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/rfb/rfb.h:43: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/httpd.c:31: included_from: Included from here. /usr/include/string.h:159:12: note: argument 1 of ‘strncmp’ must be non-null # 348| return; # 349| } # 350|-> if (!strncmp(buf, "GET ",4) && !strncmp(strchr(buf,'/'),"/proxied.connection HTTP/1.", 27)) { # 351| /* proxy connection */ # 352| rfbLog("httpd: client asked for /proxied.connection\n"); Error: GCC_ANALYZER_WARNING (CWE-775): [#def37] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/main.c: scope_hint: In function ‘listenerRun’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/main.c:669:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*(struct _rfbScreenInfo *)data.listenSock’ /usr/include/sys/select.h:30: included_from: Included from here. /usr/include/sys/types.h:179: included_from: Included from here. /usr/include/stdlib.h:514: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/rfb/rfb.h:42: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/main.c:16: included_from: Included from here. # 667| len = sizeof (peer); # 668| if (FD_ISSET(screen->listenSock, &listen_fds)) # 669|-> client_fd = accept(screen->listenSock, (struct sockaddr*)&peer, &len); # 670| else if (FD_ISSET(screen->listen6Sock, &listen_fds)) # 671| client_fd = accept(screen->listen6Sock, (struct sockaddr*)&peer, &len); Error: GCC_ANALYZER_WARNING (CWE-775): [#def38] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/main.c:671:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*(struct _rfbScreenInfo *)data.listen6Sock’ # 669| client_fd = accept(screen->listenSock, (struct sockaddr*)&peer, &len); # 670| else if (FD_ISSET(screen->listen6Sock, &listen_fds)) # 671|-> client_fd = accept(screen->listen6Sock, (struct sockaddr*)&peer, &len); # 672| # 673| if(client_fd >= 0) Error: GCC_ANALYZER_WARNING (CWE-775): [#def39] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/main.c:674:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor # 672| # 673| if(client_fd >= 0) # 674|-> cl = rfbNewClient(screen,client_fd); # 675| if (cl && !cl->onHold ) # 676| rfbStartOnHoldClient(cl); Error: COMPILER_WARNING (CWE-252): [#def40] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/main.c: scope_hint: In function ‘rfbShutdownServer’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/main.c:1236:7: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’ # 1236 | write(screen->pipe_notify_listener_thread[1], "\x00", 1); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 1234| in listenerRun, the loop in there will then break because the rfbShutdownSockets() above has set screen->socketState. # 1235| */ # 1236|-> write(screen->pipe_notify_listener_thread[1], "\x00", 1); # 1237| /* And wait for it to finish. */ # 1238| pthread_join(screen->listener_thread, NULL); Error: GCC_ANALYZER_WARNING (CWE-457): [#def41] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbregion.c: scope_hint: In function ‘sraSpanDup’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbregion.c:48:49: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*src.subspan’ # 46| sraSpan *span; # 47| if (!src) return NULL; # 48|-> span = sraSpanCreate(src->start, src->end, src->subspan); # 49| return span; # 50| } Error: GCC_ANALYZER_WARNING (CWE-457): [#def42] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbregion.c: scope_hint: In function ‘sraSpanInsertAfter.part.0’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbregion.c:55:27: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*after._next’ # 53| sraSpanInsertAfter(sraSpan *newspan, sraSpan *after) { # 54| if(newspan && after) { # 55|-> newspan->_next = after->_next; # 56| newspan->_prev = after; # 57| after->_next->_prev = newspan; Error: GCC_ANALYZER_WARNING (CWE-457): [#def43] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbregion.c: scope_hint: In function ‘sraSpanInsertBefore.part.0’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbregion.c:66:28: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*before._prev’ # 64| if(newspan && before) { # 65| newspan->_next = before; # 66|-> newspan->_prev = before->_prev; # 67| before->_prev->_next = newspan; # 68| before->_prev = newspan; Error: GCC_ANALYZER_WARNING (CWE-457): [#def44] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbregion.c: scope_hint: In function ‘sraSpanPrint’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbregion.c:119:35: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*s.end’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbregion.c: scope_hint: In function ‘sraSpanPrint’ # 117| void # 118| sraSpanPrint(const sraSpan *s) { # 119|-> printf("(%d-%d)", (s->start), (s->end)); # 120| if (s->subspan) # 121| sraSpanListPrint(s->subspan); Error: GCC_ANALYZER_WARNING (CWE-457): [#def45] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbregion.c: scope_hint: In function ‘sraSpanListDestroy’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbregion.c:155:21: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*list.front._next’ # 153| sraSpanListDestroy(sraSpanList *list) { # 154| sraSpan *curr; # 155|-> while (list->front._next != &(list->back)) { # 156| curr = list->front._next; # 157| sraSpanRemove(curr); Error: GCC_ANALYZER_WARNING (CWE-476): [#def46] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbregion.c: scope_hint: In function ‘sraRgnGetReverseIterator’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbregion.c:719:6: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ # 717| sraRectangleIterator *i = sraRgnGetIterator(s); # 718| if(reverseY) { # 719|-> i->sPtrs[1] = &(s->front); # 720| i->sPtrs[0] = &(s->back); # 721| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def47] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbregion.c:722:15: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ # 720| i->sPtrs[0] = &(s->back); # 721| } # 722|-> i->reverseX = reverseX; # 723| i->reverseY = reverseY; # 724| return(i); Error: GCC_ANALYZER_WARNING (CWE-401): [#def48] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c: scope_hint: In function ‘rfbProcessClientNormalMessage’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:212:7: warning[-Wanalyzer-malloc-leak]: leak of ‘rfbGetClientIterator(*cl.screen)’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/rfb/rfb.h:67: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:37: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:213:5: note: in expansion of macro ‘LOCK’ # 210| if (!i) # 211| return NULL; # 212|-> if(i->next == 0) { # 213| LOCK(rfbClientListMutex); # 214| i->next = i->screen->clientHead; Error: GCC_ANALYZER_WARNING (CWE-401): [#def49] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c: scope_hint: In function ‘rfbSendDirContent’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:1411:9: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(&path)’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:1661:5: note: in expansion of macro ‘FILEXFER_ALLOWED_OR_CLOSE_AND_RETURN’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:1509:5: note: in expansion of macro ‘FILEXFER_ALLOWED_OR_CLOSE_AND_RETURN’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:1379:5: note: in expansion of macro ‘FILEXFER_ALLOWED_OR_CLOSE_AND_RETURN’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:1317:5: note: in expansion of macro ‘FILEXFER_ALLOWED_OR_CLOSE_AND_RETURN’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:1251:5: note: in expansion of macro ‘FILEXFER_ALLOWED_OR_CLOSE_AND_RETURN’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:1251:5: note: in expansion of macro ‘FILEXFER_ALLOWED_OR_CLOSE_AND_RETURN’ # 1409| # 1410| /* send back the path name (necessary for links) */ # 1411|-> if (rfbSendFileTransferMessage(cl, rfbDirPacket, rfbADirectory, 0, length, buffer)==FALSE) return FALSE; # 1412| # 1413| #ifdef WIN32 Error: CPPCHECK_WARNING (CWE-401): [#def50] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:1753: error[memleakOnRealloc]: Common realloc mistake: 'buffer' nulled but not freed upon failure # 1751| /* Add the File Time Stamp to the filename */ # 1752| strftime(timespec, sizeof(timespec), "%m/%d/%Y %H:%M",gmtime(&statbuf.st_ctime)); # 1753|-> buffer=realloc(buffer, length + strlen(timespec) + 2); /* comma, and Null term */ # 1754| if (buffer==NULL) { # 1755| rfbLog("rfbProcessFileTransfer() rfbFileTransferRequest: Failed to malloc %d bytes\n", length + strlen(timespec) + 2); Error: COMPILER_WARNING (CWE-563): [#def51] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c: scope_hint: In function ‘rfbSendExtendedServerCutTextData’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:2079:9: warning[-Wunused-variable]: unused variable ‘i’ # 2079 | int i; # | ^ # 2077| static rfbBool # 2078| rfbSendExtendedServerCutTextData(rfbClientPtr cl, const char *data, int len) { # 2079|-> int i; # 2080| unsigned long size; # 2081| uint32_t tmpInt; Error: COMPILER_WARNING (CWE-704): [#def52] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c: scope_hint: In function ‘rfbProcessExtendedServerCutTextData’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:2146:20: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type # 2144| } # 2145| stream.avail_in = len; # 2146|-> stream.next_in = data; # 2147| for (i = 0; i < 16; i++) { # 2148| if (!(flags & (1 << i))) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def53] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c: scope_hint: In function ‘rfbSendSetColourMapEntries’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:3936:16: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘wbuf’ # 3934| rgb = (uint16_t *)(&wbuf[sz_rfbSetColourMapEntriesMsg]); # 3935| # 3936|-> scme->type = rfbSetColourMapEntries; # 3937| # 3938| scme->firstColour = Swap16IfLE(firstColour); Error: CPPCHECK_WARNING (CWE-457): [#def54] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/rfbserver.c:3960: warning[uninitvar]: Uninitialized variable: wbuf # 3958| # 3959| LOCK(cl->sendMutex); # 3960|-> if (rfbWriteExact(cl, wbuf, len) < 0) { # 3961| rfbLogPerror("rfbSendSetColourMapEntries: write"); # 3962| rfbCloseClient(cl); Error: GCC_ANALYZER_WARNING (CWE-688): [#def55] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/scale.c: scope_hint: In function ‘rfbScaledScreenAllocate’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/scale.c:288:9: warning[-Wanalyzer-null-argument]: use of NULL ‘*cl.screen’ where non-null expected <built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null # 286| # 287| /* copy *everything* (we don't use most of it, but just in case) */ # 288|-> memcpy(ptr, cl->screen, sizeof(rfbScreenInfo)); # 289| # 290| /* SECURITY: make sure that no integer overflow will occur afterwards. Error: COMPILER_WARNING (CWE-252): [#def56] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c: scope_hint: In function ‘rfbCloseClient’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c:597:9: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’ # 597 | write(cl->pipe_notify_client_thread[1], "\x00", 1); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 595| RFB_SHUTDOWN. Client socket closing will be done by the thread. # 596| */ # 597|-> write(cl->pipe_notify_client_thread[1], "\x00", 1); # 598| /* # 599| No joining of threads here, this is fire and forget. Error: COMPILER_WARNING (CWE-758): [#def57] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c: scope_hint: In function ‘rfbReadExactTimeout’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c:738:32: warning[-Wrestrict]: passing argument 2 to ‘restrict’-qualified parameter aliases with argument 4 # 738 | n = select(sock+1, &fds, NULL, &fds, &tv); # | ^~~~ ~~~~ # 736| tv.tv_sec = timeout / 1000; # 737| tv.tv_usec = (timeout % 1000) * 1000; # 738|-> n = select(sock+1, &fds, NULL, &fds, &tv); # 739| if (n < 0) { # 740| rfbLogPerror("ReadExact: select"); Error: CPPCHECK_WARNING (CWE-758): [#def58] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c:779: error[missingReturn]: Found an exit path from function with non-void return type that has missing return statement # 777| rfbPeekAtSocket(rfbClientPtr cl, char *buf, int len) # 778| { # 779|-> cl->peekAtSocket(cl, buf, len); # 780| } # 781| Error: COMPILER_WARNING (CWE-393): [#def59] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c: scope_hint: In function ‘rfbPeekAtSocket’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c:780:1: warning[-Wreturn-type]: control reaches end of non-void function # 780 | } # | ^ # 778| { # 779| cl->peekAtSocket(cl, buf, len); # 780|-> } # 781| # 782| /* Error: GCC_ANALYZER_WARNING (CWE-457): [#def60] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c: scope_hint: In function ‘rfbPeekExactTimeout’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c:804:12: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘n’ # 802| n = rfbPeekAtSocket(cl, buf, len); # 803| # 804|-> if (n == len) { # 805| # 806| break; Error: COMPILER_WARNING (CWE-758): [#def61] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c: scope_hint: In function ‘rfbPeekExactTimeout’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c:836:32: warning[-Wrestrict]: passing argument 2 to ‘restrict’-qualified parameter aliases with argument 4 # 836 | n = select(sock+1, &fds, NULL, &fds, &tv); # | ^~~~ ~~~~ # 834| tv.tv_sec = timeout / 1000; # 835| tv.tv_usec = (timeout % 1000) * 1000; # 836|-> n = select(sock+1, &fds, NULL, &fds, &tv); # 837| if (n < 0) { # 838| rfbLogPerror("PeekExact: select"); Error: GCC_ANALYZER_WARNING (CWE-476): [#def62] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/translate.c:114: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinit24.c: scope_hint: In function ‘rfbInitColourMapSingleTable24’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinit24.c:60:29: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*table’ # 58| (((g * (1 + out->greenMax)) >> shift) << out->greenShift) | # 59| (((b * (1 + out->blueMax)) >> shift) << out->blueShift)); # 60|-> *(uint32_t*)&t[3*i] = outValue; # 61| if(!rfbEndianTest) # 62| memmove(t+3*i,t+3*i+1,3); Error: GCC_ANALYZER_WARNING (CWE-476): [#def63] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinit24.c: scope_hint: In function ‘rfbInitTrueColourSingleTable24’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinit24.c:100:29: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*table’ # 98| (outGreen << out->greenShift) | # 99| (outBlue << out->blueShift)); # 100|-> *(uint32_t*)&t[3*i] = outValue; # 101| if(!rfbEndianTest) # 102| memmove(t+3*i,t+3*i+1,3); Error: GCC_ANALYZER_WARNING (CWE-476): [#def64] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinit24.c: scope_hint: In function ‘rfbInitOneRGBTable24’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinit24.c:149:32: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘table’ # 147| for (i = 0; i < nEntries; i++) { # 148| outValue = ((i * outMax + inMax / 2) / inMax) << outShift; # 149|-> *(uint32_t *)&table[3*i] = outValue; # 150| if(!rfbEndianTest) { # 151| memmove(table+3*i,table+3*i+1,3); Error: GCC_ANALYZER_WARNING (CWE-476): [#def65] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/translate.c:70: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinitcmtemplate.c: scope_hint: In function ‘rfbInitColourMapSingleTable8’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinitcmtemplate.c:71:14: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*table’ # 69| } # 70| } # 71|-> t[i] = ((((r * (1 + out->redMax)) >> shift) << out->redShift) | # 72| (((g * (1 + out->greenMax)) >> shift) << out->greenShift) | # 73| (((b * (1 + out->blueMax)) >> shift) << out->blueShift)); Error: GCC_ANALYZER_WARNING (CWE-476): [#def66] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/translate.c:71: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c: scope_hint: In function ‘rfbInitTrueColourSingleTable8’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c:81:14: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*table’ # 79| outBlue = (inBlue * out->blueMax + in->blueMax / 2) / in->blueMax; # 80| # 81|-> t[i] = ((outRed << out->redShift) | # 82| (outGreen << out->greenShift) | # 83| (outBlue << out->blueShift)); Error: GCC_ANALYZER_WARNING (CWE-476): [#def67] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c:129:18: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*table’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c: scope_hint: In function ‘rfbInitTrueColourRGBTables8’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/translate.c:59:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c:46:39: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c:99:1: note: in expansion of macro ‘rfbInitTrueColourRGBTablesOUT’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/translate.c:59:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c:47:31: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c:113:5: note: in expansion of macro ‘rfbInitOneRGBTableOUT’ # 127| # 128| for (i = 0; i < nEntries; i++) { # 129|-> table[i] = ((i * outMax + inMax / 2) / inMax) << outShift; # 130| #if (OUT != 8) # 131| if (swap) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def68] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c: scope_hint: In function ‘rfbInitOneRGBTable16’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c:129:18: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘table’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/translate.c:59:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c:46:39: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c:99:1: note: in expansion of macro ‘rfbInitTrueColourRGBTablesOUT’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/translate.c:59:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c:47:31: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c:113:5: note: in expansion of macro ‘rfbInitOneRGBTableOUT’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/translate.c:59:22: note: in definition of macro ‘CONCAT2’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c:47:31: note: in expansion of macro ‘CONCAT2E’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tableinittctemplate.c:122:1: note: in expansion of macro ‘rfbInitOneRGBTableOUT’ # 127| # 128| for (i = 0; i < nEntries; i++) { # 129|-> table[i] = ((i * outMax + inMax / 2) / inMax) << outShift; # 130| #if (OUT != 8) # 131| if (swap) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def69] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tightvnc-filetransfer/handlefiletransferrequest.c: scope_hint: In function ‘InitFileTransfer’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/tightvnc-filetransfer/handlefiletransferrequest.c:202:17: warning[-Wanalyzer-malloc-leak]: leak of ‘GetHomeDir(uid)’ # 200| return NULL; # 201| # 202|-> if(pwEnt->pw_dir != NULL) { # 203| homedir = strdup (pwEnt->pw_dir); # 204| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def70] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/rfb/rfb.h:44: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c:54: included_from: Included from here. libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c: scope_hint: In function ‘rfbListenOnUDPPort’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/rfb/rfbproto.h:106:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sock’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c:1235:16: note: in expansion of macro ‘RFB_INVALID_SOCKET’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/libvncserver/sockets.c:1235:16: note: in expansion of macro ‘RFB_INVALID_SOCKET’ # 104| #define rfbSocket int # 105| #define SOCKET int /* LibVNCServer versions older than 0.9.13 defined this for non-Windows, so keep it here */ # 106|-> #define RFB_INVALID_SOCKET (-1) # 107| #define _rfbCloseSocket close # 108| typedef int8_t rfbBool; Error: GCC_ANALYZER_WARNING (CWE-401): [#def71] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c: scope_hint: In function ‘loadbmp’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:266:16: warning[-Wanalyzer-malloc-leak]: leak of ‘tempbuf’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:80:23: note: in definition of macro ‘_unix’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:191:9: note: in expansion of macro ‘_unix’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:193:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:193:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:207:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:207:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:208:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:208:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:209:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:209:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:210:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:210:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:211:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:211:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:212:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:212:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:213:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:213:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:214:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:214:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:215:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:215:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:216:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:216:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:217:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:217:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:218:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:218:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:219:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:219:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:220:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:220:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:221:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:221:9: note: in expansion of macro ‘readme’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/bmp.c:79:29: note: in definition of macro ‘_throw’ # 264| if(tempbuf) free(tempbuf); # 265| if(fd!=-1) close(fd); # 266|-> return retcode; # 267| } # 268| Error: GCC_ANALYZER_WARNING (CWE-476): [#def72] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/copyrecttest.c: scope_hint: In function ‘initBackground’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/copyrecttest.c:14:51: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*server.frameBuffer + (sizetype)(((unsigned int)*server.width * j + i) * 4)’ # 12| for(i=0;i<server->width;i++) # 13| for(j=0;j<server->height;j++) { # 14|-> server->frameBuffer[(j*server->width+i)*4+0]=i&0xff; # 15| server->frameBuffer[(j*server->width+i)*4+1]=j&0xff; # 16| server->frameBuffer[(j*server->width+i)*4+2]=(i*j)&0xff; Error: COMPILER_WARNING: [#def73] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/encodingstest.c: scope_hint: In function ‘main’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/encodingstest.c:202:31: warning[-Wformat-overflow=]: ‘%d’ directive writing between 1 and 11 bytes into a region of size 7 # 202 | sprintf(cd->display,":%d",server->port-5900); # | ^~ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/encodingstest.c:202:29: note: directive argument in the range [-2147483648, 2147477747] # 202 | sprintf(cd->display,":%d",server->port-5900); # | ^~~~~ /usr/include/bits/stdio2.h:30:10: note: ‘__sprintf_chk’ output between 3 and 13 bytes into a destination of size 8 # 30 | return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1, # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 31 | __glibc_objsize (__s), __fmt, # | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 32 | __va_arg_pack ()); # | ~~~~~~~~~~~~~~~~~ # 200| cd->encodingIndex=encodingIndex; # 201| cd->server=server; # 202|-> sprintf(cd->display,":%d",server->port-5900); # 203| rfbClientSetClientData(client, clientLoop, cd); # 204| Error: COMPILER_WARNING: [#def74] libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/tjbench.c: scope_hint: In function ‘decomptest’ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/tjbench.c:96:41: warning[-Wformat-truncation=]: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size 4 # 96 | snprintf(qualstr, 6, "_Q%d", jpegqual); # | ^~ libvncserver-0.9.14-build/libvncserver-LibVNCServer-0.9.14/test/tjbench.c:96:38: note: directive argument in the range [1, 2147483647] # 96 | snprintf(qualstr, 6, "_Q%d", jpegqual); # | ^~~~~~ /usr/include/bits/stdio2.h:68:10: note: ‘__snprintf_chk’ output between 4 and 13 bytes into a destination of size 6 # 68 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 69 | __glibc_objsize (__s), __fmt, # | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 70 | __va_arg_pack ()); # | ~~~~~~~~~~~~~~~~~ # 94| if(jpegqual>0) # 95| { # 96|-> snprintf(qualstr, 6, "_Q%d", jpegqual); # 97| qualstr[5]=0; # 98| }
| analyzer-version-clippy | 1.82.0 |
| analyzer-version-cppcheck | 2.16.0 |
| analyzer-version-gcc | 14.2.1 |
| analyzer-version-gcc-analyzer | 15.0.0 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-194.us-west-2.compute.internal |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | libvncserver-0.9.14-5.fc42 |
| store-results-to | /tmp/tmplsafi6gm/libvncserver-0.9.14-5.fc42.tar.xz |
| time-created | 2024-11-13 01:49:22 |
| time-finished | 2024-11-13 01:51:35 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmplsafi6gm/libvncserver-0.9.14-5.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmplsafi6gm/libvncserver-0.9.14-5.fc42.src.rpm' |
| tool-version | csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9 |