perl-Net-SSLeay-1.94-9.fc43

List of Findings

Error: COMPILER_WARNING (CWE-563): [#def1]
Net-SSLeay-1.94/SSLeay.c:4856:17: warning[-Wunused-but-set-variable]: variable ‘ignored_param1’ set but not used
# 4856 |         int     ignored_param1;
#      |                 ^~~~~~~~~~~~~~
# 4854|   	SSL *	s = INT2PTR(SSL *,SvIV(ST(0)))
# 4855|   ;
# 4856|-> 	int	ignored_param1;
# 4857|   	int	ignored_param2;
# 4858|   #line 3126 "SSLeay.xs"

Error: COMPILER_WARNING (CWE-563): [#def2]
Net-SSLeay-1.94/SSLeay.c: scope_hint: In function ‘XS_Net__SSLeay_get_shared_ciphers’
Net-SSLeay-1.94/SSLeay.c:4857:17: warning[-Wunused-but-set-variable]: variable ‘ignored_param2’ set but not used
# 4857 |         int     ignored_param2;
#      |                 ^~~~~~~~~~~~~~
# 4855|   ;
# 4856|   	int	ignored_param1;
# 4857|-> 	int	ignored_param2;
# 4858|   #line 3126 "SSLeay.xs"
# 4859|           char buf[8192];

Error: COMPILER_WARNING (CWE-563): [#def3]
Net-SSLeay-1.94/SSLeay.c: scope_hint: In function ‘XS_Net__SSLeay_ERR_put_error’
Net-SSLeay-1.94/SSLeay.c:6535:17: warning[-Wunused-variable]: unused variable ‘func’
# 6535 |         int     func = (int)SvIV(ST(1))
#      |                 ^~~~
# 6533|   	int	lib = (int)SvIV(ST(0))
# 6534|   ;
# 6535|-> 	int	func = (int)SvIV(ST(1))
# 6536|   ;
# 6537|   	int	reason = (int)SvIV(ST(2))

Error: COMPILER_WARNING (CWE-563): [#def4]
Net-SSLeay-1.94/SSLeay.c: scope_hint: In function ‘XS_Net__SSLeay_FIPS_mode_set’
Net-SSLeay-1.94/SSLeay.c:6631:17: warning[-Wunused-variable]: unused variable ‘onoff’
# 6631 |         int     onoff = (int)SvIV(ST(0))
#      |                 ^~~~~
# 6629|   	int	RETVAL;
# 6630|   	dXSTARG;
# 6631|-> 	int	onoff = (int)SvIV(ST(0))
# 6632|   ;
# 6633|   #line 3628 "SSLeay.xs"

Error: COMPILER_WARNING (CWE-563): [#def5]
Net-SSLeay-1.94/SSLeay.c:12724:17: warning[-Wunused-but-set-variable]: variable ‘unused_buf’ set but not used
#12724 |         char *  unused_buf;
#      |                 ^~~~~~~~~~
#12722|   	const SSL_CIPHER *	cipher = INT2PTR(const SSL_CIPHER *,SvIV(ST(0)))
#12723|   ;
#12724|-> 	char *	unused_buf;
#12725|   	int	unused_size;
#12726|   

Error: COMPILER_WARNING (CWE-563): [#def6]
Net-SSLeay-1.94/SSLeay.c: scope_hint: In function ‘XS_Net__SSLeay_CIPHER_description’
Net-SSLeay-1.94/SSLeay.c:12725:17: warning[-Wunused-but-set-variable]: variable ‘unused_size’ set but not used
#12725 |         int     unused_size;
#      |                 ^~~~~~~~~~~
#12723|   ;
#12724|   	char *	unused_buf;
#12725|-> 	int	unused_size;
#12726|   
#12727|   	if (items < 2)

Error: COMPILER_WARNING (CWE-563): [#def7]
Net-SSLeay-1.94/SSLeay.c:15866:17: warning[-Wunused-variable]: unused variable ‘ssl’
#15866 |         SSL *   ssl = INT2PTR(SSL *,SvIV(ST(0)))
#      |                 ^~~
#15864|          croak_xs_usage(cv,  "ssl, state");
#15865|       {
#15866|-> 	SSL *	ssl = INT2PTR(SSL *,SvIV(ST(0)))
#15867|   ;
#15868|   	int	state = (int)SvIV(ST(1))

Error: COMPILER_WARNING (CWE-563): [#def8]
Net-SSLeay-1.94/SSLeay.c: scope_hint: In function ‘XS_Net__SSLeay_set_state’
Net-SSLeay-1.94/SSLeay.c:15868:17: warning[-Wunused-variable]: unused variable ‘state’
#15868 |         int     state = (int)SvIV(ST(1))
#      |                 ^~~~~
#15866|   	SSL *	ssl = INT2PTR(SSL *,SvIV(ST(0)))
#15867|   ;
#15868|-> 	int	state = (int)SvIV(ST(1))
#15869|   ;
#15870|   #line 6746 "SSLeay.xs"

Error: COMPILER_WARNING (CWE-563): [#def9]
Net-SSLeay-1.94/SSLeay.xs: scope_hint: In function ‘openssl_threads_init’
Net-SSLeay-1.94/SSLeay.xs:359:9: warning[-Wunused-variable]: unused variable ‘i’
#  359 |     int i;
#      |         ^
#  357|   void openssl_threads_init(void)
#  358|   {
#  359|->     int i;
#  360|   
#  361|       PR1("STARTED: openssl_threads_init\n");

Error: COMPILER_WARNING (CWE-563): [#def10]
Net-SSLeay-1.94/SSLeay.xs: scope_hint: In function ‘ssleay_set_psk_client_callback_invoke’
Net-SSLeay-1.94/SSLeay.xs:984:12: warning[-Wunused-variable]: unused variable ‘n_a’
#  984 |     STRLEN n_a;
#      |            ^~~
#  982|       SV * hintsv;
#  983|       /* this n_a is required for building with old perls: */
#  984|->     STRLEN n_a;
#  985|   
#  986|       PR1("STARTED: ssleay_set_psk_client_callback_invoke\n");

Error: COMPILER_WARNING (CWE-563): [#def11]
Net-SSLeay-1.94/SSLeay.xs: scope_hint: In function ‘ssleay_ctx_set_psk_client_callback_invoke’
Net-SSLeay-1.94/SSLeay.xs:1042:12: warning[-Wunused-variable]: unused variable ‘n_a’
# 1042 |     STRLEN n_a;
#      |            ^~~
# 1040|       SV * hintsv;
# 1041|       /* this n_a is required for building with old perls: */
# 1042|->     STRLEN n_a;
# 1043|   
# 1044|       ctx = SSL_get_SSL_CTX(ssl);

Error: COMPILER_WARNING: [#def12]
Net-SSLeay-1.94/SSLeay.xs: scope_hint: In function ‘next_proto_helper_AV2protodata’
Net-SSLeay-1.94/SSLeay.xs:1431:13: warning[-Wstringop-truncation]: ‘strncpy’ output truncated before terminating nul copying as many bytes from a string as its length
# 1431 |             strncpy((char*)out+ptr+1, p, len);
#      |             ^
Net-SSLeay-1.94/SSLeay.xs:1426:22: note: length computed here
# 1426 |         size_t len = strlen(p);
#      |                      ^~~~~~~~~
# 1429|               /* if out == NULL we only calculate the length of output */
# 1430|               out[ptr] = (unsigned char)len;
# 1431|->             strncpy((char*)out+ptr+1, p, len);
# 1432|           }
# 1433|           ptr += strlen(p) + 1;

Error: COMPILER_WARNING (CWE-563): [#def13]
Net-SSLeay-1.94/SSLeay.xs: scope_hint: In function ‘next_proto_select_cb_invoke’
Net-SSLeay-1.94/SSLeay.xs:1465:12: warning[-Wunused-variable]: unused variable ‘n_a’
# 1465 |     STRLEN n_a;
#      |            ^~~
# 1463|       SSL_CTX *ctx = SSL_get_SSL_CTX(ssl);
# 1464|       /* this n_a is required for building with old perls: */
# 1465|->     STRLEN n_a;
# 1466|   
# 1467|       PR1("STARTED: next_proto_select_cb_invoke\n");

Error: COMPILER_WARNING (CWE-563): [#def14]
Net-SSLeay-1.94/SSLeay.xs: scope_hint: In function ‘pem_password_cb_invoke’
Net-SSLeay-1.94/SSLeay.xs:1672:12: warning[-Wunused-variable]: unused variable ‘n_a’
# 1672 |     STRLEN n_a;
#      |            ^~~
# 1670|       simple_cb_data_t* cb = (simple_cb_data_t*)data;
# 1671|       /* this n_a is required for building with old perls: */
# 1672|->     STRLEN n_a;
# 1673|   
# 1674|       PR1("STARTED: pem_password_cb_invoke\n");

Scan Properties

analyzer-version-clippy	1.86.0
analyzer-version-cppcheck	2.17.1
analyzer-version-gcc	15.0.1
analyzer-version-gcc-analyzer	15.0.1
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-6.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	perl-Net-SSLeay-1.94-9.fc43
store-results-to	/tmp/tmphpmm4mij/perl-Net-SSLeay-1.94-9.fc43.tar.xz
time-created	2025-04-25 14:49:17
time-finished	2025-04-25 14:50:45
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmphpmm4mij/perl-Net-SSLeay-1.94-9.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmphpmm4mij/perl-Net-SSLeay-1.94-9.fc43.src.rpm'
tool-version	csmock-3.8.1.20250422.172604.g26bc3d6-1.el9