mtools-4.0.45-1.fc42

List of Findings

Error: SHELLCHECK_WARNING (CWE-138): [#def1]
/usr/bin/tgz:41:20: error[SC2145]: Argument mixes string and array. Use * or separate argument.
#   39|   
#   40|   Error ()
#   41|-> {	echo "Error: $0: ${@-}." >&2
#   42|   	exit 1
#   43|   }

Error: SHELLCHECK_WARNING (CWE-569): [#def2]
/usr/bin/tgz:56:6: warning[SC2124]: Assigning an array to a string! Assign as array, or use * instead of @ to concatenate.
#   54|   	dest=$1
#   55|   	shift
#   56|-> 	src="${@-}"
#   57|   fi
#   58|   

Error: SHELLCHECK_WARNING (CWE-569): [#def3]
/usr/bin/tgz:64:9: warning[SC2221]: This pattern always overrides a later one on line 64.
#   62|   	exit 1
#   63|   	;;
#   64|-> *.t?z | *.?z | *.z | *.Z | *.tz | *.tz? )
#   65|   	;;
#   66|   *)

Error: SHELLCHECK_WARNING (CWE-569): [#def4]
/usr/bin/tgz:64:28: warning[SC2222]: This pattern never matches because of a previous pattern on line 64.
#   62|   	exit 1
#   63|   	;;
#   64|-> *.t?z | *.?z | *.z | *.Z | *.tz | *.tz? )
#   65|   	;;
#   66|   *)

Error: SHELLCHECK_WARNING (CWE-477): [#def5]
/usr/bin/tgz:77:17: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
#   75|   	Error "Destination \"$dest\" already exists as a directory"
#   76|   fi
#   77|-> if [ -z "$dest" -o "X$dest" = 'X-' ]; then
#   78|   	echo "Writing gzipp'd tar archive to standard output." >&2
#   79|   	tar cvfS - -- $src | gzip -9v

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
mtools-4.0.45-build/mtools-4.0.45/charsetConv.c: scope_hint: In function ‘try’
mtools-4.0.45-build/mtools-4.0.45/charsetConv.c:65:19: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open(asciiTries[i], testCp)’
#   63|   	for(i=0; i < sizeof(asciiTries) / sizeof(asciiTries[0]); i++) {
#   64|   		test = iconv_open(asciiTries[i], testCp);
#   65|-> 		if(test != (iconv_t) -1)
#   66|   			break;
#   67|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
mtools-4.0.45-build/mtools-4.0.45/charsetConv.c: scope_hint: In function ‘cp_open’
mtools-4.0.45-build/mtools-4.0.45/charsetConv.c:118:11: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open(wcharCp, & dosCp)’
#  116|   	sprintf(dosCp, "CP%d", codepage);
#  117|   	from = iconv_open(wcharCp, dosCp);
#  118|-> 	if(from == (iconv_t)-1) {
#  119|   		fprintf(stderr, "Error converting to codepage %d %s\n",
#  120|   			codepage, strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
mtools-4.0.45-build/mtools-4.0.45/charsetConv.c:126:11: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open(&dosCp,  wcharCp)’
#  124|   	sprintf(dosCp, "CP%d//TRANSLIT", codepage);
#  125|   	to   =  iconv_open(dosCp, wcharCp);
#  126|-> 	if(to == (iconv_t)-1) {
#  127|   		/* Transliteration not supported? */
#  128|   		sprintf(dosCp, "CP%d", codepage);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def9]
mtools-4.0.45-build/mtools-4.0.45/charsetConv.c:131:11: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open(&dosCp,  wcharCp)’
#  129|   		to   =  iconv_open(dosCp, wcharCp);
#  130|   	}
#  131|-> 	if(to == (iconv_t)-1) {
#  132|   		iconv_close(from);
#  133|   		fprintf(stderr, "Error converting to codepage %d %s\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
mtools-4.0.45-build/mtools-4.0.45/charsetConv.c:139:11: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open(wcharCp, & dosCp)’
mtools-4.0.45-build/mtools-4.0.45/charsetConv.c:20: included_from: Included from here.
mtools-4.0.45-build/mtools-4.0.45/charsetConv.c:138:15: note: in expansion of macro ‘New’
#  137|   
#  138|   	ret = New(doscp_t);
#  139|-> 	if(ret == NULL)
#  140|   		return ret;
#  141|   	ret->from = from;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def11]
mtools-4.0.45-build/mtools-4.0.45/charsetConv.c: scope_hint: In function ‘safe_iconv’
mtools-4.0.45-build/mtools-4.0.45/charsetConv.c:190:17: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*mangled’
#  188|   			break;
#  189|   		}
#  190|-> 		*mangled |= 1;
#  191|   
#  192|   		if(out_len <= 0)

Error: GCC_ANALYZER_WARNING (CWE-457): [#def12]
mtools-4.0.45-build/mtools-4.0.45/charsetConv.c:210:25: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*mangled’
#  208|   		if(dest[i] == '?') {
#  209|   			dest[i] = '_';
#  210|-> 			*mangled |= 1;
#  211|   		}
#  212|   	}

Error: CPPCHECK_WARNING (CWE-401): [#def13]
mtools-4.0.45-build/mtools-4.0.45/config.c:463: error[memleakOnRealloc]: Common realloc mistake: 'devices' nulled but not freed upon failure
#  461|       if(cur_devs >= nr_dev - 2) {
#  462|   	nr_dev = (cur_devs + 2) << 1;
#  463|-> 	if(!(devices=Grow(devices, nr_dev, struct device))){
#  464|   	    printOom();
#  465|   	    exit(1);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def14]
mtools-4.0.45-build/mtools-4.0.45/expand.c:33:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’
#   31|   
#   32|   	if(pipe(pipefd)) {
#   33|-> 		return -2;
#   34|   	}
#   35|   	switch((pid=fork())){

Error: GCC_ANALYZER_WARNING (CWE-775): [#def15]
mtools-4.0.45-build/mtools-4.0.45/expand.c: scope_hint: In function ‘safePopenOut’
mtools-4.0.45-build/mtools-4.0.45/expand.c:33:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’
#   31|   
#   32|   	if(pipe(pipefd)) {
#   33|-> 		return -2;
#   34|   	}
#   35|   	switch((pid=fork())){

Error: GCC_ANALYZER_WARNING (CWE-775): [#def16]
mtools-4.0.45-build/mtools-4.0.45/expand.c:43:27: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup(pipefd[1])’
#   41|   			close(1);
#   42|   			close(2); /* avoid nasty error messages on stderr */
#   43|-> 			if(dup(pipefd[1]) < 0) {
#   44|   				perror("Dup error");
#   45|   				exit(1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def17]
mtools-4.0.45-build/mtools-4.0.45/fat.c: scope_hint: In function ‘loadSector’
mtools-4.0.45-build/mtools-4.0.45/fat.c:186:17: warning[-Wanalyzer-malloc-leak]: leak of ‘malloc((long unsigned int)*This.sector_size * 64)’
mtools-4.0.45-build/mtools-4.0.45/sysincludes.h:136: included_from: Included from here.
mtools-4.0.45-build/mtools-4.0.45/fat.c:19: included_from: Included from here.
mtools-4.0.45-build/mtools-4.0.45/fat.c: scope_hint: In function ‘loadSector’
mtools-4.0.45-build/mtools-4.0.45/fat.c: scope_hint: In function ‘loadSector’
#  184|   		if(!This->FatMap[slot].data)
#  185|   			return 0;
#  186|-> 		memset(This->FatMap[slot].data, 0xee,
#  187|   		       This->sector_size * SECT_PER_ENTRY);
#  188|   	}

Error: CPPCHECK_WARNING (CWE-401): [#def18]
mtools-4.0.45-build/mtools-4.0.45/init.c:520: error[memleak]: Memory leak: This
#  518|   				      &maxSize, isRop);
#  519|   	if(!This->head.Next)
#  520|-> 		return NULL;
#  521|   
#  522|   	cylinder_size = dev.heads * dev.sectors;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def19]
mtools-4.0.45-build/mtools-4.0.45/init.c: scope_hint: In function ‘getDrive’
mtools-4.0.45-build/mtools-4.0.45/init.c:610:28: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘Stream’
mtools-4.0.45-build/mtools-4.0.45/init.c: scope_hint: In function ‘getDrive’
#  608|   		return getDrive(GetFs(Stream));
#  609|   	else
#  610|-> 		return This->drive;
#  611|   }
#  612|   

Error: CPPCHECK_WARNING (CWE-562): [#def20]
mtools-4.0.45-build/mtools-4.0.45/mainloop.c:255: error[autoVariables]: Address of local auto-variable assigned to a function parameter.
#  253|   			if(got_signal)
#  254|   				break;
#  255|-> 			mp->direntry = &entry;
#  256|   			if(IS_DIR(&entry))
#  257|   				ret |= mp->dirCallback(&entry,mp);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def21]
mtools-4.0.45-build/mtools-4.0.45/mbadblocks.c: scope_hint: In function ‘mbadblocks’
mtools-4.0.45-build/mtools-4.0.45/mbadblocks.c:220:23: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "r")’
mtools-4.0.45-build/mtools-4.0.45/mbadblocks.c: scope_hint: In function ‘mbadblocks’
#  218|   			goto exit_0;
#  219|   		}
#  220|-> 		while(fgets(line, sizeof(line), f)) {
#  221|   			char *ptr = line + strspn(line, " \t");
#  222|   			uint32_t offset = strtou32(ptr, 0, 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def22]
mtools-4.0.45-build/mtools-4.0.45/mbadblocks.c:220:23: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "r")’
mtools-4.0.45-build/mtools-4.0.45/mbadblocks.c: scope_hint: In function ‘mbadblocks’
#  218|   			goto exit_0;
#  219|   		}
#  220|-> 		while(fgets(line, sizeof(line), f)) {
#  221|   			char *ptr = line + strspn(line, " \t");
#  222|   			uint32_t offset = strtou32(ptr, 0, 0);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def23]
mtools-4.0.45-build/mtools-4.0.45/mbadblocks.c:226:33: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "r")’
mtools-4.0.45-build/mtools-4.0.45/mbadblocks.c: scope_hint: In function ‘mbadblocks’
#  224|   				offset = (offset-Fs->clus_start)/Fs->cluster_size + 2;
#  225|   			if(offset < 2) {
#  226|-> 				fprintf(stderr, "Sector before start\n");
#  227|   			} else if(offset >= Fs->num_clus) {
#  228|   				fprintf(stderr, "Sector beyond end\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def24]
mtools-4.0.45-build/mtools-4.0.45/mbadblocks.c:226:33: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "r")’
mtools-4.0.45-build/mtools-4.0.45/mbadblocks.c: scope_hint: In function ‘mbadblocks’
#  224|   				offset = (offset-Fs->clus_start)/Fs->cluster_size + 2;
#  225|   			if(offset < 2) {
#  226|-> 				fprintf(stderr, "Sector before start\n");
#  227|   			} else if(offset >= Fs->num_clus) {
#  228|   				fprintf(stderr, "Sector beyond end\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def25]
mtools-4.0.45-build/mtools-4.0.45/mbadblocks.c:227:47: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "r")’
mtools-4.0.45-build/mtools-4.0.45/mbadblocks.c: scope_hint: In function ‘mbadblocks’
#  225|   			if(offset < 2) {
#  226|   				fprintf(stderr, "Sector before start\n");
#  227|-> 			} else if(offset >= Fs->num_clus) {
#  228|   				fprintf(stderr, "Sector beyond end\n");
#  229|   			} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def26]
mtools-4.0.45-build/mtools-4.0.45/mbadblocks.c:227:47: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "r")’
mtools-4.0.45-build/mtools-4.0.45/mbadblocks.c: scope_hint: In function ‘mbadblocks’
#  225|   			if(offset < 2) {
#  226|   				fprintf(stderr, "Sector before start\n");
#  227|-> 			} else if(offset >= Fs->num_clus) {
#  228|   				fprintf(stderr, "Sector beyond end\n");
#  229|   			} else {

Error: GCC_ANALYZER_WARNING (CWE-688): [#def27]
mtools-4.0.45-build/mtools-4.0.45/mcopy.c: scope_hint: In function ‘unix_target_lookup’
mtools-4.0.45-build/mtools-4.0.45/mcopy.c:136:12: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘*arg.unixTarget’ where non-null expected
mtools-4.0.45-build/mtools-4.0.45/sysincludes.h:183: included_from: Included from here.
mtools-4.0.45-build/mtools-4.0.45/mcopy.c:24: included_from: Included from here.
/usr/include/unistd.h:287:12: note: argument 1 of ‘access’ must be non-null
#  134|   	arg->unixTarget = strdup(in);
#  135|   	/* try complete filename */
#  136|-> 	if(access(arg->unixTarget, F_OK) == 0) {
#  137|   		switch(unix_is_dir(arg->unixTarget)) {
#  138|   		case -1:

Error: GCC_ANALYZER_WARNING (CWE-688): [#def28]
mtools-4.0.45-build/mtools-4.0.45/mcopy.c:136:12: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘arg.unixTarget’ where non-null expected
/usr/include/unistd.h:287:12: note: argument 1 of ‘access’ must be non-null
#  134|   	arg->unixTarget = strdup(in);
#  135|   	/* try complete filename */
#  136|-> 	if(access(arg->unixTarget, F_OK) == 0) {
#  137|   		switch(unix_is_dir(arg->unixTarget)) {
#  138|   		case -1:

Error: GCC_ANALYZER_WARNING (CWE-415): [#def29]
mtools-4.0.45-build/mtools-4.0.45/mdir.c: scope_hint: In function ‘leaveDirectory’
mtools-4.0.45-build/mtools-4.0.45/mdir.c:305:25: warning[-Wanalyzer-double-free]: double-‘free’ of ‘dynDirPath’
mtools-4.0.45-build/mtools-4.0.45/mdir.c: scope_hint: In function ‘leaveDirectory’
#  303|   	if (!haveError) {
#  304|   		if(dirPath && dirPath != emptyString)
#  305|-> 			free(dynDirPath);
#  306|   		if(wide)
#  307|   			putchar('\n');

Error: GCC_ANALYZER_WARNING (CWE-476): [#def30]
mtools-4.0.45-build/mtools-4.0.45/mk_direntry.c:571:20: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘argname’
#  569|   	}
#  570|   
#  571|-> 	if (argname[0] && (argname[1] == ':')) {
#  572|   		/* Skip drive letter */
#  573|   		dstname = argname + 2;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def31]
mtools-4.0.45-build/mtools-4.0.45/mk_direntry.c: scope_hint: In function ‘mt_mwrite_one’
mtools-4.0.45-build/mtools-4.0.45/mk_direntry.c:571:20: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘argname’
#  569|   	}
#  570|   
#  571|-> 	if (argname[0] && (argname[1] == ':')) {
#  572|   		/* Skip drive letter */
#  573|   		dstname = argname + 2;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def32]
mtools-4.0.45-build/mtools-4.0.45/mmount.c: scope_hint: In function ‘mmount’
mtools-4.0.45-build/mtools-4.0.45/mmount.c:71:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor
mtools-4.0.45-build/mtools-4.0.45/mmount.c: scope_hint: In function ‘mmount’
mtools-4.0.45-build/mtools-4.0.45/mtools.h:39: included_from: Included from here.
mtools-4.0.45-build/mtools-4.0.45/mmount.c:27: included_from: Included from here.
mtools-4.0.45-build/mtools-4.0.45/mmount.c:54:9: note: in expansion of macro ‘FREE’
#   69|   	case 0:
#   70|   		close(2);
#   71|-> 		open("/dev/null", O_RDWR | O_BINARY | O_LARGEFILE);
#   72|   		argv[1] = strdup("mount");
#   73|   		if ( argc > 2 )

Error: COMPILER_WARNING: [#def33]
mtools-4.0.45-build/mtools-4.0.45/msdos.h:82:17: warning[-Wstringop-overflow=]: writing 1 byte into a region of size 0
#   82 |         data[1] = (value >>  8) & 0xff;
#      |         ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~
mtools-4.0.45-build/mtools-4.0.45/msdos.h: scope_hint: In function ‘mformat’
mtools-4.0.45-build/mtools-4.0.45/msdos.h:166:23: note: at offset [21, 65556] into destination object ‘jump’ of size 3
#  166 |         unsigned char jump[3];          /* 0  Jump to boot code */
#      |                       ^~~~
#   80|   static inline void set_word(unsigned char *data, unsigned short value)
#   81|   {
#   82|-> 	data[1] = (value >>  8) & 0xff;
#   83|   	data[0] = (value >>  0) & 0xff;
#   84|   }

Error: COMPILER_WARNING: [#def34]
mtools-4.0.45-build/mtools-4.0.45/msdos.h:83:17: warning[-Wstringop-overflow=]: writing 1 byte into a region of size 0
#   83 |         data[0] = (value >>  0) & 0xff;
#      |         ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~
mtools-4.0.45-build/mtools-4.0.45/msdos.h: scope_hint: In function ‘mformat’
mtools-4.0.45-build/mtools-4.0.45/msdos.h:166:23: note: at offset [20, 65555] into destination object ‘jump’ of size 3
#  166 |         unsigned char jump[3];          /* 0  Jump to boot code */
#      |                       ^~~~
#   81|   {
#   82|   	data[1] = (value >>  8) & 0xff;
#   83|-> 	data[0] = (value >>  0) & 0xff;
#   84|   }
#   85|   

Error: COMPILER_WARNING (CWE-252): [#def35]
mtools-4.0.45-build/mtools-4.0.45/privileges.c: scope_hint: In function ‘Setuid’
mtools-4.0.45-build/mtools-4.0.45/privileges.c:98:17: warning[-Wunused-result]: ignoring return value of ‘seteuid’ declared with attribute ‘warn_unused_result’
#   98 |                 seteuid(uid);
#      |                 ^~~~~~~~~~~~
#   96|   	if(euid == 0) {
#   97|   #ifdef HAVE_SETEUID
#   98|-> 		seteuid(uid);
#   99|   #else
#  100|   		setresuid(ruid, uid, euid);

Error: COMPILER_WARNING (CWE-252): [#def36]
mtools-4.0.45-build/mtools-4.0.45/privileges.c:104:17: warning[-Wunused-result]: ignoring return value of ‘setuid’ declared with attribute ‘warn_unused_result’
#  104 |                 setuid(uid);
#      |                 ^~~~~~~~~~~
#  102|   	} else
#  103|   #endif
#  104|-> 		setuid(uid);
#  105|   }
#  106|   

Error: COMPILER_WARNING (CWE-252): [#def37]
mtools-4.0.45-build/mtools-4.0.45/privileges.c: scope_hint: In function ‘reclaim_privs’
mtools-4.0.45-build/mtools-4.0.45/privileges.c:114:9: warning[-Wunused-result]: ignoring return value of ‘setgid’ declared with attribute ‘warn_unused_result’
#  114 |         setgid(egid);
#      |         ^~~~~~~~~~~~
#  112|   	if(noPrivileges)
#  113|   		return;
#  114|-> 	setgid(egid);
#  115|   	Setuid(euid);
#  116|   	print_privs("after reclaim privs, both uids should be 0 ");

Error: COMPILER_WARNING (CWE-252): [#def38]
mtools-4.0.45-build/mtools-4.0.45/privileges.c: scope_hint: In function ‘drop_privs’
mtools-4.0.45-build/mtools-4.0.45/privileges.c:122:9: warning[-Wunused-result]: ignoring return value of ‘setgid’ declared with attribute ‘warn_unused_result’
#  122 |         setgid(rgid);
#      |         ^~~~~~~~~~~~
#  120|   {
#  121|   	Setuid(ruid);
#  122|-> 	setgid(rgid);
#  123|   	print_privs("after drop_privs, real should be 0, effective should not ");
#  124|   }

Error: COMPILER_WARNING (CWE-252): [#def39]
mtools-4.0.45-build/mtools-4.0.45/privileges.c: scope_hint: In function ‘destroy_privs’
mtools-4.0.45-build/mtools-4.0.45/privileges.c:132:17: warning[-Wunused-result]: ignoring return value of ‘setuid’ declared with attribute ‘warn_unused_result’
#  132 |                 setuid(0); /* get the necessary privs to drop real root id */
#      |                 ^~~~~~~~~
#  130|   	if(euid == 0) {
#  131|   #ifdef HAVE_SETEUID
#  132|-> 		setuid(0); /* get the necessary privs to drop real root id */
#  133|   		setuid(ruid); /* this should be enough to get rid of the three
#  134|   			       * ids */

Error: COMPILER_WARNING (CWE-252): [#def40]
mtools-4.0.45-build/mtools-4.0.45/privileges.c:133:17: warning[-Wunused-result]: ignoring return value of ‘setuid’ declared with attribute ‘warn_unused_result’
#  133 |                 setuid(ruid); /* this should be enough to get rid of the three
#      |                 ^~~~~~~~~~~~
#  131|   #ifdef HAVE_SETEUID
#  132|   		setuid(0); /* get the necessary privs to drop real root id */
#  133|-> 		setuid(ruid); /* this should be enough to get rid of the three
#  134|   			       * ids */
#  135|   		seteuid(ruid); /* for good measure... just in case we came

Error: COMPILER_WARNING (CWE-252): [#def41]
mtools-4.0.45-build/mtools-4.0.45/privileges.c:135:17: warning[-Wunused-result]: ignoring return value of ‘seteuid’ declared with attribute ‘warn_unused_result’
#  135 |                 seteuid(ruid); /* for good measure... just in case we came
#      |                 ^~~~~~~~~~~~~
#  133|   		setuid(ruid); /* this should be enough to get rid of the three
#  134|   			       * ids */
#  135|-> 		seteuid(ruid); /* for good measure... just in case we came
#  136|   				* across a system which implemented sane
#  137|   				* semantics instead of POSIXly broken

Error: COMPILER_WARNING (CWE-252): [#def42]
mtools-4.0.45-build/mtools-4.0.45/privileges.c: scope_hint: In function ‘init_privs’
mtools-4.0.45-build/mtools-4.0.45/privileges.c:183:17: warning[-Wunused-result]: ignoring return value of ‘setuid’ declared with attribute ‘warn_unused_result’
#  183 |                 setuid(0); /* set real uid to 0 */
#      |                 ^~~~~~~~~
#  181|   	if(euid == 0 && ruid != 0) {
#  182|   #ifdef HAVE_SETEUID
#  183|-> 		setuid(0); /* set real uid to 0 */
#  184|   #else
#  185|   #ifndef HAVE_SETRESUID

Error: GCC_ANALYZER_WARNING (CWE-476): [#def43]
mtools-4.0.45-build/mtools-4.0.45/stream.h:58:10: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘Stream’
mtools-4.0.45-build/mtools-4.0.45/mcat.c:140:31: note: in expansion of macro ‘PREADS’
mtools-4.0.45-build/mtools-4.0.45/mcat.c:140:31: note: in expansion of macro ‘PREADS’
mtools-4.0.45-build/mtools-4.0.45/mcat.c:140:31: note: in expansion of macro ‘PREADS’
#   56|   
#   57|   #define PREADS(stream, buf, address, size) \
#   58|-> ((stream)->Class->pread)( (stream), (char *) (buf), (address), (size) )
#   59|   
#   60|   #define PWRITES(stream, buf, address, size) \

Error: GCC_ANALYZER_WARNING (CWE-476): [#def44]
mtools-4.0.45-build/mtools-4.0.45/mtools.h:39: included_from: Included from here.
mtools-4.0.45-build/mtools-4.0.45/mcat.c:23: included_from: Included from here.
mtools-4.0.45-build/mtools-4.0.45/mcat.c: scope_hint: In function ‘mcat’
mtools-4.0.45-build/mtools-4.0.45/stream.h:61:10: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘Stream’
mtools-4.0.45-build/mtools-4.0.45/mcat.c:132:37: note: in expansion of macro ‘PWRITES’
mtools-4.0.45-build/mtools-4.0.45/mcat.c: scope_hint: In function ‘mcat’
mtools-4.0.45-build/mtools-4.0.45/mcat.c:132:37: note: in expansion of macro ‘PWRITES’
mtools-4.0.45-build/mtools-4.0.45/mcat.c:132:37: note: in expansion of macro ‘PWRITES’
mtools-4.0.45-build/mtools-4.0.45/mcat.c:132:37: note: in expansion of macro ‘PWRITES’
#   59|   
#   60|   #define PWRITES(stream, buf, address, size) \
#   61|-> ((stream)->Class->pwrite)( (stream), (char *) (buf), (address), (size) )
#   62|   
#   63|   #define SET_GEOM(stream, dev, orig_dev) \

Error: GCC_ANALYZER_WARNING (CWE-688): [#def45]
mtools-4.0.45-build/mtools-4.0.45/swap.c: scope_hint: In function ‘swap_pwrite’
mtools-4.0.45-build/mtools-4.0.45/swap.c:58:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘swapping’ where non-null expected
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#   56|   	ssize_t result;
#   57|   	char *swapping = malloc( len );
#   58|-> 	memcpy( swapping, buf, len );
#   59|   	swap_buffer( swapping, len );
#   60|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def46]
mtools-4.0.45-build/mtools-4.0.45/tty.c: scope_hint: In function ‘ask_confirmation’
mtools-4.0.45-build/mtools-4.0.45/tty.c:216:33: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
mtools-4.0.45-build/mtools-4.0.45/sysincludes.h:179: included_from: Included from here.
mtools-4.0.45-build/mtools-4.0.45/tty.c:18: included_from: Included from here.
/usr/include/stdio.h:575:12: note: argument 1 of ‘fgetc’ must be non-null
#  214|   		fflush(opentty(-1));
#  215|   		if (mtools_raw_tty) {
#  216|-> 			int c = fgetc(opentty(1));
#  217|   			if(c < 0)
#  218|   				/* Treat end-of-file or error as no */

Error: GCC_ANALYZER_WARNING (CWE-476): [#def47]
mtools-4.0.45-build/mtools-4.0.45/unixdir.c: scope_hint: In function ‘OpenDir’
mtools-4.0.45-build/mtools-4.0.45/unixdir.c:154:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘This’
mtools-4.0.45-build/mtools-4.0.45/stream.h:27: included_from: Included from here.
mtools-4.0.45-build/mtools-4.0.45/unixdir.c:19: included_from: Included from here.
mtools-4.0.45-build/mtools-4.0.45/unixdir.c:152:16: note: in expansion of macro ‘New’
#  152|   	This = New(Dir_t);
#  153|   	init_head(&This->head, &DirClass, NULL);
#  154|-> 	This->pathname = malloc(strlen(filename)+1);
#  155|   	if(This->pathname == NULL) {
#  156|   		Free(This);

Error: GCC_ANALYZER_WARNING (CWE-457): [#def48]
mtools-4.0.45-build/mtools-4.0.45/vfat.c: scope_hint: In function ‘parse_vses’
mtools-4.0.45-build/mtools-4.0.45/vfat.c:420:13: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*v.sum’
#  418|   
#  419|   	/* bad checksum, begin new chain */
#  420|-> 	if(v->sum != vse->sum) {
#  421|   		clear_vfat(v);
#  422|   		v->sum = vse->sum;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def49]
mtools-4.0.45-build/mtools-4.0.45/vfat.c: scope_hint: In function ‘lookupForInsert’
mtools-4.0.45-build/mtools-4.0.45/vfat.c:838:27: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  836|   	do {
#  837|   		dce = vfat_lookup_loop_for_insert(cp, &entry, pos, cache);
#  838|-> 		switch(dce->type) {
#  839|   			case DCET_FREE:
#  840|   				accountFreeSlots(ssp, dce);

Scan Properties

analyzer-version-clippy1.82.0
analyzer-version-cppcheck2.16.0
analyzer-version-gcc14.2.1
analyzer-version-gcc-analyzer15.0.0
analyzer-version-shellcheck0.10.0
analyzer-version-unicontrol0.0.2
enabled-pluginsclippy, cppcheck, gcc, shellcheck, unicontrol
exit-code0
hostip-172-16-1-117.us-west-2.compute.internal
mock-configfedora-rawhide-gcc-latest-x86_64
project-namemtools-4.0.45-1.fc42
store-results-to/tmp/tmpfp2fft18/mtools-4.0.45-1.fc42.tar.xz
time-created2024-11-13 02:07:24
time-finished2024-11-13 02:08:53
toolcsmock
tool-args'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmpfp2fft18/mtools-4.0.45-1.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpfp2fft18/mtools-4.0.45-1.fc42.src.rpm'
tool-versioncsmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9