Error: COMPILER_WARNING: [#def1] mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c: scope_hint: In function ‘exercise_cipher_key’ mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:187:36: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (33 chars into 32 available) # 187 | unsigned char ciphertext[32] = "(wabblewebblewibblewobblewubble)"; # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 185| psa_key_type_t key_type; # 186| const unsigned char plaintext[16] = "Hello, world..."; # 187|-> unsigned char ciphertext[32] = "(wabblewebblewibblewobblewubble)"; # 188| size_t ciphertext_length = sizeof(ciphertext); # 189| unsigned char decrypted[sizeof(ciphertext)]; Error: GCC_ANALYZER_WARNING (CWE-476): [#def2] mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1068:13: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘exported’ mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1104:12: enter_function: entry to ‘exercise_export_key’ mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1115:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1120:5: branch_false: ...to here mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1120:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1122:21: call_function: inlined call to ‘psa_get_key_type’ from ‘exercise_export_key’ mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1125:5: branch_false: following ‘false’ branch (when ‘exported_size == 0’)... mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1127:14: branch_false: ...to here mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1128:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1132:16: branch_false: ...to here mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1138:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1139:10: branch_false: ...to here mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1139:10: call_function: calling ‘mbedtls_test_psa_exported_key_sanity_check’ from ‘exercise_export_key’ # 1066| */ # 1067| TEST_EQUAL(1 + 2 * PSA_BITS_TO_BYTES(bits), exported_length); # 1068|-> TEST_EQUAL(exported[0], 4); # 1069| } # 1070| } else Error: GCC_ANALYZER_WARNING (CWE-476): [#def3] mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1089:21: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1154:12: enter_function: entry to ‘exercise_export_public_key’ mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1165:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1170:5: branch_false: ...to here mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1170:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1171:10: call_function: inlined call to ‘psa_get_key_type’ from ‘exercise_export_public_key’ mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1171:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1189:5: branch_false: ...to here mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1191:21: branch_false: following ‘false’ branch... mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1197:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1202:5: branch_false: ...to here mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1202:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1203:10: branch_false: ...to here mbedtls-3.6.3/framework/tests/src/psa_exercise_key.c:1203:10: call_function: calling ‘mbedtls_test_psa_exported_key_sanity_check’ from ‘exercise_export_public_key’ # 1087| unsigned m; # 1088| for (m = 1; m <= 0x100; m <<= 1) { # 1089|-> if (exported[i] & m) { # 1090| ++bit_count; # 1091| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def4] mbedtls-3.6.3/library/alignment.h:203:5: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘buf’ mbedtls-3.6.3/library/ssl_tls.c:5094:5: enter_function: entry to ‘mbedtls_ssl_context_save’ mbedtls-3.6.3/library/ssl_tls.c:5113:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5117:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5117:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5122:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5122:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5127:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5131:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5131:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5136:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5136:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5141:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5141:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5146:41: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5152:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5163:8: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5172:11: call_function: calling ‘ssl_session_save’ from ‘mbedtls_ssl_context_save’ # 201| p32->x = x; # 202| #else # 203|-> memcpy(p, &x, sizeof(x)); # 204| #endif # 205| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def5] mbedtls-3.6.3/library/alignment.h:255:5: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘p’ mbedtls-3.6.3/library/ssl_tls.c:5094:5: enter_function: entry to ‘mbedtls_ssl_context_save’ mbedtls-3.6.3/library/ssl_tls.c:5113:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5117:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5117:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5122:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5122:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5127:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5131:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5131:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5136:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5136:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5141:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5141:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5146:41: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5152:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5163:8: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5172:11: call_function: calling ‘ssl_session_save’ from ‘mbedtls_ssl_context_save’ # 253| p64->x = x; # 254| #else # 255|-> memcpy(p, &x, sizeof(x)); # 256| #endif # 257| } Error: CPPCHECK_WARNING (CWE-758): [#def6] mbedtls-3.6.3/library/bignum.c:1317: error[shiftTooManyBits]: Shifting 32-bit value by 64 bits is undefined behaviour # 1315| # 1316| #if defined(MBEDTLS_HAVE_UDBL) # 1317|-> dividend = (mbedtls_t_udbl) u1 << biL; # 1318| dividend |= (mbedtls_t_udbl) u0; # 1319| quotient = dividend / d; Error: CPPCHECK_WARNING (CWE-758): [#def7] mbedtls-3.6.3/library/bignum.c:1320: error[shiftTooManyBits]: Shifting 32-bit value by 64 bits is undefined behaviour # 1318| dividend |= (mbedtls_t_udbl) u0; # 1319| quotient = dividend / d; # 1320|-> if (quotient > ((mbedtls_t_udbl) 1 << biL) - 1) { # 1321| quotient = ((mbedtls_t_udbl) 1 << biL) - 1; # 1322| } Error: CPPCHECK_WARNING (CWE-758): [#def8] mbedtls-3.6.3/library/bignum.c:1321: error[shiftTooManyBits]: Shifting 32-bit value by 64 bits is undefined behaviour # 1319| quotient = dividend / d; # 1320| if (quotient > ((mbedtls_t_udbl) 1 << biL) - 1) { # 1321|-> quotient = ((mbedtls_t_udbl) 1 << biL) - 1; # 1322| } # 1323| Error: GCC_ANALYZER_WARNING (CWE-126): [#def9] mbedtls-3.6.3/library/bignum_core.c:479:9: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read mbedtls-3.6.3/library/bignum_core.c:1010:6: enter_function: entry to ‘mbedtls_mpi_core_from_mont_rep’ mbedtls-3.6.3/library/bignum_core.c:1019:5: call_function: calling ‘mbedtls_mpi_core_montmul’ from ‘mbedtls_mpi_core_from_mont_rep’ # 477| # 478| while (steps_x8--) { # 479|-> MULADDC_X8_INIT # 480| MULADDC_X8_CORE # 481| MULADDC_X8_STOP Error: GCC_ANALYZER_WARNING (CWE-126): [#def10] mbedtls-3.6.3/library/bignum_core.c:485:9: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read mbedtls-3.6.3/library/bignum_core.c:1010:6: enter_function: entry to ‘mbedtls_mpi_core_from_mont_rep’ mbedtls-3.6.3/library/bignum_core.c:1019:5: call_function: calling ‘mbedtls_mpi_core_montmul’ from ‘mbedtls_mpi_core_from_mont_rep’ # 483| # 484| while (steps_x1--) { # 485|-> MULADDC_X1_INIT # 486| MULADDC_X1_CORE # 487| MULADDC_X1_STOP Error: GCC_ANALYZER_WARNING (CWE-121): [#def11] mbedtls-3.6.3/library/ecp_curves.c:5290:9: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow mbedtls-3.6.3/library/ecp_curves.c:5255:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ecp_curves.c:5260:5: branch_false: ...to here mbedtls-3.6.3/library/ecp_curves.c:5262:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ecp_curves.c:5266:5: branch_false: ...to here mbedtls-3.6.3/library/ecp_curves.c:5276:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ecp_curves.c:5279:5: branch_false: ...to here mbedtls-3.6.3/library/ecp_curves.c:5282:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ecp_curves.c:5283:5: branch_false: ...to here mbedtls-3.6.3/library/ecp_curves.c:5283:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ecp_curves.c:5287:9: branch_false: ...to here mbedtls-3.6.3/library/ecp_curves.c:5289:30: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/ecp_curves.c:5290:9: branch_true: ...to here mbedtls-3.6.3/library/ecp_curves.c:5289:30: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/ecp_curves.c:5290:9: branch_true: ...to here mbedtls-3.6.3/library/ecp_curves.c:5289:30: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/ecp_curves.c:5290:9: branch_true: ...to here mbedtls-3.6.3/library/ecp_curves.c:5289:30: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/ecp_curves.c:5290:9: branch_true: ...to here mbedtls-3.6.3/library/ecp_curves.c:5289:30: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/ecp_curves.c:5290:9: branch_true: ...to here mbedtls-3.6.3/library/ecp_curves.c:5290:9: danger: out-of-bounds write from byte 64 till byte 71 but ‘Mp’ ends at byte 64 # 5288| } # 5289| for (i = P224_WIDTH_MAX; i < M.n; ++i) { # 5290|-> Mp[i] = 0; # 5291| } # 5292| MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&M, &M, &Q)); Error: GCC_ANALYZER_WARNING (CWE-775): [#def12] mbedtls-3.6.3/library/net_sockets.c:188:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘socket(*cur.ai_family, *cur.ai_socktype, *cur.ai_protocol)’ mbedtls-3.6.3/library/net_sockets.c:174:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:180:10: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:180:27: branch_true: following ‘true’ branch (when ‘cur’ is non-NULL)... mbedtls-3.6.3/library/net_sockets.c:181:19: branch_true: ...to here mbedtls-3.6.3/library/net_sockets.c:181:19: acquire_resource: socket created here mbedtls-3.6.3/library/net_sockets.c:183:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:188:13: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:188:12: danger: ‘socket(*cur.ai_family, *cur.ai_socktype, *cur.ai_protocol)’ leaks here # 186| } # 187| # 188|-> if (connect(ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen) == 0) { # 189| ret = 0; # 190| break; Error: GCC_ANALYZER_WARNING (CWE-775): [#def13] mbedtls-3.6.3/library/net_sockets.c:245:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*ctx.fd’ mbedtls-3.6.3/library/net_sockets.c:223:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:229:10: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:229:27: branch_true: following ‘true’ branch (when ‘cur’ is non-NULL)... mbedtls-3.6.3/library/net_sockets.c:230:19: branch_true: ...to here mbedtls-3.6.3/library/net_sockets.c:232:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:237:9: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:238:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:245:13: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:245:12: danger: ‘*ctx.fd’ leaks here # 243| } # 244| # 245|-> if (bind(ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen) != 0) { # 246| mbedtls_net_close(ctx); # 247| ret = MBEDTLS_ERR_NET_BIND_FAILED; Error: GCC_ANALYZER_WARNING (CWE-775): [#def14] mbedtls-3.6.3/library/net_sockets.c:253:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*ctx.fd’ mbedtls-3.6.3/library/net_sockets.c:223:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:229:10: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:229:27: branch_true: following ‘true’ branch (when ‘cur’ is non-NULL)... mbedtls-3.6.3/library/net_sockets.c:230:19: branch_true: ...to here mbedtls-3.6.3/library/net_sockets.c:232:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:237:9: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:238:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:245:13: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:245:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:252:12: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:252:12: branch_true: following ‘true’ branch (when ‘proto == 0’)... mbedtls-3.6.3/library/net_sockets.c:253:17: branch_true: ...to here mbedtls-3.6.3/library/net_sockets.c:253:16: danger: ‘*ctx.fd’ leaks here # 251| /* Listen only makes sense for TCP */ # 252| if (proto == MBEDTLS_NET_PROTO_TCP) { # 253|-> if (listen(ctx->fd, MBEDTLS_NET_LISTEN_BACKLOG) != 0) { # 254| mbedtls_net_close(ctx); # 255| ret = MBEDTLS_ERR_NET_LISTEN_FAILED; Error: GCC_ANALYZER_WARNING (CWE-775): [#def15] mbedtls-3.6.3/library/net_sockets.c:265:5: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*ctx.fd’ mbedtls-3.6.3/library/net_sockets.c:223:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:229:10: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:229:27: branch_true: following ‘true’ branch (when ‘cur’ is non-NULL)... mbedtls-3.6.3/library/net_sockets.c:230:19: branch_true: ...to here mbedtls-3.6.3/library/net_sockets.c:232:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:237:9: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:245:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:252:12: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:265:5: danger: ‘*ctx.fd’ leaks here # 263| } # 264| # 265|-> freeaddrinfo(addr_list); # 266| # 267| return ret; Error: GCC_ANALYZER_WARNING (CWE-775): [#def16] mbedtls-3.6.3/library/net_sockets.c:345:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor mbedtls-3.6.3/library/net_sockets.c:337:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:339:9: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:337:9: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:343:8: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:343:8: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/net_sockets.c:345:32: branch_true: ...to here mbedtls-3.6.3/library/net_sockets.c:345:15: danger: leaks here # 343| if (type == SOCK_STREAM) { # 344| /* TCP: actual accept() */ # 345|-> ret = client_ctx->fd = (int) accept(bind_ctx->fd, # 346| (struct sockaddr *) &client_addr, &n); # 347| } else { Error: GCC_ANALYZER_WARNING (CWE-775): [#def17] mbedtls-3.6.3/library/net_sockets.c:345:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*bind_ctx.fd’ mbedtls-3.6.3/library/net_sockets.c:337:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:339:9: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:337:9: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:343:8: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:343:8: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/net_sockets.c:345:32: branch_true: ...to here mbedtls-3.6.3/library/net_sockets.c:345:15: danger: ‘*bind_ctx.fd’ leaks here # 343| if (type == SOCK_STREAM) { # 344| /* TCP: actual accept() */ # 345|-> ret = client_ctx->fd = (int) accept(bind_ctx->fd, # 346| (struct sockaddr *) &client_addr, &n); # 347| } else { Error: GCC_ANALYZER_WARNING (CWE-775): [#def18] mbedtls-3.6.3/library/net_sockets.c:377:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*bind_ctx.fd’ mbedtls-3.6.3/library/net_sockets.c:337:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:339:9: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:337:9: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:343:8: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:343:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:349:14: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:363:8: branch_false: following ‘false’ branch (when ‘ret >= 0’)... mbedtls-3.6.3/library/net_sockets.c:373:9: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:373:8: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/net_sockets.c:375:13: branch_true: ...to here mbedtls-3.6.3/library/net_sockets.c:377:12: danger: ‘*bind_ctx.fd’ leaks here # 375| int one = 1; # 376| # 377|-> if (connect(bind_ctx->fd, (struct sockaddr *) &client_addr, n) != 0) { # 378| return MBEDTLS_ERR_NET_ACCEPT_FAILED; # 379| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def19] mbedtls-3.6.3/library/net_sockets.c:394:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*bind_ctx.fd’ mbedtls-3.6.3/library/net_sockets.c:337:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:339:9: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:337:9: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:343:8: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:343:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:349:14: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:363:8: branch_false: following ‘false’ branch (when ‘ret >= 0’)... mbedtls-3.6.3/library/net_sockets.c:373:9: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:373:8: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/net_sockets.c:375:13: branch_true: ...to here mbedtls-3.6.3/library/net_sockets.c:377:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:381:26: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:385:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:387:42: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:385:13: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:389:13: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:385:13: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:394:13: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:394:12: danger: ‘*bind_ctx.fd’ leaks here # 392| } # 393| # 394|-> if (bind(bind_ctx->fd, (struct sockaddr *) &local_addr, n) != 0) { # 395| return MBEDTLS_ERR_NET_BIND_FAILED; # 396| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def20] mbedtls-3.6.3/library/net_sockets.c:404:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor mbedtls-3.6.3/library/net_sockets.c:337:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:339:9: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:337:9: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:343:8: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:343:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:349:14: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:363:8: branch_false: following ‘false’ branch (when ‘ret >= 0’)... mbedtls-3.6.3/library/net_sockets.c:373:9: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:373:8: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/net_sockets.c:375:13: branch_true: ...to here mbedtls-3.6.3/library/net_sockets.c:377:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:381:26: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:385:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:387:42: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:385:13: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:389:13: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:385:13: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:394:13: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:394:12: branch_false: following ‘false’ branch... branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:399:8: branch_true: following ‘true’ branch (when ‘client_ip’ is non-NULL)... mbedtls-3.6.3/library/net_sockets.c:400:13: branch_true: ...to here mbedtls-3.6.3/library/net_sockets.c:400:12: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/net_sockets.c:402:13: branch_true: ...to here mbedtls-3.6.3/library/net_sockets.c:404:16: danger: leaks here # 402| *cip_len = sizeof(addr4->sin_addr.s_addr); # 403| # 404|-> if (buf_size < *cip_len) { # 405| return MBEDTLS_ERR_NET_BUFFER_TOO_SMALL; # 406| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def21] mbedtls-3.6.3/library/net_sockets.c:413:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor mbedtls-3.6.3/library/net_sockets.c:337:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:339:9: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:337:9: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:343:8: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:343:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:349:14: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:363:8: branch_false: following ‘false’ branch (when ‘ret >= 0’)... mbedtls-3.6.3/library/net_sockets.c:373:9: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:373:8: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/net_sockets.c:375:13: branch_true: ...to here mbedtls-3.6.3/library/net_sockets.c:377:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:381:26: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:385:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:387:42: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:385:13: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:389:13: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:385:13: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:394:13: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:394:12: branch_false: following ‘false’ branch... branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:399:8: branch_true: following ‘true’ branch (when ‘client_ip’ is non-NULL)... mbedtls-3.6.3/library/net_sockets.c:400:13: branch_true: ...to here mbedtls-3.6.3/library/net_sockets.c:400:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/net_sockets.c:411:13: branch_false: ...to here mbedtls-3.6.3/library/net_sockets.c:413:16: danger: leaks here # 411| *cip_len = sizeof(addr6->sin6_addr.s6_addr); # 412| # 413|-> if (buf_size < *cip_len) { # 414| return MBEDTLS_ERR_NET_BUFFER_TOO_SMALL; # 415| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def22] mbedtls-3.6.3/library/pk.c:1360:20: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ mbedtls-3.6.3/library/pk.c:1296:5: enter_function: entry to ‘mbedtls_pk_sign_ext’ mbedtls-3.6.3/library/pk.c:1304:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/pk.c:1308:10: branch_false: ...to here mbedtls-3.6.3/library/pk.c:1308:10: call_function: calling ‘mbedtls_pk_can_do’ from ‘mbedtls_pk_sign_ext’ mbedtls-3.6.3/library/pk.c:1308:10: return_function: returning to ‘mbedtls_pk_sign_ext’ from ‘mbedtls_pk_can_do’ mbedtls-3.6.3/library/pk.c:1308:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/pk.c:1312:8: branch_false: ...to here mbedtls-3.6.3/library/pk.c:1312:8: branch_false: following ‘false’ branch (when ‘pk_type == 6’)... mbedtls-3.6.3/library/pk.c:1347:20: call_function: inlined call to ‘mbedtls_pk_get_len’ from ‘mbedtls_pk_sign_ext’ mbedtls-3.6.3/library/pk.c:1347:20: call_function: inlined call to ‘mbedtls_pk_get_len’ from ‘mbedtls_pk_sign_ext’ mbedtls-3.6.3/library/pk.c:1347:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/pk.c:1351:9: branch_false: ...to here mbedtls-3.6.3/library/pk.c:1351:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/pk.c:1355:42: call_function: inlined call to ‘mbedtls_pk_rsa’ from ‘mbedtls_pk_sign_ext’ mbedtls-3.6.3/library/pk.c:1355:42: call_function: inlined call to ‘mbedtls_pk_rsa’ from ‘mbedtls_pk_sign_ext’ mbedtls-3.6.3/library/pk.c:1355:42: branch_false: ...to here mbedtls-3.6.3/library/pk.c:1359:8: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/pk.c:1360:20: branch_true: ...to here mbedtls-3.6.3/library/pk.c:1360:20: danger: dereference of NULL ‘<unknown>’ # 1358| (unsigned int) hash_len, hash, sig); # 1359| if (ret == 0) { # 1360|-> *sig_len = rsa_ctx->len; # 1361| } # 1362| return ret; Error: GCC_ANALYZER_WARNING (CWE-457): [#def23] mbedtls-3.6.3/library/pkparse.c:405:12: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘grp_id’ mbedtls-3.6.3/library/pkparse.c:1374:5: enter_function: entry to ‘mbedtls_pk_parse_public_keyfile’ mbedtls-3.6.3/library/pkparse.c:1380:16: call_function: calling ‘mbedtls_pk_load_file’ from ‘mbedtls_pk_parse_public_keyfile’ mbedtls-3.6.3/library/pkparse.c:1380:16: return_function: returning to ‘mbedtls_pk_parse_public_keyfile’ from ‘mbedtls_pk_load_file’ mbedtls-3.6.3/library/pkparse.c:1380:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/pkparse.c:1384:11: branch_false: ...to here mbedtls-3.6.3/library/pkparse.c:1384:11: call_function: calling ‘mbedtls_pk_parse_public_key’ from ‘mbedtls_pk_parse_public_keyfile’ # 403| } # 404| # 405|-> return mbedtls_pk_ecc_set_group(pk, grp_id); # 406| } # 407| Error: GCC_ANALYZER_WARNING (CWE-401): [#def24] mbedtls-3.6.3/library/psa_crypto.c:7875:12: warning[-Wanalyzer-malloc-leak]: leak of ‘output’ mbedtls-3.6.3/library/psa_crypto.c:7804:14: enter_function: entry to ‘psa_raw_key_agreement’ mbedtls-3.6.3/library/psa_crypto.c:7818:5: call_function: calling ‘psa_crypto_local_output_alloc’ from ‘psa_raw_key_agreement’ mbedtls-3.6.3/library/psa_crypto.c:7818:5: return_function: returning to ‘psa_raw_key_agreement’ from ‘psa_crypto_local_output_alloc’ mbedtls-3.6.3/library/psa_crypto.c:7818:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/psa_crypto.c:7818:5: branch_false: ...to here mbedtls-3.6.3/library/psa_crypto.c:7862:9: call_function: calling ‘psa_generate_random_internal’ from ‘psa_raw_key_agreement’ mbedtls-3.6.3/library/psa_crypto.c:7862:9: return_function: returning to ‘psa_raw_key_agreement’ from ‘psa_generate_random_internal’ mbedtls-3.6.3/library/psa_crypto.c:7866:8: branch_false: following ‘false’ branch (when ‘output’ is non-NULL)... mbedtls-3.6.3/library/psa_crypto.c:7871:21: branch_false: ...to here mbedtls-3.6.3/library/psa_crypto.c:7874:5: call_function: calling ‘psa_crypto_local_output_free’ from ‘psa_raw_key_agreement’ mbedtls-3.6.3/library/psa_crypto.c:7874:5: return_function: returning to ‘psa_raw_key_agreement’ from ‘psa_crypto_local_output_free’ mbedtls-3.6.3/library/psa_crypto.c:7874:5: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/psa_crypto.c:7875:12: branch_true: ...to here mbedtls-3.6.3/library/psa_crypto.c:7875:12: danger: ‘output’ leaks here; was allocated at [(6)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/5) # 7873| LOCAL_INPUT_FREE(peer_key_external, peer_key); # 7874| LOCAL_OUTPUT_FREE(output_external, output); # 7875|-> return (status == PSA_SUCCESS) ? unlock_status : status; # 7876| } # 7877| Error: GCC_ANALYZER_WARNING (CWE-401): [#def25] mbedtls-3.6.3/library/psa_crypto.c:7967:12: warning[-Wanalyzer-malloc-leak]: leak of ‘output’ mbedtls-3.6.3/library/psa_crypto.c:7953:14: enter_function: entry to ‘psa_generate_random’ mbedtls-3.6.3/library/psa_crypto.c:7959:5: call_function: calling ‘psa_crypto_local_output_alloc’ from ‘psa_generate_random’ mbedtls-3.6.3/library/psa_crypto.c:7959:5: return_function: returning to ‘psa_generate_random’ from ‘psa_crypto_local_output_alloc’ mbedtls-3.6.3/library/psa_crypto.c:7959:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/psa_crypto.c:7959:5: branch_false: ...to here mbedtls-3.6.3/library/psa_crypto.c:7961:14: call_function: calling ‘psa_generate_random_internal’ from ‘psa_generate_random’ mbedtls-3.6.3/library/psa_crypto.c:7961:14: return_function: returning to ‘psa_generate_random’ from ‘psa_generate_random_internal’ mbedtls-3.6.3/library/psa_crypto.c:7966:5: call_function: calling ‘psa_crypto_local_output_free’ from ‘psa_generate_random’ mbedtls-3.6.3/library/psa_crypto.c:7966:5: return_function: returning to ‘psa_generate_random’ from ‘psa_crypto_local_output_free’ mbedtls-3.6.3/library/psa_crypto.c:7966:5: branch_true: following ‘true’ branch... branch_true: ...to here mbedtls-3.6.3/library/psa_crypto.c:7967:12: danger: ‘output’ leaks here; was allocated at [(6)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/5) # 7965| #endif # 7966| LOCAL_OUTPUT_FREE(output_external, output); # 7967|-> return status; # 7968| } # 7969| Error: GCC_ANALYZER_WARNING (CWE-401): [#def26] mbedtls-3.6.3/library/ssl_tls.c:1236:12: warning[-Wanalyzer-malloc-leak]: leak of ‘group_list’ mbedtls-3.6.3/library/ssl_tls.c:4718:5: enter_function: entry to ‘mbedtls_ssl_start_renegotiation’ mbedtls-3.6.3/library/ssl_tls.c:4724:16: call_function: calling ‘ssl_handshake_init’ from ‘mbedtls_ssl_start_renegotiation’ # 1234| } # 1235| # 1236|-> if (sig_algs_len < MBEDTLS_SSL_MIN_SIG_ALG_LIST_LEN) { # 1237| return MBEDTLS_ERR_SSL_BAD_CONFIG; # 1238| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def27] mbedtls-3.6.3/library/ssl_tls.c:3515:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘p’ mbedtls-3.6.3/library/ssl_tls.c:5094:5: enter_function: entry to ‘mbedtls_ssl_context_save’ mbedtls-3.6.3/library/ssl_tls.c:5113:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5117:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5117:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5122:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5122:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5127:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5131:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5131:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5136:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5136:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5141:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5141:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5146:41: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5152:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5163:8: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5172:11: call_function: calling ‘ssl_session_save’ from ‘mbedtls_ssl_context_save’ # 3513| # 3514| if (used <= buf_len) { # 3515|-> *p++ = MBEDTLS_BYTE_2(cert_len); # 3516| *p++ = MBEDTLS_BYTE_1(cert_len); # 3517| *p++ = MBEDTLS_BYTE_0(cert_len); Error: GCC_ANALYZER_WARNING (CWE-476): [#def28] mbedtls-3.6.3/library/ssl_tls.c:3553:13: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘p’ mbedtls-3.6.3/library/ssl_tls.c:5094:5: enter_function: entry to ‘mbedtls_ssl_context_save’ mbedtls-3.6.3/library/ssl_tls.c:5113:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5117:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5117:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5122:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5122:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5127:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5131:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5131:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5136:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5136:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5141:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5141:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5146:41: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5152:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5163:8: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5172:11: call_function: calling ‘ssl_session_save’ from ‘mbedtls_ssl_context_save’ # 3551| # 3552| if (used <= buf_len) { # 3553|-> *p++ = MBEDTLS_BYTE_2(session->ticket_len); # 3554| *p++ = MBEDTLS_BYTE_1(session->ticket_len); # 3555| *p++ = MBEDTLS_BYTE_0(session->ticket_len); Error: GCC_ANALYZER_WARNING (CWE-476): [#def29] mbedtls-3.6.3/library/ssl_tls.c:3586:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘p’ mbedtls-3.6.3/library/ssl_tls.c:5094:5: enter_function: entry to ‘mbedtls_ssl_context_save’ mbedtls-3.6.3/library/ssl_tls.c:5113:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5117:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5117:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5122:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5122:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5127:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5131:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5131:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5136:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5136:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5141:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5141:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5146:41: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5152:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5163:8: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5172:11: call_function: calling ‘ssl_session_save’ from ‘mbedtls_ssl_context_save’ # 3584| # 3585| if (used <= buf_len) { # 3586|-> *p++ = session->mfl_code; # 3587| } # 3588| #endif Error: GCC_ANALYZER_WARNING (CWE-476): [#def30] mbedtls-3.6.3/library/ssl_tls.c:3594:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘p’ mbedtls-3.6.3/library/ssl_tls.c:5094:5: enter_function: entry to ‘mbedtls_ssl_context_save’ mbedtls-3.6.3/library/ssl_tls.c:5113:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5117:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5117:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5122:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5122:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5127:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5131:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5131:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5136:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5136:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5141:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5141:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5146:41: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5152:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls.c:5163:8: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls.c:5172:11: call_function: calling ‘ssl_session_save’ from ‘mbedtls_ssl_context_save’ # 3592| # 3593| if (used <= buf_len) { # 3594|-> *p++ = MBEDTLS_BYTE_0(session->encrypt_then_mac); # 3595| } # 3596| #endif Error: GCC_ANALYZER_WARNING (CWE-476): [#def31] mbedtls-3.6.3/library/ssl_tls12_server.c:2731:16: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ mbedtls-3.6.3/library/ssl_tls12_server.c:2716:12: enter_function: entry to ‘ssl_get_ecdh_params_from_cert’ mbedtls-3.6.3/library/ssl_tls12_server.c:2720:45: call_function: calling ‘mbedtls_ssl_own_key’ from ‘ssl_get_ecdh_params_from_cert’ mbedtls-3.6.3/library/ssl_tls12_server.c:2720:45: return_function: returning to ‘ssl_get_ecdh_params_from_cert’ from ‘mbedtls_ssl_own_key’ mbedtls-3.6.3/library/ssl_tls12_server.c:2721:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls12_server.c:2726:10: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls12_server.c:2726:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls12_server.c:2732:58: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls12_server.c:2732:58: call_function: calling ‘mbedtls_ssl_own_key’ from ‘ssl_get_ecdh_params_from_cert’ mbedtls-3.6.3/library/ssl_tls12_server.c:2732:58: return_function: returning to ‘ssl_get_ecdh_params_from_cert’ from ‘mbedtls_ssl_own_key’ mbedtls-3.6.3/library/ssl_tls12_server.c:2731:16: danger: dereference of NULL ‘mbedtls_ssl_own_key(ssl)’ # 2729| } # 2730| # 2731|-> if ((ret = mbedtls_ecdh_get_params(&ssl->handshake->ecdh_ctx, # 2732| mbedtls_pk_ec_ro(*mbedtls_ssl_own_key(ssl)), # 2733| MBEDTLS_ECDH_OURS)) != 0) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def32] mbedtls-3.6.3/library/ssl_tls13_client.c:2430:9: warning[-Wanalyzer-malloc-leak]: leak of ‘*handshake.certificate_request_context’ mbedtls-3.6.3/library/ssl_tls13_client.c:2398:12: enter_function: entry to ‘ssl_tls13_parse_certificate_request’ mbedtls-3.6.3/library/ssl_tls13_client.c:2417:8: branch_true: following ‘true’ branch (when ‘certificate_request_context_len != 0’)... mbedtls-3.6.3/library/ssl_tls13_client.c:2418:9: call_function: inlined call to ‘mbedtls_ssl_chk_buf_ptr’ from ‘ssl_tls13_parse_certificate_request’ mbedtls-3.6.3/library/ssl_tls13_client.c:2423:13: acquire_memory: allocated here mbedtls-3.6.3/library/ssl_tls13_client.c:2424:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/ssl_tls13_client.c:2428:9: branch_false: ...to here mbedtls-3.6.3/library/ssl_tls13_client.c:2430:9: danger: ‘*handshake.certificate_request_context’ leaks here; was allocated at [(10)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/9) # 2428| memcpy(handshake->certificate_request_context, p, # 2429| certificate_request_context_len); # 2430|-> p += certificate_request_context_len; # 2431| } # 2432| Error: COMPILER_WARNING: [#def33] mbedtls-3.6.3/library/ssl_tls13_keys.c:84:43: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (7 chars into 6 available) # 84 | static const char tls13_label_prefix[6] = "tls13 "; # | ^~~~~~~~ # 82| */ # 83| # 84|-> static const char tls13_label_prefix[6] = "tls13 "; # 85| # 86| #define SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN(label_len, context_len) \ Error: COMPILER_WARNING: [#def34] mbedtls-3.6.3/library/ssl_tls13_keys.h:14:40: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (9 chars into 8 available) # 14 | MBEDTLS_SSL_TLS1_3_LABEL(finished, "finished") \ # | ^~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 12| * below. */ # 13| #define MBEDTLS_SSL_TLS1_3_LABEL_LIST \ # 14|-> MBEDTLS_SSL_TLS1_3_LABEL(finished, "finished") \ # 15| MBEDTLS_SSL_TLS1_3_LABEL(resumption, "resumption") \ # 16| MBEDTLS_SSL_TLS1_3_LABEL(traffic_upd, "traffic upd") \ Error: COMPILER_WARNING: [#def35] mbedtls-3.6.3/library/ssl_tls13_keys.h:15:42: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (11 chars into 10 available) # 15 | MBEDTLS_SSL_TLS1_3_LABEL(resumption, "resumption") \ # | ^~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 13| #define MBEDTLS_SSL_TLS1_3_LABEL_LIST \ # 14| MBEDTLS_SSL_TLS1_3_LABEL(finished, "finished") \ # 15|-> MBEDTLS_SSL_TLS1_3_LABEL(resumption, "resumption") \ # 16| MBEDTLS_SSL_TLS1_3_LABEL(traffic_upd, "traffic upd") \ # 17| MBEDTLS_SSL_TLS1_3_LABEL(exporter, "exporter") \ Error: COMPILER_WARNING: [#def36] mbedtls-3.6.3/library/ssl_tls13_keys.h:16:43: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (12 chars into 11 available) # 16 | MBEDTLS_SSL_TLS1_3_LABEL(traffic_upd, "traffic upd") \ # | ^~~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 14| MBEDTLS_SSL_TLS1_3_LABEL(finished, "finished") \ # 15| MBEDTLS_SSL_TLS1_3_LABEL(resumption, "resumption") \ # 16|-> MBEDTLS_SSL_TLS1_3_LABEL(traffic_upd, "traffic upd") \ # 17| MBEDTLS_SSL_TLS1_3_LABEL(exporter, "exporter") \ # 18| MBEDTLS_SSL_TLS1_3_LABEL(key, "key") \ Error: COMPILER_WARNING: [#def37] mbedtls-3.6.3/library/ssl_tls13_keys.h:17:40: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (9 chars into 8 available) # 17 | MBEDTLS_SSL_TLS1_3_LABEL(exporter, "exporter") \ # | ^~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 15| MBEDTLS_SSL_TLS1_3_LABEL(resumption, "resumption") \ # 16| MBEDTLS_SSL_TLS1_3_LABEL(traffic_upd, "traffic upd") \ # 17|-> MBEDTLS_SSL_TLS1_3_LABEL(exporter, "exporter") \ # 18| MBEDTLS_SSL_TLS1_3_LABEL(key, "key") \ # 19| MBEDTLS_SSL_TLS1_3_LABEL(iv, "iv") \ Error: COMPILER_WARNING: [#def38] mbedtls-3.6.3/library/ssl_tls13_keys.h:18:35: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (4 chars into 3 available) # 18 | MBEDTLS_SSL_TLS1_3_LABEL(key, "key") \ # | ^~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 16| MBEDTLS_SSL_TLS1_3_LABEL(traffic_upd, "traffic upd") \ # 17| MBEDTLS_SSL_TLS1_3_LABEL(exporter, "exporter") \ # 18|-> MBEDTLS_SSL_TLS1_3_LABEL(key, "key") \ # 19| MBEDTLS_SSL_TLS1_3_LABEL(iv, "iv") \ # 20| MBEDTLS_SSL_TLS1_3_LABEL(c_hs_traffic, "c hs traffic") \ Error: COMPILER_WARNING: [#def39] mbedtls-3.6.3/library/ssl_tls13_keys.h:19:34: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (3 chars into 2 available) # 19 | MBEDTLS_SSL_TLS1_3_LABEL(iv, "iv") \ # | ^~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 17| MBEDTLS_SSL_TLS1_3_LABEL(exporter, "exporter") \ # 18| MBEDTLS_SSL_TLS1_3_LABEL(key, "key") \ # 19|-> MBEDTLS_SSL_TLS1_3_LABEL(iv, "iv") \ # 20| MBEDTLS_SSL_TLS1_3_LABEL(c_hs_traffic, "c hs traffic") \ # 21| MBEDTLS_SSL_TLS1_3_LABEL(c_ap_traffic, "c ap traffic") \ Error: COMPILER_WARNING: [#def40] mbedtls-3.6.3/library/ssl_tls13_keys.h:20:44: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (13 chars into 12 available) # 20 | MBEDTLS_SSL_TLS1_3_LABEL(c_hs_traffic, "c hs traffic") \ # | ^~~~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 18| MBEDTLS_SSL_TLS1_3_LABEL(key, "key") \ # 19| MBEDTLS_SSL_TLS1_3_LABEL(iv, "iv") \ # 20|-> MBEDTLS_SSL_TLS1_3_LABEL(c_hs_traffic, "c hs traffic") \ # 21| MBEDTLS_SSL_TLS1_3_LABEL(c_ap_traffic, "c ap traffic") \ # 22| MBEDTLS_SSL_TLS1_3_LABEL(c_e_traffic, "c e traffic") \ Error: COMPILER_WARNING: [#def41] mbedtls-3.6.3/library/ssl_tls13_keys.h:21:44: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (13 chars into 12 available) # 21 | MBEDTLS_SSL_TLS1_3_LABEL(c_ap_traffic, "c ap traffic") \ # | ^~~~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 19| MBEDTLS_SSL_TLS1_3_LABEL(iv, "iv") \ # 20| MBEDTLS_SSL_TLS1_3_LABEL(c_hs_traffic, "c hs traffic") \ # 21|-> MBEDTLS_SSL_TLS1_3_LABEL(c_ap_traffic, "c ap traffic") \ # 22| MBEDTLS_SSL_TLS1_3_LABEL(c_e_traffic, "c e traffic") \ # 23| MBEDTLS_SSL_TLS1_3_LABEL(s_hs_traffic, "s hs traffic") \ Error: COMPILER_WARNING: [#def42] mbedtls-3.6.3/library/ssl_tls13_keys.h:22:43: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (12 chars into 11 available) # 22 | MBEDTLS_SSL_TLS1_3_LABEL(c_e_traffic, "c e traffic") \ # | ^~~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 20| MBEDTLS_SSL_TLS1_3_LABEL(c_hs_traffic, "c hs traffic") \ # 21| MBEDTLS_SSL_TLS1_3_LABEL(c_ap_traffic, "c ap traffic") \ # 22|-> MBEDTLS_SSL_TLS1_3_LABEL(c_e_traffic, "c e traffic") \ # 23| MBEDTLS_SSL_TLS1_3_LABEL(s_hs_traffic, "s hs traffic") \ # 24| MBEDTLS_SSL_TLS1_3_LABEL(s_ap_traffic, "s ap traffic") \ Error: COMPILER_WARNING: [#def43] mbedtls-3.6.3/library/ssl_tls13_keys.h:23:44: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (13 chars into 12 available) # 23 | MBEDTLS_SSL_TLS1_3_LABEL(s_hs_traffic, "s hs traffic") \ # | ^~~~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 21| MBEDTLS_SSL_TLS1_3_LABEL(c_ap_traffic, "c ap traffic") \ # 22| MBEDTLS_SSL_TLS1_3_LABEL(c_e_traffic, "c e traffic") \ # 23|-> MBEDTLS_SSL_TLS1_3_LABEL(s_hs_traffic, "s hs traffic") \ # 24| MBEDTLS_SSL_TLS1_3_LABEL(s_ap_traffic, "s ap traffic") \ # 25| MBEDTLS_SSL_TLS1_3_LABEL(s_e_traffic, "s e traffic") \ Error: COMPILER_WARNING: [#def44] mbedtls-3.6.3/library/ssl_tls13_keys.h:24:44: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (13 chars into 12 available) # 24 | MBEDTLS_SSL_TLS1_3_LABEL(s_ap_traffic, "s ap traffic") \ # | ^~~~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 22| MBEDTLS_SSL_TLS1_3_LABEL(c_e_traffic, "c e traffic") \ # 23| MBEDTLS_SSL_TLS1_3_LABEL(s_hs_traffic, "s hs traffic") \ # 24|-> MBEDTLS_SSL_TLS1_3_LABEL(s_ap_traffic, "s ap traffic") \ # 25| MBEDTLS_SSL_TLS1_3_LABEL(s_e_traffic, "s e traffic") \ # 26| MBEDTLS_SSL_TLS1_3_LABEL(e_exp_master, "e exp master") \ Error: COMPILER_WARNING: [#def45] mbedtls-3.6.3/library/ssl_tls13_keys.h:25:43: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (12 chars into 11 available) # 25 | MBEDTLS_SSL_TLS1_3_LABEL(s_e_traffic, "s e traffic") \ # | ^~~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 23| MBEDTLS_SSL_TLS1_3_LABEL(s_hs_traffic, "s hs traffic") \ # 24| MBEDTLS_SSL_TLS1_3_LABEL(s_ap_traffic, "s ap traffic") \ # 25|-> MBEDTLS_SSL_TLS1_3_LABEL(s_e_traffic, "s e traffic") \ # 26| MBEDTLS_SSL_TLS1_3_LABEL(e_exp_master, "e exp master") \ # 27| MBEDTLS_SSL_TLS1_3_LABEL(res_master, "res master") \ Error: COMPILER_WARNING: [#def46] mbedtls-3.6.3/library/ssl_tls13_keys.h:26:44: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (13 chars into 12 available) # 26 | MBEDTLS_SSL_TLS1_3_LABEL(e_exp_master, "e exp master") \ # | ^~~~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 24| MBEDTLS_SSL_TLS1_3_LABEL(s_ap_traffic, "s ap traffic") \ # 25| MBEDTLS_SSL_TLS1_3_LABEL(s_e_traffic, "s e traffic") \ # 26|-> MBEDTLS_SSL_TLS1_3_LABEL(e_exp_master, "e exp master") \ # 27| MBEDTLS_SSL_TLS1_3_LABEL(res_master, "res master") \ # 28| MBEDTLS_SSL_TLS1_3_LABEL(exp_master, "exp master") \ Error: COMPILER_WARNING: [#def47] mbedtls-3.6.3/library/ssl_tls13_keys.h:27:42: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (11 chars into 10 available) # 27 | MBEDTLS_SSL_TLS1_3_LABEL(res_master, "res master") \ # | ^~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 25| MBEDTLS_SSL_TLS1_3_LABEL(s_e_traffic, "s e traffic") \ # 26| MBEDTLS_SSL_TLS1_3_LABEL(e_exp_master, "e exp master") \ # 27|-> MBEDTLS_SSL_TLS1_3_LABEL(res_master, "res master") \ # 28| MBEDTLS_SSL_TLS1_3_LABEL(exp_master, "exp master") \ # 29| MBEDTLS_SSL_TLS1_3_LABEL(ext_binder, "ext binder") \ Error: COMPILER_WARNING: [#def48] mbedtls-3.6.3/library/ssl_tls13_keys.h:28:42: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (11 chars into 10 available) # 28 | MBEDTLS_SSL_TLS1_3_LABEL(exp_master, "exp master") \ # | ^~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 26| MBEDTLS_SSL_TLS1_3_LABEL(e_exp_master, "e exp master") \ # 27| MBEDTLS_SSL_TLS1_3_LABEL(res_master, "res master") \ # 28|-> MBEDTLS_SSL_TLS1_3_LABEL(exp_master, "exp master") \ # 29| MBEDTLS_SSL_TLS1_3_LABEL(ext_binder, "ext binder") \ # 30| MBEDTLS_SSL_TLS1_3_LABEL(res_binder, "res binder") \ Error: COMPILER_WARNING: [#def49] mbedtls-3.6.3/library/ssl_tls13_keys.h:29:42: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (11 chars into 10 available) # 29 | MBEDTLS_SSL_TLS1_3_LABEL(ext_binder, "ext binder") \ # | ^~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 27| MBEDTLS_SSL_TLS1_3_LABEL(res_master, "res master") \ # 28| MBEDTLS_SSL_TLS1_3_LABEL(exp_master, "exp master") \ # 29|-> MBEDTLS_SSL_TLS1_3_LABEL(ext_binder, "ext binder") \ # 30| MBEDTLS_SSL_TLS1_3_LABEL(res_binder, "res binder") \ # 31| MBEDTLS_SSL_TLS1_3_LABEL(derived, "derived") \ Error: COMPILER_WARNING: [#def50] mbedtls-3.6.3/library/ssl_tls13_keys.h:30:42: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (11 chars into 10 available) # 30 | MBEDTLS_SSL_TLS1_3_LABEL(res_binder, "res binder") \ # | ^~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 28| MBEDTLS_SSL_TLS1_3_LABEL(exp_master, "exp master") \ # 29| MBEDTLS_SSL_TLS1_3_LABEL(ext_binder, "ext binder") \ # 30|-> MBEDTLS_SSL_TLS1_3_LABEL(res_binder, "res binder") \ # 31| MBEDTLS_SSL_TLS1_3_LABEL(derived, "derived") \ # 32| MBEDTLS_SSL_TLS1_3_LABEL(client_cv, "TLS 1.3, client CertificateVerify") \ Error: COMPILER_WARNING: [#def51] mbedtls-3.6.3/library/ssl_tls13_keys.h:31:39: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (8 chars into 7 available) # 31 | MBEDTLS_SSL_TLS1_3_LABEL(derived, "derived") \ # | ^~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 29| MBEDTLS_SSL_TLS1_3_LABEL(ext_binder, "ext binder") \ # 30| MBEDTLS_SSL_TLS1_3_LABEL(res_binder, "res binder") \ # 31|-> MBEDTLS_SSL_TLS1_3_LABEL(derived, "derived") \ # 32| MBEDTLS_SSL_TLS1_3_LABEL(client_cv, "TLS 1.3, client CertificateVerify") \ # 33| MBEDTLS_SSL_TLS1_3_LABEL(server_cv, "TLS 1.3, server CertificateVerify") Error: COMPILER_WARNING: [#def52] mbedtls-3.6.3/library/ssl_tls13_keys.h:32:41: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (34 chars into 33 available) # 32 | MBEDTLS_SSL_TLS1_3_LABEL(client_cv, "TLS 1.3, client CertificateVerify") \ # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 30| MBEDTLS_SSL_TLS1_3_LABEL(res_binder, "res binder") \ # 31| MBEDTLS_SSL_TLS1_3_LABEL(derived, "derived") \ # 32|-> MBEDTLS_SSL_TLS1_3_LABEL(client_cv, "TLS 1.3, client CertificateVerify") \ # 33| MBEDTLS_SSL_TLS1_3_LABEL(server_cv, "TLS 1.3, server CertificateVerify") # 34| Error: COMPILER_WARNING: [#def53] mbedtls-3.6.3/library/ssl_tls13_keys.h:33:41: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (34 chars into 33 available) # 33 | MBEDTLS_SSL_TLS1_3_LABEL(server_cv, "TLS 1.3, server CertificateVerify") # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:38:13: note: in definition of macro ‘MBEDTLS_SSL_TLS1_3_LABEL’ # 38 | .name = string, # | ^~~~~~ mbedtls-3.6.3/library/ssl_tls13_keys.c:44:5: note: in expansion of macro ‘MBEDTLS_SSL_TLS1_3_LABEL_LIST’ # 44 | MBEDTLS_SSL_TLS1_3_LABEL_LIST # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 31| MBEDTLS_SSL_TLS1_3_LABEL(derived, "derived") \ # 32| MBEDTLS_SSL_TLS1_3_LABEL(client_cv, "TLS 1.3, client CertificateVerify") \ # 33|-> MBEDTLS_SSL_TLS1_3_LABEL(server_cv, "TLS 1.3, server CertificateVerify") # 34| # 35| #define MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED 0 Error: GCC_ANALYZER_WARNING (CWE-457): [#def54] mbedtls-3.6.3/library/x509.c:1415:13: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘&other_name’ mbedtls-3.6.3/library/x509.c:1213:5: enter_function: entry to ‘mbedtls_x509_get_subject_alt_name_ext’ mbedtls-3.6.3/library/x509.c:1221:12: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/x509.c:1224:9: branch_true: ...to here mbedtls-3.6.3/library/x509.c:1229:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/x509.c:1233:25: branch_false: ...to here mbedtls-3.6.3/library/x509.c:1236:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/x509.c:1246:15: branch_false: ...to here mbedtls-3.6.3/library/x509.c:1246:15: call_function: calling ‘mbedtls_x509_parse_subject_alt_name’ from ‘mbedtls_x509_get_subject_alt_name_ext’ mbedtls-3.6.3/library/x509.c:1246:15: return_function: returning to ‘mbedtls_x509_get_subject_alt_name_ext’ from ‘mbedtls_x509_parse_subject_alt_name’ mbedtls-3.6.3/library/x509.c:1251:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/x509.c:1257:9: branch_false: ...to here mbedtls-3.6.3/library/x509.c:1259:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/x509.c:1274:9: branch_false: ...to here mbedtls-3.6.3/library/x509.c:1221:12: branch_true: following ‘true’ branch... mbedtls-3.6.3/library/x509.c:1224:9: branch_true: ...to here mbedtls-3.6.3/library/x509.c:1229:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/x509.c:1233:25: branch_false: ...to here mbedtls-3.6.3/library/x509.c:1236:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/library/x509.c:1246:15: branch_false: ...to here mbedtls-3.6.3/library/x509.c:1246:15: call_function: calling ‘mbedtls_x509_parse_subject_alt_name’ from ‘mbedtls_x509_get_subject_alt_name_ext’ # 1413| memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); # 1414| san->type = MBEDTLS_X509_SAN_OTHER_NAME; # 1415|-> memcpy(&san->san.other_name, # 1416| &other_name, sizeof(other_name)); # 1417| Error: GCC_ANALYZER_WARNING (CWE-775): [#def55] mbedtls-3.6.3/redhat-linux-build/tests/suites/helpers.function:88:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(fileno(fopen(path, "w")), out_fd)’ mbedtls-3.6.3/redhat-linux-build/tests/suites/helpers.function:77:8: branch_false: following ‘false’ branch (when ‘dup_fd != -1’)... mbedtls-3.6.3/redhat-linux-build/tests/suites/helpers.function:81:19: branch_false: ...to here mbedtls-3.6.3/redhat-linux-build/tests/suites/helpers.function:82:8: branch_false: following ‘false’ branch... mbedtls-3.6.3/redhat-linux-build/tests/suites/helpers.function:87:5: branch_false: ...to here mbedtls-3.6.3/redhat-linux-build/tests/suites/helpers.function:88:9: acquire_resource: opened here mbedtls-3.6.3/redhat-linux-build/tests/suites/helpers.function:88:8: danger: ‘dup2(fileno(fopen(path, "w")), out_fd)’ leaks here; was opened at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4) Error: GCC_ANALYZER_WARNING (CWE-775): [#def56] mbedtls-3.6.3/redhat-linux-build/tests/suites/helpers.function:103:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(dup_fd, out_fd)’ mbedtls-3.6.3/redhat-linux-build/tests/suites/helpers.function:103:9: acquire_resource: opened here mbedtls-3.6.3/redhat-linux-build/tests/suites/helpers.function:103:8: danger: ‘dup2(dup_fd, out_fd)’ leaks here; was opened at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) Error: GCC_ANALYZER_WARNING: [#def57] mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:672:5: warning[-Wanalyzer-overlapping-buffers]: overlapping buffers passed as arguments to ‘memcpy’ mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:703:13: enter_function: entry to ‘test_mpi_core_sub_wrapper’ mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:706:5: call_function: calling ‘test_mpi_core_sub’ from ‘test_mpi_core_sub_wrapper’ # 670| /* 2 and 3 test "r may be aliased to a or b" */ # 671| /* 2a) r = a; r -= b => we should get the correct carry (use r to avoid clobbering a) */ # 672|-> memcpy(r, a, bytes); # 673| TEST_EQUAL(carry, mbedtls_mpi_core_sub(r, r, b, limbs)); # 674| Error: GCC_ANALYZER_WARNING: [#def58] mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:679:5: warning[-Wanalyzer-overlapping-buffers]: overlapping buffers passed as arguments to ‘memcpy’ mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:703:13: enter_function: entry to ‘test_mpi_core_sub_wrapper’ mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:706:5: call_function: calling ‘test_mpi_core_sub’ from ‘test_mpi_core_sub_wrapper’ # 677| # 678| /* 3a) r = b; r = a - r => we should get the correct carry (use r to avoid clobbering b) */ # 679|-> memcpy(r, b, bytes); # 680| TEST_EQUAL(carry, mbedtls_mpi_core_sub(r, a, r, limbs)); # 681| Error: GCC_ANALYZER_WARNING (CWE-476): [#def59] mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1097:13: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘X’ mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1074:5: branch_false: following ‘false’ branch (when ‘rng_bytes == 0’)... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1075:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1075:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1076:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1081:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1082:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1082:5: branch_false: following ‘false’ branch (when ‘X_limbs == 0’)... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1083:23: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1088:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1090:8: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1090:8: branch_true: following ‘true’ branch (when ‘expected_ret == 0’)... branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1095:28: branch_true: following ‘true’ branch (when ‘i < wanted_bytes’)... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1096:13: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1097:13: release_memory: ‘X’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1097:13: danger: dereference of NULL ‘X + (i & 18446744073709551608)’ # 1095| for (size_t i = 0; i < wanted_bytes; i++) { # 1096| mbedtls_test_set_step(i); # 1097|-> TEST_EQUAL(GET_BYTE(X, i), rnd_data[wanted_bytes - 1 - i]); # 1098| } # 1099| for (size_t i = wanted_bytes; i < X_limbs * ciL; i++) { Error: GCC_ANALYZER_WARNING (CWE-688): [#def60] mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1147:5: warning[-Wanalyzer-null-argument]: use of NULL ‘X’ where non-null expected mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1116:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1118:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1120:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1124:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1125:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1125:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1126:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1126:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1128:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1128:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1130:28: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1132:5: branch_false: following ‘false’ branch (when ‘X_limbs == 0’)... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1134:18: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1135:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1136:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1139:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1140:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1147:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1147:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1147:5: branch_true: following ‘true’ branch (when ‘X_bytes != 0’)... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1147:5: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1147:5: danger: argument 1 (‘X’) NULL where non-null expected # 1145| /* 1. X = A * B - result should be correct, A and B unchanged */ # 1146| mbedtls_mpi_core_mul(X, A, A_limbs, B, B_limbs); # 1147|-> TEST_MEMORY_COMPARE(X, X_bytes, R, X_bytes); # 1148| TEST_MEMORY_COMPARE(A, A_bytes, A_orig, A_bytes); # 1149| TEST_MEMORY_COMPARE(B, B_bytes, B_orig, B_bytes); Error: GCC_ANALYZER_WARNING (CWE-688): [#def61] mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1148:5: warning[-Wanalyzer-null-argument]: use of NULL ‘A_orig’ where non-null expected mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1116:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1118:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1120:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1124:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1125:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1125:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1126:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1126:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1128:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1128:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1130:28: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1132:5: branch_false: following ‘false’ branch (when ‘X_limbs == 0’)... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1134:18: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1135:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1136:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1139:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1140:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1147:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1148:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1148:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1148:5: branch_true: following ‘true’ branch (when ‘A_bytes != 0’)... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1148:5: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1148:5: danger: argument 2 (‘A_orig’) NULL where non-null expected # 1146| mbedtls_mpi_core_mul(X, A, A_limbs, B, B_limbs); # 1147| TEST_MEMORY_COMPARE(X, X_bytes, R, X_bytes); # 1148|-> TEST_MEMORY_COMPARE(A, A_bytes, A_orig, A_bytes); # 1149| TEST_MEMORY_COMPARE(B, B_bytes, B_orig, B_bytes); # 1150| Error: GCC_ANALYZER_WARNING (CWE-688): [#def62] mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1149:5: warning[-Wanalyzer-null-argument]: use of NULL ‘B_orig’ where non-null expected mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1116:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1118:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1120:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1124:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1125:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1125:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1126:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1126:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1128:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1128:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1130:28: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1132:5: branch_false: following ‘false’ branch (when ‘X_limbs == 0’)... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1134:18: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1135:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1136:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1139:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1140:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1147:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1148:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1149:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1149:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1149:5: branch_true: following ‘true’ branch (when ‘B_bytes != 0’)... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1149:5: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1149:5: danger: argument 2 (‘B_orig’) NULL where non-null expected # 1147| TEST_MEMORY_COMPARE(X, X_bytes, R, X_bytes); # 1148| TEST_MEMORY_COMPARE(A, A_bytes, A_orig, A_bytes); # 1149|-> TEST_MEMORY_COMPARE(B, B_bytes, B_orig, B_bytes); # 1150| # 1151| /* 2. A == B: alias A and B - result should be correct, A and B unchanged */ Error: GCC_ANALYZER_WARNING (CWE-688): [#def63] mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1243:5: warning[-Wanalyzer-null-argument]: use of NULL ‘Y’ where non-null expected mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1181:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1183:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1184:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1185:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1196:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1197:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1197:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1198:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1198:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1199:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1199:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1200:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1200:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1202:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1202:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1203:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1203:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1205:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1205:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1206:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1208:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1210:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1210:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1211:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1225:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1226:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1226:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1229:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1229:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1232:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1232:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1239:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1243:5: danger: argument 2 (‘Y’) NULL where non-null expected # 1241| TEST_EQUAL(mbedtls_codepath_check, MBEDTLS_MPI_IS_SECRET); # 1242| #endif # 1243|-> TEST_EQUAL(0, memcmp(X, Y, N_limbs * sizeof(mbedtls_mpi_uint))); # 1244| # 1245| /* Test the unsafe variant */ Error: GCC_ANALYZER_WARNING (CWE-688): [#def64] mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1327:5: warning[-Wanalyzer-null-argument]: use of NULL ‘R’ where non-null expected mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1302:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1303:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1304:23: release_memory: ‘A’ is NULL mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1308:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1309:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1309:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1310:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1310:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1313:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1313:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1316:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1316:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1317:12: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1319:5: branch_false: following ‘false’ branch (when ‘limbs == 0’)... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1326:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1326:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1327:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1327:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1327:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1327:5: branch_true: following ‘true’ branch... mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1327:5: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_bignum_core.function:1327:5: danger: argument 1 (‘R’) NULL where non-null expected # 1325| /* 1. R = A - b. Result and borrow should be correct */ # 1326| TEST_EQUAL(mbedtls_mpi_core_sub_int(R, A, B[0], limbs), borrow); # 1327|-> TEST_COMPARE_CORE_MPIS(R, X, limbs); # 1328| # 1329| /* 2. A = A - b. Result and borrow should be correct */ Error: GCC_ANALYZER_WARNING (CWE-688): [#def65] mbedtls-3.6.3/tests/suites/test_suite_cipher.function:975:9: warning[-Wanalyzer-null-argument]: use of NULL ‘decrypt_buf’ where non-null expected mbedtls-3.6.3/tests/suites/test_suite_cipher.function:1051:13: enter_function: entry to ‘test_auth_crypt_tv_wrapper’ mbedtls-3.6.3/tests/suites/test_suite_cipher.function:1060:5: call_function: calling ‘test_auth_crypt_tv’ from ‘test_auth_crypt_tv_wrapper’ # 973| } else { # 974| TEST_ASSERT(ret == 0); # 975|-> TEST_MEMORY_COMPARE(decrypt_buf, outlen, clear->x, clear->len); # 976| } # 977| Error: CPPCHECK_WARNING (CWE-457): [#def66] mbedtls-3.6.3/tests/suites/test_suite_cmac.function:38: error[uninitvar]: Uninitialized variable: test_data # 36| TEST_ASSERT(mbedtls_cipher_cmac_starts(NULL, test_key, 128) == # 37| MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); # 38|-> # 39| TEST_ASSERT(mbedtls_cipher_cmac_starts(&ctx, NULL, 128) == # 40| MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); Error: GCC_ANALYZER_WARNING (CWE-688): [#def67] mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1298:13: warning[-Wanalyzer-null-argument]: use of NULL ‘key_start’ where non-null expected mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1264:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1266:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1266:5: branch_false: following ‘false’ branch (when ‘exported_size == 0’)... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1267:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1267:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1270:8: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1270:8: branch_true: following ‘true’ branch (when ‘expected_ret == 0’)... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1271:26: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1283:17: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1285:17: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1292:12: branch_true: following ‘true’ branch... branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1298:13: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1298:13: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1298:13: branch_true: following ‘true’ branch (when ‘length != 0’)... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1298:13: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1298:13: danger: argument 2 (‘key_start’) NULL where non-null expected # 1296| TEST_EQUAL(in_key->x[i], 0); # 1297| } # 1298|-> TEST_MEMORY_COMPARE(in_key->x + in_key->len - length, length, # 1299| key_start, length); # 1300| } else { Error: GCC_ANALYZER_WARNING (CWE-688): [#def68] mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1301:13: warning[-Wanalyzer-null-argument]: use of NULL ‘key_start’ where non-null expected mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1264:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1266:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1266:5: branch_false: following ‘false’ branch (when ‘exported_size == 0’)... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1267:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1267:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1270:8: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1270:8: branch_true: following ‘true’ branch (when ‘expected_ret == 0’)... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1271:26: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1283:17: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1285:17: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1292:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1301:13: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1301:13: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1301:13: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1301:13: branch_true: following ‘true’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1301:13: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1301:13: danger: argument 2 (‘key_start’) NULL where non-null expected # 1299| key_start, length); # 1300| } else { # 1301|-> TEST_MEMORY_COMPARE(in_key->x, in_key->len, # 1302| key_start, length); # 1303| for (size_t i = 0; i < exported_size - length; i++) { Error: GCC_ANALYZER_WARNING (CWE-476): [#def69] mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1305:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1264:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1266:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1266:5: branch_false: following ‘false’ branch (when ‘exported_size == 0’)... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1267:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1267:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1270:8: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1270:8: branch_true: following ‘true’ branch (when ‘expected_ret == 0’)... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1271:26: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1292:12: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1301:13: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1301:13: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1301:13: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1303:32: branch_true: following ‘true’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1304:17: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1305:17: release_memory: ‘0’ is NULL mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1305:17: danger: dereference of NULL ‘zeros_start + i’ # 1303| for (size_t i = 0; i < exported_size - length; i++) { # 1304| mbedtls_test_set_step(i); # 1305|-> TEST_EQUAL(zeros_start[i], 0); # 1306| } # 1307| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def70] mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1338:9: warning[-Wanalyzer-null-argument]: use of NULL ‘exported’ where non-null expected mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1325:9: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1330:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1330:5: branch_false: following ‘false’ branch (when ‘exported_size == 0’)... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1331:12: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1332:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1335:8: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1335:8: branch_true: following ‘true’ branch (when ‘expected_ret == 0’)... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1336:9: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1336:9: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1337:9: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1337:9: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1338:9: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1338:9: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1338:9: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1338:9: branch_true: following ‘true’ branch... mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1338:9: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_ecp.function:1338:9: danger: argument 2 (‘exported’) NULL where non-null expected # 1336| TEST_EQUAL(olen, (key.grp.nbits + 7) / 8); # 1337| TEST_LE_U(olen, MBEDTLS_ECP_MAX_BYTES); # 1338|-> TEST_MEMORY_COMPARE(in_key->x, in_key->len, # 1339| exported, olen); # 1340| } else { Error: GCC_ANALYZER_WARNING: [#def71] mbedtls-3.6.3/tests/suites/test_suite_mps.function:913:21: warning[-Wanalyzer-overlapping-buffers]: overlapping buffers passed as arguments to ‘memcpy’ mbedtls-3.6.3/tests/suites/test_suite_mps.function:865:8: branch_false: following ‘false’ branch (when ‘acc_size <= 0’)... mbedtls-3.6.3/tests/suites/test_suite_mps.function:873:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:873:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:874:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:874:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:876:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:882:12: branch_true: following ‘true’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:883:12: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:883:12: branch_true: following ‘true’ branch (when ‘mode == 0’)... mbedtls-3.6.3/tests/suites/test_suite_mps.function:885:23: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:906:17: branch_false: following ‘false’ branch (when ‘tmp_size == 0’)... mbedtls-3.6.3/tests/suites/test_suite_mps.function:908:17: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:908:17: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:909:23: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:911:20: branch_true: following ‘true’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:912:21: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:913:21: danger: overlapping buffers passed as arguments to ‘memcpy’ # 911| if (ret == 0 || ret == MBEDTLS_ERR_MPS_READER_NEED_MORE) { # 912| cur_out_chunk++; # 913|-> memcpy(outgoing + out_pos, tmp, tmp_size); # 914| out_pos += tmp_size; # 915| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def72] mbedtls-3.6.3/tests/suites/test_suite_mps.function:952:21: warning[-Wanalyzer-null-argument]: use of NULL ‘acc’ where non-null expected mbedtls-3.6.3/tests/suites/test_suite_mps.function:865:8: branch_false: following ‘false’ branch (when ‘acc_size <= 0’)... mbedtls-3.6.3/tests/suites/test_suite_mps.function:873:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:873:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:874:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:874:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:876:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:882:12: branch_true: following ‘true’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:883:12: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:883:12: branch_true: following ‘true’ branch (when ‘mode == 0’)... mbedtls-3.6.3/tests/suites/test_suite_mps.function:885:23: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:887:16: branch_true: following ‘true’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:889:23: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:891:20: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:928:35: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:882:12: branch_true: following ‘true’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:883:12: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:936:16: branch_true: following ‘true’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:939:29: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:940:20: branch_true: following ‘true’ branch (when ‘rand_op == 0’)... mbedtls-3.6.3/tests/suites/test_suite_mps.function:941:27: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:949:20: branch_true: following ‘true’ branch (when ‘ret == 0’)... mbedtls-3.6.3/tests/suites/test_suite_mps.function:950:21: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:950:28: release_memory: ‘acc’ is NULL mbedtls-3.6.3/tests/suites/test_suite_mps.function:952:21: release_memory: ‘acc’ is NULL mbedtls-3.6.3/tests/suites/test_suite_mps.function:952:21: danger: argument 2 (‘outgoing + (in_commit + in_fetch)’) NULL where non-null expected # 950| memcpy(incoming + in_commit + in_fetch, # 951| chunk_get, real_size); # 952|-> TEST_ASSERT(memcmp(incoming + in_commit + in_fetch, # 953| outgoing + in_commit + in_fetch, # 954| real_size) == 0); Error: GCC_ANALYZER_WARNING (CWE-688): [#def73] mbedtls-3.6.3/tests/suites/test_suite_mps.function:952:21: warning[-Wanalyzer-null-argument]: use of NULL ‘outgoing’ where non-null expected mbedtls-3.6.3/tests/suites/test_suite_mps.function:865:8: branch_true: following ‘true’ branch (when ‘acc_size > 0’)... mbedtls-3.6.3/tests/suites/test_suite_mps.function:866:9: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:866:9: branch_false: following ‘false’ branch (when ‘acc’ is non-NULL)... mbedtls-3.6.3/tests/suites/test_suite_mps.function:873:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:873:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:874:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:874:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:876:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:882:12: branch_true: following ‘true’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:883:12: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:883:12: branch_true: following ‘true’ branch (when ‘mode == 0’)... mbedtls-3.6.3/tests/suites/test_suite_mps.function:885:23: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:887:16: branch_true: following ‘true’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:889:23: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:891:20: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:928:35: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:882:12: branch_true: following ‘true’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:883:12: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:936:16: branch_true: following ‘true’ branch... mbedtls-3.6.3/tests/suites/test_suite_mps.function:939:29: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:940:20: branch_true: following ‘true’ branch (when ‘rand_op == 0’)... mbedtls-3.6.3/tests/suites/test_suite_mps.function:941:27: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:949:20: branch_true: following ‘true’ branch (when ‘ret == 0’)... mbedtls-3.6.3/tests/suites/test_suite_mps.function:950:21: branch_true: ...to here mbedtls-3.6.3/tests/suites/test_suite_mps.function:950:28: release_memory: ‘outgoing’ is NULL mbedtls-3.6.3/tests/suites/test_suite_mps.function:952:21: release_memory: ‘outgoing’ is NULL mbedtls-3.6.3/tests/suites/test_suite_mps.function:952:21: danger: argument 1 (‘incoming + (in_commit + in_fetch)’) NULL where non-null expected # 950| memcpy(incoming + in_commit + in_fetch, # 951| chunk_get, real_size); # 952|-> TEST_ASSERT(memcmp(incoming + in_commit + in_fetch, # 953| outgoing + in_commit + in_fetch, # 954| real_size) == 0); Error: CPPCHECK_WARNING (CWE-369): [#def74] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:391: error[zerodiv]: Division by zero. # 389| if (is_encrypt) { # 390| /* Tag gets written at end of buffer. */ # 391|-> output_size = PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, # 392| (input_data->len + # 393| tag_length)); Error: CPPCHECK_WARNING (CWE-369): [#def75] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:396: error[zerodiv]: Division by zero. # 394| data_true_size = input_data->len; # 395| } else { # 396|-> output_size = PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, # 397| (input_data->len - # 398| tag_length)); Error: CPPCHECK_WARNING (CWE-369): [#def76] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:474: error[zerodiv]: Division by zero. # 472| /* Pass data in parts */ # 473| data_part_len = (size_t) data_part_len_arg; # 474|-> part_data_size = PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, # 475| (size_t) data_part_len); # 476| Error: CPPCHECK_WARNING (CWE-369): [#def77] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:2339: error[zerodiv]: Division by zero. # 2337| int expected_status_arg) # 2338| { # 2339|-> mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; # 2340| psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; # 2341| psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT; Error: COMPILER_WARNING: [#def78] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function: scope_hint: In function ‘test_mac_setup’ mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:3476:45: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (17 chars into 16 available) # 3476 | const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk"; # | ^~~~~~~~~~~~~~~~~~ # 3474| psa_status_t status = PSA_ERROR_GENERIC_ERROR; # 3475| #if defined(KNOWN_SUPPORTED_MAC_ALG) # 3476|-> const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk"; # 3477| #endif # 3478| Error: COMPILER_WARNING: [#def79] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function: scope_hint: In function ‘test_cipher_setup’ mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:3907:45: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (17 chars into 16 available) # 3907 | const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk"; # | ^~~~~~~~~~~~~~~~~~ # 3905| psa_status_t status; # 3906| #if defined(KNOWN_SUPPORTED_CIPHER_ALG) # 3907|-> const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk"; # 3908| #endif # 3909| Error: CPPCHECK_WARNING (CWE-369): [#def80] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4398: error[zerodiv]: Division by zero. # 4396| psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; # 4397| psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; # 4398|-> # 4399| PSA_ASSERT(psa_crypto_init()); # 4400| Error: CPPCHECK_WARNING (CWE-369): [#def81] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4464: error[zerodiv]: Division by zero. # 4462| data_t *input, # 4463| int first_part_size_arg, # 4464|-> int output1_length_arg, int output2_length_arg, # 4465| data_t *expected_output, # 4466| int expected_status_arg) Error: CPPCHECK_WARNING (CWE-369): [#def82] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4510: error[zerodiv]: Division by zero. # 4508| PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, first_part_size)); # 4509| TEST_LE_U(function_output_length, # 4510|-> PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(first_part_size)); # 4511| total_output_length += function_output_length; # 4512| Error: CPPCHECK_WARNING (CWE-369): [#def83] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4512: error[zerodiv]: Division by zero. # 4510| PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(first_part_size)); # 4511| total_output_length += function_output_length; # 4512|-> # 4513| if (first_part_size < input->len) { # 4514| PSA_ASSERT(psa_cipher_update(&operation, Error: CPPCHECK_WARNING (CWE-369): [#def84] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4527: error[zerodiv]: Division by zero. # 4525| input->len - first_part_size)); # 4526| TEST_LE_U(function_output_length, # 4527|-> PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input->len)); # 4528| total_output_length += function_output_length; # 4529| } Error: CPPCHECK_WARNING (CWE-369): [#def85] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4636: error[zerodiv]: Division by zero. # 4634| output_buffer_size - total_output_length, # 4635| &function_output_length); # 4636|-> TEST_LE_U(function_output_length, # 4637| PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg)); # 4638| TEST_LE_U(function_output_length, Error: CPPCHECK_WARNING (CWE-369): [#def86] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4638: error[zerodiv]: Division by zero. # 4636| TEST_LE_U(function_output_length, # 4637| PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg)); # 4638|-> TEST_LE_U(function_output_length, # 4639| PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE); # 4640| total_output_length += function_output_length; Error: CPPCHECK_WARNING (CWE-369): [#def87] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4688: error[zerodiv]: Division by zero. # 4686| psa_set_key_type(&attributes, key_type); # 4687| # 4688|-> PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, # 4689| &key)); # 4690| } Error: CPPCHECK_WARNING (CWE-369): [#def88] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4689: error[zerodiv]: Division by zero. # 4687| # 4688| PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, # 4689|-> &key)); # 4690| } # 4691| Error: CPPCHECK_WARNING (CWE-369): [#def89] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4701: error[zerodiv]: Division by zero. # 4699| # 4700| output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size); # 4701|-> TEST_CALLOC(output, output_buffer_size); # 4702| # 4703| /* Decrypt, one-short */ Error: CPPCHECK_WARNING (CWE-369): [#def90] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4713: error[zerodiv]: Division by zero. # 4711| output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, # 4712| input_arg->len) + # 4713|-> PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg); # 4714| TEST_CALLOC(output_multi, output_buffer_size); # 4715| Error: CPPCHECK_WARNING (CWE-369): [#def91] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4787: error[zerodiv]: Division by zero. # 4785| TEST_CALLOC(input, input_buffer_size); # 4786| memcpy(input, iv->x, iv->len); # 4787|-> memcpy(input + iv->len, input_arg->x, input_arg->len); # 4788| } # 4789| Error: CPPCHECK_WARNING (CWE-369): [#def92] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4796: error[zerodiv]: Division by zero. # 4794| &key)); # 4795| # 4796|-> PSA_ASSERT(psa_cipher_decrypt(key, alg, input, input_buffer_size, output, # 4797| output_buffer_size, &output_length)); # 4798| TEST_LE_U(output_length, Error: CPPCHECK_WARNING (CWE-369): [#def93] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4811: error[zerodiv]: Division by zero. # 4809| PSA_DONE(); # 4810| } # 4811|-> /* END_CASE */ # 4812| # 4813| /* BEGIN_CASE */ Error: CPPCHECK_WARNING (CWE-369): [#def94] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4894: error[zerodiv]: Division by zero. # 4892| psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT; # 4893| psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; # 4894|-> # 4895| PSA_ASSERT(psa_crypto_init()); # 4896| Error: CPPCHECK_WARNING (CWE-369): [#def95] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4904: error[zerodiv]: Division by zero. # 4902| &key)); # 4903| # 4904|-> PSA_ASSERT(psa_cipher_encrypt_setup(&operation1, key, alg)); # 4905| PSA_ASSERT(psa_cipher_decrypt_setup(&operation2, key, alg)); # 4906| Error: CPPCHECK_WARNING (CWE-369): [#def96] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:4919: error[zerodiv]: Division by zero. # 4917| # 4918| TEST_LE_U(first_part_size, input->len); # 4919|-> # 4920| PSA_ASSERT(psa_cipher_update(&operation1, input->x, first_part_size, # 4921| output1, output1_buffer_size, Error: CPPCHECK_WARNING (CWE-369): [#def97] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:5016: error[zerodiv]: Division by zero. # 5014| /* BEGIN_CASE */ # 5015| void aead_encrypt_decrypt(int key_type_arg, data_t *key_data, # 5016|-> int alg_arg, # 5017| data_t *nonce, # 5018| data_t *additional_data, Error: CPPCHECK_WARNING (CWE-369): [#def98] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:5158: error[zerodiv]: Division by zero. # 5156| * encryption involves a common limitation of cryptography hardwares and # 5157| * an alternative implementation. */ # 5158|-> if (status == PSA_ERROR_NOT_SUPPORTED) { # 5159| MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_data->len * 8); # 5160| MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, nonce->len); Error: CPPCHECK_WARNING (CWE-369): [#def99] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:5164: error[zerodiv]: Division by zero. # 5162| # 5163| PSA_ASSERT(status); # 5164|-> TEST_MEMORY_COMPARE(expected_result->x, expected_result->len, # 5165| output_data, output_length); # 5166| Error: CPPCHECK_WARNING (CWE-369): [#def100] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:5239: error[zerodiv]: Division by zero. # 5237| TEST_MEMORY_COMPARE(expected_data->x, expected_data->len, # 5238| output_data, output_length); # 5239|-> } # 5240| # 5241| exit: Error: CPPCHECK_WARNING (CWE-369): [#def101] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:5249: error[zerodiv]: Division by zero. # 5247| # 5248| /* BEGIN_CASE */ # 5249|-> void aead_multipart_encrypt(int key_type_arg, data_t *key_data, # 5250| int alg_arg, # 5251| data_t *nonce, Error: CPPCHECK_WARNING (CWE-369): [#def102] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:5261: error[zerodiv]: Division by zero. # 5259| set_lengths_method_t set_lengths_method = DO_NOT_SET_LENGTHS; # 5260| # 5261|-> for (ad_part_len = 1; ad_part_len <= additional_data->len; ad_part_len++) { # 5262| mbedtls_test_set_step(ad_part_len); # 5263| Error: CPPCHECK_WARNING (CWE-369): [#def103] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:5296: error[zerodiv]: Division by zero. # 5294| 1, 1)) { # 5295| break; # 5296|-> } # 5297| } # 5298| Error: CPPCHECK_WARNING (CWE-369): [#def104] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:5308: error[zerodiv]: Division by zero. # 5306| } else { # 5307| set_lengths_method = SET_LENGTHS_BEFORE_NONCE; # 5308|-> } # 5309| } # 5310| Error: CPPCHECK_WARNING (CWE-369): [#def105] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:5855: error[zerodiv]: Division by zero. # 5853| size_t plaintext_length = 0; # 5854| size_t verify_plaintext_size = 0; # 5855|-> tag_usage_method_t tag_usage = tag_usage_arg; # 5856| unsigned char *tag_buffer = NULL; # 5857| size_t tag_size = 0; Error: CPPCHECK_WARNING (CWE-369): [#def106] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:5965: error[zerodiv]: Division by zero. # 5963| exit: # 5964| psa_destroy_key(key); # 5965|-> psa_aead_abort(&operation); # 5966| PSA_DONE(); # 5967| } Error: CPPCHECK_WARNING (CWE-369): [#def107] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:6184: error[zerodiv]: Division by zero. # 6182| PSA_AEAD_NONCE_MAX_SIZE, # 6183| &nonce_length)); # 6184|-> # 6185| TEST_EQUAL(psa_aead_generate_nonce(&operation, nonce_buffer, # 6186| PSA_AEAD_NONCE_MAX_SIZE, Error: CPPCHECK_WARNING (CWE-369): [#def108] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:6280: error[zerodiv]: Division by zero. # 6278| input_data->len)); # 6279| } # 6280|-> # 6281| psa_aead_abort(&operation); # 6282| Error: CPPCHECK_WARNING (CWE-369): [#def109] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto.function:6436: error[zerodiv]: Division by zero. # 6434| additional_data->len), # 6435| PSA_ERROR_BAD_STATE); # 6436|-> } else { # 6437| PSA_ASSERT(psa_aead_update_ad(&operation, additional_data->x, # 6438| additional_data->len)); Error: COMPILER_WARNING: [#def110] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto_slot_management.function: scope_hint: In function ‘test_create_existent’ mbedtls-3.6.3/tests/suites/test_suite_psa_crypto_slot_management.function:380:34: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (6 chars into 5 available) # 380 | const uint8_t material1[5] = "a key"; # | ^~~~~~~ # 378| psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; # 379| psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA; # 380|-> const uint8_t material1[5] = "a key"; # 381| const uint8_t material2[5] = "b key"; # 382| size_t bits1 = PSA_BYTES_TO_BITS(sizeof(material1)); Error: COMPILER_WARNING: [#def111] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto_slot_management.function:381:34: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (6 chars into 5 available) # 381 | const uint8_t material2[5] = "b key"; # | ^~~~~~~ # 379| psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA; # 380| const uint8_t material1[5] = "a key"; # 381|-> const uint8_t material2[5] = "b key"; # 382| size_t bits1 = PSA_BYTES_TO_BITS(sizeof(material1)); # 383| uint8_t reexported[sizeof(material1)]; Error: COMPILER_WARNING: [#def112] mbedtls-3.6.3/tests/suites/test_suite_psa_crypto_slot_management.function: scope_hint: In function ‘test_invalid_handle’ mbedtls-3.6.3/tests/suites/test_suite_psa_crypto_slot_management.function:750:27: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (2 chars into 1 available) # 750 | uint8_t material[1] = "a"; # | ^~~ # 748| psa_status_t close_status = close_status_arg; # 749| psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; # 750|-> uint8_t material[1] = "a"; # 751| # 752| PSA_ASSERT(psa_crypto_init()); Error: GCC_ANALYZER_WARNING (CWE-476): [#def113] mbedtls-3.6.3/tests/suites/test_suite_ssl.function:5180:5: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘first_frag’ mbedtls-3.6.3/tests/suites/test_suite_ssl.function:5145:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ssl.function:5147:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ssl.function:5157:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ssl.function:5159:11: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ssl.function:5161:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ssl.function:5163:11: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ssl.function:5165:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ssl.function:5168:11: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ssl.function:5170:5: branch_false: following ‘false’ branch... mbedtls-3.6.3/tests/suites/test_suite_ssl.function:5173:18: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ssl.function:5176:5: branch_false: following ‘false’ branch (when ‘first_len == 0’)... mbedtls-3.6.3/tests/suites/test_suite_ssl.function:5180:5: branch_false: ...to here mbedtls-3.6.3/tests/suites/test_suite_ssl.function:5180:5: danger: dereference of NULL ‘first_frag’ # 5178| // record header # 5179| // record type: handshake # 5180|-> *p++ = 0x16, # 5181| // record version (actually common to TLS 1.2 and TLS 1.3) # 5182| *p++ = 0x03, Error: CPPCHECK_WARNING (CWE-457): [#def114] mbedtls-3.6.3/tests/suites/test_suite_x509parse.function:851: error[legacyUninitvar]: Uninitialized variable: profile # 849| TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); # 850| TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0); # 851|-> # 852| if (strcmp(name, "NULL") == 0) { # 853| name = NULL;
| analyzer-version-clippy | 1.86.0 |
| analyzer-version-cppcheck | 2.17.1 |
| analyzer-version-gcc | 15.0.1 |
| analyzer-version-gcc-analyzer | 15.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-238.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | mbedtls-3.6.3-1.fc43 |
| store-results-to | /tmp/tmpe7ezmk2o/mbedtls-3.6.3-1.fc43.tar.xz |
| time-created | 2025-04-25 14:30:02 |
| time-finished | 2025-04-25 14:35:14 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpe7ezmk2o/mbedtls-3.6.3-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpe7ezmk2o/mbedtls-3.6.3-1.fc43.src.rpm' |
| tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |