fprintd-1.94.5-3.fc44

List of Findings

Error: CPPCHECK_WARNING (CWE-476): [#def1]
fprintd-v1.94.5/pam/pam_fprintd.c:768: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
#  766|   
#  767|     data = calloc (1, sizeof (verify_data));
#  768|->   data->max_tries = max_tries;
#  769|     data->pamh = pamh;
#  770|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def2]
fprintd-v1.94.5/pam/pam_fprintd.c:768:3: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘data’
fprintd-v1.94.5/pam/pam_fprintd.c:767:10: acquire_memory: this call could return NULL
fprintd-v1.94.5/pam/pam_fprintd.c:768:3: danger: ‘calloc(1, 48)’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  766|   
#  767|     data = calloc (1, sizeof (verify_data));
#  768|->   data->max_tries = max_tries;
#  769|     data->pamh = pamh;
#  770|   

Error: CPPCHECK_WARNING (CWE-476): [#def3]
fprintd-v1.94.5/pam/pam_fprintd.c:769: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
#  767|     data = calloc (1, sizeof (verify_data));
#  768|     data->max_tries = max_tries;
#  769|->   data->pamh = pamh;
#  770|   
#  771|     if (sd_bus_open_system (&bus) < 0)

Error: CPPCHECK_WARNING (CWE-401): [#def4]
fprintd-v1.94.5/pam/pam_fprintd.c:774: error[memleak]: Memory leak: data
#  772|       {
#  773|         pam_syslog (pamh, LOG_ERR, "Error with getting the bus: %d", errno);
#  774|->       return PAM_AUTHINFO_UNAVAIL;
#  775|       }
#  776|   

Error: CPPCHECK_WARNING (CWE-401): [#def5]
fprintd-v1.94.5/pam/pam_fprintd.c:779: error[memleak]: Memory leak: data
#  777|     data->dev = open_device (pamh, bus, username, &data->has_multiple_devices);
#  778|     if (data->dev == NULL)
#  779|->     return PAM_AUTHINFO_UNAVAIL;
#  780|   
#  781|     /* Only connect to NameOwnerChanged when needed. In case of automatic startup

Scan Properties

analyzer-version-clippy	1.90.0
analyzer-version-cppcheck	2.18.3
analyzer-version-gcc	15.2.1
analyzer-version-gcc-analyzer	16.0.0
analyzer-version-shellcheck	0.11.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-190.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	fprintd-1.94.5-3.fc44
store-results-to	/tmp/tmp5l5md49t/fprintd-1.94.5-3.fc44.tar.xz
time-created	2025-10-28 17:53:21
time-finished	2025-10-28 17:54:55
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmp5l5md49t/fprintd-1.94.5-3.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp5l5md49t/fprintd-1.94.5-3.fc44.src.rpm'
tool-version	csmock-3.8.3.20251027.143044.ge6b947b-1.el9