Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/back-nis.c: scope_hint: In function 'backend_copy_set_data' slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/back-nis.c:111:1: warning[-Wanalyzer-malloc-leak]: leak of 'ret' # 109| backend_free_set_data_contents(data->self); # 110| free(data); # 111|-> } # 112| static struct backend_shr_set_data * # 113| backend_copy_set_data(const struct backend_set_data *data) Error: GCC_ANALYZER_WARNING (CWE-457): [#def2] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/back-nis.c: scope_hint: In function 'backend_free_gathered_data' slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/back-nis.c:193:25: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '*<unknown>' # 191| if (groups != NULL) { # 192| for (i = 0; i < n_groups; i++) { # 193|-> format_free_data_set(groups[i], group_lengths[i]); # 194| } # 195| } Error: COMPILER_WARNING (CWE-477): [#def3] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/back-shr.c: scope_hint: In function 'backend_shr_refresh_thread' slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/back-shr.c:920:9: warning[-Wdeprecated-declarations]: 'slapi_eq_once' is deprecated # 920 | slapi_eq_once(backend_shr_data_initialize_thread, cbdata, PR_SecondsToInterval(1)); # | ^~~~~~~~~~~~~ slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/back-shr.c:34: included_from: Included from here. /usr/include/dirsrv/slapi-plugin.h:8170:18: note: declared here # 8170 | Slapi_Eq_Context slapi_eq_once(slapi_eq_fn_t fn, void *arg, time_t when) __attribute__((deprecated)); # | ^~~~~~~~~~~~~ # 918| # 919| /* Schedule the initialization of the maps */ # 920|-> slapi_eq_once(backend_shr_data_initialize_thread, cbdata, PR_SecondsToInterval(1)); # 921| PR_Sleep(PR_SecondsToInterval(1)); # 922| Error: COMPILER_WARNING (CWE-477): [#def4] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/back-shr.c: scope_hint: In function 'backend_shr_startup' slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/back-shr.c:977:9: warning[-Wdeprecated-declarations]: 'slapi_eq_once' is deprecated # 977 | slapi_eq_once(backend_shr_data_initialize_thread, # | ^~~~~~~~~~~~~ /usr/include/dirsrv/slapi-plugin.h:8170:18: note: declared here # 8170 | Slapi_Eq_Context slapi_eq_once(slapi_eq_fn_t fn, void *arg, time_t when) __attribute__((deprecated)); # | ^~~~~~~~~~~~~ # 975| /* Schedule running a callback that will create a thread # 976| * but make sure it is called a first thing when event loop is created */ # 977|-> slapi_eq_once(backend_shr_data_initialize_thread, # 978| cbdata, PR_SecondsToInterval(PLUGIN_SCAN_DELAY)); # 979| Error: GCC_ANALYZER_WARNING (CWE-122): [#def5] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c: scope_hint: In function ‘base64enc’ slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c:301:30: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c:301:30: note: write of 1 byte to beyond the end of the region # 299| c++; # 300| if (c == 3) { # 301|-> *r++ = alphabet[((i >> 18) & 0x3f)]; # 302| *r++ = alphabet[((i >> 12) & 0x3f)]; # 303| *r++ = alphabet[((i >> 6) & 0x3f)]; Error: GCC_ANALYZER_WARNING (CWE-122): [#def6] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c:302:30: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c:302:30: note: write of 1 byte to beyond the end of the region # 300| if (c == 3) { # 301| *r++ = alphabet[((i >> 18) & 0x3f)]; # 302|-> *r++ = alphabet[((i >> 12) & 0x3f)]; # 303| *r++ = alphabet[((i >> 6) & 0x3f)]; # 304| *r++ = alphabet[((i ) & 0x3f)]; Error: GCC_ANALYZER_WARNING (CWE-122): [#def7] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c:303:30: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c:303:30: note: write of 1 byte to beyond the end of the region # 301| *r++ = alphabet[((i >> 18) & 0x3f)]; # 302| *r++ = alphabet[((i >> 12) & 0x3f)]; # 303|-> *r++ = alphabet[((i >> 6) & 0x3f)]; # 304| *r++ = alphabet[((i ) & 0x3f)]; # 305| c = 0; Error: GCC_ANALYZER_WARNING (CWE-122): [#def8] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c:304:30: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c:304:30: note: write of 1 byte to beyond the end of the region # 302| *r++ = alphabet[((i >> 12) & 0x3f)]; # 303| *r++ = alphabet[((i >> 6) & 0x3f)]; # 304|-> *r++ = alphabet[((i ) & 0x3f)]; # 305| c = 0; # 306| i = 0; Error: GCC_ANALYZER_WARNING (CWE-122): [#def9] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c:312:22: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c:312:22: note: write of 1 byte to beyond the end of the region # 310| case 1: # 311| i <<= 16; # 312|-> *r++ = alphabet[((i >> 18) & 0x3f)]; # 313| *r++ = alphabet[((i >> 12) & 0x3f)]; # 314| *r++ = '='; Error: GCC_ANALYZER_WARNING (CWE-122): [#def10] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c:319:22: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c:319:22: note: write of 1 byte to beyond the end of the region # 317| case 2: # 318| i <<= 8; # 319|-> *r++ = alphabet[((i >> 18) & 0x3f)]; # 320| *r++ = alphabet[((i >> 12) & 0x3f)]; # 321| *r++ = alphabet[((i >> 6) & 0x3f)]; Error: GCC_ANALYZER_WARNING (CWE-122): [#def11] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c:325:14: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/defs-nis.c:325:14: note: write of 1 byte to beyond the end of the region # 323| break; # 324| } # 325|-> *r++ = '\0'; # 326| return ret; # 327| } Error: GCC_ANALYZER_WARNING (CWE-457): [#def12] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/disp-nis.c: scope_hint: In function 'dispatch_securenets_check' slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/disp-nis.c:282:56: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'masked6.__in6_u.__u6_addr8[i]' # 280| for (i = 0; i < 16; i++) { # 281| addr6.s6_addr[i] &= mask6.s6_addr[i]; # 282|-> masked6.s6_addr[i] &= mask6.s6_addr[i]; # 283| if (addr6.s6_addr[i] != # 284| masked6.s6_addr[i]) { Error: GCC_ANALYZER_WARNING (CWE-775): [#def13] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/disp-nis.c: scope_hint: In function 'dispatch_dgram' slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/disp-nis.c:444:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor # 442| cdata.dgram.reply_buf_size = state->max_dgram_size; # 443| if (cdata.dgram.reply_buf == NULL) { # 444|-> slapi_log_error(SLAPI_LOG_PLUGIN, state->plugin_desc->spd_id, # 445| "error reading datagram request: " # 446| "out of memory\n"); Error: GCC_ANALYZER_WARNING (CWE-775): [#def14] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/disp-nis.c:449:19: warning[-Wanalyzer-fd-leak]: leak of file descriptor # 447| return; # 448| } # 449|-> reqsize = recvfrom(cdata.dgram.client_fd, dgram, sizeof(dgram), 0, # 450| (struct sockaddr *) &cdata.dgram.client_addr, # 451| &cdata.dgram.client_addrlen); Error: CPPCHECK_WARNING (CWE-476): [#def15] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/nis.c:671: warning[nullPointer]: Possible null pointer dereference: cookie # 669| /* Follow any instructions we left for this iteration. # 670| */ # 671|-> switch (cookie->state) { # 672| case cookie_bad: # 673| /* fall through */ Error: GCC_ANALYZER_WARNING (CWE-476): [#def16] slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/nis.c: scope_hint: In function 'nis_all' slapi-nis-0.60.0-build/slapi-nis-0.60.0/src/nis.c:671:39: warning[-Wanalyzer-null-dereference]: dereference of NULL 'cookie' # 669| /* Follow any instructions we left for this iteration. # 670| */ # 671|-> switch (cookie->state) { # 672| case cookie_bad: # 673| /* fall through */ Error: GCC_ANALYZER_WARNING (CWE-401): [#def17] slapi-nis-0.60.0-build/slapi-nis-0.60.0/tests/clients/yp.c:384:20: warning[-Wanalyzer-malloc-leak]: leak of ‘popen("env LANG=C sort", "w")’ # 382| hints.ai_family = six ? AF_INET6 : AF_INET; # 383| hints.ai_socktype = connected ? SOCK_STREAM : SOCK_DGRAM; # 384|-> if (getaddrinfo(host, NULL, &hints, &hostaddr) != 0) { # 385| perror("getaddrinfo"); # 386| return 1; Error: GCC_ANALYZER_WARNING (CWE-762): [#def18] slapi-nis-0.60.0-build/slapi-nis-0.60.0/tests/clients/yp.c:416:9: warning[-Wanalyzer-mismatching-deallocation]: ‘popen("env LANG=C sort", "w")’ should have been deallocated with ‘pclose’ but was deallocated with ‘fclose’ # 414| } # 415| ret = dispatch(client, output, argc - optind, argv + optind); # 416|-> fclose(output); # 417| return ret; # 418| } Error: COMPILER_WARNING (CWE-762): [#def19] slapi-nis-0.60.0-build/slapi-nis-0.60.0/tests/clients/yp.c: scope_hint: In function ‘main’ slapi-nis-0.60.0-build/slapi-nis-0.60.0/tests/clients/yp.c:416:9: warning[-Wmismatched-dealloc]: ‘fclose’ called on pointer returned from a mismatched allocation function # 416 | fclose(output); # | ^~~~~~~~~~~~~~ slapi-nis-0.60.0-build/slapi-nis-0.60.0/tests/clients/yp.c:375:18: note: returned from ‘popen’ # 375 | output = popen("env LANG=C sort", "w"); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 414| } # 415| ret = dispatch(client, output, argc - optind, argv + optind); # 416|-> fclose(output); # 417| return ret; # 418| } Error: COMPILER_WARNING (CWE-476): [#def20] slapi-nis-0.60.0-build/slapi-nis-0.60.0/tests/wrap-nsswitch.c: scope_hint: In function ‘getgrouplist’ slapi-nis-0.60.0-build/slapi-nis-0.60.0/tests/wrap-nsswitch.c:333:33: warning[-Wnonnull]: argument 3 is null but the corresponding size argument 4 value is 16 # 333 | while ((error = fgetgrent_r(fp, &grp, # | ^~~~~~~~~~~~~~~~~~~~~ # 334 | buffer, buflen, &grpp)) == 0) { # | ~~~~~~~~~~~~~~~~~~~~~~ slapi-nis-0.60.0-build/slapi-nis-0.60.0/tests/wrap-nsswitch.c:26: included_from: Included from here. /usr/include/grp.h:164:12: note: in a call to function ‘fgetgrent_r’ declared with attribute ‘access (write_only, 3, 4)’ # 164 | extern int fgetgrent_r (FILE *__restrict __stream, # | ^~~~~~~~~~~ # 331| if ((getenv("WRAPPERS_GROUP") != NULL) && # 332| ((fp = fopen(getenv("WRAPPERS_GROUP"), "r")) != NULL)) { # 333|-> while ((error = fgetgrent_r(fp, &grp, # 334| buffer, buflen, &grpp)) == 0) { # 335| for (i = 0; Error: COMPILER_WARNING: [#def21] slapi-nis-0.60.0-build/slapi-nis-0.60.0/tests/wrap-pam.c: scope_hint: In function ‘pam_end’ slapi-nis-0.60.0-build/slapi-nis-0.60.0/tests/wrap-pam.c:164:12: warning[-Wnonnull-compare]: ‘nonnull’ argument ‘pamh’ compared to NULL # 164 | if (pamh == NULL) { # | ^ # 162| pam_end(pam_handle_t *pamh, int pam_status) # 163| { # 164|-> if (pamh == NULL) { # 165| return PAM_SYSTEM_ERR; # 166| } Error: COMPILER_WARNING: [#def22] slapi-nis-0.60.0-build/slapi-nis-0.60.0/tests/wrap-pam.c: scope_hint: In function ‘pam_authenticate’ slapi-nis-0.60.0-build/slapi-nis-0.60.0/tests/wrap-pam.c:183:12: warning[-Wnonnull-compare]: ‘nonnull’ argument ‘pamh’ compared to NULL # 183 | if (pamh == NULL) { # | ^ # 181| # 182| resp = NULL; # 183|-> if (pamh == NULL) { # 184| return PAM_SYSTEM_ERR; # 185| } Error: COMPILER_WARNING: [#def23] slapi-nis-0.60.0-build/slapi-nis-0.60.0/tests/wrap-pam.c: scope_hint: In function ‘pam_acct_mgmt’ slapi-nis-0.60.0-build/slapi-nis-0.60.0/tests/wrap-pam.c:209:12: warning[-Wnonnull-compare]: ‘nonnull’ argument ‘pamh’ compared to NULL # 209 | if (pamh == NULL) { # | ^ # 207| pam_acct_mgmt(pam_handle_t *pamh, int flags) # 208| { # 209|-> if (pamh == NULL) { # 210| return PAM_SYSTEM_ERR; # 211| }
| analyzer-version-clippy | 1.82.0 |
| analyzer-version-cppcheck | 2.16.0 |
| analyzer-version-gcc | 14.2.1 |
| analyzer-version-gcc-analyzer | 15.0.0 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.82.0 |
| diffbase-analyzer-version-cppcheck | 2.16.0 |
| diffbase-analyzer-version-gcc | 14.2.1 |
| diffbase-analyzer-version-gcc-analyzer | 15.0.0 |
| diffbase-analyzer-version-shellcheck | 0.10.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-197.us-west-2.compute.internal |
| diffbase-mock-config | fedora-rawhide-gcc-latest-x86_64 |
| diffbase-project-name | slapi-nis-0.70.0-3.fc42 |
| diffbase-store-results-to | /tmp/tmplsq1ljh6/slapi-nis-0.70.0-3.fc42.tar.xz |
| diffbase-time-created | 2024-11-13 03:17:13 |
| diffbase-time-finished | 2024-11-13 03:18:42 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmplsq1ljh6/slapi-nis-0.70.0-3.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmplsq1ljh6/slapi-nis-0.70.0-3.fc42.src.rpm' |
| diffbase-tool-version | csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-197.us-west-2.compute.internal |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | slapi-nis-0.60.0-6.fc41 |
| store-results-to | /tmp/tmplsiqn07_/slapi-nis-0.60.0-6.fc41.tar.xz |
| time-created | 2024-11-13 03:14:50 |
| time-finished | 2024-11-13 03:16:54 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmplsiqn07_/slapi-nis-0.60.0-6.fc41.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmplsiqn07_/slapi-nis-0.60.0-6.fc41.src.rpm' |
| tool-version | csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9 |