swtpm-0.9.0-4.fc42

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/daemonize.c: scope_hint: In function ‘daemonize_finish’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/daemonize.c:277:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(devnullfd, 1)’
#  275|       }
#  276|   
#  277|->     if (dup2(devnullfd, STDOUT_FILENO) == -1) {
#  278|           fprintf(stderr, "Failed to redirect output stream to /dev/null: %s\n",
#  279|                   strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def2]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/daemonize.c:283:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(devnullfd, 2)’
#  281|           exit(1);
#  282|       }
#  283|->     if (dup2(devnullfd, STDERR_FILENO) == -1) {
#  284|           fprintf(stderr, "Failed to redirect error stream to /dev/null: %s\n",
#  285|                   strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def3]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c: scope_hint: In function 'mainloop_ensure_locked_storage'
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c:95:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor
#   93|   
#   94|       /* if NVRAM hasn't been initialized yet locking may need to be retried */
#   95|->     res = SWTPM_NVRAM_Lock_Storage(mlp->locking_retries);
#   96|       if (res == TPM_RETRY)
#   97|           return true;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def4]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c: scope_hint: In function 'mainLoop'
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c:233:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor
#  231|               ready = poll(pollfds, 5, -1);
#  232|               if (ready < 0 && errno == EINTR)
#  233|->                 continue;
#  234|   
#  235|               if (ready < 0 ||

Error: GCC_ANALYZER_WARNING (CWE-775): [#def5]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c:238:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor
#  236|                   (pollfds[NOTIFY_FD].revents & POLLIN) != 0) {
#  237|                   SWTPM_IO_Disconnect(&connection_fd);
#  238|->                 break;
#  239|               }
#  240|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def6]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c:259:30: warning[-Wanalyzer-fd-leak]: leak of file descriptor
#  257|   
#  258|               if (pollfds[CTRL_CLIENT_FD].revents & POLLIN) {
#  259|->                 ctrlclntfd = ctrlchannel_process_fd(ctrlclntfd,
#  260|                                                       &mainloop_terminate,
#  261|                                                       &locality, &tpm_running,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def7]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm/mainloop.c:291:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor
#  289|               /* Read the command.  The number of bytes is determined by 'paramSize' in the stream */
#  290|               if (rc == 0) {
#  291|->                 rc = SWTPM_IO_Read(&connection_fd, command, &command_length,
#  292|                                      max_command_length);
#  293|                   if (rc != 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def8]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c: scope_hint: In function ‘main’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:743:19: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(gl_LOGFILE, "a")’
/usr/include/glib-2.0/glib/gstring.h:37: included_from: Included from here.
/usr/include/glib-2.0/glib/giochannel.h:36: included_from: Included from here.
/usr/include/glib-2.0/glib.h:56: included_from: Included from here.
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:25: included_from: Included from here.
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:660:16: note: in expansion of macro ‘g_strdup’
#  741|               goto error;
#  742|           }
#  743|->         tmpfile = fopen(gl_LOGFILE, "a"); // do not truncate
#  744|           if (tmpfile == NULL) {
#  745|               fprintf(stderr, "Cannot write to logfile %s.\n", gl_LOGFILE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def9]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:743:19: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(gl_LOGFILE, "a")’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:660:16: note: in expansion of macro ‘g_strdup’
#  741|               goto error;
#  742|           }
#  743|->         tmpfile = fopen(gl_LOGFILE, "a"); // do not truncate
#  744|           if (tmpfile == NULL) {
#  745|               fprintf(stderr, "Cannot write to logfile %s.\n", gl_LOGFILE);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def10]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:751:9: warning[-Wanalyzer-null-argument]: use of NULL ‘optsfile’ where non-null expected
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:660:16: note: in expansion of macro ‘g_strdup’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:20: included_from: Included from here.
/usr/include/unistd.h:287:12: note: argument 1 of ‘access’ must be non-null
#  749|       }
#  750|   
#  751|->     if (access(optsfile, R_OK) != 0) {
#  752|           logerr(gl_LOGFILE, "Need read rights on options file %s for user %s.\n",
#  753|                  optsfile, curr_user ? curr_user->pw_name : "<unknown>");

Error: GCC_ANALYZER_WARNING (CWE-688): [#def11]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:757:9: warning[-Wanalyzer-null-argument]: use of NULL ‘configfile’ where non-null expected
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_localca/swtpm_localca.c:661:18: note: in expansion of macro ‘g_strdup’
/usr/include/unistd.h:287:12: note: argument 1 of ‘access’ must be non-null
#  755|       }
#  756|   
#  757|->     if (access(configfile, R_OK) != 0) {
#  758|           logerr(gl_LOGFILE, "Need read rights on config file %s for user %s.\n",
#  759|                  configfile, curr_user ? curr_user->pw_name : "<unknown>");

Error: CPPCHECK_WARNING (CWE-457): [#def12]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm.c:1081: error[uninitvar]: Uninitialized variable: authpolicy
# 1079|   
# 1080|       return swtpm_tpm2_createprimary_ecc(self, TPM2_RH_OWNER, keyflags, symkeydata, symkeydata_len,
# 1081|->                                         authpolicy, authpolicy_len, schemedata, schemedata_len,
# 1082|                                           TPM2_ECC_NIST_P384, TPM2_ALG_SHA384,
# 1083|                                           NONCE_ECC_384, sizeof(NONCE_ECC_384), off, curr_handle,

Error: CPPCHECK_WARNING (CWE-457): [#def13]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm.c:1110: error[uninitvar]: Uninitialized variable: authpolicy
# 1108|       return swtpm_tpm2_createprimary_rsa(self, TPM2_RH_OWNER, keyflags,
# 1109|                                           symkeydata, symkeydata_len,
# 1110|->                                         authpolicy, authpolicy_len, rsa_keysize, TRUE,
# 1111|                                           off, curr_handle, NULL, 0, NULL, NULL);
# 1112|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def14]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c: scope_hint: In function ‘main’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:1504:19: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(gl_LOGFILE, "a")’
/usr/include/glib-2.0/glib/gstring.h:37: included_from: Included from here.
/usr/include/glib-2.0/glib/giochannel.h:36: included_from: Included from here.
/usr/include/glib-2.0/glib.h:56: included_from: Included from here.
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:26: included_from: Included from here.
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:1493:21: note: in expansion of macro ‘g_strdup’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c: scope_hint: In function ‘main’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:1495:19: note: in expansion of macro ‘g_strdup’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c: scope_hint: In function ‘main’
# 1502|               goto error;
# 1503|           }
# 1504|->         tmpfile = fopen(gl_LOGFILE, "a");
# 1505|           if (tmpfile == NULL) {
# 1506|               fprintf(stderr, "Cannot write to logfile %s.\n", gl_LOGFILE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:1504:19: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(gl_LOGFILE, "a")’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:1493:21: note: in expansion of macro ‘g_strdup’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c: scope_hint: In function ‘main’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c:1495:19: note: in expansion of macro ‘g_strdup’
swtpm-0.9.0-build/swtpm-0.9.0/src/swtpm_setup/swtpm_setup.c: scope_hint: In function ‘main’
# 1502|               goto error;
# 1503|           }
# 1504|->         tmpfile = fopen(gl_LOGFILE, "a");
# 1505|           if (tmpfile == NULL) {
# 1506|               fprintf(stderr, "Cannot write to logfile %s.\n", gl_LOGFILE);
Scan Properties

analyzer-version-clippy	1.82.0
analyzer-version-cppcheck	2.16.0
analyzer-version-gcc	14.2.1
analyzer-version-gcc-analyzer	15.0.0
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-153.us-west-2.compute.internal
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	swtpm-0.9.0-4.fc42
store-results-to	/tmp/tmp07s5ne10/swtpm-0.9.0-4.fc42.tar.xz
time-created	2024-11-13 03:19:55
time-finished	2024-11-13 03:22:02
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmp07s5ne10/swtpm-0.9.0-4.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp07s5ne10/swtpm-0.9.0-4.fc42.src.rpm'
tool-version	csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9