Error: CPPCHECK_WARNING (CWE-758): [#def1] diffutils-3.10/lib/cmpbuf.c:107: error[shiftTooManyBitsSigned]: Shifting signed 64-bit value by 63 bits is undefined behaviour # 105| /* Yield a if there is an overflow. */ # 106| q = a / n; # 107|-> return !INT_MULTIPLY_WRAPV (q, b, &lcm) && lcm <= lcm_max ? lcm : a; # 108| } Error: COMPILER_WARNING (CWE-457): [#def2] diffutils-3.10/lib/diffseq.h:430:36: warning[-Wmaybe-uninitialized]: 'fxbest' may be used uninitialized # 430 | part->ymid = fxybest - fxbest; # | ~~~~~~~~^~~~~~~~ diffutils-3.10/lib/diffseq.h: scope_hint: In function 'compareseq' diffutils-3.10/lib/diffseq.h:386:18: note: 'fxbest' was declared here # 386 | OFFSET fxbest IF_LINT (= 0); # | ^~~~~~ # 428| { # 429| part->xmid = fxbest; # 430|-> part->ymid = fxybest - fxbest; # 431| part->lo_minimal = true; # 432| part->hi_minimal = false; Error: COMPILER_WARNING (CWE-457): [#def3] diffutils-3.10/lib/diffseq.h:437:36: warning[-Wmaybe-uninitialized]: 'bxbest' may be used uninitialized # 437 | part->ymid = bxybest - bxbest; # | ~~~~~~~~^~~~~~~~ diffutils-3.10/lib/diffseq.h: scope_hint: In function 'compareseq' diffutils-3.10/lib/diffseq.h:388:18: note: 'bxbest' was declared here # 388 | OFFSET bxbest IF_LINT (= 0); # | ^~~~~~ # 435| { # 436| part->xmid = bxbest; # 437|-> part->ymid = bxybest - bxbest; # 438| part->lo_minimal = false; # 439| part->hi_minimal = true; Error: CPPCHECK_WARNING (CWE-562): [#def4] diffutils-3.10/lib/mktime.c:262: error[returnDanglingLifetime]: Returning pointer to local variable 'x' that will be invalid when returning. # 260| { # 261| __time64_t x = t; # 262|-> return convert (&x, tm); # 263| } # 264| Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] diffutils-3.10/lib/propername.c:59:10: warning[-Wanalyzer-malloc-leak]: leak of 'trim2(sub, 2)' diffutils-3.10/lib/propername.c:187:1: enter_function: entry to 'proper_name_utf8' diffutils-3.10/lib/propername.c:200:6: branch_false: following 'false' branch... diffutils-3.10/lib/propername.c:247:10: branch_false: ...to here diffutils-3.10/lib/propername.c:254:6: branch_true: following 'true' branch (when the strings are non-equal)... diffutils-3.10/lib/propername.c:257:11: branch_true: ...to here diffutils-3.10/lib/propername.c:257:11: call_function: calling 'mbsstr_trimmed_wordbounded' from 'proper_name_utf8' # 57| bool found = false; # 58| # 59|-> for (; *string != '\0';) # 60| { # 61| const char *tsub_in_string = mbsstr (string, tsub); Error: GCC_ANALYZER_WARNING (CWE-775): [#def6] diffutils-3.10/lib/stdopen.c:40:27: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'new_fd' diffutils-3.10/lib/stdopen.c:40:27: branch_true: following 'true' branch (when 'fd != 3')... diffutils-3.10/lib/stdopen.c:42:11: branch_true: ...to here diffutils-3.10/lib/stdopen.c:40:27: branch_true: following 'true' branch (when 'fd != 3')... diffutils-3.10/lib/stdopen.c:42:11: branch_true: ...to here diffutils-3.10/lib/stdopen.c:51:46: acquire_resource: opened here diffutils-3.10/lib/stdopen.c:55:14: branch_false: following 'false' branch (when 'new_fd <= 2')... diffutils-3.10/lib/stdopen.c:40:48: branch_false: ...to here diffutils-3.10/lib/stdopen.c:40:27: danger: 'new_fd' leaks here; was opened at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4) # 38| { # 39| int fd; # 40|-> for (fd = STDIN_FILENO; fd <= STDERR_FILENO; fd++) # 41| { # 42| if (fcntl (fd, F_GETFD) < 0) Error: GCC_ANALYZER_WARNING (CWE-775): [#def7] diffutils-3.10/lib/stdopen.c:52:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'new_fd' diffutils-3.10/lib/stdopen.c:40:27: branch_true: following 'true' branch (when 'fd != 3')... diffutils-3.10/lib/stdopen.c:42:11: branch_true: ...to here diffutils-3.10/lib/stdopen.c:40:27: branch_true: following 'true' branch (when 'fd != 3')... diffutils-3.10/lib/stdopen.c:42:11: branch_true: ...to here diffutils-3.10/lib/stdopen.c:52:38: acquire_resource: opened here diffutils-3.10/lib/stdopen.c:53:14: branch_false: following 'false' branch... diffutils-3.10/lib/stdopen.c:55:14: branch_false: ...to here diffutils-3.10/lib/stdopen.c:55:14: branch_false: following 'false' branch (when 'new_fd <= 2')... diffutils-3.10/lib/stdopen.c:40:48: branch_false: ...to here diffutils-3.10/lib/stdopen.c:40:27: branch_true: following 'true' branch (when 'fd != 3')... diffutils-3.10/lib/stdopen.c:42:11: branch_true: ...to here diffutils-3.10/lib/stdopen.c:52:24: danger: 'new_fd' leaks here; was opened at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4) # 50| int mode = fd == STDIN_FILENO ? O_WRONLY : O_RDONLY; # 51| int full_fd = fd == STDIN_FILENO ? open ("/dev/full", mode) : -1; # 52|-> int new_fd = full_fd < 0 ? open ("/dev/null", mode) : full_fd; # 53| if (new_fd < 0) # 54| return errno; Error: GCC_ANALYZER_WARNING (CWE-775): [#def8] diffutils-3.10/lib/stdopen.c:55:14: warning[-Wanalyzer-fd-leak]: leak of file descriptor diffutils-3.10/lib/stdopen.c:40:27: branch_true: following 'true' branch (when 'fd != 3')... diffutils-3.10/lib/stdopen.c:42:11: branch_true: ...to here diffutils-3.10/lib/stdopen.c:51:25: branch_true: following 'true' branch (when 'fd == 0')... diffutils-3.10/lib/stdopen.c:51:46: branch_true: ...to here diffutils-3.10/lib/stdopen.c:51:46: acquire_resource: opened here diffutils-3.10/lib/stdopen.c:55:14: branch_false: following 'false' branch (when 'new_fd <= 2')... diffutils-3.10/lib/stdopen.c:40:48: branch_false: ...to here diffutils-3.10/lib/stdopen.c:40:27: branch_true: following 'true' branch (when 'fd != 3')... diffutils-3.10/lib/stdopen.c:42:11: branch_true: ...to here diffutils-3.10/lib/stdopen.c:53:14: branch_false: following 'false' branch... diffutils-3.10/lib/stdopen.c:55:14: branch_false: ...to here diffutils-3.10/lib/stdopen.c:55:14: danger: leaks here; was opened at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4) # 53| if (new_fd < 0) # 54| return errno; # 55|-> if (STDERR_FILENO < new_fd) # 56| { # 57| /* 0, 1, and 2 are already open somehow. Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] diffutils-3.10/lib/striconv.c:299:31: warning[-Wanalyzer-malloc-leak]: leak of 'str_cd_iconv(src, iconv_open(to_codeset, from_codeset))' diffutils-3.10/lib/striconv.c:393:1: enter_function: entry to 'str_iconv' diffutils-3.10/lib/striconv.c:395:6: branch_false: following 'false' branch... diffutils-3.10/lib/striconv.c:420:10: branch_false: following 'false' branch... diffutils-3.10/lib/striconv.c:423:16: branch_false: ...to here diffutils-3.10/lib/striconv.c:423:16: acquire_memory: allocated here diffutils-3.10/lib/striconv.c:423:16: call_function: calling 'str_cd_iconv' from 'str_iconv' # 297| else if (errno == E2BIG) # 298| { # 299|-> size_t used = outptr - result; # 300| size_t newsize = result_size * 2; # 301| char *newresult; Error: GCC_ANALYZER_WARNING (CWE-401): [#def10] diffutils-3.10/lib/striconv.c:338:31: warning[-Wanalyzer-malloc-leak]: leak of 'str_cd_iconv(src, iconv_open(to_codeset, from_codeset))' diffutils-3.10/lib/striconv.c:393:1: enter_function: entry to 'str_iconv' diffutils-3.10/lib/striconv.c:395:6: branch_false: following 'false' branch... diffutils-3.10/lib/striconv.c:420:10: branch_false: following 'false' branch... diffutils-3.10/lib/striconv.c:423:16: branch_false: ...to here diffutils-3.10/lib/striconv.c:423:16: acquire_memory: allocated here diffutils-3.10/lib/striconv.c:423:16: call_function: calling 'str_cd_iconv' from 'str_iconv' # 336| if (errno == E2BIG) # 337| { # 338|-> size_t used = outptr - result; # 339| size_t newsize = result_size * 2; # 340| char *newresult; Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] diffutils-3.10/lib/striconv.c:367:6: warning[-Wanalyzer-malloc-leak]: leak of 'str_cd_iconv(src, iconv_open(to_codeset, from_codeset))' diffutils-3.10/lib/striconv.c:393:1: enter_function: entry to 'str_iconv' diffutils-3.10/lib/striconv.c:395:6: branch_false: following 'false' branch... diffutils-3.10/lib/striconv.c:420:10: branch_false: following 'false' branch... diffutils-3.10/lib/striconv.c:423:16: branch_false: ...to here diffutils-3.10/lib/striconv.c:423:16: acquire_memory: allocated here diffutils-3.10/lib/striconv.c:423:16: call_function: calling 'str_cd_iconv' from 'str_iconv' # 365| # 366| /* Add the terminating NUL byte. */ # 367|-> *outptr++ = '\0'; # 368| # 369| length = outptr - result; Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] diffutils-3.10/lib/striconv.c:420:10: warning[-Wanalyzer-malloc-leak]: leak of 'iconv_open(to_codeset, from_codeset)' diffutils-3.10/lib/striconv.c:395:6: branch_false: following 'false' branch... diffutils-3.10/lib/striconv.c:419:12: acquire_memory: allocated here diffutils-3.10/lib/striconv.c:420:10: danger: 'iconv_open(to_codeset, from_codeset)' leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2) # 418| # endif # 419| cd = iconv_open (to_codeset, from_codeset); # 420|-> if (cd == (iconv_t) -1) # 421| return NULL; # 422| Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] diffutils-3.10/lib/time_rz.c:210:9: warning[-Wanalyzer-malloc-leak]: leak of 'set_tz(tz)' diffutils-3.10/lib/./time.h:953:1: enter_function: entry to 'mktime_z' diffutils-3.10/lib/time_rz.c:287:6: branch_false: following 'false' branch (when 'tz' is non-NULL)... diffutils-3.10/lib/time_rz.c:291:27: branch_false: ...to here diffutils-3.10/lib/time_rz.c:291:27: call_function: calling 'set_tz' from 'mktime_z' diffutils-3.10/lib/time_rz.c:291:27: return_function: returning to 'mktime_z' from 'set_tz' diffutils-3.10/lib/time_rz.c:292:10: branch_true: following 'true' branch... diffutils-3.10/lib/time_rz.c:295:25: branch_true: ...to here diffutils-3.10/lib/time_rz.c:306:16: branch_false: following 'false' branch... branch_false: ...to here diffutils-3.10/lib/time_rz.c:210:9: danger: 'set_tz(tz)' leaks here; was allocated at [(8)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/7) # 208| char *env_tz = getenv_TZ (); # 209| if (env_tz # 210|-> ? tz->tz_is_set && strcmp (tz->abbrs, env_tz) == 0 # 211| : !tz->tz_is_set) # 212| return local_tz; Error: GCC_ANALYZER_WARNING (CWE-401): [#def14] diffutils-3.10/lib/xmalloc.c:45:10: warning[-Wanalyzer-malloc-leak]: leak of 'xmalloc(n)' diffutils-3.10/lib/xmalloc.c:55:1: enter_function: entry to 'xcharalloc' diffutils-3.10/lib/xmalloc.c:57:10: call_function: calling 'xmalloc' from 'xcharalloc' # 43| xmalloc (size_t s) # 44| { # 45|-> return nonnull (malloc (s)); # 46| } # 47| Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] diffutils-3.10/lib/xmalloc.c:45:10: warning[-Wanalyzer-malloc-leak]: leak of 'xmalloc(s)' diffutils-3.10/lib/xmalloc.c:312:1: enter_function: entry to 'xmemdup' diffutils-3.10/lib/xmalloc.c:314:18: call_function: calling 'xmalloc' from 'xmemdup' # 43| xmalloc (size_t s) # 44| { # 45|-> return nonnull (malloc (s)); # 46| } # 47| Error: GCC_ANALYZER_WARNING (CWE-401): [#def16] diffutils-3.10/lib/xmalloc.c:298:10: warning[-Wanalyzer-malloc-leak]: leak of 'xcalloc(s, 1)' diffutils-3.10/lib/xmalloc.c:281:1: enter_function: entry to 'xzalloc' diffutils-3.10/lib/xmalloc.c:283:10: call_function: calling 'xcalloc' from 'xzalloc' # 296| xcalloc (size_t n, size_t s) # 297| { # 298|-> return nonnull (calloc (n, s)); # 299| } # 300| Error: GCC_ANALYZER_WARNING (CWE-401): [#def17] diffutils-3.10/src/../lib/diffseq.h:274:15: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' diffutils-3.10/src/analyze.c:463:1: enter_function: entry to 'diff_2_files' diffutils-3.10/src/analyze.c:477:6: branch_false: following 'false' branch... diffutils-3.10/src/analyze.c:545:18: branch_false: ...to here diffutils-3.10/src/analyze.c:554:7: call_function: calling 'discard_confusing_lines' from 'diff_2_files' diffutils-3.10/src/analyze.c:554:7: return_function: returning to 'diff_2_files' from 'discard_confusing_lines' diffutils-3.10/src/analyze.c:581:7: call_function: calling 'compareseq' from 'diff_2_files' # 272| big_snake = true; # 273| bd[d] = x; # 274|-> if (!odd && fmin <= d && d <= fmax && x <= fd[d]) # 275| { # 276| part->xmid = x; Error: GCC_ANALYZER_WARNING (CWE-401): [#def18] diffutils-3.10/src/../lib/diffseq.h:392:26: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' diffutils-3.10/src/analyze.c:463:1: enter_function: entry to 'diff_2_files' diffutils-3.10/src/analyze.c:477:6: branch_false: following 'false' branch... diffutils-3.10/src/analyze.c:545:18: branch_false: ...to here diffutils-3.10/src/analyze.c:554:7: call_function: calling 'discard_confusing_lines' from 'diff_2_files' diffutils-3.10/src/analyze.c:554:7: return_function: returning to 'diff_2_files' from 'discard_confusing_lines' diffutils-3.10/src/analyze.c:581:7: call_function: calling 'compareseq' from 'diff_2_files' # 390| /* Find forward diagonal that maximizes X + Y. */ # 391| fxybest = -1; # 392|-> for (d = fmax; d >= fmin; d -= 2) # 393| { # 394| OFFSET x = MIN (fd[d], xlim); Error: GCC_ANALYZER_WARNING (CWE-457): [#def19] diffutils-3.10/src/../lib/diffseq.h:429:15: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'fxbest' diffutils-3.10/src/analyze.c:463:1: enter_function: entry to 'diff_2_files' diffutils-3.10/src/analyze.c:477:6: branch_false: following 'false' branch... diffutils-3.10/src/analyze.c:545:18: branch_false: ...to here diffutils-3.10/src/analyze.c:554:7: call_function: calling 'discard_confusing_lines' from 'diff_2_files' diffutils-3.10/src/analyze.c:554:7: return_function: returning to 'diff_2_files' from 'discard_confusing_lines' diffutils-3.10/src/analyze.c:581:7: call_function: calling 'compareseq' from 'diff_2_files' # 427| if ((xlim + ylim) - bxybest < fxybest - (xoff + yoff)) # 428| { # 429|-> part->xmid = fxbest; # 430| part->ymid = fxybest - fxbest; # 431| part->lo_minimal = true; Error: GCC_ANALYZER_WARNING (CWE-457): [#def20] diffutils-3.10/src/../lib/diffseq.h:436:15: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'bxbest' diffutils-3.10/src/analyze.c:463:1: enter_function: entry to 'diff_2_files' diffutils-3.10/src/analyze.c:477:6: branch_false: following 'false' branch... diffutils-3.10/src/analyze.c:545:18: branch_false: ...to here diffutils-3.10/src/analyze.c:554:7: call_function: calling 'discard_confusing_lines' from 'diff_2_files' diffutils-3.10/src/analyze.c:554:7: return_function: returning to 'diff_2_files' from 'discard_confusing_lines' diffutils-3.10/src/analyze.c:581:7: call_function: calling 'compareseq' from 'diff_2_files' # 434| else # 435| { # 436|-> part->xmid = bxbest; # 437| part->ymid = bxybest - bxbest; # 438| part->lo_minimal = false; Error: GCC_ANALYZER_WARNING (CWE-401): [#def21] diffutils-3.10/src/../lib/diffseq.h:500:15: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' diffutils-3.10/src/analyze.c:463:1: enter_function: entry to 'diff_2_files' diffutils-3.10/src/analyze.c:477:6: branch_false: following 'false' branch... diffutils-3.10/src/analyze.c:545:18: branch_false: ...to here diffutils-3.10/src/analyze.c:554:7: call_function: calling 'discard_confusing_lines' from 'diff_2_files' diffutils-3.10/src/analyze.c:554:7: return_function: returning to 'diff_2_files' from 'discard_confusing_lines' diffutils-3.10/src/analyze.c:581:7: call_function: calling 'compareseq' from 'diff_2_files' # 498| if (EARLY_ABORT (ctxt)) # 499| return true; # 500|-> yoff++; # 501| } # 502| break; Error: GCC_ANALYZER_WARNING (CWE-401): [#def22] diffutils-3.10/src/../lib/diffseq.h:511:15: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' diffutils-3.10/src/analyze.c:463:1: enter_function: entry to 'diff_2_files' diffutils-3.10/src/analyze.c:477:6: branch_false: following 'false' branch... diffutils-3.10/src/analyze.c:545:18: branch_false: ...to here diffutils-3.10/src/analyze.c:554:7: call_function: calling 'discard_confusing_lines' from 'diff_2_files' diffutils-3.10/src/analyze.c:554:7: return_function: returning to 'diff_2_files' from 'discard_confusing_lines' diffutils-3.10/src/analyze.c:581:7: call_function: calling 'compareseq' from 'diff_2_files' # 509| if (EARLY_ABORT (ctxt)) # 510| return true; # 511|-> xoff++; # 512| } # 513| break; Error: GCC_ANALYZER_WARNING (CWE-401): [#def23] diffutils-3.10/src/diff.c:436:25: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' diffutils-3.10/src/diff.c:325:10: branch_true: following 'true' branch (when 'c != -1')... diffutils-3.10/src/diff.c:327:7: branch_true: ...to here diffutils-3.10/src/diff.c:427:16: branch_false: following 'false' branch... diffutils-3.10/src/diff.c:428:20: branch_false: ...to here diffutils-3.10/src/diff.c:427:17: branch_false: following 'false' branch... diffutils-3.10/src/diff.c:432:23: branch_false: ...to here diffutils-3.10/src/diff.c:436:25: branch_true: following 'true' branch (when 'i != 104')... diffutils-3.10/src/diff.c:438:22: branch_true: ...to here diffutils-3.10/src/diff.c:436:25: branch_true: following 'true' branch (when 'i != 104')... diffutils-3.10/src/diff.c:438:22: branch_true: ...to here diffutils-3.10/src/diff.c:436:25: branch_true: following 'true' branch (when 'i != 104')... diffutils-3.10/src/diff.c:438:22: branch_true: ...to here diffutils-3.10/src/diff.c:436:25: branch_false: following 'false' branch (when 'i == 104')... branch_false: ...to here diffutils-3.10/src/diff.c:436:25: danger: '<unknown>' leaks here; was allocated at [(9)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/8) # 434| int changes = 0; # 435| # 436|-> for (i = 0; i < sizeof C_ifdef_group_formats; i++) # 437| { # 438| char ch = C_ifdef_group_formats[i]; Error: COMPILER_WARNING (CWE-9001): [#def24] diffutils-3.10/src/diff.h:406:1: warning[-Wattributes]: '[pure](https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html#index-pure-function-attribute)' attribute ignored # 404| extern char const change_letter[4]; # 405| extern char const pr_program[]; # 406|-> extern bool (*lines_differ) (char const *, size_t, char const *, size_t) ATTRIBUTE_PURE; # 407| extern bool lines_differ_singlebyte (char const *, size_t, char const *, size_t) ATTRIBUTE_PURE; # 408| #ifdef HANDLE_MULTIBYTE Error: COMPILER_WARNING (CWE-9001): [#def25] diffutils-3.10/src/analyze.c:21: included_from: Included from here. diffutils-3.10/src/diff.h:406:1: warning[-Wattributes]: 'pure' attribute ignored # 406 | extern bool (*lines_differ) (char const *, size_t, char const *, size_t) ATTRIBUTE_PURE; # | ^~~~~~ # 404| extern char const change_letter[4]; # 405| extern char const pr_program[]; # 406|-> extern bool (*lines_differ) (char const *, size_t, char const *, size_t) ATTRIBUTE_PURE; # 407| extern bool lines_differ_singlebyte (char const *, size_t, char const *, size_t) ATTRIBUTE_PURE; # 408| #ifdef HANDLE_MULTIBYTE Error: GCC_ANALYZER_WARNING (CWE-401): [#def26] diffutils-3.10/src/diff3.c:930:37: warning[-Wanalyzer-malloc-leak]: leak of 'create_diff3_block(low[0], high[0], low[1], high[1], lowc, highc)' diffutils-3.10/src/diff3.c:754:1: enter_function: entry to 'using_to_diff3_block' diffutils-3.10/src/diff3.c:773:15: branch_true: following 'true' branch (when 'd != 2')... diffutils-3.10/src/diff3.c:774:14: branch_true: ...to here diffutils-3.10/src/diff3.c:786:12: call_function: calling 'create_diff3_block' from 'using_to_diff3_block' diffutils-3.10/src/diff3.c:786:12: return_function: returning to 'using_to_diff3_block' from 'create_diff3_block' diffutils-3.10/src/diff3.c:791:15: branch_true: following 'true' branch (when 'd != 2')... diffutils-3.10/src/diff3.c:792:21: branch_true: ...to here diffutils-3.10/src/diff3.c:792:26: branch_true: following 'true' branch (when 'ptr' is non-NULL)... diffutils-3.10/src/diff3.c:794:29: branch_true: ...to here diffutils-3.10/src/diff3.c:930:37: danger: 'create_diff3_block(low[0], high[0], low[1], high[1], lowc, highc)' leaks here; was allocated at [(6)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/5) # 928| if (numlines) # 929| { # 930|-> D_LINEARRAY (result, FILE0) = xcalloc (numlines, sizeof (char *)); # 931| D_LENARRAY (result, FILE0) = xcalloc (numlines, sizeof (size_t)); # 932| } Error: GCC_ANALYZER_WARNING (CWE-457): [#def27] diffutils-3.10/src/dir.c:249:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'dirdata[i].nnames' diffutils-3.10/src/dir.c:212:1: enter_function: entry to 'diff_dirs' diffutils-3.10/src/dir.c:229:15: branch_true: following 'true' branch (when 'i != 2')... diffutils-3.10/src/dir.c:230:11: branch_true: ...to here diffutils-3.10/src/dir.c:230:11: call_function: calling 'dir_read' from 'diff_dirs' diffutils-3.10/src/dir.c:230:11: return_function: returning to 'diff_dirs' from 'dir_read' diffutils-3.10/src/dir.c:230:8: branch_false: following 'false' branch... diffutils-3.10/src/dir.c:232:27: branch_false: ...to here diffutils-3.10/src/dir.c:229:15: branch_true: following 'true' branch (when 'i != 2')... diffutils-3.10/src/dir.c:230:11: branch_true: ...to here diffutils-3.10/src/dir.c:230:11: call_function: calling 'dir_read' from 'diff_dirs' diffutils-3.10/src/dir.c:230:11: return_function: returning to 'diff_dirs' from 'dir_read' diffutils-3.10/src/dir.c:230:8: branch_false: following 'false' branch... diffutils-3.10/src/dir.c:232:27: branch_false: ...to here diffutils-3.10/src/dir.c:229:15: branch_false: following 'false' branch (when 'i == 2')... diffutils-3.10/src/dir.c:236:7: branch_false: ...to here diffutils-3.10/src/dir.c:236:6: branch_true: following 'true' branch... diffutils-3.10/src/dir.c:239:18: branch_true: ...to here diffutils-3.10/src/dir.c:244:10: branch_false: following 'false' branch... branch_false: ...to here diffutils-3.10/src/dir.c:248:19: branch_true: following 'true' branch (when 'i != 2')... diffutils-3.10/src/dir.c:249:9: branch_true: ...to here diffutils-3.10/src/dir.c:249:9: danger: use of uninitialized value 'dirdata[i].nnames' here # 247| /* Sort the directories. */ # 248| for (i = 0; i < 2; i++) # 249|-> qsort (names[i], dirdata[i].nnames, sizeof *dirdata[i].names, # 250| compare_names_for_qsort); # 251| Error: COMPILER_WARNING (CWE-457): [#def28] diffutils-3.10/src/sdiff.c: scope_hint: In function 'edit' diffutils-3.10/src/sdiff.c:964:13: warning[-Wmaybe-uninitialized]: 'cmd1' may be used uninitialized # 964 | switch (cmd1) # | ^~~~~~ diffutils-3.10/src/sdiff.c:867:11: note: 'cmd1' was declared here # 867 | int cmd1 IF_LINT (= 0); /* IF_LINT due to GCC bug 101770. */ # | ^~~~ # 962| perror_fatal (tmpname); # 963| # 964|-> switch (cmd1) # 965| { # 966| case 'd': Error: COMPILER_WARNING (CWE-457): [#def29] diffutils-3.10/src/util.c:1277:29: warning[-Wmaybe-uninitialized]: 'convfail1_bak' may be used uninitialized # 1277 | int convfail1, convfail2, convfail1_bak, convfail2_bak; # | ^~~~~~~~~~~~~ # 1275| size_t mblen1, mblen2; # 1276| mbstate_t state1, state2, state1_bak, state2_bak; # 1277|-> int convfail1, convfail2, convfail1_bak, convfail2_bak; # 1278| # 1279| char const *t1 = s1; Error: COMPILER_WARNING (CWE-457): [#def30] diffutils-3.10/src/util.c:1277:44: warning[-Wmaybe-uninitialized]: 'convfail2_bak' may be used uninitialized # 1277 | int convfail1, convfail2, convfail1_bak, convfail2_bak; # | ^~~~~~~~~~~~~ # 1275| size_t mblen1, mblen2; # 1276| mbstate_t state1, state2, state1_bak, state2_bak; # 1277|-> int convfail1, convfail2, convfail1_bak, convfail2_bak; # 1278| # 1279| char const *t1 = s1; Error: COMPILER_WARNING (CWE-457): [#def31] diffutils-3.10/src/util.c: scope_hint: In function 'lines_differ_multibyte' diffutils-3.10/src/util.c:1397:41: warning[-Wmaybe-uninitialized]: 'wc1_bak' may be used uninitialized # 1397 | !convfail1_bak && iswspace (wc1_bak)) # | ^~~~~~~~~~~~~~~~~~ diffutils-3.10/src/util.c:1274:21: note: 'wc1_bak' was declared here # 1274 | wchar_t wc1, wc2, wc1_bak, wc2_bak; # | ^~~~~~~ # 1395| if (wc2 == L' ' && wc1 != L'\n' && # 1396| t1 > s1 && # 1397|-> !convfail1_bak && iswspace (wc1_bak)) # 1398| { # 1399| t1 = t1_bak; Error: COMPILER_WARNING (CWE-457): [#def32] diffutils-3.10/src/util.c:1407:44: warning[-Wmaybe-uninitialized]: 'wc2_bak' may be used uninitialized # 1407 | && !convfail2_bak && iswspace (wc2_bak)) # | ^~~~~~~~~~~~~~~~~~ diffutils-3.10/src/util.c:1274:30: note: 'wc2_bak' was declared here # 1274 | wchar_t wc1, wc2, wc1_bak, wc2_bak; # | ^~~~~~~ # 1405| if (wc1 == L' ' && wc2 != L'\n' # 1406| && t2 > s2 # 1407|-> && !convfail2_bak && iswspace (wc2_bak)) # 1408| { # 1409| t2 = t2_bak;
| analyzer-version-clippy | 1.86.0 |
| analyzer-version-cppcheck | 2.17.1 |
| analyzer-version-gcc | 15.0.1 |
| analyzer-version-gcc-analyzer | 15.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.86.0 |
| diffbase-analyzer-version-cppcheck | 2.17.1 |
| diffbase-analyzer-version-gcc | 15.0.1 |
| diffbase-analyzer-version-gcc-analyzer | 15.0.1 |
| diffbase-analyzer-version-shellcheck | 0.10.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-220.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | diffutils-3.12-1.fc43 |
| diffbase-store-results-to | /tmp/tmpvpoilbq8/diffutils-3.12-1.fc43.tar.xz |
| diffbase-time-created | 2025-04-25 12:21:42 |
| diffbase-time-finished | 2025-04-25 12:24:14 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpvpoilbq8/diffutils-3.12-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpvpoilbq8/diffutils-3.12-1.fc43.src.rpm' |
| diffbase-tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-220.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | diffutils-3.10-9.fc42 |
| store-results-to | /tmp/tmpcxxtlyu4/diffutils-3.10-9.fc42.tar.xz |
| time-created | 2025-04-25 12:18:37 |
| time-finished | 2025-04-25 12:21:26 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpcxxtlyu4/diffutils-3.10-9.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpcxxtlyu4/diffutils-3.10-9.fc42.src.rpm' |
| tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |