vte291-0.78.1-1.fc42

List of Findings

Error: SHELLCHECK_WARNING (CWE-758): [#def1]
/etc/profile.d/vte.sh:1:1: error[SC2148]: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
#    1|-> # Copyright © 2012 Christian Persch
#    2|   #
#    3|   # This program is free software: you can redistribute it and/or modify

Error: SHELLCHECK_WARNING (CWE-477): [#def2]
/etc/profile.d/vte.sh:17:26: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
#   15|   
#   16|   # Not bash or zsh?
#   17|-> [ -n "${BASH_VERSION:-}" -o -n "${ZSH_VERSION:-}" ] || return 0
#   18|   
#   19|   # Not an interactive shell?

Error: SHELLCHECK_WARNING (CWE-398): [#def3]
/etc/profile.d/vte.sh:86:9: warning[SC2178]: Variable was used as an array but is now assigned a string.
#   84|           PROMPT_COMMAND+=(__vte_osc7)
#   85|       else
#   86|->         PROMPT_COMMAND="__vte_prompt_command"
#   87|       fi
#   88|       PS0=$(__vte_termprop_signal "vte.shell.preexec")

Error: SHELLCHECK_WARNING (CWE-140): [#def4]
/etc/profile.d/vte.sh:144:42: warning[SC2206]: Quote to prevent word splitting/globbing, or split robustly with mapfile or read -a.
#  142|               return $errsv
#  143|           }
#  144|->         preexec_functions=(__vte_preexec $preexec $preexec_functions)
#  145|           unset preexec
#  146|       fi

Error: SHELLCHECK_WARNING (CWE-140): [#def5]
/etc/profile.d/vte.sh:144:51: warning[SC2206]: Quote to prevent word splitting/globbing, or split robustly with mapfile or read -a.
#  142|               return $errsv
#  143|           }
#  144|->         preexec_functions=(__vte_preexec $preexec $preexec_functions)
#  145|           unset preexec
#  146|       fi

Error: GCC_ANALYZER_WARNING (CWE-479): [#def6]
vte291-0.78.1-build/vte-0.78.1/src/mev.c:50:9: warning[-Wanalyzer-unsafe-call-within-signal-handler]: call to ‘fprintf’ from within signal handler
vte291-0.78.1-build/vte-0.78.1/src/mev.c: scope_hint: In function ‘reset_mouse_tracking_mode’
#   48|   decset(int mode, gboolean value)
#   49|   {
#   50|-> 	fprintf(stdout, _VTE_CAP_CSI "?%d%c", mode, value ? 'h' : 'l');
#   51|   }
#   52|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def7]
vte291-0.78.1-build/vte-0.78.1/src/slowcat.c: scope_hint: In function ‘catfile’
vte291-0.78.1-build/vte-0.78.1/src/slowcat.c:72:12: warning[-Wanalyzer-file-leak]: leak of FILE ‘fp’
#   70|   	g_free(buf);
#   71|   
#   72|-> 	if (fp != stdin) {
#   73|   		fclose(fp);
#   74|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
vte291-0.78.1-build/vte-0.78.1/src/slowcat.c:72:12: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
#   70|   	g_free(buf);
#   71|   
#   72|-> 	if (fp != stdin) {
#   73|   		fclose(fp);
#   74|   	}

Error: COMPILER_WARNING (CWE-1164): [#def9]
vte291-0.78.1-build/vte-0.78.1/src/vte.cc: scope_hint: In member function ‘void vte::terminal::Terminal::process_incoming_utf8(ProcessingContext&, vte::base::Chunk&)’
vte291-0.78.1-build/vte-0.78.1/src/vte.cc:4242:1: warning[-Wunused-label]: label ‘switched_data_syntax’ defined but not used
# 4242 | switched_data_syntax:
#      | ^~~~~~~~~~~~~~~~~~~~
# 4240|   #pragma GCC diagnostic push
# 4241|   #pragma GCC diagnostic ignored "-Wunused-label"
# 4242|-> switched_data_syntax:
# 4243|   #pragma GCC diagnostic pop
# 4244|   

Error: COMPILER_WARNING (CWE-1164): [#def10]
vte291-0.78.1-build/vte-0.78.1/src/vte.cc: scope_hint: In member function ‘void vte::terminal::Terminal::process_incoming_pcterm(ProcessingContext&, vte::base::Chunk&)’
vte291-0.78.1-build/vte-0.78.1/src/vte.cc:4370:2: warning[-Wunused-label]: label ‘switched_data_syntax’ defined but not used
# 4370 |  switched_data_syntax:
#      |  ^~~~~~~~~~~~~~~~~~~~
# 4368|   #pragma GCC diagnostic push
# 4369|   #pragma GCC diagnostic ignored "-Wunused-label"
# 4370|->  switched_data_syntax:
# 4371|   #pragma GCC diagnostic pop
# 4372|   

Error: CPPCHECK_WARNING (CWE-457): [#def11]
vte291-0.78.1-build/vte-0.78.1/src/vteunistr.h:125: error[legacyUninitvar]: Uninitialized variable: first
#  123|           }
#  124|   
#  125|->         outbuf[0] = c | first;
#  126|   
#  127|           // GLib can do an inlined append()

Scan Properties

analyzer-version-clippy	1.82.0
analyzer-version-cppcheck	2.16.0
analyzer-version-gcc	14.2.1
analyzer-version-gcc-analyzer	15.0.0
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-169.us-west-2.compute.internal
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	vte291-0.78.1-1.fc42
store-results-to	/tmp/tmp0_tqrtry/vte291-0.78.1-1.fc42.tar.xz
time-created	2024-11-13 03:47:59
time-finished	2024-11-13 03:51:10
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmp0_tqrtry/vte291-0.78.1-1.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp0_tqrtry/vte291-0.78.1-1.fc42.src.rpm'
tool-version	csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9