Error: CPPCHECK_WARNING (CWE-476): [#def1] fprintd-v1.94.5/pam/pam_fprintd.c:768: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data # 766| # 767| data = calloc (1, sizeof (verify_data)); # 768|-> data->max_tries = max_tries; # 769| data->pamh = pamh; # 770| Error: GCC_ANALYZER_WARNING (CWE-476): [#def2] fprintd-v1.94.5/pam/pam_fprintd.c:768:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘data’ fprintd-v1.94.5/pam/pam_fprintd.c:767:10: acquire_memory: this call could return NULL fprintd-v1.94.5/pam/pam_fprintd.c:768:3: danger: ‘calloc(1, 48)’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0) # 766| # 767| data = calloc (1, sizeof (verify_data)); # 768|-> data->max_tries = max_tries; # 769| data->pamh = pamh; # 770| Error: CPPCHECK_WARNING (CWE-476): [#def3] fprintd-v1.94.5/pam/pam_fprintd.c:769: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data # 767| data = calloc (1, sizeof (verify_data)); # 768| data->max_tries = max_tries; # 769|-> data->pamh = pamh; # 770| # 771| if (sd_bus_open_system (&bus) < 0) Error: CPPCHECK_WARNING (CWE-401): [#def4] fprintd-v1.94.5/pam/pam_fprintd.c:774: error[memleak]: Memory leak: data # 772| { # 773| pam_syslog (pamh, LOG_ERR, "Error with getting the bus: %d", errno); # 774|-> return PAM_AUTHINFO_UNAVAIL; # 775| } # 776| Error: CPPCHECK_WARNING (CWE-401): [#def5] fprintd-v1.94.5/pam/pam_fprintd.c:779: error[memleak]: Memory leak: data # 777| data->dev = open_device (pamh, bus, username, &data->has_multiple_devices); # 778| if (data->dev == NULL) # 779|-> return PAM_AUTHINFO_UNAVAIL; # 780| # 781| /* Only connect to NameOwnerChanged when needed. In case of automatic startup Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] fprintd-v1.94.5/pam/pam_fprintd_autoptrs.h:58:1: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ fprintd-v1.94.5/pam/pam_fprintd.c:761:1: enter_function: entry to ‘do_auth’ fprintd-v1.94.5/pam/pam_fprintd.c:771:6: branch_false: following ‘false’ branch... fprintd-v1.94.5/pam/pam_fprintd.c:777:54: branch_false: ...to here fprintd-v1.94.5/pam/pam_fprintd.c:777:15: call_function: calling ‘open_device’ from ‘do_auth’ # 56| # 57| PF_DEFINE_AUTOPTR_CLEANUP_FUNC (sd_bus, sd_bus_unref) # 58|-> PF_DEFINE_AUTOPTR_CLEANUP_FUNC (sd_bus_message, sd_bus_message_unref) # 59| PF_DEFINE_AUTOPTR_CLEANUP_FUNC (sd_bus_slot, sd_bus_slot_unref) # 60| Error: GCC_ANALYZER_WARNING (CWE-457): [#def7] fprintd-v1.94.5/redhat-linux-build/src/fprintd-dbus.h:108:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘dev’ fprintd-v1.94.5/utils/delete.c:142:6: branch_false: following ‘false’ branch... fprintd-v1.94.5/utils/delete.c:150:17: branch_false: ...to here fprintd-v1.94.5/utils/delete.c:151:6: branch_false: following ‘false’ branch... fprintd-v1.94.5/utils/delete.c:157:3: branch_false: ...to here fprintd-v1.94.5/utils/delete.c:173:15: branch_true: following ‘true’ branch... fprintd-v1.94.5/utils/delete.c:179:7: branch_true: ...to here fprintd-v1.94.5/utils/delete.c:179:7: throw: if ‘g_print’ throws an exception... fprintd-v1.94.5/utils/delete.c:175:35: call_function: inlined call to ‘glib_autoptr_cleanup_FprintDBusDevice’ from ‘process_devices’ # 106| # 107| #if GLIB_CHECK_VERSION(2, 44, 0) # 108|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (FprintDBusDevice, g_object_unref) # 109| #endif # 110| Error: GCC_ANALYZER_WARNING (CWE-457): [#def8] fprintd-v1.94.5/redhat-linux-build/src/fprintd-dbus.h:802:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘objects’ fprintd-v1.94.5/src/manager.c:549:13: throw: if ‘g_dbus_object_manager_get_objects’ throws an exception... fprintd-v1.94.5/src/manager.c:544:41: call_function: inlined call to ‘glib_listautoptr_cleanup_FprintDBusObjectSkeleton’ from ‘fprint_manager_get_devices’ # 800| # 801| #if GLIB_CHECK_VERSION(2, 44, 0) # 802|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (FprintDBusObjectSkeleton, g_object_unref) # 803| #endif # 804| Error: GCC_ANALYZER_WARNING (CWE-457): [#def9] fprintd-v1.94.5/redhat-linux-build/src/fprintd-dbus.h:802:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘object’ fprintd-v1.94.5/src/manager.c:390:1: enter_function: entry to ‘device_added_cb’ fprintd-v1.94.5/src/manager.c:395:27: call_function: inlined call to ‘glib_autoptr_cleanup_FprintDevice’ from ‘device_added_cb’ fprintd-v1.94.5/src/manager.c:394:39: call_function: inlined call to ‘glib_autoptr_cleanup_FprintDBusObjectSkeleton’ from ‘device_added_cb’ # 800| # 801| #if GLIB_CHECK_VERSION(2, 44, 0) # 802|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (FprintDBusObjectSkeleton, g_object_unref) # 803| #endif # 804| Error: GCC_ANALYZER_WARNING (CWE-457): [#def10] fprintd-v1.94.5/src/device.c:162:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘session’ fprintd-v1.94.5/src/device.c:953:1: enter_function: entry to ‘_fprint_device_client_vanished’ fprintd-v1.94.5/src/device.c:961:13: call_function: calling ‘session_data_get’ from ‘_fprint_device_client_vanished’ fprintd-v1.94.5/src/device.c:961:13: return_function: returning to ‘_fprint_device_client_vanished’ from ‘session_data_get’ fprintd-v1.94.5/src/device.c:964:6: branch_true: following ‘true’ branch... fprintd-v1.94.5/src/device.c:965:18: branch_true: ...to here fprintd-v1.94.5/src/device.c:964:7: branch_true: following ‘true’ branch... fprintd-v1.94.5/src/device.c:967:7: branch_true: ...to here fprintd-v1.94.5/src/device.c:967:7: throw: if ‘g_cancellable_cancel’ throws an exception... fprintd-v1.94.5/src/device.c:958:26: call_function: inlined call to ‘glib_autoptr_cleanup_SessionData’ from ‘_fprint_device_client_vanished’ # 160| } # 161| } # 162|-> G_DEFINE_AUTOPTR_CLEANUP_FUNC (SessionData, session_data_unref); # 163| # 164| static SessionData * Error: GCC_ANALYZER_WARNING (CWE-457): [#def11] fprintd-v1.94.5/src/fprintd.h:76:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘manager’ fprintd-v1.94.5/src/main.c:172:13: throw: if ‘g_option_context_new’ throws an exception... fprintd-v1.94.5/src/main.c:162:28: call_function: inlined call to ‘glib_autoptr_cleanup_FprintManager’ from ‘main’ # 74| /* Manager */ # 75| #define FPRINT_TYPE_MANAGER (fprint_manager_get_type ()) # 76|-> G_DECLARE_FINAL_TYPE (FprintManager, fprint_manager, FPRINT, MANAGER, GObject) # 77| # 78| struct _FprintManager Error: GCC_ANALYZER_WARNING (CWE-457): [#def12] fprintd-v1.94.5/src/fprintd.h:88:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘dev’ fprintd-v1.94.5/src/manager.c:167:1: enter_function: entry to ‘fprint_manager_busy_notified’ fprintd-v1.94.5/src/manager.c:181:6: branch_false: following ‘false’ branch... fprintd-v1.94.5/src/manager.c:184:13: branch_false: ...to here fprintd-v1.94.5/src/manager.c:186:21: branch_true: following ‘true’ branch (when ‘l’ is non-NULL)... fprintd-v1.94.5/src/manager.c:189:33: branch_true: ...to here fprintd-v1.94.5/src/manager.c:191:13: call_function: inlined call to ‘fprint_dbus_object_skeleton_get_device’ from ‘fprint_manager_busy_notified’ fprintd-v1.94.5/src/manager.c:188:31: call_function: inlined call to ‘glib_autoptr_cleanup_FprintDevice’ from ‘fprint_manager_busy_notified’ # 86| /* Device */ # 87| #define FPRINT_TYPE_DEVICE (fprint_device_get_type ()) # 88|-> G_DECLARE_FINAL_TYPE (FprintDevice, fprint_device, FPRINT, DEVICE, # 89| FprintDBusDeviceSkeleton) # 90| Error: GCC_ANALYZER_WARNING (CWE-457): [#def13] fprintd-v1.94.5/src/fprintd.h:88:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘rdev’ fprintd-v1.94.5/src/manager.c:539:1: enter_function: entry to ‘fprint_manager_get_devices’ fprintd-v1.94.5/src/manager.c:555:6: branch_true: following ‘true’ branch (when ‘num_open > 0’)... fprintd-v1.94.5/src/manager.c:555:6: branch_true: ...to here fprintd-v1.94.5/src/manager.c:557:25: branch_true: following ‘true’ branch (when ‘l’ is non-NULL)... fprintd-v1.94.5/src/manager.c:560:37: branch_true: ...to here fprintd-v1.94.5/src/manager.c:563:18: call_function: inlined call to ‘fprint_dbus_object_skeleton_get_device’ from ‘fprint_manager_get_devices’ fprintd-v1.94.5/src/manager.c:559:35: call_function: inlined call to ‘glib_autoptr_cleanup_FprintDevice’ from ‘fprint_manager_get_devices’ # 86| /* Device */ # 87| #define FPRINT_TYPE_DEVICE (fprint_device_get_type ()) # 88|-> G_DECLARE_FINAL_TYPE (FprintDevice, fprint_device, FPRINT, DEVICE, # 89| FprintDBusDeviceSkeleton) # 90|
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-4.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | fprintd-1.94.5-4.fc44 |
| store-results-to | /tmp/tmpa9glcw10/fprintd-1.94.5-4.fc44.tar.xz |
| time-created | 2026-01-08 16:09:52 |
| time-finished | 2026-01-08 16:11:23 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpa9glcw10/fprintd-1.94.5-4.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpa9glcw10/fprintd-1.94.5-4.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |