rtkit-0.11-65.fc42

List of Findings

Error: COMPILER_WARNING (CWE-134): [#def1]
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c: scope_hint: In function ‘dbus_handler’
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c:1336:25: warning[-Wformat-security]: format not a string literal and no format arguments
# 1336 |                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
#      |                         ^~~~~~~~~
# 1334|   
# 1335|                   if ((ret = verify_canary_refusal()) < 0) {
# 1336|->                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
# 1337|                           goto finish;
# 1338|                   }

Error: COMPILER_WARNING (CWE-134): [#def2]
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c:1361:25: warning[-Wformat-security]: format not a string literal and no format arguments
# 1361 |                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
#      |                         ^~~~~~~~~
# 1359|                   if ((ret = lookup_client(&u, &p, &t, c, m, (pid_t)process, (pid_t) thread)) < 0) {
# 1360|                           syslog(LOG_DEBUG, "Failed to look up client: %s\n", strerror(-ret));
# 1361|->                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
# 1362|                           goto finish;
# 1363|                   }

Error: GCC_ANALYZER_WARNING (CWE-457): [#def3]
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c: scope_hint: In function ‘dbus_handler’
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c:1365:28: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘p’
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c:44: included_from: Included from here.
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c:1275:9: note: in expansion of macro ‘assert_se’
# 1363|                   }
# 1364|   
# 1365|->                 if ((ret = verify_polkit(c, u, p, "org.freedesktop.RealtimeKit1.acquire-real-time")) < 0) {
# 1366|                           assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
# 1367|                           goto finish;

Error: COMPILER_WARNING (CWE-134): [#def4]
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c:1366:25: warning[-Wformat-security]: format not a string literal and no format arguments
# 1366 |                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
#      |                         ^~~~~~~~~
# 1364|   
# 1365|                   if ((ret = verify_polkit(c, u, p, "org.freedesktop.RealtimeKit1.acquire-real-time")) < 0) {
# 1366|->                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
# 1367|                           goto finish;
# 1368|                   }

Error: COMPILER_WARNING (CWE-134): [#def5]
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c:1371:25: warning[-Wformat-security]: format not a string literal and no format arguments
# 1371 |                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
#      |                         ^~~~~~~~~
# 1369|   
# 1370|                   if ((ret = process_set_realtime(u, p, t, priority))) {
# 1371|->                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
# 1372|                           goto finish;
# 1373|                   }

Error: COMPILER_WARNING (CWE-134): [#def6]
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c:1388:25: warning[-Wformat-security]: format not a string literal and no format arguments
# 1388 |                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
#      |                         ^~~~~~~~~
# 1386|   
# 1387|                   if ((ret = verify_canary_refusal()) < 0) {
# 1388|->                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
# 1389|                           goto finish;
# 1390|                   }

Error: COMPILER_WARNING (CWE-134): [#def7]
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c:1413:25: warning[-Wformat-security]: format not a string literal and no format arguments
# 1413 |                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
#      |                         ^~~~~~~~~
# 1411|                   if ((ret = lookup_client(&u, &p, &t, c, m, (pid_t)process, (pid_t) thread)) < 0) {
# 1412|                           syslog(LOG_DEBUG, "Failed to look up client: %s\n", strerror(-ret));
# 1413|->                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
# 1414|                           goto finish;
# 1415|                   }

Error: GCC_ANALYZER_WARNING (CWE-457): [#def8]
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c:1417:28: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘p’
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c:1275:9: note: in expansion of macro ‘assert_se’
# 1415|                   }
# 1416|   
# 1417|->                 if ((ret = verify_polkit(c, u, p, "org.freedesktop.RealtimeKit1.acquire-high-priority")) < 0) {
# 1418|                           assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
# 1419|                           goto finish;

Error: COMPILER_WARNING (CWE-134): [#def9]
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c:1418:25: warning[-Wformat-security]: format not a string literal and no format arguments
# 1418 |                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
#      |                         ^~~~~~~~~
# 1416|   
# 1417|                   if ((ret = verify_polkit(c, u, p, "org.freedesktop.RealtimeKit1.acquire-high-priority")) < 0) {
# 1418|->                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
# 1419|                           goto finish;
# 1420|                   }

Error: COMPILER_WARNING (CWE-134): [#def10]
rtkit-0.11-build/rtkit-0.11/rtkit-daemon.c:1423:25: warning[-Wformat-security]: format not a string literal and no format arguments
# 1423 |                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
#      |                         ^~~~~~~~~
# 1421|   
# 1422|                   if ((ret = process_set_high_priority(u, p, t, priority))) {
# 1423|->                         assert_se(r = dbus_message_new_error_printf(m, translate_error_forward(ret), strerror(-ret)));
# 1424|                           goto finish;
# 1425|                   }

Scan Properties

analyzer-version-clippy	1.82.0
analyzer-version-cppcheck	2.16.0
analyzer-version-gcc	14.2.1
analyzer-version-gcc-analyzer	15.0.0
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-97.us-west-2.compute.internal
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	rtkit-0.11-65.fc42
store-results-to	/tmp/tmpwqw4y8o7/rtkit-0.11-65.fc42.tar.xz
time-created	2024-11-13 03:10:56
time-finished	2024-11-13 03:12:15
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmpwqw4y8o7/rtkit-0.11-65.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpwqw4y8o7/rtkit-0.11-65.fc42.src.rpm'
tool-version	csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9