Error: GCC_ANALYZER_WARNING (CWE-476): [#def1] bind-dyndb-ldap-11.11/src/acl.c:226:17: warning[-Wanalyzer-null-dereference]: dereference of NULL 'types' bind-dyndb-ldap-11.11/src/acl.c:207:12: branch_false: following 'false' branch... bind-dyndb-ldap-11.11/src/acl.c:211:19: branch_false: ...to here bind-dyndb-ldap-11.11/src/acl.c:211:40: branch_true: following 'true' branch (when 'el' is non-NULL)... bind-dyndb-ldap-11.11/src/acl.c:216:17: branch_true: ...to here bind-dyndb-ldap-11.11/src/acl.c:216:17: branch_false: following 'false' branch... bind-dyndb-ldap-11.11/src/acl.c:216:17: branch_false: ...to here bind-dyndb-ldap-11.11/src/acl.c:226:22: release_memory: 'types' is NULL bind-dyndb-ldap-11.11/src/acl.c:226:22: release_memory: 'types' is NULL bind-dyndb-ldap-11.11/src/acl.c:226:22: release_memory: 'types' is NULL bind-dyndb-ldap-11.11/src/acl.c:226:17: danger: dereference of NULL 'types + (long unsigned int)i * 8' # 224| result = dns_rdatatype_fromtext(&types[i++], &r); # 225| #else # 226|-> types[i].max = 0; # 227| result = dns_rdatatype_fromtext(&types[i++].type, &r); # 228| #endif Error: GCC_ANALYZER_WARNING (CWE-476): [#def2] bind-dyndb-ldap-11.11/src/bindcfg.c:35:9: warning[-Wanalyzer-null-dereference]: dereference of NULL 'cfg_type' bind-dyndb-ldap-11.11/src/bindcfg.c:84:1: enter_function: entry to 'cfg_init_types' bind-dyndb-ldap-11.11/src/bindcfg.c:89:20: call_function: calling 'get_type_from_clause_array' from 'cfg_init_types' bind-dyndb-ldap-11.11/src/bindcfg.c:89:20: return_function: returning to 'cfg_init_types' from 'get_type_from_clause_array' bind-dyndb-ldap-11.11/src/bindcfg.c:90:20: call_function: calling 'get_type_from_tuplefield' from 'cfg_init_types' # 33| REQUIRE(name != NULL); # 34| # 35|-> field = (cfg_tuplefielddef_t *)cfg_type->of; # 36| for (int i = 0; field[i].name != NULL; i++) { # 37| if (!strcmp(field[i].name, name)) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def3] bind-dyndb-ldap-11.11/src/bindcfg.c:73:9: warning[-Wanalyzer-null-dereference]: dereference of NULL 'cfg_type' bind-dyndb-ldap-11.11/src/bindcfg.c:84:1: enter_function: entry to 'cfg_init_types' bind-dyndb-ldap-11.11/src/bindcfg.c:89:20: call_function: calling 'get_type_from_clause_array' from 'cfg_init_types' bind-dyndb-ldap-11.11/src/bindcfg.c:89:20: return_function: returning to 'cfg_init_types' from 'get_type_from_clause_array' bind-dyndb-ldap-11.11/src/bindcfg.c:90:20: call_function: calling 'get_type_from_tuplefield' from 'cfg_init_types' bind-dyndb-ldap-11.11/src/bindcfg.c:90:20: return_function: returning to 'cfg_init_types' from 'get_type_from_tuplefield' bind-dyndb-ldap-11.11/src/bindcfg.c:92:34: call_function: calling 'get_type_from_clause_array' from 'cfg_init_types' # 71| REQUIRE(name != NULL); # 72| # 73|-> clauses = (const cfg_clausedef_t **)cfg_type->of; # 74| for (int i = 0; clauses[i] != NULL; i++) { # 75| ret = get_type_from_clause(clauses[i], name); Error: GCC_ANALYZER_WARNING (CWE-126): [#def4] bind-dyndb-ldap-11.11/src/fs.c:37:17: warning[-Wanalyzer-out-of-bounds]: buffer over-read bind-dyndb-ldap-11.11/src/fs.c:36:12: branch_true: following 'true' branch... bind-dyndb-ldap-11.11/src/fs.c:37:17: branch_true: ...to here bind-dyndb-ldap-11.11/src/fs.c:37:17: danger: out-of-bounds read at byte 4096 but 'msg_getcwd_failed' ends at byte 4096 # 35| # 36| if (getcwd(dir_curr, sizeof(dir_curr) - 1) == NULL) # 37|-> strncpy(dir_curr, msg_getcwd_failed, sizeof(dir_curr)); # 38| ret = mkdir(dir_name, dir_mode); # 39| if (ret == 0) Error: GCC_ANALYZER_WARNING (CWE-126): [#def5] bind-dyndb-ldap-11.11/src/fs.c:115:25: warning[-Wanalyzer-out-of-bounds]: buffer over-read bind-dyndb-ldap-11.11/src/fs.c:111:12: branch_false: following 'false' branch... bind-dyndb-ldap-11.11/src/fs.c:113:17: branch_false: ...to here bind-dyndb-ldap-11.11/src/fs.c:113:17: branch_true: following 'true' branch... bind-dyndb-ldap-11.11/src/fs.c:114:21: branch_true: ...to here bind-dyndb-ldap-11.11/src/fs.c:114:20: branch_true: following 'true' branch... bind-dyndb-ldap-11.11/src/fs.c:115:25: branch_true: ...to here bind-dyndb-ldap-11.11/src/fs.c:115:25: danger: out-of-bounds read at byte 4096 but 'msg_getcwd_failed' ends at byte 4096 # 113| else if (result != ISC_R_SUCCESS) { # 114| if (getcwd(dir_curr, sizeof(dir_curr) - 1) == NULL) # 115|-> strncpy(dir_curr, msg_getcwd_failed, sizeof(dir_curr)); # 116| log_error_r("unable to delete file '%s', working directory " # 117| "is '%s'", file_name, dir_curr); Error: GCC_ANALYZER_WARNING (CWE-465): [#def6] bind-dyndb-ldap-11.11/src/ldap_driver.c:1130:12: warning[-Wanalyzer-deref-before-check]: check of 'isc__mem_get(mctx, 208, 0)' for NULL after already dereferencing it # 1128| # 1129| cleanup: # 1130|-> if (ldapdb != NULL) { # 1131| if (lock_ready == true) { # 1132| /* isc_mutex_destroy errors are now fatal */ Error: CPPCHECK_WARNING (CWE-190): [#def7] bind-dyndb-ldap-11.11/src/ldap_helper.c:628: error[integerOverflow]: Signed integer overflow for expression '(0xDDDD<<16)+5'. # 626| gfwdevent = (ldap_globalfwd_handleez_t *)isc_event_allocate( # 627| ldap_inst->mctx, ldap_inst, # 628|-> LDAPDB_EVENT_GLOBALFWD_HANDLEEZ, # 629| empty_zone_handle_globalfwd_ev, # 630| ldap_inst->view->zonetable, Error: GCC_ANALYZER_WARNING (CWE-476): [#def8] bind-dyndb-ldap-11.11/src/ldap_helper.c:3083:13: warning[-Wanalyzer-null-dereference]: dereference of NULL 'ldap_conn' bind-dyndb-ldap-11.11/src/ldap_helper.c:3873:1: enter_function: entry to 'update_record' bind-dyndb-ldap-11.11/src/ldap_helper.c:3916:9: branch_false: following 'false' branch... bind-dyndb-ldap-11.11/src/ldap_helper.c:3919:1: branch_false: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:3923:9: call_function: calling 'ldapdb_rdatalist_destroy' from 'update_record' bind-dyndb-ldap-11.11/src/ldap_helper.c:3923:9: return_function: returning to 'update_record' from 'ldapdb_rdatalist_destroy' bind-dyndb-ldap-11.11/src/ldap_helper.c:3971:12: branch_false: following 'false' branch... bind-dyndb-ldap-11.11/src/ldap_helper.c:3981:13: branch_false: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:3989:12: branch_true: following 'true' branch... bind-dyndb-ldap-11.11/src/ldap_helper.c:3990:21: branch_true: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:3990:20: branch_true: following 'true' branch... bind-dyndb-ldap-11.11/src/ldap_helper.c:3991:25: branch_true: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:3991:25: branch_false: following 'false' branch... bind-dyndb-ldap-11.11/src/ldap_helper.c:3993:25: branch_false: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:3996:34: call_function: calling 'ldap_replace_serial' from 'update_record' # 3081| # 3082| CHECK(ldap_pool_getconnection(ldap_inst->pool, &ldap_conn)); # 3083|-> if (ldap_conn->handle == NULL) { # 3084| /* # 3085| * handle can be NULL when the first connection to LDAP wasn't Error: GCC_ANALYZER_WARNING (CWE-476): [#def9] bind-dyndb-ldap-11.11/src/ldap_helper.c:4163:9: warning[-Wanalyzer-null-dereference]: dereference of NULL 'entry' bind-dyndb-ldap-11.11/src/ldap_helper.c:4327:5: enter_function: entry to 'ldap_sync_search_entry' bind-dyndb-ldap-11.11/src/ldap_helper.c:4334:23: release_memory: 'old_entry' is NULL bind-dyndb-ldap-11.11/src/ldap_helper.c:4335:23: release_memory: 'old_entry' is NULL bind-dyndb-ldap-11.11/src/ldap_helper.c:4334:23: release_memory: 'old_entry' is NULL bind-dyndb-ldap-11.11/src/ldap_helper.c:4335:23: release_memory: 'old_entry' is NULL bind-dyndb-ldap-11.11/src/ldap_helper.c:4345:12: branch_false: following 'false' branch... bind-dyndb-ldap-11.11/src/ldap_helper.c:4348:9: branch_false: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:4348:9: branch_false: following 'false' branch... bind-dyndb-ldap-11.11/src/ldap_helper.c:4351:9: branch_false: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:4351:9: branch_false: following 'false' branch... bind-dyndb-ldap-11.11/src/ldap_helper.c:4352:9: branch_false: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:4355:12: branch_false: following 'false' branch... bind-dyndb-ldap-11.11/src/ldap_helper.c:4359:13: branch_false: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:4359:12: branch_false: following 'false' branch... branch_false: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:4388:12: branch_true: following 'true' branch... bind-dyndb-ldap-11.11/src/ldap_helper.c:4390:17: branch_true: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:4390:17: call_function: calling 'syncrepl_update' from 'ldap_sync_search_entry' # 4161| REQUIRE(entryp != NULL); # 4162| entry = *entryp; # 4163|-> REQUIRE(entry->class != LDAP_ENTRYCLASS_NONE); # 4164| # 4165| log_debug(20, "syncrepl_update change type: add%d, del%d, mod%d", Error: CPPCHECK_WARNING (CWE-190): [#def10] bind-dyndb-ldap-11.11/src/ldap_helper.c:4215: error[integerOverflow]: Signed integer overflow for expression '(0xDDDD<<16)+1'. # 4213| # 4214| pevent = (ldap_syncreplevent_t *)isc_event_allocate(inst->mctx, # 4215|-> inst, LDAPDB_EVENT_SYNCREPL_UPDATE, # 4216| action, NULL, # 4217| sizeof(ldap_syncreplevent_t)); Error: GCC_ANALYZER_WARNING (CWE-476): [#def11] bind-dyndb-ldap-11.11/src/ldap_helper.c:4586:12: warning[-Wanalyzer-null-dereference]: dereference of NULL 'conn' bind-dyndb-ldap-11.11/src/ldap_helper.c:4725:1: enter_function: entry to 'ldap_syncrepl_watcher' bind-dyndb-ldap-11.11/src/ldap_helper.c:4728:28: release_memory: 'conn' is NULL bind-dyndb-ldap-11.11/src/ldap_helper.c:4752:9: call_function: calling 'ldap_pool_getconnection' from 'ldap_syncrepl_watcher' bind-dyndb-ldap-11.11/src/ldap_helper.c:4752:9: return_function: returning to 'ldap_syncrepl_watcher' from 'ldap_pool_getconnection' bind-dyndb-ldap-11.11/src/ldap_helper.c:4752:9: branch_false: following 'false' branch... branch_false: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:4754:16: branch_false: following 'false' branch... bind-dyndb-ldap-11.11/src/ldap_helper.c:4755:17: branch_false: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:4762:26: release_memory: 'conn' is NULL bind-dyndb-ldap-11.11/src/ldap_helper.c:4762:26: call_function: calling 'ldap_sync_doit' from 'ldap_syncrepl_watcher' # 4584| CHECK(cleanup_files(inst)); # 4585| # 4586|-> if(conn->handle == NULL) # 4587| CLEANUP_WITH(ISC_R_NOTCONNECTED); # 4588| Error: GCC_ANALYZER_WARNING (CWE-476): [#def12] bind-dyndb-ldap-11.11/src/ldap_helper.c:4796:24: warning[-Wanalyzer-null-dereference]: dereference of NULL 'conn' bind-dyndb-ldap-11.11/src/ldap_helper.c:4725:1: enter_function: entry to 'ldap_syncrepl_watcher' bind-dyndb-ldap-11.11/src/ldap_helper.c:4728:28: release_memory: 'conn' is NULL bind-dyndb-ldap-11.11/src/ldap_helper.c:4752:9: call_function: calling 'ldap_pool_getconnection' from 'ldap_syncrepl_watcher' bind-dyndb-ldap-11.11/src/ldap_helper.c:4752:9: return_function: returning to 'ldap_syncrepl_watcher' from 'ldap_pool_getconnection' bind-dyndb-ldap-11.11/src/ldap_helper.c:4752:9: branch_false: following 'false' branch... branch_false: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:4754:16: branch_false: following 'false' branch... bind-dyndb-ldap-11.11/src/ldap_helper.c:4755:17: branch_false: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:4762:26: release_memory: 'conn' is NULL bind-dyndb-ldap-11.11/src/ldap_helper.c:4762:26: call_function: calling 'ldap_sync_doit' from 'ldap_syncrepl_watcher' bind-dyndb-ldap-11.11/src/ldap_helper.c:4762:26: return_function: returning to 'ldap_syncrepl_watcher' from 'ldap_sync_doit' bind-dyndb-ldap-11.11/src/ldap_helper.c:4763:20: branch_true: following 'true' branch... bind-dyndb-ldap-11.11/src/ldap_helper.c:4764:25: branch_true: ...to here bind-dyndb-ldap-11.11/src/ldap_helper.c:4796:24: danger: dereference of NULL 'conn' # 4794| retry: # 4795| /* Try to connect. */ # 4796|-> while (conn->handle == NULL) { # 4797| CHECK_EXIT; # 4798| CHECK(setting_get_uint("reconnect_interval", Error: CPPCHECK_WARNING (CWE-190): [#def13] bind-dyndb-ldap-11.11/src/syncptr.c:394: error[integerOverflow]: Signed integer overflow for expression '(0xDDDD<<16)+4'. # 392| # 393| ev = (sync_ptrev_t *)isc_event_allocate(mctx, NULL, # 394|-> LDAPDB_EVENT_SYNCPTR, # 395| sync_ptr_handler, NULL, # 396| sizeof(sync_ptrev_t)); Error: CPPCHECK_WARNING (CWE-190): [#def14] bind-dyndb-ldap-11.11/src/syncrepl.c:176: error[integerOverflow]: Signed integer overflow for expression '(0xDDDD<<16)+2'. # 174| # 175| ev = (sync_barrierev_t *)isc_event_allocate(sctx->mctx, # 176|-> sctx, LDAPDB_EVENT_SYNCREPL_BARRIER, # 177| finish, NULL, # 178| sizeof(sync_barrierev_t)); Error: CPPCHECK_WARNING (CWE-190): [#def15] bind-dyndb-ldap-11.11/src/syncrepl.c:243: error[integerOverflow]: Signed integer overflow for expression '(0xDDDD<<16)+2'. # 241| # 242| ev = (sync_barrierev_t *)isc_event_allocate(sctx->mctx, # 243|-> sctx, LDAPDB_EVENT_SYNCREPL_BARRIER, # 244| barrier_decrement, NULL, # 245| sizeof(sync_barrierev_t));
| analyzer-version-clippy | 1.86.0 |
| analyzer-version-cppcheck | 2.17.1 |
| analyzer-version-gcc | 15.0.1 |
| analyzer-version-gcc-analyzer | 15.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-201.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | bind-dyndb-ldap-11.11-3.fc43 |
| store-results-to | /tmp/tmpo2v0crp9/bind-dyndb-ldap-11.11-3.fc43.tar.xz |
| time-created | 2025-04-25 12:03:26 |
| time-finished | 2025-04-25 12:05:03 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpo2v0crp9/bind-dyndb-ldap-11.11-3.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpo2v0crp9/bind-dyndb-ldap-11.11-3.fc43.src.rpm' |
| tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |