libconfig-1.7.3-11.fc43

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-476): [#def1]
libconfig-1.7.3/examples/c/example4.c:104:7: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘result_next’
libconfig-1.7.3/examples/c/example4.c:88:5: branch_true: following ‘true’ branch...
 branch_true: ...to here
libconfig-1.7.3/examples/c/example4.c:90:11: branch_true: following ‘true’ branch...
libconfig-1.7.3/examples/c/example4.c:92:60: branch_true: ...to here
libconfig-1.7.3/examples/c/example4.c:97:9: branch_true: following ‘true’ branch (when ‘result_count == result_capacity’)...
libconfig-1.7.3/examples/c/example4.c:99:9: branch_true: ...to here
libconfig-1.7.3/examples/c/example4.c:101:9: release_memory: ‘result’ is NULL
libconfig-1.7.3/examples/c/example4.c:104:7: danger: dereference of NULL ‘result_next’
#  102|         }
#  103|   
#  104|->       *result_next = strdup(file_path);
#  105|         ++result_next;
#  106|         ++result_count;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def2]
libconfig-1.7.3/examples/c/example4.c:113:3: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘result_next’
#  111|     }
#  112|   
#  113|->   *result_next = NULL;
#  114|   
#  115|     return((const char **)result);

Error: GCC_ANALYZER_WARNING (CWE-457): [#def3]
libconfig-1.7.3/lib/grammar.c:1162:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'yyss'
libconfig-1.7.3/lib/grammar.c:1120:6: branch_true: following 'true' branch...
libconfig-1.7.3/lib/grammar.c:1126:28: branch_true: ...to here
libconfig-1.7.3/lib/grammar.c:1149:10: branch_false: following 'false' branch (when 'yystacksize <= 9999')...
libconfig-1.7.3/lib/grammar.c:1151:7: branch_false: ...to here
libconfig-1.7.3/lib/grammar.c:1160:12: branch_false: following 'false' branch (when 'yyptr' is non-NULL)...
libconfig-1.7.3/lib/grammar.c:1162:9: branch_false: ...to here
libconfig-1.7.3/lib/grammar.c:1162:9: danger: use of uninitialized value 'yyss' here
# 1160|           if (! yyptr)
# 1161|             YYNOMEM;
# 1162|->         YYSTACK_RELOCATE (yyss_alloc, yyss);
# 1163|           YYSTACK_RELOCATE (yyvs_alloc, yyvs);
# 1164|   #  undef YYSTACK_RELOCATE

Error: GCC_ANALYZER_WARNING (CWE-476): [#def4]
libconfig-1.7.3/lib/libconfig.c:134:18: warning[-Wanalyzer-null-dereference]: dereference of NULL 'p'
libconfig-1.7.3/lib/libconfig.c:1609:19: enter_function: entry to 'config_setting_add'
libconfig-1.7.3/lib/libconfig.c:1612:5: branch_false: following 'false' branch...
libconfig-1.7.3/lib/libconfig.c:1615:5: branch_false: ...to here
libconfig-1.7.3/lib/libconfig.c:1615:5: branch_false: following 'false' branch (when 'parent' is non-NULL)...
libconfig-1.7.3/lib/libconfig.c:1618:7: branch_false: ...to here
libconfig-1.7.3/lib/libconfig.c:1621:5: branch_true: following 'true' branch...
libconfig-1.7.3/lib/libconfig.c:1630:6: branch_true: ...to here
libconfig-1.7.3/lib/libconfig.c:1630:6: call_function: calling 'config_setting_get_member' from 'config_setting_add'
#  132|     for(p = a, q = b; ; p++, q++)
#  133|     {
#  134|->     int pd = ((! *p) || strchr(PATH_TOKENS, *p));
#  135|       int qd = ((! *q) || strchr(PATH_TOKENS, *q));
#  136|   

Error: CPPCHECK_WARNING (CWE-476): [#def5]
libconfig-1.7.3/lib/libconfig.c:375: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: list
#  373|   static void __config_list_add(config_list_t *list, config_setting_t *setting)
#  374|   {
#  375|->   if((list->length % CHUNK_SIZE) == 0)
#  376|     {
#  377|       list->elements = (config_setting_t **)realloc(

Error: GCC_ANALYZER_WARNING (CWE-476): [#def6]
libconfig-1.7.3/lib/libconfig.c:375:7: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'list'
libconfig-1.7.3/lib/libconfig.c:1506:19: enter_function: entry to 'config_setting_set_string_elem'
libconfig-1.7.3/lib/libconfig.c:1511:5: branch_false: following 'false' branch...
libconfig-1.7.3/lib/libconfig.c:1515:5: branch_false: ...to here
libconfig-1.7.3/lib/libconfig.c:1515:5: branch_true: following 'true' branch (when 'idx < 0')...
libconfig-1.7.3/lib/libconfig.c:1517:10: branch_true: ...to here
libconfig-1.7.3/lib/libconfig.c:1517:7: branch_false: following 'false' branch...
libconfig-1.7.3/lib/libconfig.c:1520:15: branch_false: ...to here
libconfig-1.7.3/lib/libconfig.c:1520:15: call_function: calling 'config_setting_create' from 'config_setting_set_string_elem'
#  373|   static void __config_list_add(config_list_t *list, config_setting_t *setting)
#  374|   {
#  375|->   if((list->length % CHUNK_SIZE) == 0)
#  376|     {
#  377|       list->elements = (config_setting_t **)realloc(

Error: GCC_ANALYZER_WARNING (CWE-476): [#def7]
libconfig-1.7.3/lib/libconfig.c:382:3: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
libconfig-1.7.3/lib/libconfig.c:1506:19: enter_function: entry to 'config_setting_set_string_elem'
libconfig-1.7.3/lib/libconfig.c:1511:5: branch_false: following 'false' branch...
libconfig-1.7.3/lib/libconfig.c:1515:5: branch_false: ...to here
libconfig-1.7.3/lib/libconfig.c:1515:5: branch_true: following 'true' branch (when 'idx < 0')...
libconfig-1.7.3/lib/libconfig.c:1517:10: branch_true: ...to here
libconfig-1.7.3/lib/libconfig.c:1517:7: branch_false: following 'false' branch...
libconfig-1.7.3/lib/libconfig.c:1520:15: branch_false: ...to here
libconfig-1.7.3/lib/libconfig.c:1520:15: call_function: calling 'config_setting_create' from 'config_setting_set_string_elem'
#  380|     }
#  381|   
#  382|->   list->elements[list->length] = setting;
#  383|     list->length++;
#  384|   }

Error: CPPCHECK_WARNING (CWE-476): [#def8]
libconfig-1.7.3/lib/libconfig.c:739: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: config->root
#  737|   
#  738|     config->root = __new(config_setting_t);
#  739|->   config->root->type = CONFIG_TYPE_GROUP;
#  740|     config->root->config = config;
#  741|   }

Error: CPPCHECK_WARNING (CWE-476): [#def9]
libconfig-1.7.3/lib/libconfig.c:838: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: setting
#  836|   
#  837|     setting = __new(config_setting_t);
#  838|->   setting->parent = parent;
#  839|     setting->name = (name == NULL) ? NULL : strdup(name);
#  840|     setting->type = type;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def10]
libconfig-1.7.3/lib/libconfig.c:838:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'setting'
libconfig-1.7.3/lib/libconfig.c:1506:19: enter_function: entry to 'config_setting_set_string_elem'
libconfig-1.7.3/lib/libconfig.c:1511:5: branch_false: following 'false' branch...
libconfig-1.7.3/lib/libconfig.c:1515:5: branch_false: ...to here
libconfig-1.7.3/lib/libconfig.c:1515:5: branch_true: following 'true' branch (when 'idx < 0')...
libconfig-1.7.3/lib/libconfig.c:1517:10: branch_true: ...to here
libconfig-1.7.3/lib/libconfig.c:1517:7: branch_false: following 'false' branch...
libconfig-1.7.3/lib/libconfig.c:1520:15: branch_false: ...to here
libconfig-1.7.3/lib/libconfig.c:1520:15: call_function: calling 'config_setting_create' from 'config_setting_set_string_elem'
#  836|   
#  837|     setting = __new(config_setting_t);
#  838|->   setting->parent = parent;
#  839|     setting->name = (name == NULL) ? NULL : strdup(name);
#  840|     setting->type = type;

Error: CPPCHECK_WARNING (CWE-476): [#def11]
libconfig-1.7.3/lib/libconfig.c:839: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: setting
#  837|     setting = __new(config_setting_t);
#  838|     setting->parent = parent;
#  839|->   setting->name = (name == NULL) ? NULL : strdup(name);
#  840|     setting->type = type;
#  841|     setting->config = parent->config;

Error: CPPCHECK_WARNING (CWE-476): [#def12]
libconfig-1.7.3/lib/libconfig.c:840: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: setting
#  838|     setting->parent = parent;
#  839|     setting->name = (name == NULL) ? NULL : strdup(name);
#  840|->   setting->type = type;
#  841|     setting->config = parent->config;
#  842|     setting->hook = NULL;

Error: CPPCHECK_WARNING (CWE-476): [#def13]
libconfig-1.7.3/lib/libconfig.c:841: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: setting
#  839|     setting->name = (name == NULL) ? NULL : strdup(name);
#  840|     setting->type = type;
#  841|->   setting->config = parent->config;
#  842|     setting->hook = NULL;
#  843|     setting->line = 0;

Error: CPPCHECK_WARNING (CWE-476): [#def14]
libconfig-1.7.3/lib/libconfig.c:842: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: setting
#  840|     setting->type = type;
#  841|     setting->config = parent->config;
#  842|->   setting->hook = NULL;
#  843|     setting->line = 0;
#  844|   

Error: CPPCHECK_WARNING (CWE-476): [#def15]
libconfig-1.7.3/lib/libconfig.c:843: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: setting
#  841|     setting->config = parent->config;
#  842|     setting->hook = NULL;
#  843|->   setting->line = 0;
#  844|   
#  845|     list = parent->value.list;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def16]
libconfig-1.7.3/lib/libconfig.c:1052:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 'setting'
libconfig-1.7.3/lib/libconfig.c:1332:19: enter_function: entry to 'config_setting_set_int_elem'
libconfig-1.7.3/lib/libconfig.c:1337:5: branch_false: following 'false' branch...
libconfig-1.7.3/lib/libconfig.c:1341:5: branch_false: ...to here
libconfig-1.7.3/lib/libconfig.c:1341:5: branch_true: following 'true' branch (when 'idx < 0')...
libconfig-1.7.3/lib/libconfig.c:1343:10: branch_true: ...to here
libconfig-1.7.3/lib/libconfig.c:1343:7: branch_false: following 'false' branch...
libconfig-1.7.3/lib/libconfig.c:1346:15: branch_false: ...to here
libconfig-1.7.3/lib/libconfig.c:1346:15: call_function: calling 'config_setting_create' from 'config_setting_set_int_elem'
libconfig-1.7.3/lib/libconfig.c:1346:15: return_function: returning to 'config_setting_set_int_elem' from 'config_setting_create'
libconfig-1.7.3/lib/libconfig.c:1356:8: call_function: calling 'config_setting_set_int' from 'config_setting_set_int_elem'
# 1050|   int config_setting_set_int(config_setting_t *setting, int value)
# 1051|   {
# 1052|->   switch(setting->type)
# 1053|     {
# 1054|       case CONFIG_TYPE_NONE:

Error: GCC_ANALYZER_WARNING (CWE-476): [#def17]
libconfig-1.7.3/lib/libconfig.c:1080:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 'setting'
libconfig-1.7.3/lib/libconfig.c:1374:19: enter_function: entry to 'config_setting_set_int64_elem'
libconfig-1.7.3/lib/libconfig.c:1379:5: branch_false: following 'false' branch...
libconfig-1.7.3/lib/libconfig.c:1383:5: branch_false: ...to here
libconfig-1.7.3/lib/libconfig.c:1383:5: branch_true: following 'true' branch (when 'idx < 0')...
libconfig-1.7.3/lib/libconfig.c:1385:10: branch_true: ...to here
libconfig-1.7.3/lib/libconfig.c:1385:7: branch_false: following 'false' branch...
libconfig-1.7.3/lib/libconfig.c:1388:15: branch_false: ...to here
libconfig-1.7.3/lib/libconfig.c:1388:15: call_function: calling 'config_setting_create' from 'config_setting_set_int64_elem'
libconfig-1.7.3/lib/libconfig.c:1388:15: return_function: returning to 'config_setting_set_int64_elem' from 'config_setting_create'
libconfig-1.7.3/lib/libconfig.c:1398:8: call_function: calling 'config_setting_set_int64' from 'config_setting_set_int64_elem'
# 1078|   int config_setting_set_int64(config_setting_t *setting, long long value)
# 1079|   {
# 1080|->   switch(setting->type)
# 1081|     {
# 1082|       case CONFIG_TYPE_NONE:

Error: CPPCHECK_WARNING (CWE-476): [#def18]
libconfig-1.7.3/lib/libconfig.c:1745: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: file
# 1743|     {
# 1744|       file = (char *)malloc(strlen(include_dir) + strlen(path) + 2);
# 1745|->     strcpy(file, include_dir);
# 1746|       strcat(file, FILE_SEPARATOR);
# 1747|       strcat(file, path);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def19]
libconfig-1.7.3/lib/libconfig.c:1745:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'file' where non-null expected
libconfig-1.7.3/lib/libconfig.c:1742:5: branch_true: following 'true' branch...
libconfig-1.7.3/lib/libconfig.c:1744:20: acquire_memory: this call could return NULL
libconfig-1.7.3/lib/libconfig.c:1745:5: danger: argument 1 ('file') from [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2) could be NULL where non-null expected
#argument 1 of '__builtin_strcpy' must be non-null
# 1743|     {
# 1744|       file = (char *)malloc(strlen(include_dir) + strlen(path) + 2);
# 1745|->     strcpy(file, include_dir);
# 1746|       strcat(file, FILE_SEPARATOR);
# 1747|       strcat(file, path);

Error: CPPCHECK_WARNING (CWE-476): [#def20]
libconfig-1.7.3/lib/libconfig.c:1746: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: file
# 1744|       file = (char *)malloc(strlen(include_dir) + strlen(path) + 2);
# 1745|       strcpy(file, include_dir);
# 1746|->     strcat(file, FILE_SEPARATOR);
# 1747|       strcat(file, path);
# 1748|     }

Error: CPPCHECK_WARNING (CWE-476): [#def21]
libconfig-1.7.3/lib/libconfig.c:1747: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: file
# 1745|       strcpy(file, include_dir);
# 1746|       strcat(file, FILE_SEPARATOR);
# 1747|->     strcat(file, path);
# 1748|     }
# 1749|     else

Error: CPPCHECK_WARNING (CWE-476): [#def22]
libconfig-1.7.3/lib/libconfig.c:1755: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: files
# 1753|   
# 1754|     files = (const char **)malloc(sizeof(char **) * 2);
# 1755|->   files[0] = file;
# 1756|     files[1] = NULL;
# 1757|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def23]
libconfig-1.7.3/lib/libconfig.c:1755:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'files'
libconfig-1.7.3/lib/libconfig.c:1754:26: acquire_memory: this call could return NULL
libconfig-1.7.3/lib/libconfig.c:1755:3: danger: 'files' could be NULL: unchecked value from [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
# 1753|   
# 1754|     files = (const char **)malloc(sizeof(char **) * 2);
# 1755|->   files[0] = file;
# 1756|     files[1] = NULL;
# 1757|   

Error: CPPCHECK_WARNING (CWE-476): [#def24]
libconfig-1.7.3/lib/libconfig.c:1756: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: files
# 1754|     files = (const char **)malloc(sizeof(char **) * 2);
# 1755|     files[0] = file;
# 1756|->   files[1] = NULL;
# 1757|   
# 1758|     return(files);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
libconfig-1.7.3/lib/scanner.c:1973:12: warning[-Wanalyzer-malloc-leak]: leak of 'libconfig_yyalloc(64, yyscanner)'
libconfig-1.7.3/lib/scanner.c:1959:21: enter_function: entry to 'libconfig_yy_create_buffer'
libconfig-1.7.3/lib/scanner.c:1963:24: call_function: calling 'libconfig_yyalloc' from 'libconfig_yy_create_buffer'
libconfig-1.7.3/lib/scanner.c:1963:24: return_function: returning to 'libconfig_yy_create_buffer' from 'libconfig_yyalloc'
libconfig-1.7.3/lib/scanner.c:1964:12: branch_false: following 'false' branch...
libconfig-1.7.3/lib/scanner.c:1967:2: branch_false: ...to here
libconfig-1.7.3/lib/scanner.c:1973:12: danger: 'libconfig_yyalloc(64, yyscanner)' leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
# 1971|   	 * we need to put in 2 end-of-buffer characters.
# 1972|   	 */
# 1973|-> 	b->yy_ch_buf = (char *) yyalloc( (yy_size_t) (b->yy_buf_size + 2) , yyscanner );
# 1974|   	if ( ! b->yy_ch_buf )
# 1975|   		YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );

Error: GCC_ANALYZER_WARNING (CWE-476): [#def26]
libconfig-1.7.3/lib/scanner.c:2015:2: warning[-Wanalyzer-null-dereference]: dereference of NULL 'b'
libconfig-1.7.3/lib/scanner.c:1894:10: enter_function: entry to 'libconfig_yyrestart'
libconfig-1.7.3/lib/scanner.c:1899:16: call_function: calling 'libconfig_yyensure_buffer_stack' from 'libconfig_yyrestart'
libconfig-1.7.3/lib/scanner.c:1899:16: return_function: returning to 'libconfig_yyrestart' from 'libconfig_yyensure_buffer_stack'
libconfig-1.7.3/lib/scanner.c:1901:27: call_function: calling 'libconfig_yy_create_buffer' from 'libconfig_yyrestart'
libconfig-1.7.3/lib/scanner.c:1901:27: return_function: returning to 'libconfig_yyrestart' from 'libconfig_yy_create_buffer'
libconfig-1.7.3/lib/scanner.c:1904:2: branch_false: following 'false' branch...
libconfig-1.7.3/lib/scanner.c:1904:2: branch_false: ...to here
libconfig-1.7.3/lib/scanner.c:1904:2: call_function: calling 'libconfig_yy_init_buffer' from 'libconfig_yyrestart'
# 2013|   
# 2014|   	yy_flush_buffer( b , yyscanner);
# 2015|-> 
# 2016|   	b->yy_input_file = file;
# 2017|   	b->yy_fill_buffer = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
libconfig-1.7.3/lib/scanner.c:2233:25: warning[-Wanalyzer-malloc-leak]: leak of 'libconfig_yyalloc(n,  yyscanner)'
libconfig-1.7.3/lib/scanner.c:2217:17: enter_function: entry to 'libconfig_yy_scan_bytes'
libconfig-1.7.3/lib/scanner.c:2226:24: call_function: calling 'libconfig_yyalloc' from 'libconfig_yy_scan_bytes'
libconfig-1.7.3/lib/scanner.c:2226:24: return_function: returning to 'libconfig_yy_scan_bytes' from 'libconfig_yyalloc'
libconfig-1.7.3/lib/scanner.c:2227:12: branch_false: following 'false' branch...
 branch_false: ...to here
libconfig-1.7.3/lib/scanner.c:2235:6: call_function: calling 'libconfig_yy_scan_buffer' from 'libconfig_yy_scan_bytes'
# 2231|   	for ( i = 0; i < _yybytes_len; ++i )
# 2232|   		buf[i] = yybytes[i];
# 2233|-> 
# 2234|   	buf[_yybytes_len] = buf[_yybytes_len+1] = YY_END_OF_BUFFER_CHAR;
# 2235|   

Error: COMPILER_WARNING: [#def28]
libconfig-1.7.3/tests/tests.c: scope_hint: In function ‘ParseInvalidFiles’
libconfig-1.7.3/tests/tests.c:73:56: warning[-Wformat-truncation=]: ‘%s’ directive output may be truncated writing up to 127 bytes into a region of size between 0 and 127
#   73 |   snprintf(expected_error, sizeof(expected_error), "%s:%s",
#      |                                                        ^~
#......
#  179 |     parse_file_and_compare_error(input_file, error_text);
#      |                                              ~~~~~~~~~~ 
/usr/include/bits/stdio2.h:68:10: note: ‘__snprintf_chk’ output between 2 and 256 bytes into a destination of size 128
#   68 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
#      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   69 |                                    __glibc_objsize (__s), __fmt,
#      |                                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   70 |                                    __va_arg_pack ());
#      |                                    ~~~~~~~~~~~~~~~~~
#   71|     TT_ASSERT_FALSE(config_read_file(&cfg, input_file));
#   72|   
#   73|->   snprintf(expected_error, sizeof(expected_error), "%s:%s",
#   74|              input_file, parse_error);
#   75|   

Error: COMPILER_WARNING: [#def29]
libconfig-1.7.3/tests/tests.c: scope_hint: In function ‘ParseInvalidStrings’
libconfig-1.7.3/tests/tests.c:97:60: warning[-Wformat-truncation=]: ‘%s’ directive output may be truncated writing up to 127 bytes into a region of size 121
#   97 |   snprintf(expected_error, sizeof(expected_error), "(null):%s", parse_error);
#      |                                                            ^~
#......
#  209 |     parse_string_and_compare_error(input_text, error_text);
#      |                                                ~~~~~~~~~~   
/usr/include/bits/stdio2.h:68:10: note: ‘__snprintf_chk’ output between 8 and 135 bytes into a destination of size 128
#   68 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
#      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   69 |                                    __glibc_objsize (__s), __fmt,
#      |                                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#   70 |                                    __va_arg_pack ());
#      |                                    ~~~~~~~~~~~~~~~~~
#   95|     TT_ASSERT_FALSE(config_read_string(&cfg, input_text));
#   96|   
#   97|->   snprintf(expected_error, sizeof(expected_error), "(null):%s", parse_error);
#   98|   
#   99|     snprintf(actual_error, sizeof(actual_error), "%s:%d %s\n",

Error: CPPCHECK_WARNING (CWE-476): [#def30]
libconfig-1.7.3/tests/tests.c:127: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: buf
#  125|     TT_ASSERT_PTR_NOTNULL(fp);
#  126|   
#  127|->   r = fread(buf, 1, size, fp);
#  128|     fclose(fp);
#  129|   

Error: CPPCHECK_WARNING (CWE-476): [#def31]
libconfig-1.7.3/tests/tests.c:127: warning[nullPointerOutOfResources]: If resource allocation fails, then there is a possible null pointer dereference: fp
#  125|     TT_ASSERT_PTR_NOTNULL(fp);
#  126|   
#  127|->   r = fread(buf, 1, size, fp);
#  128|     fclose(fp);
#  129|   

Error: CPPCHECK_WARNING (CWE-476): [#def32]
libconfig-1.7.3/tests/tests.c:128: warning[nullPointerOutOfResources]: If resource allocation fails, then there is a possible null pointer dereference: fp
#  126|   
#  127|     r = fread(buf, 1, size, fp);
#  128|->   fclose(fp);
#  129|   
#  130|     TT_ASSERT_INT_EQ(size, r);

Error: CPPCHECK_WARNING (CWE-682): [#def33]
libconfig-1.7.3/tests/tests.c:132: error[nullPointerArithmeticOutOfMemory]: If memory allocation fail: pointer addition with NULL pointer.
#  130|     TT_ASSERT_INT_EQ(size, r);
#  131|   
#  132|->   *(buf + size) = 0;
#  133|     return(buf);
#  134|   }

Error: CPPCHECK_WARNING (CWE-476): [#def34]
libconfig-1.7.3/tests/tests.c:176: warning[nullPointerOutOfResources]: If resource allocation fails, then there is a possible null pointer dereference: fp
#  174|       fp = fopen(error_file, "rt");
#  175|       TT_ASSERT_PTR_NOTNULL(fp);
#  176|->     TT_ASSERT_PTR_NOTNULL(fgets(error_text, sizeof(error_text), fp));
#  177|       fclose(fp);
#  178|   

Error: CPPCHECK_WARNING (CWE-476): [#def35]
libconfig-1.7.3/tests/tests.c:177: warning[nullPointerOutOfResources]: If resource allocation fails, then there is a possible null pointer dereference: fp
#  175|       TT_ASSERT_PTR_NOTNULL(fp);
#  176|       TT_ASSERT_PTR_NOTNULL(fgets(error_text, sizeof(error_text), fp));
#  177|->     fclose(fp);
#  178|   
#  179|       parse_file_and_compare_error(input_file, error_text);

Error: CPPCHECK_WARNING (CWE-476): [#def36]
libconfig-1.7.3/tests/tests.c:206: warning[nullPointerOutOfResources]: If resource allocation fails, then there is a possible null pointer dereference: fp
#  204|       fp = fopen(error_file, "rt");
#  205|       TT_ASSERT_PTR_NOTNULL(fp);
#  206|->     TT_ASSERT_PTR_NOTNULL(fgets(error_text, sizeof(error_text), fp));
#  207|       fclose(fp);
#  208|   

Error: CPPCHECK_WARNING (CWE-476): [#def37]
libconfig-1.7.3/tests/tests.c:207: warning[nullPointerOutOfResources]: If resource allocation fails, then there is a possible null pointer dereference: fp
#  205|       TT_ASSERT_PTR_NOTNULL(fp);
#  206|       TT_ASSERT_PTR_NOTNULL(fgets(error_text, sizeof(error_text), fp));
#  207|->     fclose(fp);
#  208|   
#  209|       parse_string_and_compare_error(input_text, error_text);

Error: CPPCHECK_WARNING (CWE-476): [#def38]
libconfig-1.7.3/tinytest/tinytest.c:228: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: suite
#  226|   {
#  227|     tt_testsuite_t *suite = calloc(1, sizeof(tt_testsuite_t));
#  228|->   suite->name = strdup(name);
#  229|     return(suite);
#  230|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def39]
libconfig-1.7.3/tinytest/tinytest.c:228:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘suite’
libconfig-1.7.3/tinytest/tinytest.c:227:27: acquire_memory: this call could return NULL
libconfig-1.7.3/tinytest/tinytest.c:228:3: danger: ‘suite’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  226|   {
#  227|     tt_testsuite_t *suite = calloc(1, sizeof(tt_testsuite_t));
#  228|->   suite->name = strdup(name);
#  229|     return(suite);
#  230|   }

Error: CPPCHECK_WARNING (CWE-401): [#def40]
libconfig-1.7.3/tinytest/tinytest.c:229: error[memleak]: Memory leak: suite.name
#  227|     tt_testsuite_t *suite = calloc(1, sizeof(tt_testsuite_t));
#  228|     suite->name = strdup(name);
#  229|->   return(suite);
#  230|   }
#  231|   

Error: CPPCHECK_WARNING (CWE-476): [#def41]
libconfig-1.7.3/tinytest/tinytest.c:258: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: test
#  256|   {
#  257|     tt_test_t *test = calloc(1, sizeof(tt_test_t));
#  258|->   test->name = strdup(name);
#  259|     test->function = function;
#  260|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def42]
libconfig-1.7.3/tinytest/tinytest.c:258:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘test’
libconfig-1.7.3/tinytest/tinytest.c:257:21: acquire_memory: this call could return NULL
libconfig-1.7.3/tinytest/tinytest.c:258:3: danger: ‘test’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  256|   {
#  257|     tt_test_t *test = calloc(1, sizeof(tt_test_t));
#  258|->   test->name = strdup(name);
#  259|     test->function = function;
#  260|   

Error: CPPCHECK_WARNING (CWE-476): [#def43]
libconfig-1.7.3/tinytest/tinytest.c:259: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: test
#  257|     tt_test_t *test = calloc(1, sizeof(tt_test_t));
#  258|     test->name = strdup(name);
#  259|->   test->function = function;
#  260|   
#  261|     if(suite->last_test != NULL)

Scan Properties

analyzer-version-clippy1.86.0
analyzer-version-cppcheck2.17.1
analyzer-version-gcc15.0.1
analyzer-version-gcc-analyzer15.0.1
analyzer-version-shellcheck0.10.0
analyzer-version-unicontrol0.0.2
enabled-pluginsclippy, cppcheck, gcc, shellcheck, unicontrol
exit-code0
hostip-172-16-1-66.us-west-2.compute.internal
known-false-positives/usr/share/csmock/known-false-positives.js
known-false-positives-rpmknown-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch
mock-configfedora-rawhide-x86_64
project-namelibconfig-1.7.3-11.fc43
store-results-to/tmp/tmpqo_9f7cz/libconfig-1.7.3-11.fc43.tar.xz
time-created2025-04-25 13:51:13
time-finished2025-04-25 13:52:30
toolcsmock
tool-args'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpqo_9f7cz/libconfig-1.7.3-11.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpqo_9f7cz/libconfig-1.7.3-11.fc43.src.rpm'
tool-versioncsmock-3.8.1.20250422.172604.g26bc3d6-1.el9