Error: CPPCHECK_WARNING (CWE-476): [#def1] gst-editing-services-1.26.0/ges/ges-asset.c:1277: warning[nullPointer]: Possible null pointer dereference: asset # 1275| while (proxied) { # 1276| proxied = FALSE; # 1277|-> switch (asset->priv->state) { # 1278| case ASSET_INITIALIZED: # 1279| break; Error: CPPCHECK_WARNING (CWE-457): [#def2] gst-editing-services-1.26.0/ges/ges-effect.c:102: error[legacyUninitvar]: Uninitialized variable: real_id # 100| g_free (bin_desc); # 101| # 102|-> return real_id; # 103| } # 104| Error: CPPCHECK_WARNING (CWE-476): [#def3] gst-editing-services-1.26.0/ges/ges-multi-file-source.c:148: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: uri_data # 146| uri_data = malloc (sizeof (GESMultiFileURI)); # 147| # 148|-> uri_data->start = 0; # 149| uri_data->end = -1; # 150| Error: CPPCHECK_WARNING (CWE-476): [#def4] gst-editing-services-1.26.0/ges/ges-multi-file-source.c:149: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: uri_data # 147| # 148| uri_data->start = 0; # 149|-> uri_data->end = -1; # 150| # 151| at = strchr (uri, '@'); Error: CPPCHECK_WARNING (CWE-476): [#def5] gst-editing-services-1.26.0/ges/ges-pitivi-formatter.c:630: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: prio # 628| gint *prio = malloc (sizeof (gint)); # 629| # 630|-> *prio = 0; # 631| layer = ges_layer_new (); # 632| g_object_set (layer, "auto-transition", TRUE, NULL); Error: CPPCHECK_WARNING (CWE-457): [#def6] gst-editing-services-1.26.0/ges/ges-structured-interface.c:658: error[legacyUninitvar]: Uninitialized variable: *&pattern # 656| GET_AND_CHECK ("asset-id", G_TYPE_STRING, &check_asset_id, beach); # 657| # 658|-> TRY_GET_STRING ("pattern", &pattern, NULL); # 659| TRY_GET_STRING ("text", &text, NULL); # 660| TRY_GET_STRING ("name", &name, NULL); Error: CPPCHECK_WARNING (CWE-457): [#def7] gst-editing-services-1.26.0/ges/ges-structured-interface.c:659: error[legacyUninitvar]: Uninitialized variable: *&text # 657| # 658| TRY_GET_STRING ("pattern", &pattern, NULL); # 659|-> TRY_GET_STRING ("text", &text, NULL); # 660| TRY_GET_STRING ("name", &name, NULL); # 661| TRY_GET ("layer-priority", G_TYPE_INT, &layer_priority, -1); Error: CPPCHECK_WARNING (CWE-457): [#def8] gst-editing-services-1.26.0/ges/ges-structured-interface.c:660: error[legacyUninitvar]: Uninitialized variable: *&name # 658| TRY_GET_STRING ("pattern", &pattern, NULL); # 659| TRY_GET_STRING ("text", &text, NULL); # 660|-> TRY_GET_STRING ("name", &name, NULL); # 661| TRY_GET ("layer-priority", G_TYPE_INT, &layer_priority, -1); # 662| if (layer_priority == -1) Error: CPPCHECK_WARNING (CWE-457): [#def9] gst-editing-services-1.26.0/ges/ges-structured-interface.c:664: error[legacyUninitvar]: Uninitialized variable: *&type_string # 662| if (layer_priority == -1) # 663| TRY_GET ("layer", G_TYPE_INT, &layer_priority, -1); # 664|-> TRY_GET_STRING ("type", &type_string, "GESUriClip"); # 665| TRY_GET_TIME ("start", &start, &start_frame, GST_CLOCK_TIME_NONE); # 666| TRY_GET_TIME ("inpoint", &inpoint, &inpoint_frame, 0); Error: CPPCHECK_WARNING (CWE-457): [#def10] gst-editing-services-1.26.0/ges/ges-structured-interface.c:668: error[legacyUninitvar]: Uninitialized variable: *&track_types_str # 666| TRY_GET_TIME ("inpoint", &inpoint, &inpoint_frame, 0); # 667| TRY_GET_TIME ("duration", &duration, &duration_frame, GST_CLOCK_TIME_NONE); # 668|-> TRY_GET_STRING ("track-types", &track_types_str, NULL); # 669| TRY_GET_STRING ("project-uri", &nested_timeline_id, NULL); # 670| Error: CPPCHECK_WARNING (CWE-457): [#def11] gst-editing-services-1.26.0/ges/ges-structured-interface.c:669: error[legacyUninitvar]: Uninitialized variable: *&nested_timeline_id # 667| TRY_GET_TIME ("duration", &duration, &duration_frame, GST_CLOCK_TIME_NONE); # 668| TRY_GET_STRING ("track-types", &track_types_str, NULL); # 669|-> TRY_GET_STRING ("project-uri", &nested_timeline_id, NULL); # 670| # 671| if (track_types_str) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def12] gst-editing-services-1.26.0/redhat-linux-build/../ges/ges-discoverer-manager.c:476:7: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ gst-editing-services-1.26.0/redhat-linux-build/../ges/ges-discoverer-manager.c:465:1: enter_function: entry to ‘ges_discoverer_manager_start_discovery’ gst-editing-services-1.26.0/redhat-linux-build/../ges/ges-discoverer-manager.c:470:3: branch_true: following ‘true’ branch (when ‘uri’ is non-NULL)... gst-editing-services-1.26.0/redhat-linux-build/../ges/ges-discoverer-manager.c:472:16: branch_true: ...to here gst-editing-services-1.26.0/redhat-linux-build/../ges/ges-discoverer-manager.c:472:16: call_function: calling ‘ges_discoverer_manager_get_discoverer’ from ‘ges_discoverer_manager_start_discovery’ gst-editing-services-1.26.0/redhat-linux-build/../ges/ges-discoverer-manager.c:472:16: return_function: returning to ‘ges_discoverer_manager_start_discovery’ from ‘ges_discoverer_manager_get_discoverer’ gst-editing-services-1.26.0/redhat-linux-build/../ges/ges-discoverer-manager.c:476:7: danger: dereference of NULL ‘ges_discoverer_manager_get_discoverer(self)’ # 474| g_rec_mutex_lock (&self->lock); # 475| gboolean res = # 476|-> gst_discoverer_discover_uri_async (disco_data->discoverer, uri); # 477| disco_data->n_uri++; # 478| g_hash_table_insert (self->discoverers, g_thread_self (), disco_data); Error: COMPILER_WARNING: [#def13] gst-editing-services-1.26.0/redhat-linux-build/../ges/ges-formatter.c:44:10: warning[fatal error]: Python.h: No such file or directory # 42| # 43| #ifdef HAS_PYTHON # 44|-> #include <Python.h> # 45| #include "ges-resources.h" # 46| Error: GCC_ANALYZER_WARNING (CWE-476): [#def14] gst-editing-services-1.26.0/redhat-linux-build/../ges/ges-multi-file-source.c:148:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘uri_data’ gst-editing-services-1.26.0/redhat-linux-build/../ges/ges-multi-file-source.c:146:14: acquire_memory: this call could return NULL gst-editing-services-1.26.0/redhat-linux-build/../ges/ges-multi-file-source.c:148:3: danger: ‘uri_data’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 146| uri_data = malloc (sizeof (GESMultiFileURI)); # 147| # 148|-> uri_data->start = 0; # 149| uri_data->end = -1; # 150| Error: GCC_ANALYZER_WARNING (CWE-476): [#def15] gst-editing-services-1.26.0/redhat-linux-build/../ges/ges-pitivi-formatter.c:630:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘prio’ gst-editing-services-1.26.0/redhat-linux-build/../ges/ges-pitivi-formatter.c:628:16: acquire_memory: this call could return NULL gst-editing-services-1.26.0/redhat-linux-build/../ges/ges-pitivi-formatter.c:630:3: danger: ‘prio’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 628| gint *prio = malloc (sizeof (gint)); # 629| # 630|-> *prio = 0; # 631| layer = ges_layer_new (); # 632| g_object_set (layer, "auto-transition", TRUE, NULL); Error: GCC_ANALYZER_WARNING (CWE-401): [#def16] gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1565:12: warning[-Wanalyzer-malloc-leak]: leak of ‘malloc(64)’ gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1551:21: enter_function: entry to ‘priv_ges_parse_yy_create_buffer’ gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1555:24: call_function: inlined call to ‘priv_ges_parse_yyalloc’ from ‘priv_ges_parse_yy_create_buffer’ gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1556:12: branch_false: following ‘false’ branch... gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1559:2: branch_false: ...to here gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1565:12: danger: ‘malloc(64)’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2) # 1563| * we need to put in 2 end-of-buffer characters. # 1564| */ # 1565|-> b->yy_ch_buf = (char *) yyalloc( (yy_size_t) (b->yy_buf_size + 2) , yyscanner ); # 1566| if ( ! b->yy_ch_buf ) # 1567| YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); Error: GCC_ANALYZER_WARNING (CWE-476): [#def17] gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1607:2: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘b’ gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1486:10: enter_function: entry to ‘priv_ges_parse_yyrestart’ gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1491:16: call_function: calling ‘priv_ges_parse_yyensure_buffer_stack’ from ‘priv_ges_parse_yyrestart’ gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1491:16: return_function: returning to ‘priv_ges_parse_yyrestart’ from ‘priv_ges_parse_yyensure_buffer_stack’ gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1493:27: call_function: calling ‘priv_ges_parse_yy_create_buffer’ from ‘priv_ges_parse_yyrestart’ gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1493:27: return_function: returning to ‘priv_ges_parse_yyrestart’ from ‘priv_ges_parse_yy_create_buffer’ gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1496:2: branch_false: following ‘false’ branch... gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1496:2: branch_false: ...to here gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1496:2: call_function: calling ‘priv_ges_parse_yy_init_buffer’ from ‘priv_ges_parse_yyrestart’ # 1605| # 1606| yy_flush_buffer( b , yyscanner); # 1607|-> # 1608| b->yy_input_file = file; # 1609| b->yy_fill_buffer = 1; Error: GCC_ANALYZER_WARNING (CWE-401): [#def18] gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1825:25: warning[-Wanalyzer-malloc-leak]: leak of ‘malloc(n)’ gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1809:17: enter_function: entry to ‘priv_ges_parse_yy_scan_bytes’ gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1818:24: call_function: inlined call to ‘priv_ges_parse_yyalloc’ from ‘priv_ges_parse_yy_scan_bytes’ gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1819:12: branch_false: following ‘false’ branch... branch_false: ...to here gst-editing-services-1.26.0/redhat-linux-build/ges/lex.priv_ges_parse_yy.c:1827:6: call_function: calling ‘priv_ges_parse_yy_scan_buffer’ from ‘priv_ges_parse_yy_scan_bytes’ # 1823| for ( i = 0; i < _yybytes_len; ++i ) # 1824| buf[i] = yybytes[i]; # 1825|-> # 1826| buf[_yybytes_len] = buf[_yybytes_len+1] = YY_END_OF_BUFFER_CHAR; # 1827|
| analyzer-version-clippy | 1.86.0 |
| analyzer-version-cppcheck | 2.17.1 |
| analyzer-version-gcc | 15.0.1 |
| analyzer-version-gcc-analyzer | 15.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-130.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | gst-editing-services-1.26.0-1.fc43 |
| store-results-to | /tmp/tmp2l2_v04b/gst-editing-services-1.26.0-1.fc43.tar.xz |
| time-created | 2025-04-25 12:59:18 |
| time-finished | 2025-04-25 13:02:18 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmp2l2_v04b/gst-editing-services-1.26.0-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp2l2_v04b/gst-editing-services-1.26.0-1.fc43.src.rpm' |
| tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |