Error: CPPCHECK_WARNING (CWE-570): [#def1] iw-6.9/event.c:322: error[subtractPointers]: Subtracting pointers that point to different objects # 320| printf("vendor event %.6x:%d", vendor_id, subcmd); # 321| # 322|-> for (i = 0; i < &__stop_vendor_event - __start_vendor_event; i++) { # 323| struct vendor_event *ev = __start_vendor_event[i]; # 324| Error: GCC_ANALYZER_WARNING (CWE-469): [#def2] iw-6.9/event.c:322:46: warning[-Wanalyzer-undefined-behavior-ptrdiff]: undefined behavior when subtracting pointers iw-6.9/event.c:913:12: enter_function: entry to ‘print_event’ iw-6.9/event.c:1225:17: call_function: calling ‘parse_vendor_event’ from ‘print_event’ # 320| printf("vendor event %.6x:%d", vendor_id, subcmd); # 321| # 322|-> for (i = 0; i < &__stop_vendor_event - __start_vendor_event; i++) { # 323| struct vendor_event *ev = __start_vendor_event[i]; # 324| Error: CPPCHECK_WARNING (CWE-758): [#def3] iw-6.9/info.c:632: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour # 630| printf(", radar detect widths: {"); # 631| for (width = 0; width < 32; width++) # 632|-> if (widths & (1 << width)) { # 633| printf("%s %s", # 634| first ? "":",", Error: CPPCHECK_WARNING (CWE-570): [#def4] iw-6.9/iw.c:207: error[subtractPointers]: Subtracting pointers that point to different objects # 205| printf("\t--version\tshow version (%s)\n", iw_version); # 206| printf("Commands:\n"); # 207|-> for_each_cmd(section, i) { # 208| if (section->parent) # 209| continue; Error: GCC_ANALYZER_WARNING (CWE-469): [#def5] iw-6.9/iw.c:207:9: warning[-Wanalyzer-undefined-behavior-ptrdiff]: undefined behavior when subtracting pointers iw-6.9/iw.c:577:5: enter_function: entry to ‘main’ iw-6.9/iw.c:602:17: call_function: calling ‘usage’ from ‘main’ # 205| printf("\t--version\tshow version (%s)\n", iw_version); # 206| printf("Commands:\n"); # 207|-> for_each_cmd(section, i) { # 208| if (section->parent) # 209| continue; Error: CPPCHECK_WARNING (CWE-570): [#def6] iw-6.9/iw.c:217: error[subtractPointers]: Subtracting pointers that point to different objects # 215| __usage_cmd(section, "\t", full); # 216| # 217|-> for_each_cmd(cmd, j) { # 218| if (section != cmd->parent) # 219| continue; Error: CPPCHECK_WARNING (CWE-570): [#def7] iw-6.9/iw.c:418: error[subtractPointers]: Subtracting pointers that point to different objects # 416| argv++; # 417| # 418|-> for_each_cmd(sectcmd, i) { # 419| if (sectcmd->parent) # 420| continue; Error: GCC_ANALYZER_WARNING (CWE-469): [#def8] iw-6.9/iw.c:418:9: warning[-Wanalyzer-undefined-behavior-ptrdiff]: undefined behavior when subtracting pointers iw-6.9/iw.c:577:5: enter_function: entry to ‘main’ iw-6.9/iw.c:595:13: branch_false: following ‘false’ branch (when the strings are non-equal)... iw-6.9/iw.c:601:12: branch_false: ...to here iw-6.9/iw.c:601:12: branch_false: following ‘false’ branch... iw-6.9/iw.c:607:12: branch_false: following ‘false’ branch... iw-6.9/iw.c:610:13: branch_false: ...to here iw-6.9/iw.c:610:12: branch_true: following ‘true’ branch... iw-6.9/iw.c:613:23: call_function: calling ‘__handle_cmd’ from ‘main’ # 416| argv++; # 417| # 418|-> for_each_cmd(sectcmd, i) { # 419| if (sectcmd->parent) # 420| continue; Error: CPPCHECK_WARNING (CWE-570): [#def9] iw-6.9/iw.c:436: error[subtractPointers]: Subtracting pointers that point to different objects # 434| command = *argv; # 435| # 436|-> for_each_cmd(cmd, i) { # 437| if (!cmd->handler) # 438| continue; Error: GCC_ANALYZER_WARNING (CWE-775): [#def10] iw-6.9/measurements.c:240:28: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(file, "r")’ iw-6.9/measurements.c:232:17: acquire_resource: opened here iw-6.9/measurements.c:233:12: branch_false: following ‘false’ branch... branch_false: ...to here iw-6.9/measurements.c:240:28: danger: ‘fopen(file, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 238| } # 239| # 240|-> for (line_num = 1; fgets(line, sizeof(line), input); line_num++) { # 241| if (line[0] == '#') # 242| continue; Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] iw-6.9/measurements.c:240:28: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(file, "r")’ iw-6.9/measurements.c:232:17: acquire_memory: allocated here iw-6.9/measurements.c:233:12: branch_false: following ‘false’ branch... branch_false: ...to here iw-6.9/measurements.c:240:28: danger: ‘fopen(file, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 238| } # 239| # 240|-> for (line_num = 1; fgets(line, sizeof(line), input); line_num++) { # 241| if (line[0] == '#') # 242| continue; Error: GCC_ANALYZER_WARNING (CWE-775): [#def12] iw-6.9/measurements.c:241:21: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(file, "r")’ iw-6.9/measurements.c:289:12: enter_function: entry to ‘handle_ftm_req_send’ iw-6.9/measurements.c:296:12: branch_false: following ‘false’ branch (when ‘argc > 0’)... iw-6.9/measurements.c:299:9: branch_false: ...to here iw-6.9/measurements.c:324:12: branch_false: following ‘false’ branch... iw-6.9/measurements.c:326:17: branch_false: ...to here iw-6.9/measurements.c:327:12: branch_false: following ‘false’ branch... iw-6.9/measurements.c:330:15: branch_false: ...to here iw-6.9/measurements.c:330:15: call_function: calling ‘parse_ftm_config’ from ‘handle_ftm_req_send’ # 239| # 240| for (line_num = 1; fgets(line, sizeof(line), input); line_num++) { # 241|-> if (line[0] == '#') # 242| continue; # 243| Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] iw-6.9/measurements.c:241:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(file, "r")’ iw-6.9/measurements.c:289:12: enter_function: entry to ‘handle_ftm_req_send’ iw-6.9/measurements.c:296:12: branch_false: following ‘false’ branch (when ‘argc > 0’)... iw-6.9/measurements.c:299:9: branch_false: ...to here iw-6.9/measurements.c:324:12: branch_false: following ‘false’ branch... iw-6.9/measurements.c:326:17: branch_false: ...to here iw-6.9/measurements.c:327:12: branch_false: following ‘false’ branch... iw-6.9/measurements.c:330:15: branch_false: ...to here iw-6.9/measurements.c:330:15: call_function: calling ‘parse_ftm_config’ from ‘handle_ftm_req_send’ # 239| # 240| for (line_num = 1; fgets(line, sizeof(line), input); line_num++) { # 241|-> if (line[0] == '#') # 242| continue; # 243| Error: CPPCHECK_WARNING (CWE-476): [#def14] iw-6.9/measurements.c:269: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: req_argv # 267| # 268| req_argv = calloc(argc + 1, sizeof(req_argv[0])); # 269|-> req_argv[0] = argv[0]; # 270| req_argv[1] = "measurement"; # 271| req_argv[2] = "ftm_request_send"; Error: GCC_ANALYZER_WARNING (CWE-476): [#def15] iw-6.9/measurements.c:269:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘req_argv’ iw-6.9/measurements.c:268:20: acquire_memory: this call could return NULL iw-6.9/measurements.c:269:9: danger: ‘calloc((long unsigned int)(argc + 1), 8)’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0) # 267| # 268| req_argv = calloc(argc + 1, sizeof(req_argv[0])); # 269|-> req_argv[0] = argv[0]; # 270| req_argv[1] = "measurement"; # 271| req_argv[2] = "ftm_request_send"; Error: CPPCHECK_WARNING (CWE-476): [#def16] iw-6.9/measurements.c:270: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: req_argv # 268| req_argv = calloc(argc + 1, sizeof(req_argv[0])); # 269| req_argv[0] = argv[0]; # 270|-> req_argv[1] = "measurement"; # 271| req_argv[2] = "ftm_request_send"; # 272| for (i = 3; i < argc; i++) Error: CPPCHECK_WARNING (CWE-476): [#def17] iw-6.9/measurements.c:271: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: req_argv # 269| req_argv[0] = argv[0]; # 270| req_argv[1] = "measurement"; # 271|-> req_argv[2] = "ftm_request_send"; # 272| for (i = 3; i < argc; i++) # 273| req_argv[i] = argv[i]; Error: CPPCHECK_WARNING (CWE-476): [#def18] iw-6.9/measurements.c:273: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: req_argv # 271| req_argv[2] = "ftm_request_send"; # 272| for (i = 3; i < argc; i++) # 273|-> req_argv[i] = argv[i]; # 274| # 275| err = handle_cmd(state, id, argc, req_argv);
| analyzer-version-clippy | 1.86.0 |
| analyzer-version-cppcheck | 2.17.1 |
| analyzer-version-gcc | 15.0.1 |
| analyzer-version-gcc-analyzer | 15.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-19.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | iw-6.9-3.fc43 |
| store-results-to | /tmp/tmprq469i_l/iw-6.9-3.fc43.tar.xz |
| time-created | 2025-04-25 13:06:06 |
| time-finished | 2025-04-25 13:07:20 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmprq469i_l/iw-6.9-3.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmprq469i_l/iw-6.9-3.fc43.src.rpm' |
| tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |