Error: GCC_ANALYZER_WARNING (CWE-476): [#def1] xauth-1.1.4/gethost.c:238:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘c’ xauth-1.1.4/gethost.c:235:19: branch_false: following ‘false’ branch... xauth-1.1.4/gethost.c:238:25: branch_false: ...to here xauth-1.1.4/gethost.c:238:25: danger: dereference of NULL ‘c’ # 236| src = fulldpyname; # 237| } else { # 238|-> *c = '\0'; # 239| src = buf; # 240| } Error: GCC_ANALYZER_WARNING (CWE-122): [#def2] xauth-1.1.4/parsedpy.c:66:9: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow xauth-1.1.4/parsedpy.c:95:1: enter_function: entry to ‘parse_displayname’ xauth-1.1.4/parsedpy.c:112:8: branch_false: following ‘false’ branch... xauth-1.1.4/parsedpy.c:116:8: branch_false: following ‘false’ branch... xauth-1.1.4/parsedpy.c:128:8: branch_false: following ‘false’ branch (when ‘len != 0’)... xauth-1.1.4/parsedpy.c:141:15: branch_false: ...to here xauth-1.1.4/parsedpy.c:141:15: branch_true: following ‘true’ branch... xauth-1.1.4/parsedpy.c:144:16: call_function: calling ‘copystring’ from ‘parse_displayname’ # 64| if (cp) { # 65| if (src) memcpy (cp, src, len); # 66|-> cp[len] = '\0'; # 67| } # 68| return cp; Error: GCC_ANALYZER_WARNING (CWE-476): [#def3] xauth-1.1.4/process.c:292:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xauth-1.1.4/process.c:1813:1: enter_function: entry to ‘do_source’ xauth-1.1.4/process.c:1822:8: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1830:10: call_function: calling ‘open_file’ from ‘do_source’ xauth-1.1.4/process.c:1830:10: return_function: returning to ‘do_source’ from ‘open_file’ xauth-1.1.4/process.c:1831:8: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1835:9: branch_false: ...to here xauth-1.1.4/process.c:1835:8: branch_true: following ‘true’ branch... xauth-1.1.4/process.c:1835:9: branch_true: following ‘true’ branch... branch_true: ...to here xauth-1.1.4/process.c:1837:12: branch_true: following ‘true’ branch... xauth-1.1.4/process.c:1843:9: branch_true: ...to here xauth-1.1.4/process.c:1844:12: branch_true: following ‘true’ branch (when ‘prompt != 0’)... xauth-1.1.4/process.c:1845:13: branch_true: ...to here xauth-1.1.4/process.c:1848:12: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1849:9: branch_false: ...to here xauth-1.1.4/process.c:1851:12: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1852:12: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1858:9: branch_false: ...to here xauth-1.1.4/process.c:1859:19: call_function: calling ‘split_into_words’ from ‘do_source’ # 290| jword = skip_space (src); # 291| src = skip_nonspace (jword); # 292|-> savec = *src; # 293| *src = '\0'; # 294| if (cur == total) { Error: GCC_ANALYZER_WARNING (CWE-762): [#def4] xauth-1.1.4/process.c:297:24: warning[-Wanalyzer-mismatching-deallocation]: ‘argv’ should have been deallocated with ‘free’ but was deallocated with ‘reallocarray’ xauth-1.1.4/process.c:1813:1: enter_function: entry to ‘do_source’ xauth-1.1.4/process.c:1822:8: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1830:10: call_function: calling ‘open_file’ from ‘do_source’ xauth-1.1.4/process.c:1830:10: return_function: returning to ‘do_source’ from ‘open_file’ xauth-1.1.4/process.c:1831:8: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1835:9: branch_false: ...to here xauth-1.1.4/process.c:1835:8: branch_true: following ‘true’ branch... xauth-1.1.4/process.c:1835:9: branch_true: following ‘true’ branch... branch_true: ...to here xauth-1.1.4/process.c:1837:12: branch_true: following ‘true’ branch... xauth-1.1.4/process.c:1843:9: branch_true: ...to here xauth-1.1.4/process.c:1844:12: branch_true: following ‘true’ branch (when ‘prompt != 0’)... xauth-1.1.4/process.c:1845:13: branch_true: ...to here xauth-1.1.4/process.c:1848:12: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1849:9: branch_false: ...to here xauth-1.1.4/process.c:1851:12: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1852:12: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1858:9: branch_false: ...to here xauth-1.1.4/process.c:1859:19: call_function: calling ‘split_into_words’ from ‘do_source’ # 295| const char **new_argv; # 296| total += WORDSTOALLOC; # 297|-> new_argv = reallocarray (argv, total, sizeof (char *)); # 298| if (new_argv != NULL) { # 299| argv = new_argv; Error: COMPILER_WARNING (CWE-762): [#def5] xauth-1.1.4/process.c: scope_hint: In function ‘read_numeric’ xauth-1.1.4/process.c:454:15: warning[-Wmismatched-dealloc]: ‘XauDisposeAuth’ called on pointer returned from a mismatched allocation function # 454 | if (auth) XauDisposeAuth (auth); /* won't free null pointers */ # | ^~~~~~~~~~~~~~~~~~~~~ xauth-1.1.4/process.c:416:12: note: returned from ‘malloc’ # 416 | auth = malloc (sizeof (Xauth)); # | ^~~~~~~~~~~~~~~~~~~~~~~ # 452| # 453| bad: # 454|-> if (auth) XauDisposeAuth (auth); /* won't free null pointers */ # 455| return NULL; # 456| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] xauth-1.1.4/process.c:539:21: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ xauth-1.1.4/process.c:1735:1: enter_function: entry to ‘do_remove’ xauth-1.1.4/process.c:1740:8: branch_false: following ‘false’ branch (when ‘argc > 1’)... xauth-1.1.4/process.c:1746:14: branch_false: ...to here xauth-1.1.4/process.c:1746:14: call_function: calling ‘iterdpy’ from ‘do_remove’ # 537| # 538| if (authl_cur == NULL) { # 539|-> *authl = authl_cur = newal; # 540| } else { # 541| authl_cur->next = newal; Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] xauth-1.1.4/process.c:539:21: warning[-Wanalyzer-malloc-leak]: leak of ‘list’ xauth-1.1.4/process.c:1621:1: enter_function: entry to ‘do_add’ xauth-1.1.4/process.c:1631:8: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1642:8: branch_true: following ‘true’ branch... xauth-1.1.4/process.c:1644:12: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1648:32: branch_false: ...to here xauth-1.1.4/process.c:1669:10: call_function: calling ‘get_displayname_auth’ from ‘do_add’ # 537| # 538| if (authl_cur == NULL) { # 539|-> *authl = authl_cur = newal; # 540| } else { # 541| authl_cur->next = newal; Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] xauth-1.1.4/process.c:539:21: warning[-Wanalyzer-malloc-leak]: leak of ‘proto_head’ xauth-1.1.4/process.c:1735:1: enter_function: entry to ‘do_remove’ xauth-1.1.4/process.c:1740:8: branch_false: following ‘false’ branch (when ‘argc > 1’)... xauth-1.1.4/process.c:1746:14: branch_false: ...to here xauth-1.1.4/process.c:1746:14: call_function: calling ‘iterdpy’ from ‘do_remove’ # 537| # 538| if (authl_cur == NULL) { # 539|-> *authl = authl_cur = newal; # 540| } else { # 541| authl_cur->next = newal; Error: GCC_ANALYZER_WARNING (CWE-688): [#def9] xauth-1.1.4/process.c:1087:13: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected xauth-1.1.4/process.c:1735:1: enter_function: entry to ‘do_remove’ xauth-1.1.4/process.c:1740:8: branch_false: following ‘false’ branch (when ‘argc > 1’)... xauth-1.1.4/process.c:1746:14: branch_false: ...to here xauth-1.1.4/process.c:1746:14: call_function: calling ‘iterdpy’ from ‘do_remove’ # 1085| a->number_length == b->number_length && # 1086| a->name_length == b->name_length && # 1087|-> memcmp(a->address, b->address, a->address_length) == 0 && # 1088| memcmp(a->number, b->number, a->number_length) == 0 && # 1089| memcmp(a->name, b->name, a->name_length) == 0) ? 1 : 0); Error: GCC_ANALYZER_WARNING (CWE-688): [#def10] xauth-1.1.4/process.c:1088:13: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected xauth-1.1.4/process.c:1735:1: enter_function: entry to ‘do_remove’ xauth-1.1.4/process.c:1740:8: branch_false: following ‘false’ branch (when ‘argc > 1’)... xauth-1.1.4/process.c:1746:14: branch_false: ...to here xauth-1.1.4/process.c:1746:14: call_function: calling ‘iterdpy’ from ‘do_remove’ # 1086| a->name_length == b->name_length && # 1087| memcmp(a->address, b->address, a->address_length) == 0 && # 1088|-> memcmp(a->number, b->number, a->number_length) == 0 && # 1089| memcmp(a->name, b->name, a->name_length) == 0) ? 1 : 0); # 1090| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def11] xauth-1.1.4/process.c:1089:13: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected xauth-1.1.4/process.c:1735:1: enter_function: entry to ‘do_remove’ xauth-1.1.4/process.c:1740:8: branch_false: following ‘false’ branch (when ‘argc > 1’)... xauth-1.1.4/process.c:1746:14: branch_false: ...to here xauth-1.1.4/process.c:1746:14: call_function: calling ‘iterdpy’ from ‘do_remove’ # 1087| memcmp(a->address, b->address, a->address_length) == 0 && # 1088| memcmp(a->number, b->number, a->number_length) == 0 && # 1089|-> memcmp(a->name, b->name, a->name_length) == 0) ? 1 : 0); # 1090| } # 1091| Error: GCC_ANALYZER_WARNING (CWE-476): [#def12] xauth-1.1.4/process.c:1103:36: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘b’ xauth-1.1.4/process.c:1735:1: enter_function: entry to ‘do_remove’ xauth-1.1.4/process.c:1740:8: branch_false: following ‘false’ branch (when ‘argc > 1’)... xauth-1.1.4/process.c:1746:14: branch_false: ...to here xauth-1.1.4/process.c:1746:14: call_function: calling ‘iterdpy’ from ‘do_remove’ # 1101| match_auth_dpy(register Xauth *a, register Xauth *b) # 1102| { # 1103|-> if (a->family != FamilyWild && b->family != FamilyWild) { # 1104| /* Both "a" and "b" are not FamilyWild, they are "normal" families. */ # 1105| Error: GCC_ANALYZER_WARNING (CWE-688): [#def13] xauth-1.1.4/process.c:1116:13: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected xauth-1.1.4/process.c:1735:1: enter_function: entry to ‘do_remove’ xauth-1.1.4/process.c:1740:8: branch_false: following ‘false’ branch (when ‘argc > 1’)... xauth-1.1.4/process.c:1746:14: branch_false: ...to here xauth-1.1.4/process.c:1746:14: call_function: calling ‘iterdpy’ from ‘do_remove’ # 1114| * "FamilyWild". */ # 1115| if (a->address_length != b->address_length || # 1116|-> memcmp(a->address, b->address, a->address_length) != 0) # 1117| return 0; # 1118| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def14] xauth-1.1.4/process.c:1120:34: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘b’ xauth-1.1.4/process.c:1735:1: enter_function: entry to ‘do_remove’ xauth-1.1.4/process.c:1740:8: branch_false: following ‘false’ branch (when ‘argc > 1’)... xauth-1.1.4/process.c:1746:14: branch_false: ...to here xauth-1.1.4/process.c:1746:14: call_function: calling ‘iterdpy’ from ‘do_remove’ # 1118| } # 1119| # 1120|-> if (a->number_length != 0 && b->number_length != 0) { # 1121| /* Both "a" and "b" have a number, make sure they match: */ # 1122| if (a->number_length != b->number_length || Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] xauth-1.1.4/process.c:1330:13: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ xauth-1.1.4/process.c:1577:1: enter_function: entry to ‘do_extract’ xauth-1.1.4/process.c:1595:14: call_function: calling ‘iterdpy’ from ‘do_extract’ # 1328| } # 1329| } # 1330|-> XauDisposeAuth(tmp_auth); # 1331| if (matched == False) { # 1332| if (nfunc) { Error: GCC_ANALYZER_WARNING (CWE-762): [#def16] xauth-1.1.4/process.c:1330:13: warning[-Wanalyzer-mismatching-deallocation]: ‘copyAuth(*l.auth)’ should have been deallocated with ‘free’ but was deallocated with ‘XauDisposeAuth’ xauth-1.1.4/process.c:1577:1: enter_function: entry to ‘do_extract’ xauth-1.1.4/process.c:1595:14: call_function: calling ‘iterdpy’ from ‘do_extract’ # 1328| } # 1329| } # 1330|-> XauDisposeAuth(tmp_auth); # 1331| if (matched == False) { # 1332| if (nfunc) { Error: GCC_ANALYZER_WARNING (CWE-762): [#def17] xauth-1.1.4/process.c:1694:17: warning[-Wanalyzer-mismatching-deallocation]: ‘auth’ should have been deallocated with ‘free’ but was deallocated with ‘XauDisposeAuth’ xauth-1.1.4/process.c:1892:1: enter_function: entry to ‘do_generate’ xauth-1.1.4/process.c:1909:8: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1990:8: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1997:14: branch_false: ...to here xauth-1.1.4/process.c:1998:8: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:2009:15: branch_false: ...to here xauth-1.1.4/process.c:2025:8: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:2037:11: call_function: calling ‘bintohex’ from ‘do_generate’ xauth-1.1.4/process.c:2037:11: return_function: returning to ‘do_generate’ from ‘bintohex’ xauth-1.1.4/process.c:2043:14: call_function: calling ‘do_add’ from ‘do_generate’ # 1692| for (list_cur = list; list_cur != NULL; list_cur = list_next) { # 1693| list_next = list_cur->next; # 1694|-> XauDisposeAuth(list_cur->auth); # 1695| free(list_cur); # 1696| } Error: GCC_ANALYZER_WARNING (CWE-762): [#def18] xauth-1.1.4/process.c:1707:25: warning[-Wanalyzer-mismatching-deallocation]: ‘auth’ should have been deallocated with ‘free’ but was deallocated with ‘XauDisposeAuth’ xauth-1.1.4/process.c:1892:1: enter_function: entry to ‘do_generate’ xauth-1.1.4/process.c:1909:8: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1990:8: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1997:14: branch_false: ...to here xauth-1.1.4/process.c:1998:8: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:2009:15: branch_false: ...to here xauth-1.1.4/process.c:2025:8: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:2037:11: call_function: calling ‘bintohex’ from ‘do_generate’ xauth-1.1.4/process.c:2037:11: return_function: returning to ‘do_generate’ from ‘bintohex’ xauth-1.1.4/process.c:2043:14: call_function: calling ‘do_add’ from ‘do_generate’ # 1705| for (list_cur = list; list_cur != NULL; list_cur = list_next) { # 1706| list_next = list_cur->next; # 1707|-> XauDisposeAuth(list_cur->auth); # 1708| free(list_cur); # 1709| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def19] xauth-1.1.4/process.c:1960:17: warning[-Wanalyzer-malloc-leak]: leak of ‘authdata’ xauth-1.1.4/process.c:1909:8: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1921:21: branch_true: following ‘true’ branch (when ‘i < argc’)... xauth-1.1.4/process.c:1922:29: branch_true: ...to here xauth-1.1.4/process.c:1950:19: branch_true: following ‘true’ branch (when the strings are equal)... xauth-1.1.4/process.c:1951:16: branch_true: ...to here xauth-1.1.4/process.c:1951:16: branch_false: following ‘false’ branch (when ‘argc != i’)... xauth-1.1.4/process.c:1957:27: branch_false: ...to here xauth-1.1.4/process.c:1959:16: branch_true: following ‘true’ branch... xauth-1.1.4/process.c:1960:28: acquire_memory: allocated here xauth-1.1.4/process.c:1961:20: branch_false: following ‘false’ branch... xauth-1.1.4/process.c:1966:46: branch_false: ...to here xauth-1.1.4/process.c:1921:21: branch_true: following ‘true’ branch (when ‘i < argc’)... xauth-1.1.4/process.c:1922:29: branch_true: ...to here xauth-1.1.4/process.c:1950:19: branch_true: following ‘true’ branch (when the strings are equal)... xauth-1.1.4/process.c:1951:16: branch_true: ...to here xauth-1.1.4/process.c:1951:16: branch_false: following ‘false’ branch (when ‘argc != i’)... xauth-1.1.4/process.c:1957:27: branch_false: ...to here xauth-1.1.4/process.c:1959:16: branch_true: following ‘true’ branch... xauth-1.1.4/process.c:1960:17: danger: ‘authdata’ leaks here; was allocated at [(11)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/10) # 1958| authdatalen = strlen(hexdata); # 1959| if (hexdata[0] == '"' && hexdata[authdatalen-1] == '"') { # 1960|-> authdata = malloc(authdatalen-1); # 1961| if (!authdata) { # 1962| fprintf(stderr, "unable to allocate memory\n");
| analyzer-version-clippy | 1.86.0 |
| analyzer-version-cppcheck | 2.17.1 |
| analyzer-version-gcc | 15.0.1 |
| analyzer-version-gcc-analyzer | 15.0.1 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-156.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | xorg-x11-xauth-1.1.4-1.fc43 |
| store-results-to | /tmp/tmpq_etmlpc/xorg-x11-xauth-1.1.4-1.fc43.tar.xz |
| time-created | 2025-04-25 16:06:12 |
| time-finished | 2025-04-25 16:07:23 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpq_etmlpc/xorg-x11-xauth-1.1.4-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpq_etmlpc/xorg-x11-xauth-1.1.4-1.fc43.src.rpm' |
| tool-version | csmock-3.8.1.20250422.172604.g26bc3d6-1.el9 |