Error: COMPILER_WARNING (CWE-704): [#def1] libxcrypt-4.4.38/lib/crypt-gost-yescrypt.c: scope_hint: In function '_crypt_crypt_gost_yescrypt_rn' libxcrypt-4.4.38/lib/crypt-gost-yescrypt.c:134:16: warning[-Wdiscarded-qualifiers]: initialization discards 'const' qualifier from pointer target type # 134 | char *hptr = strchr ((const char *) intbuf->retval + 3, '$'); # | ^~~~~~ # 132| # 133| /* extract yescrypt output from "$y$param$salt$output" */ # 134|-> char *hptr = strchr ((const char *) intbuf->retval + 3, '$'); # 135| if (!hptr) # 136| { Error: COMPILER_WARNING (CWE-704): [#def2] libxcrypt-4.4.38/lib/crypt-gost-yescrypt.c:134:16: warning[-Wdiscarded-qualifiers]: initialization discards 'const' qualifier from pointer target type # 132| # 133| /* extract yescrypt output from "$y$param$salt$output" */ # 134|-> char *hptr = strchr ((const char *) intbuf->retval + 3, '$'); # 135| if (!hptr) # 136| { Error: COMPILER_WARNING (CWE-704): [#def3] libxcrypt-4.4.38/lib/crypt-sm3-yescrypt.c: scope_hint: In function '_crypt_crypt_sm3_yescrypt_rn' libxcrypt-4.4.38/lib/crypt-sm3-yescrypt.c:139:16: warning[-Wdiscarded-qualifiers]: initialization discards 'const' qualifier from pointer target type # 139 | char *hptr = strchr ((const char *) intbuf->retval + 3, '$'); # | ^~~~~~ # 137| # 138| /* extract yescrypt output from "$y$param$salt$output" */ # 139|-> char *hptr = strchr ((const char *) intbuf->retval + 3, '$'); # 140| if (!hptr) # 141| { Error: COMPILER_WARNING (CWE-704): [#def4] libxcrypt-4.4.38/lib/crypt-sm3-yescrypt.c:139:16: warning[-Wdiscarded-qualifiers]: initialization discards 'const' qualifier from pointer target type # 137| # 138| /* extract yescrypt output from "$y$param$salt$output" */ # 139|-> char *hptr = strchr ((const char *) intbuf->retval + 3, '$'); # 140| if (!hptr) # 141| { Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] libxcrypt-4.4.38/lib/crypt.c:264:3: warning[-Wanalyzer-malloc-leak]: leak of 'output' libxcrypt-4.4.38/lib/crypt.c:338:1: enter_function: entry to '_crypt_crypt_gensalt_ra' libxcrypt-4.4.38/lib/crypt.c:341:18: acquire_memory: allocated here libxcrypt-4.4.38/lib/crypt.c:342:6: branch_false: following 'false' branch (when 'output' is non-NULL)... libxcrypt-4.4.38/lib/crypt.c:345:18: branch_false: ...to here libxcrypt-4.4.38/lib/crypt.c:345:18: call_function: calling '_crypt_crypt_gensalt_rn' from '_crypt_crypt_gensalt_ra' # 262| int output_size) # 263| { # 264|-> make_failure_token ("", output, output_size); # 265| # 266| /* Individual gensalt functions will check for adequate space for
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-11.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | libxcrypt-4.5.2-2.fc44 |
| diffbase-store-results-to | /tmp/tmpp7bq3fj8/libxcrypt-4.5.2-2.fc44.tar.xz |
| diffbase-time-created | 2026-01-08 19:22:30 |
| diffbase-time-finished | 2026-01-08 19:24:43 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpp7bq3fj8/libxcrypt-4.5.2-2.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpp7bq3fj8/libxcrypt-4.5.2-2.fc44.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-11.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | libxcrypt-4.4.38-8.fc43 |
| store-results-to | /tmp/tmp27j5zyxy/libxcrypt-4.4.38-8.fc43.tar.xz |
| time-created | 2026-01-08 19:19:17 |
| time-finished | 2026-01-08 19:21:59 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp27j5zyxy/libxcrypt-4.4.38-8.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp27j5zyxy/libxcrypt-4.4.38-8.fc43.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |