Error: CPPCHECK_WARNING (CWE-758): [#def1] mbedtls-2.28.8-build/mbedtls-2.28.8/library/bignum.c:1603: error[shiftTooManyBits]: Shifting 32-bit value by 64 bits is undefined behaviour # 1601| # 1602| #if defined(MBEDTLS_HAVE_UDBL) # 1603|-> dividend = (mbedtls_t_udbl) u1 << biL; # 1604| dividend |= (mbedtls_t_udbl) u0; # 1605| quotient = dividend / d; Error: CPPCHECK_WARNING (CWE-758): [#def2] mbedtls-2.28.8-build/mbedtls-2.28.8/library/bignum.c:1606: error[shiftTooManyBits]: Shifting 32-bit value by 64 bits is undefined behaviour # 1604| dividend |= (mbedtls_t_udbl) u0; # 1605| quotient = dividend / d; # 1606|-> if (quotient > ((mbedtls_t_udbl) 1 << biL) - 1) { # 1607| quotient = ((mbedtls_t_udbl) 1 << biL) - 1; # 1608| } Error: CPPCHECK_WARNING (CWE-758): [#def3] mbedtls-2.28.8-build/mbedtls-2.28.8/library/bignum.c:1607: error[shiftTooManyBits]: Shifting 32-bit value by 64 bits is undefined behaviour # 1605| quotient = dividend / d; # 1606| if (quotient > ((mbedtls_t_udbl) 1 << biL) - 1) { # 1607|-> quotient = ((mbedtls_t_udbl) 1 << biL) - 1; # 1608| } # 1609| Error: GCC_ANALYZER_WARNING (CWE-476): [#def4] mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c:16: included_from: Included from here. mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c: scope_hint: In function ‘ssl_session_save’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/common.h:282:26: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘p’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c:5367:9: note: in expansion of macro ‘MBEDTLS_PUT_UINT64_BE’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c: scope_hint: In function ‘ssl_session_save’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c:5367:9: note: in expansion of macro ‘MBEDTLS_PUT_UINT64_BE’ # 280| #define MBEDTLS_PUT_UINT64_BE(n, data, offset) \ # 281| { \ # 282|-> (data)[(offset)] = MBEDTLS_BYTE_7(n); \ # 283| (data)[(offset) + 1] = MBEDTLS_BYTE_6(n); \ # 284| (data)[(offset) + 2] = MBEDTLS_BYTE_5(n); \ Error: GCC_ANALYZER_WARNING (CWE-775): [#def5] mbedtls-2.28.8-build/mbedtls-2.28.8/library/net_sockets.c: scope_hint: In function ‘mbedtls_net_connect’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/net_sockets.c:193:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘socket(*cur.ai_family, *cur.ai_socktype, *cur.ai_protocol)’ # 191| } # 192| # 193|-> if (connect(ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen) == 0) { # 194| ret = 0; # 195| break; Error: GCC_ANALYZER_WARNING (CWE-775): [#def6] mbedtls-2.28.8-build/mbedtls-2.28.8/library/net_sockets.c: scope_hint: In function ‘mbedtls_net_bind’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/net_sockets.c:250:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*ctx.fd’ # 248| } # 249| # 250|-> if (bind(ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen) != 0) { # 251| close(ctx->fd); # 252| ret = MBEDTLS_ERR_NET_BIND_FAILED; Error: GCC_ANALYZER_WARNING (CWE-775): [#def7] mbedtls-2.28.8-build/mbedtls-2.28.8/library/net_sockets.c:258:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*ctx.fd’ # 256| /* Listen only makes sense for TCP */ # 257| if (proto == MBEDTLS_NET_PROTO_TCP) { # 258|-> if (listen(ctx->fd, MBEDTLS_NET_LISTEN_BACKLOG) != 0) { # 259| close(ctx->fd); # 260| ret = MBEDTLS_ERR_NET_LISTEN_FAILED; Error: GCC_ANALYZER_WARNING (CWE-775): [#def8] mbedtls-2.28.8-build/mbedtls-2.28.8/library/net_sockets.c:270:5: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*ctx.fd’ # 268| } # 269| # 270|-> freeaddrinfo(addr_list); # 271| # 272| return ret; Error: GCC_ANALYZER_WARNING (CWE-775): [#def9] mbedtls-2.28.8-build/mbedtls-2.28.8/library/net_sockets.c:350:30: warning[-Wanalyzer-fd-leak]: leak of file descriptor # 348| if (type == SOCK_STREAM) { # 349| /* TCP: actual accept() */ # 350|-> ret = client_ctx->fd = (int) accept(bind_ctx->fd, # 351| (struct sockaddr *) &client_addr, &n); # 352| } else { Error: GCC_ANALYZER_WARNING (CWE-775): [#def10] mbedtls-2.28.8-build/mbedtls-2.28.8/library/net_sockets.c: scope_hint: In function ‘mbedtls_net_accept’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/net_sockets.c:350:30: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*bind_ctx.fd’ # 348| if (type == SOCK_STREAM) { # 349| /* TCP: actual accept() */ # 350|-> ret = client_ctx->fd = (int) accept(bind_ctx->fd, # 351| (struct sockaddr *) &client_addr, &n); # 352| } else { Error: GCC_ANALYZER_WARNING (CWE-775): [#def11] mbedtls-2.28.8-build/mbedtls-2.28.8/library/net_sockets.c:382:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*bind_ctx.fd’ # 380| int one = 1; # 381| # 382|-> if (connect(bind_ctx->fd, (struct sockaddr *) &client_addr, n) != 0) { # 383| return MBEDTLS_ERR_NET_ACCEPT_FAILED; # 384| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def12] mbedtls-2.28.8-build/mbedtls-2.28.8/library/net_sockets.c:399:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*bind_ctx.fd’ # 397| } # 398| # 399|-> if (bind(bind_ctx->fd, (struct sockaddr *) &local_addr, n) != 0) { # 400| return MBEDTLS_ERR_NET_BIND_FAILED; # 401| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def13] mbedtls-2.28.8-build/mbedtls-2.28.8/library/net_sockets.c:409:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor # 407| *cip_len = sizeof(addr4->sin_addr.s_addr); # 408| # 409|-> if (buf_size < *cip_len) { # 410| return MBEDTLS_ERR_NET_BUFFER_TOO_SMALL; # 411| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def14] mbedtls-2.28.8-build/mbedtls-2.28.8/library/net_sockets.c:418:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor # 416| *cip_len = sizeof(addr6->sin6_addr.s6_addr); # 417| # 418|-> if (buf_size < *cip_len) { # 419| return MBEDTLS_ERR_NET_BUFFER_TOO_SMALL; # 420| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def15] mbedtls-2.28.8-build/mbedtls-2.28.8/library/pem.c: scope_hint: In function ‘mbedtls_pem_write_buffer’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/pem.c:494:9: warning[-Wanalyzer-null-argument]: use of NULL ‘c’ where non-null expected <built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null # 492| while (use_len) { # 493| len = (use_len > 64) ? 64 : use_len; # 494|-> memcpy(p, c, len); # 495| use_len -= len; # 496| p += len; Error: GCC_ANALYZER_WARNING (CWE-457): [#def16] mbedtls-2.28.8-build/mbedtls-2.28.8/library/pkcs12.c: scope_hint: In function ‘mbedtls_pkcs12_derivation’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/pkcs12.c:430:29: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘hash_block[<unknown>]’ # 428| // B += 1 # 429| for (i = v; i > 0; i--) { # 430|-> if (++hash_block[i - 1] != 0) { # 431| break; # 432| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def17] mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c: scope_hint: In function ‘psa_tls12_prf_psk_to_ms_set_key’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5111:5: warning[-Wanalyzer-null-argument]: use of NULL ‘data’ where non-null expected mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5228:5: note: in expansion of macro ‘LOCAL_INPUT_DECLARE’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5230:5: note: in expansion of macro ‘LOCAL_INPUT_ALLOC’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5230:5: note: in expansion of macro ‘LOCAL_INPUT_ALLOC’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5230:5: note: in expansion of macro ‘LOCAL_INPUT_ALLOC’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5230:5: note: in expansion of macro ‘LOCAL_INPUT_ALLOC’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5230:5: note: in expansion of macro ‘LOCAL_INPUT_ALLOC’ mbedtls-2.28.8-build/mbedtls-2.28.8/include/psa/crypto.h:56: included_from: Included from here. mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:17: included_from: Included from here. mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5154:24: note: in expansion of macro ‘PSA_SUCCESS’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5188:9: note: in expansion of macro ‘PSA_ALG_IS_HKDF’ <built-in>: note: argument 2 of ‘__builtin_memcpy’ must be non-null # 5109| *cur++ = pms[0]; # 5110| *cur++ = pms[1]; # 5111|-> memcpy(cur, data, data_length); # 5112| cur += data_length; # 5113| Error: GCC_ANALYZER_WARNING (CWE-401): [#def18] mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c: scope_hint: In function ‘psa_generate_random’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5629:12: warning[-Wanalyzer-malloc-leak]: leak of ‘output’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5621:5: note: in expansion of macro ‘LOCAL_OUTPUT_ALLOC’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:40: included_from: Included from here. mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:6112:28: note: in expansion of macro ‘mbedtls_calloc’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:6112:28: note: in expansion of macro ‘mbedtls_calloc’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5621:5: note: in expansion of macro ‘LOCAL_OUTPUT_ALLOC’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5621:5: note: in expansion of macro ‘LOCAL_OUTPUT_ALLOC’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5621:5: note: in expansion of macro ‘LOCAL_OUTPUT_ALLOC’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:3574:5: note: in expansion of macro ‘GUARD_MODULE_INITIALIZED’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5628:5: note: in expansion of macro ‘LOCAL_OUTPUT_FREE’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5628:5: note: in expansion of macro ‘LOCAL_OUTPUT_FREE’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/psa_crypto.c:5628:5: note: in expansion of macro ‘LOCAL_OUTPUT_FREE’ # 5627| #endif # 5628| LOCAL_OUTPUT_FREE(output_external, output); # 5629|-> return status; # 5630| } # 5631| Error: GCC_ANALYZER_WARNING (CWE-476): [#def19] mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_srv.c: scope_hint: In function ‘ssl_get_ecdh_params_from_cert’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_srv.c:3154:40: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_srv.c:15: included_from: Included from here. # 3152| # 3153| if ((ret = mbedtls_ecdh_get_params(&ssl->handshake->ecdh_ctx, # 3154|-> mbedtls_pk_ec(*own_key), # 3155| MBEDTLS_ECDH_OURS)) != 0) { # 3156| MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecdh_get_params"), ret); Error: GCC_ANALYZER_WARNING (CWE-401): [#def20] mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c: scope_hint: In function ‘mbedtls_ssl_session_copy’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c:215:9: warning[-Wanalyzer-malloc-leak]: leak of ‘**ssl.session_negotiate.ticket’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c:20: included_from: Included from here. mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c:210:23: note: in expansion of macro ‘mbedtls_calloc’ # 213| } # 214| # 215|-> memcpy(dst->ticket, src->ticket, src->ticket_len); # 216| } # 217| #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ Error: GCC_ANALYZER_WARNING (CWE-476): [#def21] mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c:5413:14: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘p’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c: scope_hint: In function ‘ssl_session_save’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c:5413:16: note: in expansion of macro ‘MBEDTLS_BYTE_2’ # 5411| # 5412| if (used <= buf_len) { # 5413|-> *p++ = MBEDTLS_BYTE_2(cert_len); # 5414| *p++ = MBEDTLS_BYTE_1(cert_len); # 5415| *p++ = MBEDTLS_BYTE_0(cert_len); Error: GCC_ANALYZER_WARNING (CWE-476): [#def22] mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c:5449:14: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘p’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c: scope_hint: In function ‘ssl_session_save’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c:5449:16: note: in expansion of macro ‘MBEDTLS_BYTE_2’ # 5447| # 5448| if (used <= buf_len) { # 5449|-> *p++ = MBEDTLS_BYTE_2(session->ticket_len); # 5450| *p++ = MBEDTLS_BYTE_1(session->ticket_len); # 5451| *p++ = MBEDTLS_BYTE_0(session->ticket_len); Error: GCC_ANALYZER_WARNING (CWE-476): [#def23] mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c:5470:14: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘p’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c: scope_hint: In function ‘ssl_session_save’ # 5468| # 5469| if (used <= buf_len) { # 5470|-> *p++ = session->mfl_code; # 5471| } # 5472| #endif Error: GCC_ANALYZER_WARNING (CWE-476): [#def24] mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c:5478:14: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘p’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c: scope_hint: In function ‘ssl_session_save’ # 5476| # 5477| if (used <= buf_len) { # 5478|-> *p++ = (unsigned char) ((session->trunc_hmac) & 0xFF); # 5479| } # 5480| #endif Error: GCC_ANALYZER_WARNING (CWE-476): [#def25] mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c:5486:14: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘p’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/ssl_tls.c: scope_hint: In function ‘ssl_session_save’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/common.h:94:40: note: in definition of macro ‘MBEDTLS_BYTE_0’ # 5484| # 5485| if (used <= buf_len) { # 5486|-> *p++ = MBEDTLS_BYTE_0(session->encrypt_then_mac); # 5487| } # 5488| #endif Error: GCC_ANALYZER_WARNING (CWE-457): [#def26] mbedtls-2.28.8-build/mbedtls-2.28.8/library/x509_crt.c: scope_hint: In function ‘mbedtls_x509_parse_subject_alt_name’ mbedtls-2.28.8-build/mbedtls-2.28.8/library/x509_crt.c:1907:13: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘&other_name’ # 1905| memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); # 1906| san->type = MBEDTLS_X509_SAN_OTHER_NAME; # 1907|-> memcpy(&san->san.other_name, # 1908| &other_name, sizeof(other_name)); # 1909|
| analyzer-version-clippy | 1.82.0 |
| analyzer-version-cppcheck | 2.16.0 |
| analyzer-version-gcc | 14.2.1 |
| analyzer-version-gcc-analyzer | 15.0.0 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-167.us-west-2.compute.internal |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | mbedtls-2.28.8-1.fc41 |
| store-results-to | /tmp/tmp9pecc61y/mbedtls-2.28.8-1.fc41.tar.xz |
| time-created | 2024-11-13 02:00:33 |
| time-finished | 2024-11-13 02:03:38 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmp9pecc61y/mbedtls-2.28.8-1.fc41.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp9pecc61y/mbedtls-2.28.8-1.fc41.src.rpm' |
| tool-version | csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9 |