libnbd-1.23.3-1.fc43

List of Findings

Error: SHELLCHECK_WARNING: [#def1]
/usr/bin/nbdsh:25:6: warning[SC2194]: This word is constant. Did you forget the $ on a variable?
#   23|   # this hack to Darwin only so it doesn't cause potential security
#   24|   # issues on normal platforms.
#   25|-> case "linux-gnu" in
#   26|       darwin*)
#   27|   	if test -z "$DYLD_LIBRARY_PATH" && test -n "$_DYLD_LIBRARY_PATH"; then

Error: SHELLCHECK_WARNING: [#def2]
/usr/bin/nbdsh:37:10: warning[SC3038]: In POSIX sh, exec flags are undefined.
#   35|   # and above, and not part of POSIX).
#   36|   if /bin/sh -c 'exec -a test true' 2>/dev/null; then
#   37|->     exec -a nbdsh /usr/bin/python3 -mnbd "$@"
#   38|   else
#   39|       exec          /usr/bin/python3 -mnbd "$@"

Error: CPPCHECK_WARNING (CWE-476): [#def3]
libnbd-1.23.3/common/utils/const-string-vector.h:40: error[ctunullpointer]: Null pointer dereference: key
#   38|   #include "vector.h"
#   39|   
#   40|-> DEFINE_VECTOR_TYPE (const_string_vector, const char *);
#   41|   
#   42|   #endif /* CONST_STRING_VECTOR_H */

Error: CPPCHECK_WARNING (CWE-476): [#def4]
libnbd-1.23.3/common/utils/string-vector.h:40: error[ctunullpointer]: Null pointer dereference: key
#   38|   #include "vector.h"
#   39|   
#   40|-> DEFINE_POINTER_VECTOR_TYPE (string_vector, char *);
#   41|   
#   42|   #endif /* STRING_VECTOR_H */

Error: CPPCHECK_WARNING (CWE-457): [#def5]
libnbd-1.23.3/common/utils/vector.c:70: error[uninitvar]: Uninitialized variable: newbytes
#   68|         ADD_OVERFLOW (v->cap, t/2, &newcap) ||
#   69|         MUL_OVERFLOW (newcap, itemsize, &newbytes) ||
#   70|->       newbytes < reqbytes) {
#   71|       /* If that either overflows or is less than the minimum requested,
#   72|        * fall back to the requested capacity.

Error: CPPCHECK_WARNING (CWE-457): [#def6]
libnbd-1.23.3/common/utils/vector.c:70: error[uninitvar]: Uninitialized variable: reqbytes
#   68|         ADD_OVERFLOW (v->cap, t/2, &newcap) ||
#   69|         MUL_OVERFLOW (newcap, itemsize, &newbytes) ||
#   70|->       newbytes < reqbytes) {
#   71|       /* If that either overflows or is less than the minimum requested,
#   72|        * fall back to the requested capacity.

Error: CPPCHECK_WARNING (CWE-457): [#def7]
libnbd-1.23.3/common/utils/vector.c:74: error[uninitvar]: Uninitialized variable: reqcap
#   72|        * fall back to the requested capacity.
#   73|        */
#   74|->     newcap = reqcap;
#   75|       newbytes = reqbytes;
#   76|     }

Error: CPPCHECK_WARNING (CWE-457): [#def8]
libnbd-1.23.3/common/utils/vector.c:78: warning[uninitvar]: Uninitialized variable: newcap
#   76|     }
#   77|   
#   78|->   *newcap_r = newcap;
#   79|     *newbytes_r = newbytes;
#   80|     return 0;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def9]
libnbd-1.23.3/copy/blkhash.c:72:1: warning[-Wanalyzer-file-leak]: leak of FILE ‘fp’
libnbd-1.23.3/copy/blkhash.c:355:1: enter_function: entry to ‘finish_blkhash’
libnbd-1.23.3/copy/blkhash.c:367:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/copy/blkhash.c:369:7: branch_false: ...to here
libnbd-1.23.3/copy/blkhash.c:390:6: branch_false: following ‘false’ branch (when ‘zero_block’ is non-NULL)...
libnbd-1.23.3/copy/blkhash.c:394:17: branch_false: ...to here
libnbd-1.23.3/copy/blkhash.c:394:17: call_function: calling ‘compute_one_block_hash’ from ‘finish_blkhash’
libnbd-1.23.3/copy/blkhash.c:394:17: return_function: returning to ‘finish_blkhash’ from ‘compute_one_block_hash’
libnbd-1.23.3/copy/blkhash.c:399:6: branch_false: following ‘false’ branch...
 branch_false: ...to here
libnbd-1.23.3/copy/blkhash.c:436:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/copy/blkhash.c:442:18: branch_false: ...to here
libnbd-1.23.3/copy/blkhash.c:443:6: branch_false: following ‘false’ branch (when ‘final_digest’ is non-NULL)...
libnbd-1.23.3/copy/blkhash.c:448:3: branch_false: ...to here
libnbd-1.23.3/copy/blkhash.c:451:6: branch_true: following ‘true’ branch...
libnbd-1.23.3/copy/blkhash.c:452:10: branch_true: ...to here
libnbd-1.23.3/copy/blkhash.c:452:10: acquire_resource: opened here
libnbd-1.23.3/copy/blkhash.c:453:8: branch_false: following ‘false’ branch...
libnbd-1.23.3/copy/blkhash.c:461:3: branch_false: ...to here
libnbd-1.23.3/copy/blkhash.c:465:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/copy/blkhash.c:468:3: branch_false: ...to here
libnbd-1.23.3/copy/blkhash.c:472:3: call_function: inlined call to ‘blocks_reset’ from ‘finish_blkhash’
#   70|   };
#   71|   
#   72|-> DEFINE_VECTOR_TYPE(blocks, struct block);
#   73|   static blocks block_vec;
#   74|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
libnbd-1.23.3/copy/blkhash.c:72:1: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
libnbd-1.23.3/copy/blkhash.c:355:1: enter_function: entry to ‘finish_blkhash’
libnbd-1.23.3/copy/blkhash.c:367:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/copy/blkhash.c:369:7: branch_false: ...to here
libnbd-1.23.3/copy/blkhash.c:390:6: branch_false: following ‘false’ branch (when ‘zero_block’ is non-NULL)...
libnbd-1.23.3/copy/blkhash.c:394:17: branch_false: ...to here
libnbd-1.23.3/copy/blkhash.c:394:17: call_function: calling ‘compute_one_block_hash’ from ‘finish_blkhash’
libnbd-1.23.3/copy/blkhash.c:394:17: return_function: returning to ‘finish_blkhash’ from ‘compute_one_block_hash’
libnbd-1.23.3/copy/blkhash.c:399:6: branch_false: following ‘false’ branch...
 branch_false: ...to here
libnbd-1.23.3/copy/blkhash.c:436:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/copy/blkhash.c:442:18: branch_false: ...to here
libnbd-1.23.3/copy/blkhash.c:443:6: branch_false: following ‘false’ branch (when ‘final_digest’ is non-NULL)...
libnbd-1.23.3/copy/blkhash.c:448:3: branch_false: ...to here
libnbd-1.23.3/copy/blkhash.c:451:6: branch_true: following ‘true’ branch...
libnbd-1.23.3/copy/blkhash.c:452:10: branch_true: ...to here
libnbd-1.23.3/copy/blkhash.c:452:10: acquire_memory: allocated here
libnbd-1.23.3/copy/blkhash.c:453:8: branch_false: following ‘false’ branch...
libnbd-1.23.3/copy/blkhash.c:461:3: branch_false: ...to here
libnbd-1.23.3/copy/blkhash.c:465:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/copy/blkhash.c:468:3: branch_false: ...to here
libnbd-1.23.3/copy/blkhash.c:472:3: call_function: inlined call to ‘blocks_reset’ from ‘finish_blkhash’
#   70|   };
#   71|   
#   72|-> DEFINE_VECTOR_TYPE(blocks, struct block);
#   73|   static blocks block_vec;
#   74|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def11]
libnbd-1.23.3/copy/multi-thread-copying.c:476:24: warning[-Wanalyzer-malloc-leak]: leak of ‘create_subcommand(vp,  last_offset,  i - last_offset, 1)’
libnbd-1.23.3/copy/multi-thread-copying.c:503:1: enter_function: entry to ‘finished_read’
libnbd-1.23.3/copy/multi-thread-copying.c:507:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/copy/multi-thread-copying.c:513:3: branch_false: ...to here
libnbd-1.23.3/copy/multi-thread-copying.c:516:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/copy/multi-thread-copying.c:537:14: call_function: inlined call to ‘is_power_of_2’ from ‘finished_read’
libnbd-1.23.3/copy/multi-thread-copying.c:537:14: branch_true: ...to here
libnbd-1.23.3/copy/multi-thread-copying.c:567:12: branch_false: following ‘false’ branch (when ‘last_is_zero == 0’)...
libnbd-1.23.3/copy/multi-thread-copying.c:539:12: branch_false: ...to here
libnbd-1.23.3/copy/multi-thread-copying.c:584:8: branch_true: following ‘true’ branch (when ‘last_offset != i’)...
libnbd-1.23.3/copy/multi-thread-copying.c:585:10: branch_true: ...to here
libnbd-1.23.3/copy/multi-thread-copying.c:585:10: branch_true: following ‘true’ branch (when ‘last_is_zero != 0’)...
libnbd-1.23.3/copy/multi-thread-copying.c:597:54: branch_true: ...to here
libnbd-1.23.3/copy/multi-thread-copying.c:596:22: call_function: calling ‘create_subcommand’ from ‘finished_read’
libnbd-1.23.3/copy/multi-thread-copying.c:596:22: return_function: returning to ‘finished_read’ from ‘create_subcommand’
libnbd-1.23.3/copy/multi-thread-copying.c:476:24: danger: ‘create_subcommand(vp,  last_offset,  i - last_offset, 1)’ leaks here; was allocated at [(21)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/20)
#  474|                      bool zero)
#  475|   {
#  476|->   const uint64_t end = command->offset + command->slice.len;
#  477|     struct command *newcommand;
#  478|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def12]
libnbd-1.23.3/copy/null-ops.c:50:10: warning[-Wanalyzer-malloc-leak]: leak of ‘rw’
libnbd-1.23.3/copy/null-ops.c:43:24: acquire_memory: allocated here
libnbd-1.23.3/copy/null-ops.c:44:6: branch_false: following ‘false’ branch (when ‘rw’ is non-NULL)...
libnbd-1.23.3/copy/null-ops.c:46:3: branch_false: ...to here
libnbd-1.23.3/copy/null-ops.c:50:10: danger: ‘rw’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   48|     rw->rw.size = INT64_MAX;
#   49|     rw->rw.preferred = 4096;
#   50|->   return &rw->rw;
#   51|   }
#   52|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def13]
libnbd-1.23.3/copy/pipe-ops.c:49:10: warning[-Wanalyzer-malloc-leak]: leak of ‘rwp’
libnbd-1.23.3/copy/pipe-ops.c:40:25: acquire_memory: allocated here
libnbd-1.23.3/copy/pipe-ops.c:41:6: branch_false: following ‘false’ branch (when ‘rwp’ is non-NULL)...
libnbd-1.23.3/copy/pipe-ops.c:44:3: branch_false: ...to here
libnbd-1.23.3/copy/pipe-ops.c:49:10: danger: ‘rwp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   47|     rwp->rw.preferred = 4096;
#   48|     rwp->fd = fd;
#   49|->   return &rwp->rw;
#   50|   }
#   51|   

Error: CPPCHECK_WARNING (CWE-457): [#def14]
libnbd-1.23.3/dump/dump.c:386: error[uninitvar]: Uninitialized variable: last
#  384|           offset + i > 0 && /* first line is never squashed */
#  385|           offset + i + 16 < size && /* last line is never squashed */
#  386|->         memcmp (&buffer[i], last, 16) == 0;
#  387|         if (same) {
#  388|           if (!printed_splat) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
libnbd-1.23.3/examples/glib-main-loop.c:291:6: warning[-Wanalyzer-malloc-leak]: leak of ‘nbd_create()’
libnbd-1.23.3/examples/glib-main-loop.c:285:9: acquire_memory: allocated here
libnbd-1.23.3/examples/glib-main-loop.c:286:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/examples/glib-main-loop.c:290:10: branch_false: ...to here
libnbd-1.23.3/examples/glib-main-loop.c:291:6: danger: ‘nbd_create()’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  289|     }
#  290|     dest = nbd_create ();
#  291|->   if (!dest) {
#  292|       fprintf (stderr, "%s\n", nbd_get_error ());
#  293|       exit (EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
libnbd-1.23.3/examples/list-exports.c:62:6: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(name)’
libnbd-1.23.3/examples/list-exports.c:57:6: branch_false: following ‘false’ branch (when ‘names’ is non-NULL)...
libnbd-1.23.3/examples/list-exports.c:61:9: branch_false: ...to here
libnbd-1.23.3/examples/list-exports.c:61:17: acquire_memory: allocated here
libnbd-1.23.3/examples/list-exports.c:62:6: danger: ‘strdup(name)’ leaks here; was allocated at [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
#   60|     }
#   61|     names[l->i] = strdup (name);
#   62|->   if (!names[l->i]) {
#   63|       perror ("strdup");
#   64|       exit (EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-457): [#def17]
libnbd-1.23.3/examples/threaded-reads-and-writes.c:300:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘&cookies[<unknown>]’
libnbd-1.23.3/examples/threaded-reads-and-writes.c:201:6: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
libnbd-1.23.3/examples/threaded-reads-and-writes.c:206:9: branch_false: ...to here
libnbd-1.23.3/examples/threaded-reads-and-writes.c:207:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/examples/threaded-reads-and-writes.c:212:7: branch_false: ...to here
libnbd-1.23.3/examples/threaded-reads-and-writes.c:225:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
libnbd-1.23.3/examples/threaded-reads-and-writes.c:231:15: branch_true: following ‘true’ branch (when ‘i != 1048576’)...
libnbd-1.23.3/examples/threaded-reads-and-writes.c:232:14: branch_true: ...to here
libnbd-1.23.3/examples/threaded-reads-and-writes.c:237:10: branch_true: following ‘true’ branch...
libnbd-1.23.3/examples/threaded-reads-and-writes.c:238:9: branch_true: ...to here
libnbd-1.23.3/examples/threaded-reads-and-writes.c:238:8: branch_false: following ‘false’ branch...
libnbd-1.23.3/examples/threaded-reads-and-writes.c:250:12: branch_true: following ‘true’ branch...
libnbd-1.23.3/examples/threaded-reads-and-writes.c:251:15: branch_true: ...to here
libnbd-1.23.3/examples/threaded-reads-and-writes.c:254:10: branch_true: following ‘true’ branch (when ‘cmd == 0’)...
libnbd-1.23.3/examples/threaded-reads-and-writes.c:256:34: branch_true: ...to here
libnbd-1.23.3/examples/threaded-reads-and-writes.c:260:10: branch_false: following ‘false’ branch (when ‘cookie != -1’)...
libnbd-1.23.3/examples/threaded-reads-and-writes.c:264:7: branch_false: ...to here
libnbd-1.23.3/examples/threaded-reads-and-writes.c:250:12: branch_false: following ‘false’ branch...
libnbd-1.23.3/examples/threaded-reads-and-writes.c:271:17: branch_false: ...to here
libnbd-1.23.3/examples/threaded-reads-and-writes.c:280:8: branch_false: following ‘false’ branch...
libnbd-1.23.3/examples/threaded-reads-and-writes.c:285:8: branch_false: ...to here
libnbd-1.23.3/examples/threaded-reads-and-writes.c:293:17: branch_true: following ‘true’ branch (when ‘j < in_flight’)...
libnbd-1.23.3/examples/threaded-reads-and-writes.c:294:43: branch_true: ...to here
libnbd-1.23.3/examples/threaded-reads-and-writes.c:295:10: branch_false: following ‘false’ branch...
libnbd-1.23.3/examples/threaded-reads-and-writes.c:299:10: branch_false: ...to here
libnbd-1.23.3/examples/threaded-reads-and-writes.c:299:10: branch_true: following ‘true’ branch...
libnbd-1.23.3/examples/threaded-reads-and-writes.c:301:41: branch_true: ...to here
libnbd-1.23.3/examples/threaded-reads-and-writes.c:300:9: danger: use of uninitialized value ‘&cookies[<unknown>]’ here
#  298|         }
#  299|         if (r) {
#  300|->         memmove (&cookies[j], &cookies[j+1],
#  301|                    sizeof (cookies[0]) * (in_flight - j - 1));
#  302|           j--;

Error: CPPCHECK_WARNING (CWE-768): [#def18]
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:225: error[unknownEvaluationOrder]: Expression 'nbd,prbuf,sizeof(prbuf),8192,(struct nbd_chunk_callback){.callback=chunk_callback,},(struct nbd_completion_callback){.callback=NULL}' depends on order of evaluation of side effects
#  223|                               (nbd_chunk_callback) {
#  224|                                 .callback = chunk_callback,
#  225|->                             },
#  226|                               NBD_NULL_COMPLETION,
#  227|                               0);

Error: CPPCHECK_WARNING (CWE-768): [#def19]
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:233: error[unknownEvaluationOrder]: Expression 'nbd,length,0,(struct nbd_extent_callback){.callback=extent_callback,},(struct nbd_completion_callback){.callback=NULL}' depends on order of evaluation of side effects
#  231|                           (nbd_extent_callback) {
#  232|                             .callback = extent_callback,
#  233|->                         },
#  234|                           NBD_NULL_COMPLETION,
#  235|                           0);

Error: CPPCHECK_WARNING (CWE-768): [#def20]
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:239: error[unknownEvaluationOrder]: Expression 'nbd,length,0,(struct nbd_extent64_callback){.callback=extent64_callback,},(struct nbd_completion_callback){.callback=NULL}' depends on order of evaluation of side effects
#  237|                              (nbd_extent64_callback) {
#  238|                                .callback = extent64_callback,
#  239|->                            },
#  240|                              NBD_NULL_COMPLETION,
#  241|                              0);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def21]
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:446:1: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘wfd[1]’
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:339:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:344:7: branch_false: ...to here
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:344:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:350:9: branch_false: ...to here
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:351:6: branch_false: following ‘false’ branch (when ‘pid != -1’)...
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:356:6: branch_false: ...to here
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:356:6: branch_false: following ‘false’ branch (when ‘pid != 0’)...
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:391:3: branch_false: ...to here
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:394:10: branch_false: following ‘false’ branch (when ‘parent_dead == 0’)...
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:395:5: branch_false: ...to here
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:404:10: branch_true: following ‘true’ branch...
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:404:10: branch_true: ...to here
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:442:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:446:1: branch_false: ...to here
libnbd-1.23.3/fuzzing/libnbd-fuzz-wrapper.c:446:1: danger: ‘wfd[1]’ leaks here
#  444|       _exit (EXIT_FAILURE);
#  445|     }
#  446|-> }
#  447|   
#  448|   static void

Error: GCC_ANALYZER_WARNING (CWE-401): [#def22]
libnbd-1.23.3/info/list.c:48:6: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(desc)’
libnbd-1.23.3/info/list.c:47:12: acquire_memory: allocated here
libnbd-1.23.3/info/list.c:48:6: danger: ‘strdup(desc)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   46|     e.name = strdup (name);
#   47|     e.desc = strdup (desc);
#   48|->   if (e.name == NULL || e.desc == NULL ||
#   49|         exports_append (&export_list, e) == -1) {
#   50|       perror ("malloc");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def23]
libnbd-1.23.3/info/list.c:48:7: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(name)’
libnbd-1.23.3/info/list.c:46:12: acquire_memory: allocated here
libnbd-1.23.3/info/list.c:48:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/info/list.c:48:7: branch_false: ...to here
libnbd-1.23.3/info/list.c:48:7: danger: ‘strdup(name)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   46|     e.name = strdup (name);
#   47|     e.desc = strdup (desc);
#   48|->   if (e.name == NULL || e.desc == NULL ||
#   49|         exports_append (&export_list, e) == -1) {
#   50|       perror ("malloc");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def24]
libnbd-1.23.3/info/list.c:49:7: warning[-Wanalyzer-malloc-leak]: leak of ‘elem.desc’
libnbd-1.23.3/info/list.c:42:1: enter_function: entry to ‘collect_export’
libnbd-1.23.3/info/list.c:47:12: acquire_memory: allocated here
libnbd-1.23.3/info/list.c:48:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/info/list.c:48:7: branch_false: ...to here
libnbd-1.23.3/info/list.c:48:7: branch_false: following ‘false’ branch...
libnbd-1.23.3/info/list.c:49:7: call_function: inlined call to ‘exports_append’ from ‘collect_export’
libnbd-1.23.3/info/list.c:49:7: call_function: inlined call to ‘exports_append’ from ‘collect_export’
libnbd-1.23.3/info/list.c:49:7: danger: ‘elem.desc’ leaks here; was allocated at [(2)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/1)
#   47|     e.desc = strdup (desc);
#   48|     if (e.name == NULL || e.desc == NULL ||
#   49|->       exports_append (&export_list, e) == -1) {
#   50|       perror ("malloc");
#   51|       exit (EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
libnbd-1.23.3/info/list.c:49:7: warning[-Wanalyzer-malloc-leak]: leak of ‘elem.name’
libnbd-1.23.3/info/list.c:42:1: enter_function: entry to ‘collect_export’
libnbd-1.23.3/info/list.c:46:12: acquire_memory: allocated here
libnbd-1.23.3/info/list.c:48:6: branch_false: following ‘false’ branch...
libnbd-1.23.3/info/list.c:49:7: call_function: inlined call to ‘exports_append’ from ‘collect_export’
libnbd-1.23.3/info/list.c:49:7: danger: ‘elem.name’ leaks here; was allocated at [(2)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/1)
#   47|     e.desc = strdup (desc);
#   48|     if (e.name == NULL || e.desc == NULL ||
#   49|->       exports_append (&export_list, e) == -1) {
#   50|       perror ("malloc");
#   51|       exit (EXIT_FAILURE);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def26]
libnbd-1.23.3/lib/crypto.c:154:9: warning[-Wanalyzer-malloc-leak]: leak of 'nbd_unlocked_get_tls_username(h)'
libnbd-1.23.3/lib/crypto.c:389:1: enter_function: entry to 'set_up_psk_credentials'
libnbd-1.23.3/lib/crypto.c:398:6: branch_false: following 'false' branch...
libnbd-1.23.3/lib/crypto.c:403:14: branch_false: ...to here
libnbd-1.23.3/lib/crypto.c:403:14: acquire_memory: allocated here
libnbd-1.23.3/lib/crypto.c:403:14: call_function: calling 'nbd_unlocked_get_tls_username' from 'set_up_psk_credentials'
#  152|       }
#  153|   
#  154|->     if (getlogin_r (str.ptr, str.cap) == 0) {
#  155|         return str.ptr;
#  156|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
libnbd-1.23.3/lib/errors.c:94:35: warning[-Wanalyzer-malloc-leak]: leak of 'allocate_last_error_on_demand()'
libnbd-1.23.3/lib/errors.c:115:1: enter_function: entry to 'nbd_internal_set_error_context'
libnbd-1.23.3/lib/errors.c:117:35: call_function: calling 'allocate_last_error_on_demand' from 'nbd_internal_set_error_context'
libnbd-1.23.3/lib/errors.c:117:35: return_function: returning to 'nbd_internal_set_error_context' from 'allocate_last_error_on_demand'
libnbd-1.23.3/lib/errors.c:119:6: branch_false: following 'false' branch...
libnbd-1.23.3/lib/errors.c:121:3: branch_false: ...to here
libnbd-1.23.3/lib/errors.c:94:35: danger: 'allocate_last_error_on_demand()' leaks here; was allocated at [(8)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/7)
#   92|   allocate_last_error_on_demand (void)
#   93|   {
#   94|->   struct last_error *last_error = pthread_getspecific (errors_key);
#   95|   
#   96|     if (!last_error) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def28]
libnbd-1.23.3/lib/generator/states-connect-socket-activation.c:226:3: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'nbd_internal_socket(1, 1, 0, 0)'
libnbd-1.23.3/lib/lib/states.c:1780:1: enter_function: entry to 'nbd_internal_enter_STATE_CONNECT_SA_START'
libnbd-1.23.3/lib/lib/states.c:1788:7: call_function: calling 'enter_STATE_CONNECT_SA_START' from 'nbd_internal_enter_STATE_CONNECT_SA_START'

Error: GCC_ANALYZER_WARNING (CWE-666): [#def29]
libnbd-1.23.3/lib/generator/states-connect-socket-activation.c:270:11: warning[-Wanalyzer-fd-phase-mismatch]: 'dup2' on file descriptor 'nbd_internal_socket(1, 1, 0, 0)' in wrong phase
libnbd-1.23.3/lib/lib/states.c:1780:1: enter_function: entry to 'nbd_internal_enter_STATE_CONNECT_SA_START'
libnbd-1.23.3/lib/lib/states.c:1788:7: call_function: calling 'enter_STATE_CONNECT_SA_START' from 'nbd_internal_enter_STATE_CONNECT_SA_START'

Error: GCC_ANALYZER_WARNING (CWE-401): [#def30]
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:248:7: warning[-Wanalyzer-malloc-leak]: leak of 'strndup(&*h.sbuf.or.payload.context.str, (long unsigned int)__builtin_bswap32(*h.sbuf.or.option_reply.replylen) + 18446744073709551612)'
libnbd-1.23.3/lib/lib/states.c:3867:1: enter_function: entry to 'enter_STATE_NEWSTYLE_OPT_META_CONTEXT_CHECK_REPLY'
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:234:8: branch_false: following 'false' branch...
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:237:7: branch_false: ...to here
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:237:7: branch_true: following 'true' branch...
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:239:9: branch_true: ...to here
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:241:27: acquire_memory: allocated here
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:243:10: branch_false: following 'false' branch...
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:248:7: branch_false: ...to here
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:248:7: branch_false: following 'false' branch...
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:250:11: branch_false: ...to here
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:252:10: branch_false: following 'false' branch (when 'opt != 9')...
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:254:16: branch_false: ...to here
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:254:16: call_function: inlined call to 'meta_vector_append' from 'enter_STATE_NEWSTYLE_OPT_META_CONTEXT_CHECK_REPLY'
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:254:16: call_function: inlined call to 'meta_vector_append' from 'enter_STATE_NEWSTYLE_OPT_META_CONTEXT_CHECK_REPLY'
libnbd-1.23.3/lib/generator/states-newstyle-opt-meta-context.c:248:7: danger: 'strndup(&*h.sbuf.or.payload.context.str, (long unsigned int)__builtin_bswap32(*h.sbuf.or.option_reply.replylen) + 18446744073709551612)' leaks here; was allocated at [(8)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/7)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def31]
libnbd-1.23.3/lib/uri.c:64:1: warning[-Wanalyzer-malloc-leak]: leak of 'q.value'
libnbd-1.23.3/lib/uri.c:70:1: enter_function: entry to 'parse_uri_queries'
libnbd-1.23.3/lib/uri.c:77:6: branch_false: following 'false' branch...
libnbd-1.23.3/lib/uri.c:80:10: branch_true: following 'true' branch...
libnbd-1.23.3/lib/uri.c:84:11: branch_true: ...to here
libnbd-1.23.3/lib/uri.c:85:8: branch_false: following 'false' branch (when 'end' is non-NULL)...
libnbd-1.23.3/lib/uri.c:91:10: branch_false: ...to here
libnbd-1.23.3/lib/uri.c:92:8: branch_false: following 'false' branch...
libnbd-1.23.3/lib/uri.c:94:8: branch_false: ...to here
libnbd-1.23.3/lib/uri.c:97:15: branch_true: following 'true' branch (when 'eq' is NULL)...
libnbd-1.23.3/lib/uri.c:101:45: branch_true: ...to here
libnbd-1.23.3/lib/uri.c:102:10: branch_false: following 'false' branch...
libnbd-1.23.3/lib/uri.c:125:8: branch_false: ...to here
libnbd-1.23.3/lib/uri.c:125:8: branch_true: following 'true' branch (when '<unknown>' is NULL)...
libnbd-1.23.3/lib/uri.c:126:17: branch_true: ...to here
libnbd-1.23.3/lib/uri.c:126:17: acquire_memory: allocated here
libnbd-1.23.3/lib/uri.c:127:10: branch_false: following 'false' branch...
libnbd-1.23.3/lib/uri.c:134:9: call_function: inlined call to 'uri_query_list_append' from 'parse_uri_queries'
libnbd-1.23.3/lib/uri.c:134:9: call_function: inlined call to 'uri_query_list_append' from 'parse_uri_queries'
libnbd-1.23.3/lib/uri.c:134:8: branch_false: following 'false' branch...
libnbd-1.23.3/lib/uri.c:140:3: branch_false: ...to here
libnbd-1.23.3/lib/uri.c:80:10: branch_true: following 'true' branch...
libnbd-1.23.3/lib/uri.c:84:11: branch_true: ...to here
libnbd-1.23.3/lib/uri.c:92:8: branch_false: following 'false' branch...
libnbd-1.23.3/lib/uri.c:94:8: branch_false: ...to here
libnbd-1.23.3/lib/uri.c:97:15: branch_true: following 'true' branch (when 'eq' is NULL)...
libnbd-1.23.3/lib/uri.c:101:45: branch_true: ...to here
libnbd-1.23.3/lib/uri.c:152:3: call_function: inlined call to 'uri_query_list_reset' from 'parse_uri_queries'
#   62|   };
#   63|   
#   64|-> DEFINE_VECTOR_TYPE (uri_query_list, struct uri_query);
#   65|   
#   66|   /* Parse the query_raw substring of a URI into a list of decoded queries.

Error: GCC_ANALYZER_WARNING (CWE-401): [#def32]
libnbd-1.23.3/lib/uri.c:80:10: warning[-Wanalyzer-malloc-leak]: leak of 'q.value'
libnbd-1.23.3/lib/uri.c:70:1: enter_function: entry to 'parse_uri_queries'
libnbd-1.23.3/lib/uri.c:77:6: branch_false: following 'false' branch...
libnbd-1.23.3/lib/uri.c:80:10: branch_true: following 'true' branch...
libnbd-1.23.3/lib/uri.c:84:11: branch_true: ...to here
libnbd-1.23.3/lib/uri.c:85:8: branch_false: following 'false' branch (when 'end' is non-NULL)...
libnbd-1.23.3/lib/uri.c:91:10: branch_false: ...to here
libnbd-1.23.3/lib/uri.c:92:8: branch_false: following 'false' branch...
libnbd-1.23.3/lib/uri.c:94:8: branch_false: ...to here
libnbd-1.23.3/lib/uri.c:97:15: branch_true: following 'true' branch (when 'eq' is NULL)...
libnbd-1.23.3/lib/uri.c:101:45: branch_true: ...to here
libnbd-1.23.3/lib/uri.c:102:10: branch_false: following 'false' branch...
libnbd-1.23.3/lib/uri.c:125:8: branch_false: ...to here
libnbd-1.23.3/lib/uri.c:125:8: branch_true: following 'true' branch (when '<unknown>' is NULL)...
libnbd-1.23.3/lib/uri.c:126:17: branch_true: ...to here
libnbd-1.23.3/lib/uri.c:126:17: acquire_memory: allocated here
libnbd-1.23.3/lib/uri.c:127:10: branch_false: following 'false' branch...
libnbd-1.23.3/lib/uri.c:134:9: call_function: inlined call to 'uri_query_list_append' from 'parse_uri_queries'
libnbd-1.23.3/lib/uri.c:134:9: call_function: inlined call to 'uri_query_list_append' from 'parse_uri_queries'
libnbd-1.23.3/lib/uri.c:134:8: branch_false: following 'false' branch...
libnbd-1.23.3/lib/uri.c:140:3: branch_false: ...to here
libnbd-1.23.3/lib/uri.c:80:10: danger: 'q.value' leaks here; was allocated at [(18)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/17)
#   78|       return 0;
#   79|   
#   80|->   while (*query) {
#   81|       struct uri_query q = {0};
#   82|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def33]
libnbd-1.23.3/lib/utils.c:530:12: warning[-Wanalyzer-malloc-leak]: leak of 'get_path()'
libnbd-1.23.3/lib/utils.c:682:1: enter_function: entry to 'nbd_internal_execvpe_init'
libnbd-1.23.3/lib/utils.c:695:6: branch_false: following 'false' branch...
libnbd-1.23.3/lib/utils.c:702:3: branch_false: ...to here
libnbd-1.23.3/lib/utils.c:704:6: branch_true: following 'true' branch...
libnbd-1.23.3/lib/utils.c:709:16: branch_true: ...to here
libnbd-1.23.3/lib/utils.c:709:16: acquire_memory: allocated here
libnbd-1.23.3/lib/utils.c:709:16: call_function: calling 'get_path' from 'nbd_internal_execvpe_init'
#  528|     path = getenv ("PATH");
#  529|     if ((env_path_found = (path != NULL)))
#  530|->     path = strdup (path);
#  531|     /* This is where we'd unlock the environment. */
#  532|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def34]
libnbd-1.23.3/lib/utils.c:551:6: warning[-Wanalyzer-malloc-leak]: leak of 'get_path()'
libnbd-1.23.3/lib/utils.c:682:1: enter_function: entry to 'nbd_internal_execvpe_init'
libnbd-1.23.3/lib/utils.c:695:6: branch_false: following 'false' branch...
libnbd-1.23.3/lib/utils.c:702:3: branch_false: ...to here
libnbd-1.23.3/lib/utils.c:704:6: branch_true: following 'true' branch...
libnbd-1.23.3/lib/utils.c:709:16: branch_true: ...to here
libnbd-1.23.3/lib/utils.c:709:16: acquire_memory: allocated here
libnbd-1.23.3/lib/utils.c:709:16: call_function: calling 'get_path' from 'nbd_internal_execvpe_init'
#  549|   
#  550|     path = malloc (path_size);
#  551|->   if (path == NULL)
#  552|       return NULL;
#  553|   

Error: CPPCHECK_WARNING (CWE-758): [#def35]
libnbd-1.23.3/ocaml/nbd-c.c:529: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  527|     rv = Val_emptylist;
#  528|     for (i = 31; i >= 0; i--) {
#  529|->     if (flags & (1 << i)) {
#  530|         switch (1 << i) {
#  531|         case LIBNBD_HANDSHAKE_FLAG_FIXED_NEWSTYLE: v = Val_int (0); break;

Error: CPPCHECK_WARNING (CWE-758): [#def36]
libnbd-1.23.3/ocaml/nbd-c.c:600: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  598|     rv = Val_emptylist;
#  599|     for (i = 31; i >= 0; i--) {
#  600|->     if (flags & (1 << i)) {
#  601|         switch (1 << i) {
#  602|         case LIBNBD_STRICT_COMMANDS: v = Val_int (0); break;

Error: CPPCHECK_WARNING (CWE-457): [#def37]
libnbd-1.23.3/ocaml/nbd-c.c:3512: error[uninitvar]: Uninitialized variable: addr
# 3510|   
# 3511|     caml_enter_blocking_section ();
# 3512|->   r =  nbd_aio_connect (h, addr, addrlen);
# 3513|     caml_leave_blocking_section ();
# 3514|
Scan Properties

analyzer-version-clippy	1.86.0
analyzer-version-cppcheck	2.17.1
analyzer-version-gcc	15.0.1
analyzer-version-gcc-analyzer	15.0.1
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-234.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	libnbd-1.23.3-1.fc43
store-results-to	/tmp/tmpffbn2pji/libnbd-1.23.3-1.fc43.tar.xz
time-created	2025-04-25 14:03:21
time-finished	2025-04-25 14:05:41
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpffbn2pji/libnbd-1.23.3-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpffbn2pji/libnbd-1.23.3-1.fc43.src.rpm'
tool-version	csmock-3.8.1.20250422.172604.g26bc3d6-1.el9