Error: GCC_ANALYZER_WARNING (CWE-688): [#def1] libzip-1.11.2-build/libzip-1.11.2/lib/zipint.h:39: included_from: Included from here. libzip-1.11.2-build/libzip-1.11.2/lib/zip_buffer.c:37: included_from: Included from here. libzip-1.11.2-build/libzip-1.11.2/lib/zip_buffer.c: scope_hint: In function ‘_zip_buffer_read’ libzip-1.11.2-build/libzip-1.11.2/lib/compat.h:200:45: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected libzip-1.11.2-build/libzip-1.11.2/lib/zip_buffer.c:144:15: note: in expansion of macro ‘memcpy_s’ libzip-1.11.2-build/libzip-1.11.2/lib/compat.h:200:61: note: in definition of macro ‘memcpy_s’ libzip-1.11.2-build/libzip-1.11.2/lib/compat.h:200:61: note: in definition of macro ‘memcpy_s’ libzip-1.11.2-build/libzip-1.11.2/lib/zip_buffer.c:144:15: note: in expansion of macro ‘memcpy_s’ <built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null # 198| # 199| #ifndef HAVE_MEMCPY_S # 200|-> #define memcpy_s(dest, destsz, src, count) (memcpy((dest), (src), (count)) == NULL) # 201| #endif # 202| Error: COMPILER_WARNING: [#def2] libzip-1.11.2-build/libzip-1.11.2/lib/zipint.h:39: included_from: Included from here. libzip-1.11.2-build/libzip-1.11.2/lib/zip_dir_add.c:38: included_from: Included from here. libzip-1.11.2-build/libzip-1.11.2/lib/zip_dir_add.c: scope_hint: In function ‘zip_dir_add’ libzip-1.11.2-build/libzip-1.11.2/lib/compat.h:220:46: warning[-Wstringop-truncation]: ‘__strncpy_chk’ output truncated before terminating nul copying as many bytes from a string as its length # 220 | #define strncpy_s(dest, destsz, src, count) (strncpy((dest), (src), (count)), 0) # | ^~~~~~~ libzip-1.11.2-build/libzip-1.11.2/lib/zip_dir_add.c:61:11: note: length computed here # 61 | len = strlen(name); # | ^~~~~~~~~~~~ # 218| # 219| #ifndef HAVE_STRNCPY_S # 220|-> #define strncpy_s(dest, destsz, src, count) (strncpy((dest), (src), (count)), 0) # 221| #endif # 222| Error: GCC_ANALYZER_WARNING (CWE-688): [#def3] libzip-1.11.2-build/libzip-1.11.2/lib/zip_extra_field.c: scope_hint: In function ‘_zip_ef_merge.part.0’ libzip-1.11.2-build/libzip-1.11.2/lib/zip_extra_field.c:159:83: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected libzip-1.11.2-build/libzip-1.11.2/lib/zip_extra_field.c:37: included_from: Included from here. libzip-1.11.2-build/libzip-1.11.2/lib/zipint.h:98:34: note: in definition of macro ‘ZIP_EF_IS_INTERNAL’ libzip-1.11.2-build/libzip-1.11.2/lib/zip_extra_field.c: scope_hint: In function ‘_zip_ef_merge.part.0’ libzip-1.11.2-build/libzip-1.11.2/lib/zip_extra_field.c:35: included_from: Included from here. /usr/include/string.h:64:12: note: argument 2 of ‘memcmp’ must be non-null # 157| duplicate = 0; # 158| for (tt = to; tt; tt = tt->next) { # 159|-> if (tt->id == from->id && tt->size == from->size && (tt->size == 0 || memcmp(tt->data, from->data, tt->size) == 0)) { # 160| tt->flags |= (from->flags & ZIP_EF_BOTH); # 161| duplicate = 1; Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] libzip-1.11.2-build/libzip-1.11.2/lib/zip_progress.c: scope_hint: In function ‘zip_register_progress_callback’ libzip-1.11.2-build/libzip-1.11.2/lib/zip_progress.c:290:8: warning[-Wanalyzer-malloc-leak]: leak of ‘ud’ # 288| ud->callback = progress_callback; # 289| # 290|-> if (zip_register_progress_callback_with_state(za, 0.001, _zip_legacy_progress_callback, free, ud) < 0) { # 291| free(ud); # 292| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def5] libzip-1.11.2-build/libzip-1.11.2/lib/zip_source_buffer.c: scope_hint: In function ‘buffer_new’ libzip-1.11.2-build/libzip-1.11.2/lib/zip_source_buffer.c:506:39: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ # 504| return NULL; # 505| } # 506|-> buffer->fragments[j].data = fragments[i].data; # 507| buffer->fragments[j].length = fragments[i].length; # 508| buffer->fragment_offsets[i] = offset; Error: GCC_ANALYZER_WARNING (CWE-476): [#def6] libzip-1.11.2-build/libzip-1.11.2/lib/zip_source_buffer.c:515:54: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ # 513| buffer->nfragments = j; # 514| buffer->first_owned_fragment = free_data ? 0 : buffer->nfragments; # 515|-> buffer->fragment_offsets[buffer->nfragments] = offset; # 516| buffer->size = offset; # 517| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] libzip-1.11.2-build/libzip-1.11.2/regress/source_hole.c: scope_hint: In function ‘buffer_write’ libzip-1.11.2-build/libzip-1.11.2/regress/source_hole.c:381:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fragment’ libzip-1.11.2-build/libzip-1.11.2/regress/source_hole.c:51:30: note: in definition of macro ‘MY_MIN’ # 379| if (buffer->fragment[idx] == NULL) { # 380| if ((buffer->fragment[idx] = (zip_uint8_t *)malloc(buffer->fragment_size)) == NULL) { # 381|-> zip_error_set(error, ZIP_ER_MEMORY, 0); # 382| return -1; # 383| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] libzip-1.11.2-build/libzip-1.11.2/regress/source_hole.c:399:12: warning[-Wanalyzer-malloc-leak]: leak of ‘fragment’ # 397| } # 398| # 399|-> return (zip_int64_t)length; # 400| } # 401| Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] libzip-1.11.2-build/libzip-1.11.2/regress/source_hole.c: scope_hint: In function ‘hole_new’ libzip-1.11.2-build/libzip-1.11.2/regress/source_hole.c:482:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ # 480| # 481| if ((ctx->in = buffer_from_file(fname, flags, error)) == NULL) { # 482|-> free(ctx); # 483| return NULL; # 484| } Error: COMPILER_WARNING (CWE-252): [#def10] libzip-1.11.2-build/libzip-1.11.2/regress/ziptool_regress.c: scope_hint: In function ‘get_stdin_commands’ libzip-1.11.2-build/libzip-1.11.2/regress/ziptool_regress.c:99:5: warning[-Wunused-result]: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ # 99 | fgets(stdin_line, sizeof(stdin_line), stdin); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 97| int argc = 0; # 98| char *p, *word; # 99|-> fgets(stdin_line, sizeof(stdin_line), stdin); # 100| word = p = stdin_line; # 101| while (1) { Error: GCC_ANALYZER_WARNING (CWE-127): [#def11] libzip-1.11.2-build/libzip-1.11.2/regress/ziptool_regress.c: scope_hint: In function ‘read_to_memory’ libzip-1.11.2-build/libzip-1.11.2/regress/ziptool_regress.c:445:42: warning[-Wanalyzer-out-of-bounds]: heap-based buffer under-read libzip-1.11.2-build/libzip-1.11.2/regress/ziptool_regress.c:5:31: note: in definition of macro ‘ZIP_MIN’ # 443| /* fragments is initialized up to i - 1*/ # 444| while (--i > 0) { # 445|-> free(fragments[i].data); # 446| } # 447| #endif Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] libzip-1.11.2-build/libzip-1.11.2/regress/ziptool_regress.c:448:21: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ libzip-1.11.2-build/libzip-1.11.2/regress/ziptool_regress.c:5:31: note: in definition of macro ‘ZIP_MIN’ libzip-1.11.2-build/libzip-1.11.2/regress/ziptool_regress.c:5:31: note: in definition of macro ‘ZIP_MIN’ # 446| } # 447| #endif # 448|-> free(fragments); # 449| fclose(fp); # 450| zip_error_set(error, ZIP_ER_MEMORY, 0); Error: GCC_ANALYZER_WARNING (CWE-127): [#def13] libzip-1.11.2-build/libzip-1.11.2/regress/ziptool_regress.c:458:42: warning[-Wanalyzer-out-of-bounds]: heap-based buffer under-read libzip-1.11.2-build/libzip-1.11.2/regress/ziptool_regress.c:5:31: note: in definition of macro ‘ZIP_MIN’ # 456| /* fragments is initialized up to i - 1*/ # 457| while (--i > 0) { # 458|-> free(fragments[i].data); # 459| } # 460| #endif Error: GCC_ANALYZER_WARNING (CWE-401): [#def14] libzip-1.11.2-build/libzip-1.11.2/regress/ziptool_regress.c:461:21: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ libzip-1.11.2-build/libzip-1.11.2/regress/ziptool_regress.c:5:31: note: in definition of macro ‘ZIP_MIN’ # 459| } # 460| #endif # 461|-> free(fragments); # 462| fclose(fp); # 463| zip_error_set(error, ZIP_ER_READ, errno); Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] libzip-1.11.2-build/libzip-1.11.2/regress/ziptool_regress.c:485:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’ # 483| zb = zip_open_from_source(src, flags, error); # 484| if (zb == NULL) { # 485|-> zip_source_free(src); # 486| return NULL; # 487| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def16] libzip-1.11.2-build/libzip-1.11.2/regress/ziptool_regress.c:489:11: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’ # 487| } # 488| zip_source_keep(src); # 489|-> *srcp = src; # 490| return zb; # 491| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def17] libzip-1.11.2-build/libzip-1.11.2/src/zipcmp.c: scope_hint: In function ‘list_directory’ libzip-1.11.2-build/libzip-1.11.2/src/zipcmp.c:429:28: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘normalized_name’ # 427| # 428| if (name_length == 0) { # 429|-> normalized_name[0] = '/'; # 430| normalized_name[1] = '\0'; # 431| name_length = 1; Error: GCC_ANALYZER_WARNING (CWE-401): [#def18] libzip-1.11.2-build/libzip-1.11.2/src/zipcmp.c:502:61: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(*<unknown>.fts_path + prefix_length)’ # 500| else { # 501| a->entry[a->nentry].name = strdup(ent->fts_path + prefix_length); # 502|-> a->entry[a->nentry].size = (zip_uint64_t)ent->fts_statp->st_size; # 503| if ((crc = compute_crc(ent->fts_accpath)) < 0) { # 504| fts_close(fts); Error: GCC_ANALYZER_WARNING (CWE-401): [#def19] libzip-1.11.2-build/libzip-1.11.2/src/zipcmp.c: scope_hint: In function ‘list_zip’ libzip-1.11.2-build/libzip-1.11.2/src/zipcmp.c:558:34: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(st.name)’ # 556| zip_stat_index(za, i, 0, &st); # 557| a->entry[i].name = strdup(st.name); # 558|-> a->entry[i].size = st.size; # 559| a->entry[i].crc = st.crc; # 560| if (test_files)
| analyzer-version-clippy | 1.82.0 |
| analyzer-version-cppcheck | 2.16.0 |
| analyzer-version-gcc | 14.2.1 |
| analyzer-version-gcc-analyzer | 15.0.0 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-158.us-west-2.compute.internal |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | libzip-1.11.2-1.fc42 |
| store-results-to | /tmp/tmp9gw811zx/libzip-1.11.2-1.fc42.tar.xz |
| time-created | 2024-11-13 01:51:30 |
| time-finished | 2024-11-13 01:53:03 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmp9gw811zx/libzip-1.11.2-1.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp9gw811zx/libzip-1.11.2-1.fc42.src.rpm' |
| tool-version | csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9 |