Fixed findings

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-688): [#def1]
libvirt-11.0.0/redhat-linux-build/../tests/commandhelper.c:73:5: warning[-Wanalyzer-null-argument]: use of NULL ‘fopen("/builddir/build/BUILD/libvirt-11.0.0/redhat-linux-build/tests/commandhelper.log", "w")’ where non-null expected
libvirt-11.0.0/redhat-linux-build/../tests/commandhelper.c:350:17: acquire_memory: allocated here
libvirt-11.0.0/redhat-linux-build/../tests/commandhelper.c:350:8: release_memory: assuming ‘fopen("/builddir/build/BUILD/libvirt-11.0.0/redhat-linux-build/tests/commandhelper.log", "w")’ is NULL
libvirt-11.0.0/redhat-linux-build/../tests/commandhelper.c:350:8: branch_true: following ‘true’ branch...
 branch_true: ...to here
libvirt-11.0.0/redhat-linux-build/../tests/commandhelper.c:348:34: call_function: inlined call to ‘cleanupFile’ from ‘main’
#   71|   {
#   72|       FILE *file = *ptr;
#   73|->     fclose(file);
#   74|   }
#   75|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def2]
libvirt-11.0.0/redhat-linux-build/../tests/commandhelper.c:350:17: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/builddir/build/BUILD/libvirt-11.0.0/redhat-linux-build/tests/commandhelper.log", "w")’
libvirt-11.0.0/redhat-linux-build/../tests/commandhelper.c:350:17: acquire_resource: opened here
libvirt-11.0.0/redhat-linux-build/../tests/commandhelper.c:350:17: danger: ‘fopen("/builddir/build/BUILD/libvirt-11.0.0/redhat-linux-build/tests/commandhelper.log", "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  348|       cleanup(FILE *, cleanupFile) log = NULL;
#  349|   
#  350|->     if (!(log = fopen(abs_builddir "/commandhelper.log", "w")))
#  351|           return EXIT_FAILURE;
#  352|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
libvirt-11.0.0/redhat-linux-build/../tests/commandhelper.c:350:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/builddir/build/BUILD/libvirt-11.0.0/redhat-linux-build/tests/commandhelper.log", "w")’
libvirt-11.0.0/redhat-linux-build/../tests/commandhelper.c:350:17: acquire_memory: allocated here
libvirt-11.0.0/redhat-linux-build/../tests/commandhelper.c:350:17: danger: ‘fopen("/builddir/build/BUILD/libvirt-11.0.0/redhat-linux-build/tests/commandhelper.log", "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  348|       cleanup(FILE *, cleanupFile) log = NULL;
#  349|   
#  350|->     if (!(log = fopen(abs_builddir "/commandhelper.log", "w")))
#  351|           return EXIT_FAILURE;
#  352|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def4]
libvirt-11.0.0/redhat-linux-build/../tests/securityselinuxlabeltest.c:107:16: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(g_strdup_printf("%s/securityselinuxlabeldata/%s.txt", "/builddir/build/BUILD/libvirt-11.0.0/tests", testname), "r")’
libvirt-11.0.0/redhat-linux-build/../tests/securityselinuxlabeltest.c:107:16: acquire_resource: opened here
libvirt-11.0.0/redhat-linux-build/../tests/securityselinuxlabeltest.c:107:16: danger: ‘fopen(g_strdup_printf("%s/securityselinuxlabeldata/%s.txt", "/builddir/build/BUILD/libvirt-11.0.0/tests", testname), "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  105|                              testname);
#  106|   
#  107|->     if (!(fp = fopen(path, "r")))
#  108|           return -1;
#  109|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
libvirt-11.0.0/redhat-linux-build/../tests/securityselinuxlabeltest.c:107:16: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(g_strdup_printf("%s/securityselinuxlabeldata/%s.txt", "/builddir/build/BUILD/libvirt-11.0.0/tests", testname), "r")’
libvirt-11.0.0/redhat-linux-build/../tests/securityselinuxlabeltest.c:107:16: acquire_memory: allocated here
libvirt-11.0.0/redhat-linux-build/../tests/securityselinuxlabeltest.c:107:16: danger: ‘fopen(g_strdup_printf("%s/securityselinuxlabeldata/%s.txt", "/builddir/build/BUILD/libvirt-11.0.0/tests", testname), "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  105|                              testname);
#  106|   
#  107|->     if (!(fp = fopen(path, "r")))
#  108|           return -1;
#  109|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def6]
libvirt-11.0.0/redhat-linux-build/../tests/virhostcputest.c:193:15: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(g_strdup_printf("%s/virhostcpudata/linux-%s-%s.cpuinfo", "/builddir/build/BUILD/libvirt-11.0.0/tests", virArchToString(*(const struct linuxTestHostCPUData *)opaque.arch), *(const struct linuxTestHostCPUData *)opaque.testName), "r")’
libvirt-11.0.0/redhat-linux-build/../tests/virhostcputest.c:193:15: acquire_resource: opened here
libvirt-11.0.0/redhat-linux-build/../tests/virhostcputest.c:193:15: danger: ‘fopen(g_strdup_printf("%s/virhostcpudata/linux-%s-%s.cpuinfo", "/builddir/build/BUILD/libvirt-11.0.0/tests", virArchToString(*(const struct linuxTestHostCPUData *)opaque.arch), *(const struct linuxTestHostCPUData *)opaque.testName), "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  191|                                  abs_srcdir, arch, data->testName);
#  192|   
#  193|->     if (!(f = fopen(cpuinfo, "r"))) {
#  194|           virReportSystemError(errno,
#  195|                                "Failed to open cpuinfo file '%s'", cpuinfo);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
libvirt-11.0.0/redhat-linux-build/../tests/virhostcputest.c:193:15: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(g_strdup_printf("%s/virhostcpudata/linux-%s-%s.cpuinfo", "/builddir/build/BUILD/libvirt-11.0.0/tests", virArchToString(*(const struct linuxTestHostCPUData *)opaque.arch), *(const struct linuxTestHostCPUData *)opaque.testName), "r")’
libvirt-11.0.0/redhat-linux-build/../tests/virhostcputest.c:193:15: acquire_memory: allocated here
libvirt-11.0.0/redhat-linux-build/../tests/virhostcputest.c:193:15: danger: ‘fopen(g_strdup_printf("%s/virhostcpudata/linux-%s-%s.cpuinfo", "/builddir/build/BUILD/libvirt-11.0.0/tests", virArchToString(*(const struct linuxTestHostCPUData *)opaque.arch), *(const struct linuxTestHostCPUData *)opaque.testName), "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  191|                                  abs_srcdir, arch, data->testName);
#  192|   
#  193|->     if (!(f = fopen(cpuinfo, "r"))) {
#  194|           virReportSystemError(errno,
#  195|                                "Failed to open cpuinfo file '%s'", cpuinfo);

Error: COMPILER_WARNING: [#def8]
libvirt-11.0.0/src/util/virsystemd.c: scope_hint: In function ‘virSystemdEscapeName’
libvirt-11.0.0/src/util/virsystemd.c:59:38: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (17 chars into 16 available)
#   59 |     static const char hextable[16] = "0123456789abcdef";
#      |                                      ^~~~~~~~~~~~~~~~~~
#   57|                                    const char *name)
#   58|   {
#   59|->     static const char hextable[16] = "0123456789abcdef";
#   60|   
#   61|   #define ESCAPE(c) \

Scan Properties

analyzer-version-clippy	1.86.0
analyzer-version-cppcheck	2.17.1
analyzer-version-gcc	15.0.1
analyzer-version-gcc-analyzer	15.0.1
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
diffbase-analyzer-version-clippy	1.86.0
diffbase-analyzer-version-cppcheck	2.17.1
diffbase-analyzer-version-gcc	15.0.1
diffbase-analyzer-version-gcc-analyzer	15.0.1
diffbase-analyzer-version-shellcheck	0.10.0
diffbase-analyzer-version-unicontrol	0.0.2
diffbase-enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code	0
diffbase-host	ip-172-16-1-250.us-west-2.compute.internal
diffbase-known-false-positives	/usr/share/csmock/known-false-positives.js
diffbase-known-false-positives-rpm	known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch
diffbase-mock-config	fedora-rawhide-x86_64
diffbase-project-name	libvirt-11.2.0-1.fc43
diffbase-store-results-to	/tmp/tmp1qxhibt3/libvirt-11.2.0-1.fc43.tar.xz
diffbase-time-created	2025-04-25 14:33:49
diffbase-time-finished	2025-04-25 14:45:40
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmp1qxhibt3/libvirt-11.2.0-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp1qxhibt3/libvirt-11.2.0-1.fc43.src.rpm'
diffbase-tool-version	csmock-3.8.1.20250422.172604.g26bc3d6-1.el9
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-250.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	libvirt-11.0.0-1.fc42
store-results-to	/tmp/tmpsqhpbjye/libvirt-11.0.0-1.fc42.tar.xz
time-created	2025-04-25 14:21:06
time-finished	2025-04-25 14:33:23
title	Fixed findings
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpsqhpbjye/libvirt-11.0.0-1.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpsqhpbjye/libvirt-11.0.0-1.fc42.src.rpm'
tool-version	csmock-3.8.1.20250422.172604.g26bc3d6-1.el9