Error: CPPCHECK_WARNING (CWE-457): [#def1] libidn2-2.3.8/lib/tables.c:59: error[uninitvar]: Uninitialized variables: &key.end, &key.state # 57| # 58| result = (struct idna_table *) # 59|-> bsearch (&key, idna_table, idna_table_size, # 60| sizeof (struct idna_table), # 61| (int (*)(const void *, const void *)) _compare); Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] libidn2-2.3.8/unistring/striconveh.c:60:10: warning[-Wanalyzer-malloc-leak]: leak of 'iconv_open("UTF-8", from_codeset)' libidn2-2.3.8/unistring/striconveh.c:1090:1: enter_function: entry to 'mem_iconveh' libidn2-2.3.8/unistring/striconveh.c:1096:6: branch_false: following 'false' branch (when 'srclen != 0')... libidn2-2.3.8/unistring/striconveh.c:1102:11: branch_false: ...to here libidn2-2.3.8/unistring/striconveh.c:1130:11: call_function: calling 'iconveh_open' from 'mem_iconveh' # 58| { # 59| cd1 = iconv_open ("UTF-8", from_codeset); # 60|-> if (cd1 == (iconv_t)(-1)) # 61| { # 62| int saved_errno = errno; Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] libidn2-2.3.8/unistring/striconveh.c:82:10: warning[-Wanalyzer-malloc-leak]: leak of 'iconv_open(to_codeset, "UTF-8")' libidn2-2.3.8/unistring/striconveh.c:1090:1: enter_function: entry to 'mem_iconveh' libidn2-2.3.8/unistring/striconveh.c:1096:6: branch_false: following 'false' branch (when 'srclen != 0')... libidn2-2.3.8/unistring/striconveh.c:1102:11: branch_false: ...to here libidn2-2.3.8/unistring/striconveh.c:1130:11: call_function: calling 'iconveh_open' from 'mem_iconveh' # 80| { # 81| cd2 = iconv_open (to_codeset, "UTF-8"); # 82|-> if (cd2 == (iconv_t)(-1)) # 83| { # 84| int saved_errno = errno; Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] libidn2-2.3.8/unistring/striconveh.c:365:7: warning[-Wanalyzer-malloc-leak]: leak of 'str_cd_iconveh(src, & cd, handler)' libidn2-2.3.8/unistring/striconveh.c:1170:1: enter_function: entry to 'str_iconveh' libidn2-2.3.8/unistring/striconveh.c:1174:6: branch_false: following 'false' branch... libidn2-2.3.8/unistring/striconveh.c:1188:11: call_function: calling 'iconveh_open' from 'str_iconveh' libidn2-2.3.8/unistring/striconveh.c:1188:11: return_function: returning to 'str_iconveh' from 'iconveh_open' libidn2-2.3.8/unistring/striconveh.c:1188:10: branch_false: following 'false' branch... libidn2-2.3.8/unistring/striconveh.c:1191:16: branch_false: ...to here libidn2-2.3.8/unistring/striconveh.c:1191:16: acquire_memory: allocated here libidn2-2.3.8/unistring/striconveh.c:1191:16: call_function: calling 'str_cd_iconveh' from 'str_iconveh' # 363| size_t last_length = (size_t)(-1); /* only needed if offsets != NULL */ # 364| # 365|-> if (*resultp != NULL && *lengthp >= sizeof (tmpbuf)) # 366| { # 367| initial_result = *resultp; Error: GCC_ANALYZER_WARNING (CWE-131): [#def5] libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:344:29: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:37:6: branch_true: following 'true' branch (when 'resultbuf' is NULL)... libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:55:27: branch_true: ...to here libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:129:16: branch_false: following 'false' branch (when 's >= s_end')... libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:150:20: branch_false: ...to here libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:150:20: branch_false: following 'false' branch (when 'sortbuf_count <= 1')... libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:154:20: branch_false: ...to here libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:215:29: branch_false: following 'false' branch (when 'sortbuf_count <= j')... libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:299:16: branch_false: ...to here libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:299:16: branch_true: following 'true' branch (when 's >= s_end')... libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:331:12: branch_true: ...to here libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:339:6: branch_true: following 'true' branch (when 'length == 0')... libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:341:10: branch_true: ...to here libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:341:10: branch_true: following 'true' branch (when 'result' is NULL)... libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:344:29: branch_true: ...to here libidn2-2.3.8/unistring/uninorm/u-normalize-internal.h:344:29: danger: assigned to 'unistring_uint32_t *' {{aka 'unsigned int *'}} here; 'sizeof (unistring_uint32_t {{aka unsigned int}})' is '4' # 342| { # 343| /* Return a non-NULL value. NULL means error. */ # 344|-> result = (UNIT *) malloc (1); # 345| if (result == NULL) # 346| { Error: GCC_ANALYZER_WARNING (CWE-457): [#def6] libidn2-2.3.8/unistring/unistr.h:221:11: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '*(const uint8_t *)inptr' libidn2-2.3.8/unistring/striconveh.c:1170:1: enter_function: entry to 'str_iconveh' libidn2-2.3.8/unistring/striconveh.c:1174:6: branch_false: following 'false' branch... libidn2-2.3.8/unistring/striconveh.c:1188:11: call_function: calling 'iconveh_open' from 'str_iconveh' libidn2-2.3.8/unistring/striconveh.c:1188:11: return_function: returning to 'str_iconveh' from 'iconveh_open' libidn2-2.3.8/unistring/striconveh.c:1188:10: branch_false: following 'false' branch... libidn2-2.3.8/unistring/striconveh.c:1191:16: branch_false: ...to here libidn2-2.3.8/unistring/striconveh.c:1191:16: call_function: calling 'str_cd_iconveh' from 'str_iconveh' # 219| u8_mbtouc (ucs4_t *puc, const uint8_t *s, size_t n) # 220| { # 221|-> uint8_t c = *s; # 222| # 223| if (c < 0x80)
| analyzer-version-clippy | 1.86.0 |
| analyzer-version-cppcheck | 2.17.1 |
| analyzer-version-gcc | 15.0.1 |
| analyzer-version-gcc-analyzer | 15.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-100.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | libidn2-2.3.8-1.fc43 |
| store-results-to | /tmp/tmp18pl1luw/libidn2-2.3.8-1.fc43.tar.xz |
| time-created | 2025-04-25 13:57:59 |
| time-finished | 2025-04-25 13:59:29 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmp18pl1luw/libidn2-2.3.8-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp18pl1luw/libidn2-2.3.8-1.fc43.src.rpm' |
| tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |