Error: SHELLCHECK_WARNING (CWE-563): [#def1] /usr/bin/gpg-error-config:15:1: warning[SC2034]: includedir appears unused. Verify use (or export if used externally). # 13| prefix=/usr # 14| exec_prefix=/usr # 15|-> includedir=/usr/include # 16| libdir=/usr/lib # 17| Error: SHELLCHECK_WARNING (CWE-563): [#def2] /usr/bin/gpg-error-config:16:1: warning[SC2034]: libdir appears unused. Verify use (or export if used externally). # 14| exec_prefix=/usr # 15| includedir=/usr/include # 16|-> libdir=/usr/lib # 17| # 18| if echo "$0" | grep gpg-error-config 2>/dev/null >/dev/null; then Error: SHELLCHECK_WARNING (CWE-563): [#def3] /usr/bin/gpg-error-config:52:6: warning[SC2034]: optarg appears unused. Verify use (or export if used externally). # 50| ;; # 51| *) # 52|-> optarg= # 53| ;; # 54| esac Error: SHELLCHECK_WARNING (CWE-569): [#def4] /usr/bin/gpgrt-config:121:3: warning[SC2221]: This pattern always overrides a later one on line 132. # 119| if [ -n "$_reading_attrs" ]; then # 120| case "$_line" in # 121|-> *:\ *) # 122| _key="${_line%%:\ *}" # 123| _value="${_line#*:\ }" Error: SHELLCHECK_WARNING (CWE-569): [#def5] /usr/bin/gpgrt-config:132:6: warning[SC2222]: This pattern never matches because of a previous pattern on line 121. # 130| EOF2 # 131| ;; # 132|-> *:|*:\ ) ;; # 133| *) # 134| echo "Error reading $_filename: $_line" 1>&2 Error: SHELLCHECK_WARNING (CWE-477): [#def6] /usr/bin/gpgrt-config:250:18: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined. # 248| # 249| arg1_is_same () { # 250|-> [ "$1" = "=" -o "$1" = ">=" -o "$1" = "<=" ] # 251| } # 252| Error: SHELLCHECK_WARNING (CWE-477): [#def7] /usr/bin/gpgrt-config:250:33: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined. # 248| # 249| arg1_is_same () { # 250|-> [ "$1" = "=" -o "$1" = ">=" -o "$1" = "<=" ] # 251| } # 252| Error: SHELLCHECK_WARNING (CWE-477): [#def8] /usr/bin/gpgrt-config:254:19: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined. # 252| # 253| arg1_is_less () { # 254|-> [ "$1" = "!=" -o "$1" = "<" -o "$1" = "<=" ] # 255| } # 256| Error: SHELLCHECK_WARNING (CWE-477): [#def9] /usr/bin/gpgrt-config:254:33: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined. # 252| # 253| arg1_is_less () { # 254|-> [ "$1" = "!=" -o "$1" = "<" -o "$1" = "<=" ] # 255| } # 256| Error: SHELLCHECK_WARNING (CWE-477): [#def10] /usr/bin/gpgrt-config:258:19: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined. # 256| # 257| arg1_is_great () { # 258|-> [ "$1" = "!=" -o "$1" = ">" -o "$1" = ">=" ] # 259| } # 260| Error: SHELLCHECK_WARNING (CWE-477): [#def11] /usr/bin/gpgrt-config:258:33: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined. # 256| # 257| arg1_is_great () { # 258|-> [ "$1" = "!=" -o "$1" = ">" -o "$1" = ">=" ] # 259| } # 260| Error: SHELLCHECK_WARNING (CWE-477): [#def12] /usr/bin/gpgrt-config:273:27: warning[SC2166]: Prefer [ p ] && [ q ] as [ p -a q ] is not well defined. # 271| ___chunk2="" # 272| # 273|-> while [ -n "$___str1" -a -n "$___str2" ]; do # 274| # Trim anything that's not alnum or tilde from the front # 275| ___str1="$(expr "$___str1" : '[^0-9A-Za-z~]*\(.*\)')" Error: SHELLCHECK_WARNING (CWE-477): [#def13] /usr/bin/gpgrt-config:282:23: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined. # 280| ___char2=${___str2%${___str2#?}} # 281| # 282|-> if [ "$___char1" = ~ -o "$___char2" = ~ ]; then # 283| if [ "$___char1" != ~ ]; then # 284| arg1_is_great $___cmp Error: SHELLCHECK_WARNING (CWE-477): [#def14] /usr/bin/gpgrt-config:296:22: warning[SC2166]: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined. # 294| fi # 295| # 296|-> if [ -z "$___char1" -o -z "$___char2" ]; then # 297| break # 298| fi Error: SHELLCHECK_WARNING (CWE-563): [#def15] /usr/bin/gpgrt-config:597:5: warning[SC2034]: VAR_pc_sysrootdir appears unused. Verify use (or export if used externally). # 595| VAR_pc_sysrootdir="/" # 596| else # 597|-> VAR_pc_sysrootdir="$PKG_CONFIG_SYSROOT_DIR" # 598| fi # 599| Error: SHELLCHECK_WARNING (CWE-477): [#def16] /usr/bin/gpgrt-config:694:21: warning[SC2166]: Prefer [ p ] && [ q ] as [ p -a q ] is not well defined. # 692| done # 693| # 694|-> if [ -z "$want_var" -a -z "$want_attr" ]; then # 695| if [ -n "$want_cflags" ]; then # 696| output="$output${output:+ }$(sysroot -I $(list_only_once $cflags))" Error: SHELLCHECK_WARNING (CWE-156): [#def17] /usr/bin/gpgrt-config:696:42: warning[SC2046]: Quote this to prevent word splitting. # 694| if [ -z "$want_var" -a -z "$want_attr" ]; then # 695| if [ -n "$want_cflags" ]; then # 696|-> output="$output${output:+ }$(sysroot -I $(list_only_once $cflags))" # 697| # Backward compatibility to old gpg-error-config # 698| if [ $mt = yes -a -n "$mtcflags" ]; then Error: SHELLCHECK_WARNING (CWE-477): [#def18] /usr/bin/gpgrt-config:698:17: warning[SC2166]: Prefer [ p ] && [ q ] as [ p -a q ] is not well defined. # 696| output="$output${output:+ }$(sysroot -I $(list_only_once $cflags))" # 697| # Backward compatibility to old gpg-error-config # 698|-> if [ $mt = yes -a -n "$mtcflags" ]; then # 699| output="$output${output:+ }$mtcflags" # 700| fi Error: SHELLCHECK_WARNING (CWE-156): [#def19] /usr/bin/gpgrt-config:703:42: warning[SC2046]: Quote this to prevent word splitting. # 701| fi # 702| if [ -n "$want_libs" ]; then # 703|-> output="$output${output:+ }$(sysroot -L $(list_only_once_for_libs $libs))" # 704| # Backward compatibility to old gpg-error-config # 705| if [ $mt = yes -a -n "$mtlibs" ]; then Error: SHELLCHECK_WARNING (CWE-477): [#def20] /usr/bin/gpgrt-config:705:17: warning[SC2166]: Prefer [ p ] && [ q ] as [ p -a q ] is not well defined. # 703| output="$output${output:+ }$(sysroot -L $(list_only_once_for_libs $libs))" # 704| # Backward compatibility to old gpg-error-config # 705|-> if [ $mt = yes -a -n "$mtlibs" ]; then # 706| output="$output${output:+ }$mtlibs" # 707| fi Error: CPPCHECK_WARNING (CWE-476): [#def21] libgpg-error-1.55/src/logging.c:272: error[nullPointer]: Null pointer dereference: (struct sockaddr_un*)0 # 270| srvr_addr_un.sun_path[sizeof (srvr_addr_un.sun_path)-1] = 0; # 271| srvr_addr = (struct sockaddr *)&srvr_addr_un; # 272|-> addrlen = SUN_LEN (&srvr_addr_un); # 273| name_for_err = srvr_addr_un.sun_path; # 274| } Error: CPPCHECK_WARNING (CWE-476): [#def22] libgpg-error-1.55/src/logging.c:284: error[nullPointer]: Null pointer dereference: (struct sockaddr_un*)0 # 282| srvr_addr_un.sun_path[sizeof (srvr_addr_un.sun_path)-1] = 0; # 283| srvr_addr = (struct sockaddr *)&srvr_addr_un; # 284|-> addrlen = SUN_LEN (&srvr_addr_un); # 285| } # 286| } Error: GCC_ANALYZER_WARNING (CWE-126): [#def23] libgpg-error-1.55/src/logging.c:488:52: warning[-Wanalyzer-out-of-bounds]: buffer over-read libgpg-error-1.55/src/logging.c:1331:1: enter_function: entry to '_gpgrt_logv_clock' libgpg-error-1.55/src/logging.c:1357:3: call_function: calling '_gpgrt_logv_internal' from '_gpgrt_logv_clock' # 486| goto leave; # 487| } # 488|-> else if (name && !strncmp (name, "tcp://", 6) && name[6]) # 489| want_socket = 1; # 490| #ifndef HAVE_W32_SYSTEM Error: CPPCHECK_WARNING (CWE-664): [#def24] libgpg-error-1.55/src/logging.c:1324: error[va_list_usedBeforeStarted]: va_list 'dummy_argptr' used before va_start() was called. # 1322| static va_list dummy_argptr; # 1323| # 1324|-> _gpgrt_logv_printhex (buffer, length, NULL, dummy_argptr); # 1325| } # 1326| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def25] libgpg-error-1.55/src/spawn-posix.c:394:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(*act.fd[i], i)' libgpg-error-1.55/src/spawn-posix.c:430:1: enter_function: entry to 'spawn_detached' libgpg-error-1.55/src/spawn-posix.c:436:6: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:443:3: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:446:6: branch_false: following 'false' branch (when 'pid != -1')... libgpg-error-1.55/src/spawn-posix.c:454:6: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:454:6: branch_true: following 'true' branch (when 'pid == 0')... libgpg-error-1.55/src/spawn-posix.c:458:11: branch_true: ...to here libgpg-error-1.55/src/spawn-posix.c:458:10: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:462:10: branch_false: following 'false' branch (when 'pid2 != -1')... libgpg-error-1.55/src/spawn-posix.c:464:10: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:464:10: branch_false: following 'false' branch (when 'pid2 == 0')... libgpg-error-1.55/src/spawn-posix.c:467:7: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:467:7: call_function: calling 'my_exec' from 'spawn_detached' # 392| if (act->fd[i] != i) # 393| { # 394|-> if (dup2 (act->fd[i], i) == -1) # 395| _gpgrt_log_fatal ("dup2 std%s failed: %s\n", # 396| i==0?"in":i==1?"out":"err", strerror (errno)); Error: GCC_ANALYZER_WARNING (CWE-775): [#def26] libgpg-error-1.55/src/spawn-posix.c:587:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fd_in[0]' libgpg-error-1.55/src/spawn-posix.c:555:1: enter_function: entry to '_gpgrt_process_spawn' libgpg-error-1.55/src/spawn-posix.c:586:6: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:588:6: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:599:6: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:626:13: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:627:6: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:633:3: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:636:6: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:650:11: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:650:10: branch_true: following 'true' branch... libgpg-error-1.55/src/spawn-posix.c:652:16: branch_true: ...to here libgpg-error-1.55/src/spawn-posix.c:652:16: call_function: calling 'do_create_pipe' from '_gpgrt_process_spawn' libgpg-error-1.55/src/spawn-posix.c:652:16: return_function: returning to '_gpgrt_process_spawn' from 'do_create_pipe' libgpg-error-1.55/src/spawn-posix.c:653:14: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:671:11: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:673:16: call_function: calling 'do_create_pipe' from '_gpgrt_process_spawn' libgpg-error-1.55/src/spawn-posix.c:673:16: return_function: returning to '_gpgrt_process_spawn' from 'do_create_pipe' libgpg-error-1.55/src/spawn-posix.c:676:18: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:678:19: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:678:18: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:680:15: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:587:12: danger: 'fd_in[0]' leaks here # 585| argv = xtrycalloc (i+2, sizeof *argv); # 586| if (!argv) # 587|-> return _gpg_err_code_from_syserror (); # 588| if (pgmname) # 589| argv[0] = strrchr (pgmname, '/'); Error: GCC_ANALYZER_WARNING (CWE-775): [#def27] libgpg-error-1.55/src/spawn-posix.c:587:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fd_in[1]' libgpg-error-1.55/src/spawn-posix.c:555:1: enter_function: entry to '_gpgrt_process_spawn' libgpg-error-1.55/src/spawn-posix.c:586:6: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:588:6: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:599:6: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:626:13: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:627:6: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:633:3: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:636:6: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:650:11: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:650:10: branch_true: following 'true' branch... libgpg-error-1.55/src/spawn-posix.c:652:16: branch_true: ...to here libgpg-error-1.55/src/spawn-posix.c:652:16: call_function: calling 'do_create_pipe' from '_gpgrt_process_spawn' libgpg-error-1.55/src/spawn-posix.c:652:16: return_function: returning to '_gpgrt_process_spawn' from 'do_create_pipe' libgpg-error-1.55/src/spawn-posix.c:653:14: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:671:11: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:673:16: call_function: calling 'do_create_pipe' from '_gpgrt_process_spawn' libgpg-error-1.55/src/spawn-posix.c:673:16: return_function: returning to '_gpgrt_process_spawn' from 'do_create_pipe' libgpg-error-1.55/src/spawn-posix.c:676:18: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:678:19: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:678:18: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:680:15: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:587:12: danger: 'fd_in[1]' leaks here # 585| argv = xtrycalloc (i+2, sizeof *argv); # 586| if (!argv) # 587|-> return _gpg_err_code_from_syserror (); # 588| if (pgmname) # 589| argv[0] = strrchr (pgmname, '/'); Error: GCC_ANALYZER_WARNING (CWE-775): [#def28] libgpg-error-1.55/src/spawn-posix.c:587:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fd_out[1]' libgpg-error-1.55/src/spawn-posix.c:555:1: enter_function: entry to '_gpgrt_process_spawn' libgpg-error-1.55/src/spawn-posix.c:586:6: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:588:6: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:599:6: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:626:13: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:627:6: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:633:3: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:636:6: branch_true: following 'true' branch... libgpg-error-1.55/src/spawn-posix.c:638:12: branch_true: ...to here libgpg-error-1.55/src/spawn-posix.c:638:12: call_function: calling 'do_create_socketpair' from '_gpgrt_process_spawn' libgpg-error-1.55/src/spawn-posix.c:638:12: return_function: returning to '_gpgrt_process_spawn' from 'do_create_socketpair' libgpg-error-1.55/src/spawn-posix.c:639:10: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:645:19: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:646:19: acquire_resource: opened here libgpg-error-1.55/src/spawn-posix.c:729:6: branch_true: following 'true' branch (when 'pid == -1')... libgpg-error-1.55/src/spawn-posix.c:731:12: branch_true: ...to here libgpg-error-1.55/src/spawn-posix.c:733:10: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:735:11: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:735:10: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:737:11: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:737:10: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:739:11: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:739:10: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:741:11: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:741:10: branch_false: following 'false' branch... libgpg-error-1.55/src/spawn-posix.c:743:11: branch_false: ...to here libgpg-error-1.55/src/spawn-posix.c:587:12: danger: 'fd_out[1]' leaks here; was opened at [(17)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/16) # 585| argv = xtrycalloc (i+2, sizeof *argv); # 586| if (!argv) # 587|-> return _gpg_err_code_from_syserror (); # 588| if (pgmname) # 589| argv[0] = strrchr (pgmname, '/');
| analyzer-version-clippy | 1.86.0 |
| analyzer-version-cppcheck | 2.17.1 |
| analyzer-version-gcc | 15.0.1 |
| analyzer-version-gcc-analyzer | 15.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-116.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | libgpg-error-1.55-1.fc43 |
| store-results-to | /tmp/tmpg5jt9dkf/libgpg-error-1.55-1.fc43.tar.xz |
| time-created | 2025-04-25 14:02:24 |
| time-finished | 2025-04-25 14:04:03 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpg5jt9dkf/libgpg-error-1.55-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpg5jt9dkf/libgpg-error-1.55-1.fc43.src.rpm' |
| tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |