Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] grep-3.11/gnulib-tests/localename.c:2716:10: warning[-Wanalyzer-malloc-leak]: leak of 'new_node' grep-3.11/gnulib-tests/localename.c:2690:5: acquire_memory: allocated here grep-3.11/gnulib-tests/localename.c:2691:6: branch_false: following 'false' branch (when 'new_node' is non-NULL)... grep-3.11/gnulib-tests/localename.c:2694:11: branch_false: ...to here grep-3.11/gnulib-tests/localename.c:2716:10: danger: 'new_node' leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 2714| if (mt) gl_lock_unlock (struniq_lock); # 2715| } # 2716|-> return new_node->contents; # 2717| } # 2718| Error: CPPCHECK_WARNING (CWE-758): [#def2] grep-3.11/lib/malloc/dynarray_emplace_enlarge.c:59: error[shiftTooManyBitsSigned]: Shifting signed 64-bit value by 63 bits is undefined behaviour # 57| # 58| size_t new_size; # 59|-> if (INT_MULTIPLY_WRAPV (new_allocated, element_size, &new_size)) # 60| return false; # 61| void *new_array; Error: CPPCHECK_WARNING (CWE-758): [#def3] grep-3.11/lib/malloc/dynarray_resize.c:45: error[shiftTooManyBitsSigned]: Shifting signed 64-bit value by 63 bits is undefined behaviour # 43| # 44| size_t new_size_bytes; # 45|-> if (INT_MULTIPLY_WRAPV (size, element_size, &new_size_bytes)) # 46| { # 47| /* Overflow. */ Error: CPPCHECK_WARNING (CWE-682): [#def4] grep-3.11/lib/obstack.c:138: error[nullPointerArithmetic]: Pointer addition with NULL pointer. # 136| if (!chunk) # 137| (*obstack_alloc_failed_handler) (); # 138|-> h->next_free = h->object_base = __PTR_ALIGN ((char *) chunk, chunk->contents, # 139| alignment - 1); # 140| h->chunk_limit = chunk->limit = (char *) chunk + h->chunk_size; Error: CPPCHECK_WARNING (CWE-682): [#def5] grep-3.11/lib/obstack.c:208: error[nullPointerArithmetic]: Pointer addition with NULL pointer. # 206| /* Compute an aligned object_base in the new chunk */ # 207| object_base = # 208|-> __PTR_ALIGN ((char *) new_chunk, new_chunk->contents, h->alignment_mask); # 209| # 210| /* Move the existing object to the new chunk. */ Error: CPPCHECK_WARNING (CWE-682): [#def6] grep-3.11/lib/obstack.c:218: error[nullPointerArithmetic]: Pointer addition with NULL pointer. # 216| if (!h->maybe_empty_object # 217| && (h->object_base # 218|-> == __PTR_ALIGN ((char *) old_chunk, old_chunk->contents, # 219| h->alignment_mask))) # 220| { Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] grep-3.11/lib/propername.c:59:10: warning[-Wanalyzer-malloc-leak]: leak of 'trim2(sub, 2)' grep-3.11/lib/propername.c:187:1: enter_function: entry to 'proper_name_utf8' grep-3.11/lib/propername.c:200:6: branch_false: following 'false' branch... grep-3.11/lib/propername.c:247:10: branch_false: ...to here grep-3.11/lib/propername.c:254:6: branch_true: following 'true' branch (when the strings are non-equal)... grep-3.11/lib/propername.c:257:11: branch_true: ...to here grep-3.11/lib/propername.c:257:11: call_function: calling 'mbsstr_trimmed_wordbounded' from 'proper_name_utf8' # 57| bool found = false; # 58| # 59|-> for (; *string != '\0';) # 60| { # 61| const char *tsub_in_string = mbsstr (string, tsub); Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] grep-3.11/lib/striconv.c:299:31: warning[-Wanalyzer-malloc-leak]: leak of 'str_cd_iconv(src, iconv_open(to_codeset, from_codeset))' grep-3.11/lib/striconv.c:393:1: enter_function: entry to 'str_iconv' grep-3.11/lib/striconv.c:395:6: branch_false: following 'false' branch... grep-3.11/lib/striconv.c:420:10: branch_false: following 'false' branch... grep-3.11/lib/striconv.c:423:16: branch_false: ...to here grep-3.11/lib/striconv.c:423:16: acquire_memory: allocated here grep-3.11/lib/striconv.c:423:16: call_function: calling 'str_cd_iconv' from 'str_iconv' # 297| else if (errno == E2BIG) # 298| { # 299|-> size_t used = outptr - result; # 300| size_t newsize = result_size * 2; # 301| char *newresult; Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] grep-3.11/lib/striconv.c:338:31: warning[-Wanalyzer-malloc-leak]: leak of 'str_cd_iconv(src, iconv_open(to_codeset, from_codeset))' grep-3.11/lib/striconv.c:393:1: enter_function: entry to 'str_iconv' grep-3.11/lib/striconv.c:395:6: branch_false: following 'false' branch... grep-3.11/lib/striconv.c:420:10: branch_false: following 'false' branch... grep-3.11/lib/striconv.c:423:16: branch_false: ...to here grep-3.11/lib/striconv.c:423:16: acquire_memory: allocated here grep-3.11/lib/striconv.c:423:16: call_function: calling 'str_cd_iconv' from 'str_iconv' # 336| if (errno == E2BIG) # 337| { # 338|-> size_t used = outptr - result; # 339| size_t newsize = result_size * 2; # 340| char *newresult; Error: GCC_ANALYZER_WARNING (CWE-401): [#def10] grep-3.11/lib/striconv.c:367:6: warning[-Wanalyzer-malloc-leak]: leak of 'str_cd_iconv(src, iconv_open(to_codeset, from_codeset))' grep-3.11/lib/striconv.c:393:1: enter_function: entry to 'str_iconv' grep-3.11/lib/striconv.c:395:6: branch_false: following 'false' branch... grep-3.11/lib/striconv.c:420:10: branch_false: following 'false' branch... grep-3.11/lib/striconv.c:423:16: branch_false: ...to here grep-3.11/lib/striconv.c:423:16: acquire_memory: allocated here grep-3.11/lib/striconv.c:423:16: call_function: calling 'str_cd_iconv' from 'str_iconv' # 365| # 366| /* Add the terminating NUL byte. */ # 367|-> *outptr++ = '\0'; # 368| # 369| length = outptr - result; Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] grep-3.11/lib/striconv.c:420:10: warning[-Wanalyzer-malloc-leak]: leak of 'iconv_open(to_codeset, from_codeset)' grep-3.11/lib/striconv.c:395:6: branch_false: following 'false' branch... grep-3.11/lib/striconv.c:419:12: acquire_memory: allocated here grep-3.11/lib/striconv.c:420:10: danger: 'iconv_open(to_codeset, from_codeset)' leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2) # 418| # endif # 419| cd = iconv_open (to_codeset, from_codeset); # 420|-> if (cd == (iconv_t) -1) # 421| return NULL; # 422| Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] grep-3.11/lib/xmalloc.c:45:10: warning[-Wanalyzer-malloc-leak]: leak of 'xmalloc(n)' grep-3.11/lib/xmalloc.c:55:1: enter_function: entry to 'xcharalloc' grep-3.11/lib/xmalloc.c:57:10: call_function: calling 'xmalloc' from 'xcharalloc' # 43| xmalloc (size_t s) # 44| { # 45|-> return nonnull (malloc (s)); # 46| } # 47| Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] grep-3.11/lib/xmalloc.c:45:10: warning[-Wanalyzer-malloc-leak]: leak of 'xmalloc(s)' grep-3.11/lib/xmalloc.c:312:1: enter_function: entry to 'xmemdup' grep-3.11/lib/xmalloc.c:314:18: call_function: calling 'xmalloc' from 'xmemdup' # 43| xmalloc (size_t s) # 44| { # 45|-> return nonnull (malloc (s)); # 46| } # 47| Error: GCC_ANALYZER_WARNING (CWE-401): [#def14] grep-3.11/lib/xmalloc.c:298:10: warning[-Wanalyzer-malloc-leak]: leak of 'xcalloc(s, 1)' grep-3.11/lib/xmalloc.c:281:1: enter_function: entry to 'xzalloc' grep-3.11/lib/xmalloc.c:283:10: call_function: calling 'xcalloc' from 'xzalloc' # 296| xcalloc (size_t n, size_t s) # 297| { # 298|-> return nonnull (calloc (n, s)); # 299| } # 300| Error: CPPCHECK_WARNING (CWE-758): [#def15] grep-3.11/lib/xstrtol.c:54: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 52| { # 53| __strtol_t scaled; # 54|-> if (INT_MULTIPLY_WRAPV (*x, scale_factor, &scaled)) # 55| { # 56| *x = *x < 0 ? TYPE_MINIMUM (__strtol_t) : TYPE_MAXIMUM (__strtol_t); Error: CPPCHECK_WARNING (CWE-682): [#def16] grep-3.11/src/kwset.c:137: error[nullPointerArithmetic]: Pointer addition with NULL pointer. # 135| obstack_init (&kwset->obstack); # 136| kwset->words = 0; # 137|-> kwset->trie = obstack_alloc (&kwset->obstack, sizeof *kwset->trie); # 138| kwset->trie->accepting = 0; # 139| kwset->trie->links = NULL; Error: CPPCHECK_WARNING (CWE-682): [#def17] grep-3.11/src/kwset.c:200: error[nullPointerArithmetic]: Pointer addition with NULL pointer. # 198| if (!cur) # 199| { # 200|-> cur = obstack_alloc (&kwset->obstack, sizeof *cur); # 201| cur->llink = NULL; # 202| cur->rlink = NULL; Error: CPPCHECK_WARNING (CWE-682): [#def18] grep-3.11/src/kwset.c:203: error[nullPointerArithmetic]: Pointer addition with NULL pointer. # 201| cur->llink = NULL; # 202| cur->rlink = NULL; # 203|-> cur->trie = obstack_alloc (&kwset->obstack, sizeof *cur->trie); # 204| cur->trie->accepting = 0; # 205| cur->trie->links = NULL; Error: CPPCHECK_WARNING (CWE-682): [#def19] grep-3.11/src/kwset.c:423: error[nullPointerArithmetic]: Pointer addition with NULL pointer. # 421| # 422| /* Looking for just one string. Extract it from the trie. */ # 423|-> kwset->target = obstack_alloc (&kwset->obstack, kwset->mind); # 424| curr = kwset->trie; # 425| for (idx_t i = 0; i < kwset->mind; i++) Error: CPPCHECK_WARNING (CWE-682): [#def20] grep-3.11/src/kwset.c:533: error[nullPointerArithmetic]: Pointer addition with NULL pointer. # 531| { # 532| /* Looking for just one string. Extract it from the trie. */ # 533|-> kwset->target = obstack_alloc (&kwset->obstack, kwset->mind); # 534| curr = kwset->trie; # 535| for (idx_t i = kwset->mind; 0 < i; i--) Error: CPPCHECK_WARNING (CWE-682): [#def21] grep-3.11/src/kwset.c:546: error[nullPointerArithmetic]: Pointer addition with NULL pointer. # 544| backwards match has failed. Extract it from the trie. */ # 545| kwset->shift # 546|-> = obstack_alloc (&kwset->obstack, # 547| sizeof *kwset->shift * (kwset->mind - 1)); # 548| curr = kwset->trie->next;
| analyzer-version-clippy | 1.86.0 |
| analyzer-version-cppcheck | 2.17.1 |
| analyzer-version-gcc | 15.0.1 |
| analyzer-version-gcc-analyzer | 15.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.86.0 |
| diffbase-analyzer-version-cppcheck | 2.17.1 |
| diffbase-analyzer-version-gcc | 15.0.1 |
| diffbase-analyzer-version-gcc-analyzer | 15.0.1 |
| diffbase-analyzer-version-shellcheck | 0.10.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-181.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | grep-3.12-1.fc43 |
| diffbase-store-results-to | /tmp/tmp02knx2vg/grep-3.12-1.fc43.tar.xz |
| diffbase-time-created | 2025-04-25 12:52:04 |
| diffbase-time-finished | 2025-04-25 12:54:12 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmp02knx2vg/grep-3.12-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp02knx2vg/grep-3.12-1.fc43.src.rpm' |
| diffbase-tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-181.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | grep-3.11-10.fc42 |
| store-results-to | /tmp/tmpwj39k_nj/grep-3.11-10.fc42.tar.xz |
| time-created | 2025-04-25 12:48:58 |
| time-finished | 2025-04-25 12:51:55 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpwj39k_nj/grep-3.11-10.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpwj39k_nj/grep-3.11-10.fc42.src.rpm' |
| tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |