Error: COMPILER_WARNING (CWE-704): [#def1] elfutils-0.193/debuginfod/debuginfod-client.c: scope_hint: In function ‘debuginfod_add_http_header’ elfutils-0.193/debuginfod/debuginfod-client.c:3102:17: warning[-Wdiscarded-qualifiers]: initialization discards ‘const’ qualifier from pointer target type # 3102 | char *colon = strchr (header, ':'); /* first colon */ # | ^~~~~~ # 3100| It should contain at least one colon that isn't the first or # 3101| last character. */ # 3102|-> char *colon = strchr (header, ':'); /* first colon */ # 3103| if (colon == NULL /* present */ # 3104| || colon == header /* not at beginning - i.e., have a header name */ Error: COMPILER_WARNING (CWE-704): [#def2] elfutils-0.193/debuginfod/debuginfod-client.c:3102:17: warning[-Wdiscarded-qualifiers]: initialization discards ‘const’ qualifier from pointer target type # 3100| It should contain at least one colon that isn't the first or # 3101| last character. */ # 3102|-> char *colon = strchr (header, ':'); /* first colon */ # 3103| if (colon == NULL /* present */ # 3104| || colon == header /* not at beginning - i.e., have a header name */ Error: COMPILER_WARNING (CWE-704): [#def3] elfutils-0.193/libcpu/riscv_disasm.c: scope_hint: In function ‘riscv_disasm’ elfutils-0.193/libcpu/riscv_disasm.c:1259:46: warning[-Wdiscarded-qualifiers]: initialization discards ‘const’ qualifier from pointer target type # 1259 | struct known_csrs *found = bsearch (&key, known, # | ^~~~~~~ # 1257| op[last++] = REG (rd); # 1258| struct known_csrs key = { csr, NULL }; # 1259|-> struct known_csrs *found = bsearch (&key, known, # 1260| sizeof (known) / sizeof (known[0]), # 1261| sizeof (known[0]), Error: COMPILER_WARNING (CWE-704): [#def4] elfutils-0.193/libcpu/riscv_disasm.c:1259:46: warning[-Wdiscarded-qualifiers]: initialization discards ‘const’ qualifier from pointer target type # 1257| op[last++] = REG (rd); # 1258| struct known_csrs key = { csr, NULL }; # 1259|-> struct known_csrs *found = bsearch (&key, known, # 1260| sizeof (known) / sizeof (known[0]), # 1261| sizeof (known[0]), Error: COMPILER_WARNING (CWE-704): [#def5] elfutils-0.193/libdw/dwarf_getsrclines.c: scope_hint: In function ‘read_srcfiles’ elfutils-0.193/libdw/dwarf_getsrclines.c:367:27: warning[-Wdiscarded-qualifiers]: initialization discards ‘const’ qualifier from pointer target type # 367 | uint8_t *endp = memchr (dirp, '\0', lineendp - dirp); # | ^~~~~~ # 365| while (dirp < lineendp && *dirp != 0) # 366| { # 367|-> uint8_t *endp = memchr (dirp, '\0', lineendp - dirp); # 368| if (endp == NULL) # 369| goto invalid_data; Error: COMPILER_WARNING (CWE-704): [#def6] elfutils-0.193/libdw/dwarf_getsrclines.c:367:27: warning[-Wdiscarded-qualifiers]: initialization discards ‘const’ qualifier from pointer target type # 365| while (dirp < lineendp && *dirp != 0) # 366| { # 367|-> uint8_t *endp = memchr (dirp, '\0', lineendp - dirp); # 368| if (endp == NULL) # 369| goto invalid_data; Error: COMPILER_WARNING (CWE-704): [#def7] elfutils-0.193/libdw/dwarf_getsrclines.c:443:27: warning[-Wdiscarded-qualifiers]: initialization discards ‘const’ qualifier from pointer target type # 443 | uint8_t *endp = memchr (linep, '\0', lineendp - linep); # | ^~~~~~ # 441| { # 442| dirarray[n].dir = (char *) linep; # 443|-> uint8_t *endp = memchr (linep, '\0', lineendp - linep); # 444| assert (endp != NULL); // Checked above when calculating ndirlist. # 445| dirarray[n].len = endp - linep; Error: COMPILER_WARNING (CWE-704): [#def8] elfutils-0.193/libdw/dwarf_getsrclines.c:443:27: warning[-Wdiscarded-qualifiers]: initialization discards ‘const’ qualifier from pointer target type # 441| { # 442| dirarray[n].dir = (char *) linep; # 443|-> uint8_t *endp = memchr (linep, '\0', lineendp - linep); # 444| assert (endp != NULL); // Checked above when calculating ndirlist. # 445| dirarray[n].len = endp - linep; Error: COMPILER_WARNING (CWE-704): [#def9] elfutils-0.193/libdw/dwarf_getsrclines.c: scope_hint: In function ‘read_srclines’ elfutils-0.193/libdw/dwarf_getsrclines.c:930:33: warning[-Wdiscarded-qualifiers]: initialization discards ‘const’ qualifier from pointer target type # 930 | uint8_t *endp = memchr (linep, '\0', lineendp - linep); # | ^~~~~~ # 928| { # 929| char *fname = (char *) linep; # 930|-> uint8_t *endp = memchr (linep, '\0', lineendp - linep); # 931| if (endp == NULL) # 932| goto invalid_data; Error: COMPILER_WARNING (CWE-704): [#def10] elfutils-0.193/libdw/dwarf_getsrclines.c:930:33: warning[-Wdiscarded-qualifiers]: initialization discards ‘const’ qualifier from pointer target type # 928| { # 929| char *fname = (char *) linep; # 930|-> uint8_t *endp = memchr (linep, '\0', lineendp - linep); # 931| if (endp == NULL) # 932| goto invalid_data; Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] elfutils-0.193/libdwfl_stacktrace/dwflst_perf_frame.c:241:12: warning[-Wanalyzer-malloc-leak]: leak of ‘sample_arg’ elfutils-0.193/libdwfl_stacktrace/dwflst_perf_frame.c:216:6: branch_false: following ‘false’ branch... elfutils-0.193/libdwfl_stacktrace/dwflst_perf_frame.c:223:20: branch_false: ...to here elfutils-0.193/libdwfl_stacktrace/dwflst_perf_frame.c:223:20: acquire_memory: allocated here elfutils-0.193/libdwfl_stacktrace/dwflst_perf_frame.c:224:10: branch_false: following ‘false’ branch (when ‘sample_arg’ is non-NULL)... elfutils-0.193/libdwfl_stacktrace/dwflst_perf_frame.c:231:3: branch_false: ...to here elfutils-0.193/libdwfl_stacktrace/dwflst_perf_frame.c:240:6: branch_false: following ‘false’ branch (when ‘attached == 0’)... elfutils-0.193/libdwfl_stacktrace/dwflst_perf_frame.c:241:12: branch_false: ...to here elfutils-0.193/libdwfl_stacktrace/dwflst_perf_frame.c:241:12: throw: if ‘dwfl_attach_state’ throws an exception... elfutils-0.193/libdwfl_stacktrace/dwflst_perf_frame.c:241:12: danger: ‘sample_arg’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2) # 239| # 240| if (! attached # 241|-> && ! INTUSE(dwfl_attach_state) (dwfl, elf, pid, # 242| &sample_thread_callbacks, sample_arg)) # 243| return -1; Error: COMPILER_WARNING (CWE-476): [#def12] elfutils-0.193/libelf/elf32_updatenull.c:57:7: warning[-Wnull-dereference]: potential null pointer dereference # 57 | if (memcmp (&ehdr->e_ident[EI_MAG0], ELFMAG, SELFMAG) != 0) # | ^ # 55| { # 56| /* Always write the magic bytes. */ # 57|-> if (memcmp (&ehdr->e_ident[EI_MAG0], ELFMAG, SELFMAG) != 0) # 58| { # 59| memcpy (&ehdr->e_ident[EI_MAG0], ELFMAG, SELFMAG);
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-98.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | elfutils-0.194-2.fc44 |
| diffbase-store-results-to | /tmp/tmpuuwbx_ns/elfutils-0.194-2.fc44.tar.xz |
| diffbase-time-created | 2026-01-08 16:00:37 |
| diffbase-time-finished | 2026-01-08 16:04:56 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpuuwbx_ns/elfutils-0.194-2.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpuuwbx_ns/elfutils-0.194-2.fc44.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-98.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | elfutils-0.193-3.fc43 |
| store-results-to | /tmp/tmp_jsrpp18/elfutils-0.193-3.fc43.tar.xz |
| time-created | 2026-01-08 15:55:28 |
| time-finished | 2026-01-08 16:00:12 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp_jsrpp18/elfutils-0.193-3.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp_jsrpp18/elfutils-0.193-3.fc43.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |