nano-8.2-1.fc42

List of Findings

Error: SHELLCHECK_WARNING (CWE-758): [#def1]
/etc/profile.d/nano-default-editor.sh:1:1: error[SC2148]: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
#    1|-> # Ensure GNU nano is set as EDITOR if it isn't already set
#    2|   
#    3|   if [ -z "$EDITOR" ]; then

Error: CPPCHECK_WARNING (CWE-457): [#def2]
nano-8.2-build/nano-8.2/src/browser.c:403: warning[uninitvar]: Uninitialized variable: dir
#  401|   		dir = opendir(path);
#  402|   
#  403|-> 	if (path == NULL || dir == NULL) {
#  404|   		statusline(ALERT, _("Cannot open directory: %s"), strerror(errno));
#  405|   		/* If we don't have a file list, there is nothing to show. */

Error: GCC_ANALYZER_WARNING (CWE-476): [#def3]
nano-8.2-build/nano-8.2/src/history.c: scope_hint: In function ‘load_poshistory’
nano-8.2-build/nano-8.2/src/history.c:403:40: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘lastitem’
#  401|   			position_history = newitem;
#  402|   		else
#  403|-> 			lastitem->next = newitem;
#  404|   
#  405|   		lastitem = newitem;

Error: COMPILER_WARNING: [#def4]
nano-8.2-build/nano-8.2/src/history.c: scope_hint: In function ‘save_poshistory’
nano-8.2-build/nano-8.2/src/history.c:456:44: warning[-Wstringop-overflow=]: writing 1 byte into a region of size 0
#  456 |                 path_and_place[length - 1] = '\n';
#      |                                            ^
nano-8.2-build/nano-8.2/src/utils.c:294:25: note: at offset -1 into destination object of size [44, 9223372036854775807] allocated by ‘malloc’
#  294 |         void *section = malloc(howmuch);
#      |                         ^
#  454|   		length = recode_LF_to_NUL(path_and_place);
#  455|   		/* Restore the terminating newline. */
#  456|-> 		path_and_place[length - 1] = '\n';
#  457|   
#  458|   		if (fwrite(path_and_place, 1, length, histfile) < length)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def5]
nano-8.2-build/nano-8.2/src/history.c: scope_hint: In function ‘update_poshistory’
nano-8.2-build/nano-8.2/src/history.c:538:40: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘previous’
#  536|   			position_history = theone;
#  537|   		else
#  538|-> 			previous->next = theone;
#  539|   	} else if (item->next != NULL) {
#  540|   		if (previous == NULL)

Error: CPPCHECK_WARNING (CWE-457): [#def6]
nano-8.2-build/nano-8.2/src/prompt.c:560: warning[uninitvar]: Uninitialized variable: input
#  558|   #endif
#  559|   
#  560|-> 	*actual = input;
#  561|   
#  562|   	return function;

Error: CPPCHECK_WARNING (CWE-682): [#def7]
nano-8.2-build/nano-8.2/src/search.c:313: error[nullPointerArithmetic]: Overflow in pointer arithmetic, NULL pointer is subtracted.
#  311|   	}
#  312|   
#  313|-> 	found_x = found - line->data;
#  314|   
#  315|   	nodelay(midwin, FALSE);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def8]
nano-8.2-build/nano-8.2/src/text.c: scope_hint: In function ‘do_undo’
nano-8.2-build/nano-8.2/src/text.c:526:60: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘line’
#  524|   			remove_magicline();
#  525|   		memmove(line->data + u->head_x, line->data + u->head_x + strlen(u->strdata),
#  526|-> 						strlen(line->data + u->head_x) - strlen(u->strdata) + 1);
#  527|   		goto_line_posx(u->head_lineno, u->head_x);
#  528|   		break;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def9]
nano-8.2-build/nano-8.2/src/text.c:536:62: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘line’
#  534|   		original_x = (u->head_x == 0) ? u->tail_x : u->head_x;
#  535|   		regain_from_x = (u->head_x == 0) ? 0 : u->tail_x;
#  536|-> 		line->data = nrealloc(line->data, strlen(line->data) +
#  537|   								strlen(&u->strdata[regain_from_x]) + 1);
#  538|   		strcat(line->data, &u->strdata[regain_from_x]);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def10]
nano-8.2-build/nano-8.2/src/text.c:548:43: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘line’
#  546|   	case DEL:
#  547|   		undidmsg = _("deletion");
#  548|-> 		data = nmalloc(strlen(line->data) + strlen(u->strdata) + 1);
#  549|   		strncpy(data, line->data, u->head_x);
#  550|   		strcpy(&data[u->head_x], u->strdata);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def11]
nano-8.2-build/nano-8.2/src/text.c:566:21: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘line’
#  564|   			break;
#  565|   		}
#  566|-> 		line->data[u->tail_x] = '\0';
#  567|   		intruder = make_new_node(line);
#  568|   		intruder->data = copy_of(u->strdata);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def12]
nano-8.2-build/nano-8.2/src/text.c:576:34: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘line’
#  574|   		undidmsg = _("replacement");
#  575|   		data = u->strdata;
#  576|-> 		u->strdata = line->data;
#  577|   		line->data = data;
#  578|   		goto_line_posx(u->head_lineno, u->head_x);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def13]
nano-8.2-build/nano-8.2/src/utils.c: scope_hint: In function ‘concatenate’
nano-8.2-build/nano-8.2/src/utils.c:73:9: warning[-Wanalyzer-null-argument]: use of NULL ‘nmalloc(strlen(name) + pathlen + 1)’ where non-null expected
nano-8.2-build/nano-8.2/src/definitions.h:75: included_from: Included from here.
nano-8.2-build/nano-8.2/src/prototypes.h:21: included_from: Included from here.
nano-8.2-build/nano-8.2/src/utils.c:22: included_from: Included from here.
nano-8.2-build/nano-8.2/src/utils.c:297:21: note: in expansion of macro ‘_’
<built-in>: note: argument 1 of ‘__builtin_strcpy’ must be non-null
#   71|   	char *joined = nmalloc(pathlen + strlen(name) + 1);
#   72|   
#   73|-> 	strcpy(joined, path);
#   74|   	strcpy(joined + pathlen, name);
#   75|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def14]
nano-8.2-build/nano-8.2/src/utils.c: scope_hint: In function ‘mallocstrcpy’
nano-8.2-build/nano-8.2/src/utils.c:320:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
<built-in>: note: argument 1 of ‘__builtin_strncpy’ must be non-null
#  318|   
#  319|   	dest = nrealloc(dest, count);
#  320|-> 	strncpy(dest, src, count);
#  321|   
#  322|   	return dest;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def15]
nano-8.2-build/nano-8.2/src/utils.c: scope_hint: In function ‘measured_copy’
nano-8.2-build/nano-8.2/src/utils.c:331:9: warning[-Wanalyzer-null-argument]: use of NULL ‘nmalloc(count + 1)’ where non-null expected
nano-8.2-build/nano-8.2/src/utils.c:297:21: note: in expansion of macro ‘_’
<built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null
#  329|   	char *thecopy = nmalloc(count + 1);
#  330|   
#  331|-> 	memcpy(thecopy, string, count);
#  332|   	thecopy[count] = '\0';
#  333|   

Error: CPPCHECK_WARNING (CWE-457): [#def16]
nano-8.2-build/nano-8.2/src/winio.c:2700: warning[uninitvar]: Uninitialized variable: endmatch.rm_eo
# 2698|   			/* Second step: look for starts on this line, but begin
# 2699|   			 * looking only after an end match, if there is one. */
# 2700|-> 			index = (paintlen == 0) ? 0 : endmatch.rm_eo;
# 2701|   
# 2702|   			while (index < PAINT_LIMIT && regexec(varnish->start, line->data + index,

Scan Properties

analyzer-version-clippy	1.82.0
analyzer-version-cppcheck	2.16.0
analyzer-version-gcc	14.2.1
analyzer-version-gcc-analyzer	15.0.0
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-87.us-west-2.compute.internal
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	nano-8.2-1.fc42
store-results-to	/tmp/tmpp6jin6c7/nano-8.2-1.fc42.tar.xz
time-created	2024-11-13 02:01:53
time-finished	2024-11-13 02:04:13
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmpp6jin6c7/nano-8.2-1.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpp6jin6c7/nano-8.2-1.fc42.src.rpm'
tool-version	csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9