inotify-tools-4.23.9.0-4.fc43

List of Findings

Error: COMPILER_WARNING (CWE-195): [#def1]
inotify-tools-4.23.9.0/libinotifytools/src/inotifytools.cpp:17: included_from: Included from here.
inotify-tools-4.23.9.0/libinotifytools/src/inotifytools.cpp: scope_hint: In function 'int inotifytools_str_to_event_sep(const char*, char)'
inotify-tools-4.23.9.0/libinotifytools/src/inotifytools.cpp:546:40: warning[-Wsign-compare]: comparison of integer expressions of different signedness: 'long int' and 'const size_t' {aka 'const long unsigned int'}
#  546 |                         niceassert(len < eventstr_size,
inotify-tools-4.23.9.0/libinotifytools/src/inotifytools_p.h:23:49: note: in definition of macro 'niceassert'
#   23 | #define niceassert(cond,mesg) _niceassert((long)cond, __LINE__, __FILE__, \
#      |                                                 ^~~~
#  544|   		if (event2) {
#  545|   			len = event2 - event1;
#  546|-> 			niceassert(len < eventstr_size,
#  547|   				   "malformed event string (very long)");
#  548|   		} else {

Error: COMPILER_WARNING (CWE-195): [#def2]
inotify-tools-4.23.9.0/libinotifytools/src/inotifytools.cpp:551:25: warning[-Wsign-compare]: comparison of integer expressions of different signedness: 'int' and 'long unsigned int'
#  551 |                 if (len > eventstr_size - 1)
#      |                     ~~~~^~~~~~~~~~~~~~~~~~~
#  549|   			len = strlen(event1);
#  550|   		}
#  551|-> 		if (len > eventstr_size - 1)
#  552|   			len = eventstr_size - 1;
#  553|   

Error: COMPILER_WARNING (CWE-195): [#def3]
inotify-tools-4.23.9.0/libinotifytools/src/inotifytools.cpp: scope_hint: In function 'inotify_event* inotifytools_next_events(long int, int)'
inotify-tools-4.23.9.0/libinotifytools/src/inotifytools.cpp:1524:58: warning[-Wsign-compare]: comparison of integer expressions of different signedness: 'long unsigned int' and 'ssize_t' {aka 'long int'}
# 1524 |                     first_byte + sizeof(*ret) + ret->len > bytes) {
#      |                     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~
# 1522|   		ret = (struct inotify_event*)((char*)&event[0] + first_byte);
# 1523|   		if (!fanotify_mode &&
# 1524|-> 		    first_byte + sizeof(*ret) + ret->len > bytes) {
# 1525|   			// oh... no.  this can't be happening.  An incomplete
# 1526|   			// event. Copy what we currently have into first

Scan Properties

analyzer-version-clippy	1.86.0
analyzer-version-cppcheck	2.17.1
analyzer-version-gcc	15.0.1
analyzer-version-gcc-analyzer	15.0.1
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-242.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	inotify-tools-4.23.9.0-4.fc43
store-results-to	/tmp/tmpn3sr8kde/inotify-tools-4.23.9.0-4.fc43.tar.xz
time-created	2025-04-25 13:06:24
time-finished	2025-04-25 13:07:46
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpn3sr8kde/inotify-tools-4.23.9.0-4.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpn3sr8kde/inotify-tools-4.23.9.0-4.fc43.src.rpm'
tool-version	csmock-3.8.1.20250422.172604.g26bc3d6-1.el9