Error: SHELLCHECK_WARNING: [#def1] /usr/bin/make-dummy-cert:15:7: warning[SC3004]: In POSIX sh, $".." is undefined. # 13| # 14| if [ $# -eq 0 ] ; then # 15|-> echo $"Usage: `basename $0` filename [...]" # 16| exit 0 # 17| fi Error: SHELLCHECK_WARNING (CWE-88): [#def2] /usr/bin/make-dummy-cert:19:15: error[SC2068]: Double quote array expansions to avoid re-splitting elements. # 17| fi # 18| # 19|-> for target in $@ ; do # 20| PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` # 21| PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` Error: SHELLCHECK_WARNING (CWE-569): [#def3] /usr/bin/make-dummy-cert:22:14: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled. # 20| PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` # 21| PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` # 22|-> trap "rm -f $PEM1 $PEM2" SIGINT # 23| answers | /usr/bin/openssl req -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 2> /dev/null # 24| cat $PEM1 > ${target} Error: SHELLCHECK_WARNING (CWE-569): [#def4] /usr/bin/make-dummy-cert:22:20: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled. # 20| PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` # 21| PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` # 22|-> trap "rm -f $PEM1 $PEM2" SIGINT # 23| answers | /usr/bin/openssl req -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 2> /dev/null # 24| cat $PEM1 > ${target} Error: SHELLCHECK_WARNING: [#def5] /usr/bin/make-dummy-cert:22:27: warning[SC3048]: In POSIX sh, prefixing signal names with 'SIG' is undefined. # 20| PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` # 21| PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` # 22|-> trap "rm -f $PEM1 $PEM2" SIGINT # 23| answers | /usr/bin/openssl req -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 2> /dev/null # 24| cat $PEM1 > ${target} Error: SHELLCHECK_WARNING (CWE-569): [#def6] /usr/bin/renew-dummy-cert:14:13: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled. # 12| NEW=${PEM}_ # 13| # 14|-> trap "rm -f $REQ $KEY $CRT $NEW" SIGINT # 15| # 16| if [ ! -f $PEM ]; then Error: SHELLCHECK_WARNING (CWE-569): [#def7] /usr/bin/renew-dummy-cert:14:18: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled. # 12| NEW=${PEM}_ # 13| # 14|-> trap "rm -f $REQ $KEY $CRT $NEW" SIGINT # 15| # 16| if [ ! -f $PEM ]; then Error: SHELLCHECK_WARNING (CWE-569): [#def8] /usr/bin/renew-dummy-cert:14:23: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled. # 12| NEW=${PEM}_ # 13| # 14|-> trap "rm -f $REQ $KEY $CRT $NEW" SIGINT # 15| # 16| if [ ! -f $PEM ]; then Error: SHELLCHECK_WARNING (CWE-569): [#def9] /usr/bin/renew-dummy-cert:14:28: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled. # 12| NEW=${PEM}_ # 13| # 14|-> trap "rm -f $REQ $KEY $CRT $NEW" SIGINT # 15| # 16| if [ ! -f $PEM ]; then Error: COMPILER_WARNING (CWE-1164): [#def10] openssl-3.2.4/crypto/rand/rand_lib.c:534:22: warning[-Wunused-function]: 'rand_new_seed' defined but not used # 534 | static EVP_RAND_CTX *rand_new_seed(OSSL_LIB_CTX *libctx) # | ^~~~~~~~~~~~~ # 532| # 533| #ifndef FIPS_MODULE # 534|-> static EVP_RAND_CTX *rand_new_seed(OSSL_LIB_CTX *libctx) # 535| { # 536| EVP_RAND *rand; Error: CPPCHECK_WARNING (CWE-457): [#def11] openssl-3.2.4/include/openssl/ssl.h:1030: warning[uninitvar]: Uninitialized variables: ptr.name, ptr.method # 1028| #define sk_SSL_CIPHER_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(SSL_CIPHER) *)OPENSSL_sk_deep_copy(ossl_check_const_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_copyfunc_type(copyfunc), ossl_check_SSL_CIPHER_freefunc_type(freefunc))) # 1029| #define sk_SSL_CIPHER_set_cmp_func(sk, cmp) ((sk_SSL_CIPHER_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_compfunc_type(cmp))) # 1030|-> SKM_DEFINE_STACK_OF_INTERNAL(SSL_COMP, SSL_COMP, SSL_COMP) # 1031| #define sk_SSL_COMP_num(sk) OPENSSL_sk_num(ossl_check_const_SSL_COMP_sk_type(sk)) # 1032| #define sk_SSL_COMP_value(sk, idx) ((SSL_COMP *)OPENSSL_sk_value(ossl_check_const_SSL_COMP_sk_type(sk), (idx))) Error: COMPILER_WARNING (CWE-704): [#def12] openssl-3.2.4/providers/fips/self_test.c: scope_hint: In function 'SELF_TEST_post' openssl-3.2.4/providers/fips/self_test.c:521:25: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type # 521 | module_checksum = fips_hmac_container; # | ^ # 519| # 520| if (st->module_checksum_data == NULL) { # 521|-> module_checksum = fips_hmac_container; # 522| checksum_len = sizeof(fips_hmac_container); # 523| } else { Error: COMPILER_WARNING (CWE-704): [#def13] openssl-3.2.4/providers/fips/self_test.c:521:25: warning[-Wdiscarded-qualifiers]: assignment discards 'const' qualifier from pointer target type # 519| # 520| if (st->module_checksum_data == NULL) { # 521|-> module_checksum = fips_hmac_container; # 522| checksum_len = sizeof(fips_hmac_container); # 523| } else { Error: COMPILER_WARNING (CWE-563): [#def14] openssl-3.2.4/providers/fips/self_test_kats.c: scope_hint: In function 'self_test_sign' openssl-3.2.4/providers/fips/self_test_kats.c:461:32: warning[-Wunused-variable]: unused variable 'dgst' # 461 | static const unsigned char dgst[] = { # | ^~~~ # 459| unsigned char sig[256]; # 460| size_t siglen = sizeof(sig); # 461|-> static const unsigned char dgst[] = { # 462| 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81, # 463| 0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28, Error: COMPILER_WARNING (CWE-563): [#def15] openssl-3.2.4/providers/implementations/kdfs/tls1_prf.c: scope_hint: In function 'kdf_tls1_prf_free' openssl-3.2.4/providers/implementations/kdfs/tls1_prf.c:131:19: warning[-Wunused-variable]: unused variable 'libctx' # 131 | OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); # | ^~~~~~ # 129| { # 130| TLS1_PRF *ctx = (TLS1_PRF *)vctx; # 131|-> OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); # 132| # 133| if (ctx != NULL) { Error: CPPCHECK_WARNING (CWE-457): [#def16] openssl-3.2.4/providers/implementations/signature/dsa_sig.c:363: warning[uninitvar]: Uninitialized variable: digest # 361| pdsactx->flag_allow_md = 1; # 362| # 363|-> return dsa_sign(vpdsactx, sig, siglen, sigsize, digest, (size_t)dlen); # 364| } # 365| Error: CPPCHECK_WARNING (CWE-457): [#def17] openssl-3.2.4/providers/implementations/signature/rsa_sig.c:984: warning[uninitvar]: Uninitialized variable: digest # 982| } # 983| # 984|-> return rsa_sign(vprsactx, sig, siglen, sigsize, digest, (size_t)dlen); # 985| } # 986| Error: GCC_ANALYZER_WARNING (CWE-476): [#def18] openssl-3.2.4/ssl/quic/quic_tls.c:758:52: warning[-Wanalyzer-null-dereference]: dereference of NULL 'sc' openssl-3.2.4/ssl/quic/quic_tls.c:707:8: branch_false: following 'false' branch... openssl-3.2.4/ssl/quic/quic_tls.c:731:5: branch_false: ...to here openssl-3.2.4/ssl/quic/quic_tls.c:733:8: branch_true: following 'true' branch... openssl-3.2.4/ssl/quic/quic_tls.c:734:30: branch_true: ...to here openssl-3.2.4/ssl/quic/quic_tls.c:745:16: branch_false: following 'false' branch... openssl-3.2.4/ssl/quic/quic_tls.c:752:14: branch_false: ...to here openssl-3.2.4/ssl/quic/quic_tls.c:752:12: branch_false: following 'false' branch... openssl-3.2.4/ssl/quic/quic_tls.c:755:9: branch_false: ...to here openssl-3.2.4/ssl/quic/quic_tls.c:758:52: danger: dereference of NULL 'sc' # 756| ossl_ssl_set_custom_record_layer(sc, &quic_tls_record_method, qtls); # 757| # 758|-> if (!ossl_tls_add_custom_ext_intern(NULL, &sc->cert->custext, # 759| qtls->args.is_server ? ENDPOINT_SERVER # 760| : ENDPOINT_CLIENT, Error: CPPCHECK_WARNING (CWE-476): [#def19] openssl-3.2.4/ssl/ssl_cert_comp.c:416: warning[nullPointer]: Possible null pointer dereference: sc # 414| CERT_PKEY *cpk = NULL; # 415| # 416|-> if (sc->cert != NULL) # 417| cpk = sc->cert->key; # 418| else Error: GCC_ANALYZER_WARNING (CWE-476): [#def20] openssl-3.2.4/ssl/ssl_cert_comp.c:416:9: warning[-Wanalyzer-null-dereference]: dereference of NULL 'sc' openssl-3.2.4/ssl/ssl_cert_comp.c:413:26: branch_false: following 'false' branch (when 'ssl' is NULL)... openssl-3.2.4/ssl/ssl_cert_comp.c:416:9: branch_false: ...to here openssl-3.2.4/ssl/ssl_cert_comp.c:416:9: danger: dereference of NULL 'sc' # 414| CERT_PKEY *cpk = NULL; # 415| # 416|-> if (sc->cert != NULL) # 417| cpk = sc->cert->key; # 418| else Error: GCC_ANALYZER_WARNING (CWE-476): [#def21] openssl-3.2.4/ssl/ssl_lib.c:7789:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 'sc' openssl-3.2.4/ssl/ssl_lib.c:7784:32: branch_false: following 'false' branch (when 's' is NULL)... openssl-3.2.4/ssl/ssl_lib.c:7786:9: branch_false: ...to here openssl-3.2.4/ssl/ssl_lib.c:7786:8: branch_false: following 'false' branch... openssl-3.2.4/ssl/ssl_lib.c:7789:10: branch_false: ...to here openssl-3.2.4/ssl/ssl_lib.c:7789:10: danger: dereference of NULL 'sc' # 7787| return 0; # 7788| # 7789|-> *t = sc->client_cert_type; # 7790| *len = sc->client_cert_type_len; # 7791| return 1; Error: GCC_ANALYZER_WARNING (CWE-476): [#def22] openssl-3.2.4/ssl/ssl_lib.c:7801:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 'sc' openssl-3.2.4/ssl/ssl_lib.c:7796:32: branch_false: following 'false' branch (when 's' is NULL)... openssl-3.2.4/ssl/ssl_lib.c:7798:9: branch_false: ...to here openssl-3.2.4/ssl/ssl_lib.c:7798:8: branch_false: following 'false' branch... openssl-3.2.4/ssl/ssl_lib.c:7801:10: branch_false: ...to here openssl-3.2.4/ssl/ssl_lib.c:7801:10: danger: dereference of NULL 'sc' # 7799| return 0; # 7800| # 7801|-> *t = sc->server_cert_type; # 7802| *len = sc->server_cert_type_len; # 7803| return 1; Error: GCC_ANALYZER_WARNING (CWE-457): [#def23] openssl-3.2.4/test/helpers/noisydgrambio.c:266:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'flip_offset' openssl-3.2.4/test/helpers/noisydgrambio.c:168:12: enter_function: entry to 'noisy_dgram_recvmmsg' openssl-3.2.4/test/helpers/noisydgrambio.c:177:8: branch_false: following 'false' branch... openssl-3.2.4/test/helpers/noisydgrambio.c:180:12: branch_false: ...to here openssl-3.2.4/test/helpers/noisydgrambio.c:181:8: branch_false: following 'false' branch... branch_false: ...to here openssl-3.2.4/test/helpers/noisydgrambio.c:201:8: branch_false: following 'false' branch... openssl-3.2.4/test/helpers/noisydgrambio.c:214:5: branch_false: ...to here openssl-3.2.4/test/helpers/noisydgrambio.c:218:10: branch_true: following 'true' branch (when 'i < msg_cnt')... openssl-3.2.4/test/helpers/noisydgrambio.c:226:13: branch_true: ...to here openssl-3.2.4/test/helpers/noisydgrambio.c:248:9: call_function: calling 'get_noise' from 'noisy_dgram_recvmmsg' openssl-3.2.4/test/helpers/noisydgrambio.c:248:9: return_function: returning to 'noisy_dgram_recvmmsg' from 'get_noise' openssl-3.2.4/test/helpers/noisydgrambio.c:250:12: branch_false: following 'false' branch... openssl-3.2.4/test/helpers/noisydgrambio.c:266:9: branch_false: ...to here openssl-3.2.4/test/helpers/noisydgrambio.c:266:9: danger: use of uninitialized value 'flip_offset' here # 264| } # 265| # 266|-> flip_bits(thismsg->data, thismsg->data_len, flip, flip_offset); # 267| # 268| /* Error: GCC_ANALYZER_WARNING (CWE-476): [#def24] openssl-3.2.4/test/sslapitest.c:1085:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 'clientsc' openssl-3.2.4/test/sslapitest.c:1044:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1045:13: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1044:9: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1048:15: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1054:8: branch_false: following 'false' branch... branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1063:8: branch_false: following 'false' branch... branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1078:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1085:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1085:10: danger: dereference of NULL 'clientsc' # 1083| * OpenSSL sequences # 1084| */ # 1085|-> if (!BIO_get_ktls_send(clientsc->wbio)) { # 1086| if (!TEST_mem_ne(crec_wseq_before, SEQ_NUM_SIZE, # 1087| crec_wseq_after, SEQ_NUM_SIZE)) Error: GCC_ANALYZER_WARNING (CWE-476): [#def25] openssl-3.2.4/test/sslapitest.c:1095:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 'serversc' openssl-3.2.4/test/sslapitest.c:1044:10: branch_true: following 'true' branch... openssl-3.2.4/test/sslapitest.c:1044:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1045:13: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1044:9: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1048:15: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1054:8: branch_false: following 'false' branch... branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1063:8: branch_false: following 'false' branch... branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1078:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1085:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1086:12: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1095:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1095:10: danger: dereference of NULL 'serversc' # 1093| } # 1094| # 1095|-> if (!BIO_get_ktls_send(serversc->wbio)) { # 1096| if (!TEST_mem_ne(srec_wseq_before, SEQ_NUM_SIZE, # 1097| srec_wseq_after, SEQ_NUM_SIZE)) Error: GCC_ANALYZER_WARNING (CWE-476): [#def26] openssl-3.2.4/test/sslapitest.c:1202:14: warning[-Wanalyzer-null-dereference]: dereference of NULL 'clientsc' openssl-3.2.4/test/sslapitest.c:1130:12: enter_function: entry to 'execute_test_ktls' openssl-3.2.4/test/sslapitest.c:1144:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1148:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1148:10: call_function: inlined call to 'ktls_chk_platform' from 'execute_test_ktls' openssl-3.2.4/test/sslapitest.c:1153:9: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1159:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1165:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1166:12: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1167:17: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1166:13: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1175:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1175:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1179:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1179:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1180:13: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1179:9: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1183:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1193:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1201:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1201:8: branch_true: following 'true' branch (when 'cis_ktls == 0')... openssl-3.2.4/test/sslapitest.c:1202:14: branch_true: ...to here openssl-3.2.4/test/sslapitest.c:1202:14: danger: dereference of NULL 'clientsc' # 1200| */ # 1201| if (!cis_ktls) { # 1202|-> if (!TEST_false(BIO_get_ktls_send(clientsc->wbio))) # 1203| goto end; # 1204| } else { Error: GCC_ANALYZER_WARNING (CWE-476): [#def27] openssl-3.2.4/test/sslapitest.c:1205:13: warning[-Wanalyzer-null-dereference]: dereference of NULL 'clientsc' openssl-3.2.4/test/sslapitest.c:1130:12: enter_function: entry to 'execute_test_ktls' openssl-3.2.4/test/sslapitest.c:1144:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1148:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1148:10: call_function: inlined call to 'ktls_chk_platform' from 'execute_test_ktls' openssl-3.2.4/test/sslapitest.c:1153:9: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1159:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1165:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1170:12: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1171:17: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1170:13: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1175:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1175:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1179:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1179:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1180:13: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1179:9: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1183:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1184:12: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1188:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1193:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1201:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1201:8: branch_false: following 'false' branch (when 'cis_ktls != 0')... openssl-3.2.4/test/sslapitest.c:1205:13: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1205:13: danger: dereference of NULL 'clientsc' # 1203| goto end; # 1204| } else { # 1205|-> if (BIO_get_ktls_send(clientsc->wbio)) # 1206| ktls_used = 1; # 1207| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def28] openssl-3.2.4/test/sslapitest.c:1210:14: warning[-Wanalyzer-null-dereference]: dereference of NULL 'serversc' openssl-3.2.4/test/sslapitest.c:1130:12: enter_function: entry to 'execute_test_ktls' openssl-3.2.4/test/sslapitest.c:1144:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1148:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1148:10: call_function: inlined call to 'ktls_chk_platform' from 'execute_test_ktls' openssl-3.2.4/test/sslapitest.c:1153:9: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1159:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1165:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1166:12: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1167:17: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1166:13: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1175:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1175:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1179:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1179:10: branch_true: following 'true' branch... openssl-3.2.4/test/sslapitest.c:1179:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1180:13: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1179:9: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1183:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1193:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1201:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1201:8: branch_true: following 'true' branch (when 'cis_ktls == 0')... openssl-3.2.4/test/sslapitest.c:1202:14: branch_true: ...to here openssl-3.2.4/test/sslapitest.c:1202:12: branch_false: following 'false' branch... branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1209:8: branch_true: following 'true' branch (when 'sis_ktls == 0')... openssl-3.2.4/test/sslapitest.c:1210:14: branch_true: ...to here openssl-3.2.4/test/sslapitest.c:1210:14: danger: dereference of NULL 'serversc' # 1208| # 1209| if (!sis_ktls) { # 1210|-> if (!TEST_false(BIO_get_ktls_send(serversc->wbio))) # 1211| goto end; # 1212| } else { Error: GCC_ANALYZER_WARNING (CWE-476): [#def29] openssl-3.2.4/test/sslapitest.c:1213:13: warning[-Wanalyzer-null-dereference]: dereference of NULL 'serversc' openssl-3.2.4/test/sslapitest.c:1130:12: enter_function: entry to 'execute_test_ktls' openssl-3.2.4/test/sslapitest.c:1144:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1148:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1148:10: call_function: inlined call to 'ktls_chk_platform' from 'execute_test_ktls' openssl-3.2.4/test/sslapitest.c:1153:9: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1159:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1165:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1170:12: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1171:17: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1170:13: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1175:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1175:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1179:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1179:10: branch_true: following 'true' branch... openssl-3.2.4/test/sslapitest.c:1179:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1180:13: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1179:9: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1183:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1189:12: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1193:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1193:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1201:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1201:8: branch_true: following 'true' branch (when 'cis_ktls == 0')... openssl-3.2.4/test/sslapitest.c:1202:14: branch_true: ...to here openssl-3.2.4/test/sslapitest.c:1202:12: branch_false: following 'false' branch... branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1209:8: branch_false: following 'false' branch (when 'sis_ktls != 0')... openssl-3.2.4/test/sslapitest.c:1213:13: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1213:13: danger: dereference of NULL 'serversc' # 1211| goto end; # 1212| } else { # 1213|-> if (BIO_get_ktls_send(serversc->wbio)) # 1214| ktls_used = 1; # 1215| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def30] openssl-3.2.4/test/sslapitest.c:1371:10: warning[-Wanalyzer-null-dereference]: dereference of NULL 'serversc' openssl-3.2.4/test/sslapitest.c:1303:12: enter_function: entry to 'execute_test_ktls_sendfile' openssl-3.2.4/test/sslapitest.c:1319:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1319:9: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1324:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1324:10: call_function: inlined call to 'ktls_chk_platform' from 'execute_test_ktls_sendfile' openssl-3.2.4/test/sslapitest.c:1329:9: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1335:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1341:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1342:12: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1343:17: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1342:13: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1351:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1351:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1355:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1355:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1358:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1358:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1361:8: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1367:8: branch_false: following 'false' branch... openssl-3.2.4/test/sslapitest.c:1371:10: branch_false: ...to here openssl-3.2.4/test/sslapitest.c:1371:10: danger: dereference of NULL 'serversc' # 1369| goto end; # 1370| # 1371|-> if (!BIO_get_ktls_send(serversc->wbio)) { # 1372| testresult = TEST_skip("Failed to enable KTLS for %s cipher %s", # 1373| tls_version == TLS1_3_VERSION ? "TLS 1.3" :
| analyzer-version-clippy | 1.86.0 |
| analyzer-version-cppcheck | 2.17.1 |
| analyzer-version-gcc | 15.0.1 |
| analyzer-version-gcc-analyzer | 15.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.86.0 |
| diffbase-analyzer-version-cppcheck | 2.17.1 |
| diffbase-analyzer-version-gcc | 15.0.1 |
| diffbase-analyzer-version-gcc-analyzer | 15.0.1 |
| diffbase-analyzer-version-shellcheck | 0.10.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-216.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | openssl-3.5.0-3.fc43 |
| diffbase-store-results-to | /tmp/tmpvokizq7y/openssl-3.5.0-3.fc43.tar.xz |
| diffbase-time-created | 2025-04-25 15:11:50 |
| diffbase-time-finished | 2025-04-25 15:51:53 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpvokizq7y/openssl-3.5.0-3.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpvokizq7y/openssl-3.5.0-3.fc43.src.rpm' |
| diffbase-tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-216.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | openssl-3.2.4-3.fc42 |
| store-results-to | /tmp/tmpsn0kasvf/openssl-3.2.4-3.fc42.tar.xz |
| time-created | 2025-04-25 14:39:51 |
| time-finished | 2025-04-25 15:11:20 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpsn0kasvf/openssl-3.2.4-3.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpsn0kasvf/openssl-3.2.4-3.fc42.src.rpm' |
| tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |