Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] shadow-utils-4.15.1-build/shadow-4.15.1/lib/sgetgrent.c:18: included_from: Included from here. shadow-utils-4.15.1-build/shadow-4.15.1/lib/alloc.h: scope_hint: In function ‘reallocarrayf’ shadow-utils-4.15.1-build/shadow-4.15.1/lib/alloc.h:103:15: warning[-Wanalyzer-malloc-leak]: leak of ‘reallocarrayf(p_, i + 100, 8)’ shadow-utils-4.15.1-build/shadow-4.15.1/lib/sgetgrent.c:49:35: note: in expansion of macro ‘REALLOCF’ shadow-utils-4.15.1-build/shadow-4.15.1/lib/sgetgrent.c:49:35: note: in expansion of macro ‘REALLOCF’ # 101| # 102| /* realloc(p, 0) is equivalent to free(p); avoid double free. */ # 103|-> if (q == NULL && nmemb != 0 && size != 0) # 104| free(p); # 105| return q; Error: GCC_ANALYZER_WARNING (CWE-476): [#def2] shadow-utils-4.15.1-build/shadow-4.15.1/lib/list.c:236:26: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘xreallocarray(0, (long unsigned int)i, 8)’ shadow-utils-4.15.1-build/shadow-4.15.1/lib/list.c:218:17: note: in expansion of macro ‘XMALLOC’ shadow-utils-4.15.1-build/shadow-4.15.1/lib/list.c: scope_hint: In function ‘comma_to_list’ # 234| # 235| for (cp = members, i = 0;; i++) { # 236|-> array[i] = cp; # 237| cp2 = strchr (cp, ','); # 238| if (NULL != cp2) { Error: GCC_ANALYZER_WARNING (CWE-688): [#def3] shadow-utils-4.15.1-build/shadow-4.15.1/lib/utmp.c:29: included_from: Included from here. shadow-utils-4.15.1-build/shadow-4.15.1/lib/string/zustr2stp.h: scope_hint: In function ‘zustr2stp’ shadow-utils-4.15.1-build/shadow-4.15.1/lib/string/zustr2stp.h:75:23: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘dst’ where non-null expected shadow-utils-4.15.1-build/shadow-4.15.1/lib/string/zustr2stp.h:13: included_from: Included from here. shadow-utils-4.15.1-build/shadow-4.15.1/lib/utmp.c:25: included_from: Included from here. shadow-utils-4.15.1-build/shadow-4.15.1/lib/utmp.c:264:28: note: in expansion of macro ‘XMALLOC’ shadow-utils-4.15.1-build/shadow-4.15.1/lib/utmp.c: scope_hint: In function ‘zustr2stp’ shadow-utils-4.15.1-build/shadow-4.15.1/lib/utmp.c:265:17: note: in expansion of macro ‘ZUSTR2STP’ shadow-utils-4.15.1-build/shadow-4.15.1/lib/defines.h:30: included_from: Included from here. shadow-utils-4.15.1-build/shadow-4.15.1/lib/utmp.c:12: included_from: Included from here. /usr/include/string.h:400:14: note: argument 1 of ‘mempcpy’ must be non-null # 73| zustr2stp(char *restrict dst, const char *restrict src, size_t sz) # 74| { # 75|-> return stpcpy(mempcpy(dst, src, strnlen(src, sz)), ""); # 76| } # 77| Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] shadow-utils-4.15.1-build/shadow-4.15.1/src/id.c: scope_hint: In function ‘main’ shadow-utils-4.15.1-build/shadow-4.15.1/src/id.c:77:20: warning[-Wanalyzer-malloc-leak]: leak of ‘reallocarray(0, (long unsigned int)sys_ngroups, 4)’ shadow-utils-4.15.1-build/shadow-4.15.1/src/id.c:27: included_from: Included from here. shadow-utils-4.15.1-build/shadow-4.15.1/src/id.c:69:18: note: in expansion of macro ‘MALLOC’ shadow-utils-4.15.1-build/shadow-4.15.1/src/id.c: scope_hint: In function ‘main’ # 75| # 76| if (argc > 1) { # 77|-> if ((argc > 2) || (strcmp (argv[1], "-a") != 0)) { # 78| usage (); # 79| } else { Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] shadow-utils-4.15.1-build/shadow-4.15.1/src/id.c:77:36: warning[-Wanalyzer-malloc-leak]: leak of ‘reallocarray(0, (long unsigned int)sys_ngroups, 4)’ shadow-utils-4.15.1-build/shadow-4.15.1/src/id.c:69:18: note: in expansion of macro ‘MALLOC’ shadow-utils-4.15.1-build/shadow-4.15.1/src/id.c: scope_hint: In function ‘main’ # 75| # 76| if (argc > 1) { # 77|-> if ((argc > 2) || (strcmp (argv[1], "-a") != 0)) { # 78| usage (); # 79| } else { Error: GCC_ANALYZER_WARNING (CWE-775): [#def6] shadow-utils-4.15.1-build/shadow-4.15.1/src/sulogin.c: scope_hint: In function ‘main’ shadow-utils-4.15.1-build/shadow-4.15.1/src/sulogin.c:87:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(argv[1], 2)’ # 85| close (2); # 86| # 87|-> if (open (argv[1], O_RDWR) >= 0) { # 88| dup (0); # 89| dup (0);
| analyzer-version-clippy | 1.82.0 |
| analyzer-version-cppcheck | 2.16.0 |
| analyzer-version-gcc | 14.2.1 |
| analyzer-version-gcc-analyzer | 15.0.0 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.82.0 |
| diffbase-analyzer-version-cppcheck | 2.16.0 |
| diffbase-analyzer-version-gcc | 14.2.1 |
| diffbase-analyzer-version-gcc-analyzer | 15.0.0 |
| diffbase-analyzer-version-shellcheck | 0.10.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-218.us-west-2.compute.internal |
| diffbase-mock-config | fedora-rawhide-gcc-latest-x86_64 |
| diffbase-project-name | shadow-utils-4.16.0-7.fc42 |
| diffbase-store-results-to | /tmp/tmpfq3nx0vz/shadow-utils-4.16.0-7.fc42.tar.xz |
| diffbase-time-created | 2024-11-13 03:14:34 |
| diffbase-time-finished | 2024-11-13 03:18:10 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmpfq3nx0vz/shadow-utils-4.16.0-7.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpfq3nx0vz/shadow-utils-4.16.0-7.fc42.src.rpm' |
| diffbase-tool-version | csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-218.us-west-2.compute.internal |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | shadow-utils-4.15.1-12.fc41 |
| store-results-to | /tmp/tmpvdzqrobs/shadow-utils-4.15.1-12.fc41.tar.xz |
| time-created | 2024-11-13 03:10:07 |
| time-finished | 2024-11-13 03:14:09 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmpvdzqrobs/shadow-utils-4.15.1-12.fc41.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpvdzqrobs/shadow-utils-4.15.1-12.fc41.src.rpm' |
| tool-version | csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9 |