oddjob-0.34.7-17.fc44

List of Findings

Error: SHELLCHECK_WARNING (CWE-569): [#def1]
/usr/libexec/oddjob/sanity.sh:9:6: warning[SC2048]: Use "$@" (with quotes) to prevent whitespace problems.
#    7|   ls -l /proc/$$/fd
#    8|   echo \[echo \$\*\]
#    9|-> echo $*
#   10|   echo \[echo \`cat\`\]
#   11|   args=

Error: GCC_ANALYZER_WARNING (CWE-775): [#def2]
oddjob-0.34.7/src/mkhomedir.c:113:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(source, 0)’
oddjob-0.34.7/src/mkhomedir.c:75:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:83:9: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:111:23: acquire_resource: opened here
oddjob-0.34.7/src/mkhomedir.c:112:20: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:114:66: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:113:25: danger: ‘open(source, 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  111|   		sfd = open(source, O_RDONLY);
#  112|   		if (sfd != -1) {
#  113|-> 			oddjob_set_selinux_file_creation_context(newpath,
#  114|   								 sb->st_mode |
#  115|   								 S_IFREG);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def3]
oddjob-0.34.7/src/mkhomedir.c:116:31: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(source, 0)’
oddjob-0.34.7/src/mkhomedir.c:75:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:83:9: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:111:23: acquire_resource: opened here
oddjob-0.34.7/src/mkhomedir.c:112:20: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:114:66: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:116:31: danger: ‘open(source, 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  114|   								 sb->st_mode |
#  115|   								 S_IFREG);
#  116|-> 			dfd = open(newpath, O_WRONLY | O_CREAT | O_EXCL, mode);
#  117|   			if (dfd != -1) {
#  118|   				while ((i = read(sfd, buf, sizeof(buf))) > 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def4]
oddjob-0.34.7/src/mkhomedir.c:119:41: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(source, 0)’
oddjob-0.34.7/src/mkhomedir.c:75:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:83:9: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:111:23: acquire_resource: opened here
oddjob-0.34.7/src/mkhomedir.c:112:20: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:114:66: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:117:28: branch_true: following ‘true’ branch...
 branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:118:40: branch_true: following ‘true’ branch (when ‘i > 0’)...
oddjob-0.34.7/src/mkhomedir.c:119:41: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:119:41: danger: ‘open(source, 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
#  117|   			if (dfd != -1) {
#  118|   				while ((i = read(sfd, buf, sizeof(buf))) > 0) {
#  119|-> 					retry_write(dfd, buf, i);
#  120|   				}
#  121|   				if (fchown(dfd, pwd->pw_uid, pwd->pw_gid) == -1) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def5]
oddjob-0.34.7/src/mkhomedir.c:122:41: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(source, 0)’
oddjob-0.34.7/src/mkhomedir.c:75:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:83:9: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:111:23: acquire_resource: opened here
oddjob-0.34.7/src/mkhomedir.c:112:20: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:114:66: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:117:28: branch_true: following ‘true’ branch...
 branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:118:40: branch_false: following ‘false’ branch (when ‘i <= 0’)...
oddjob-0.34.7/src/mkhomedir.c:121:65: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:121:36: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:122:41: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:122:41: danger: ‘open(source, 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#  120|   				}
#  121|   				if (fchown(dfd, pwd->pw_uid, pwd->pw_gid) == -1) {
#  122|-> 					syslog(LOG_ERR,
#  123|   					       "error setting owner of \"%s\": "
#  124|   					       "%m", newpath);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def6]
oddjob-0.34.7/src/mkhomedir.c:127:41: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(source, 0)’
oddjob-0.34.7/src/mkhomedir.c:75:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:83:9: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:111:23: acquire_resource: opened here
oddjob-0.34.7/src/mkhomedir.c:112:20: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:114:66: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:117:28: branch_true: following ‘true’ branch...
 branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:118:40: branch_false: following ‘false’ branch (when ‘i <= 0’)...
oddjob-0.34.7/src/mkhomedir.c:121:65: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:121:36: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:122:41: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:127:41: danger: ‘open(source, 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#  125|   					unlink(newpath);
#  126|   					close(sfd);
#  127|-> 					close(dfd);
#  128|   					return HANDLER_FAILURE;
#  129|   				} else {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def7]
oddjob-0.34.7/src/mkhomedir.c:133:49: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(source, 0)’
oddjob-0.34.7/src/mkhomedir.c:75:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:83:9: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:111:23: acquire_resource: opened here
oddjob-0.34.7/src/mkhomedir.c:112:20: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:114:66: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:117:28: branch_true: following ‘true’ branch...
 branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:121:36: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:131:52: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:130:44: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:133:49: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:133:49: danger: ‘open(source, 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/4)
#  131|   						   sb->st_mode &
#  132|   						   ~override_umask) == -1) {
#  133|-> 						syslog(LOG_ERR,
#  134|   						       "error setting mode of "
#  135|   						       "\"%s\": %m", newpath);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def8]
oddjob-0.34.7/src/mkhomedir.c:138:49: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(source, 0)’
oddjob-0.34.7/src/mkhomedir.c:75:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:83:9: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:111:23: acquire_resource: opened here
oddjob-0.34.7/src/mkhomedir.c:112:20: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:114:66: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:117:28: branch_true: following ‘true’ branch...
 branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:121:36: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:131:52: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:130:44: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:133:49: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:138:49: danger: ‘open(source, 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4)
#  136|   						unlink(newpath);
#  137|   						close(sfd);
#  138|-> 						close(dfd);
#  139|   						return HANDLER_FAILURE;
#  140|   					}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def9]
oddjob-0.34.7/src/mkhomedir.c:142:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(source, 0)’
oddjob-0.34.7/src/mkhomedir.c:75:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:83:9: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:111:23: acquire_resource: opened here
oddjob-0.34.7/src/mkhomedir.c:112:20: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:114:66: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:117:28: branch_true: following ‘true’ branch...
 branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:121:36: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:131:52: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:130:44: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:142:33: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:142:33: danger: ‘open(source, 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  140|   					}
#  141|   				}
#  142|-> 				close(dfd);
#  143|   			} else {
#  144|   				if (errno != EEXIST) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def10]
oddjob-0.34.7/src/mkhomedir.c:145:41: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(source, 0)’
oddjob-0.34.7/src/mkhomedir.c:75:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:83:9: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:111:23: acquire_resource: opened here
oddjob-0.34.7/src/mkhomedir.c:112:20: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:114:66: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:117:28: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:144:37: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:144:36: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:145:41: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:145:41: danger: ‘open(source, 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  143|   			} else {
#  144|   				if (errno != EEXIST) {
#  145|-> 					syslog(LOG_ERR, "error creating %s: %m",
#  146|   					       newpath);
#  147|   					close(sfd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def11]
oddjob-0.34.7/src/mkhomedir.c:147:41: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(source, 0)’
oddjob-0.34.7/src/mkhomedir.c:75:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:83:9: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:111:23: acquire_resource: opened here
oddjob-0.34.7/src/mkhomedir.c:112:20: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:114:66: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:117:28: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:144:37: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:144:36: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:145:41: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:147:41: danger: ‘open(source, 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/4)
#  145|   					syslog(LOG_ERR, "error creating %s: %m",
#  146|   					       newpath);
#  147|-> 					close(sfd);
#  148|   					return HANDLER_FAILURE;
#  149|   				}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def12]
oddjob-0.34.7/src/mkhomedir.c:152:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(source, 0)’
oddjob-0.34.7/src/mkhomedir.c:75:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:83:9: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:111:23: acquire_resource: opened here
oddjob-0.34.7/src/mkhomedir.c:112:20: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/mkhomedir.c:114:66: branch_true: ...to here
oddjob-0.34.7/src/mkhomedir.c:144:36: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/mkhomedir.c:151:25: branch_false: ...to here
oddjob-0.34.7/src/mkhomedir.c:152:25: danger: ‘open(source, 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/4)
#  150|   			}
#  151|   			close(sfd);
#  152|-> 			oddjob_unset_selinux_file_creation_context();
#  153|   		} else {
#  154|   			syslog(LOG_ERR, "error opening %s: %m", source);

Error: CPPCHECK_WARNING (CWE-457): [#def13]
oddjob-0.34.7/src/oddjob_dbus.c:727: error[uninitvar]: Uninitialized variable: n_args
#  725|   		oddjob_dbus_send_message_response_error(msg,
#  726|   							ODDJOB_ERROR_UNKNOWN_SENDER,
#  727|-> 							n_args);
#  728|   		oddjob_dbus_message_free(msg);
#  729|   		return DBUS_HANDLER_RESULT_HANDLED;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def14]
oddjob-0.34.7/src/oddjob_dbus.c:1486:17: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
oddjob-0.34.7/src/oddjob_dbus.c:1484:9: acquire_resource: ‘va_start’ called here
oddjob-0.34.7/src/oddjob_dbus.c:1485:16: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
oddjob-0.34.7/src/oddjob_dbus.c:1486:72: branch_true: ...to here
oddjob-0.34.7/src/oddjob_dbus.c:1486:17: danger: missing call to ‘va_end’ to match ‘va_start’ at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
# 1484|   	va_start(ap, error_length);
# 1485|   	while ((p = va_arg(ap, char*)) != NULL) {
# 1486|-> 		oddjob_resize_array((void **) &argv, sizeof(char*), i, i + 2);
# 1487|   		argv[i] = p;
# 1488|   		i++;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
oddjob-0.34.7/src/oddjob_request.c:133:13: warning[-Wanalyzer-malloc-leak]: leak of ‘interface’
oddjob-0.34.7/src/oddjob_request.c:106:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/oddjob_request.c:114:12: branch_false: ...to here
oddjob-0.34.7/src/oddjob_request.c:114:12: branch_true: following ‘true’ branch (when ‘method’ is NULL)...
oddjob-0.34.7/src/oddjob_request.c:115:20: branch_true: ...to here
oddjob-0.34.7/src/oddjob_request.c:115:20: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjob_request.c:116:39: branch_true: ...to here
oddjob-0.34.7/src/oddjob_request.c:118:20: branch_true: following ‘true’ branch (when ‘method’ is non-NULL)...
oddjob-0.34.7/src/oddjob_request.c:119:29: branch_true: ...to here
oddjob-0.34.7/src/oddjob_request.c:119:28: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjob_request.c:120:52: branch_true: ...to here
oddjob-0.34.7/src/oddjob_request.c:120:45: acquire_memory: allocated here
oddjob-0.34.7/src/oddjob_request.c:121:36: branch_true: following ‘true’ branch (when ‘interface’ is non-NULL)...
oddjob-0.34.7/src/oddjob_request.c:122:41: branch_true: ...to here
oddjob-0.34.7/src/oddjob_request.c:133:13: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/oddjob_request.c:143:45: branch_false: ...to here
oddjob-0.34.7/src/oddjob_request.c:133:13: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/oddjob_request.c:133:13: danger: ‘interface’ leaks here; was allocated at [(12)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/11)
#  131|   		method = "list";
#  132|   	}
#  133|-> 	i = oddjob_dbus_call_method(bus,
#  134|   				    service,
#  135|   				    object,

Error: GCC_ANALYZER_WARNING (CWE-688): [#def16]
oddjob-0.34.7/src/oddjob_request.c:159:30: warning[-Wanalyzer-null-argument]: use of NULL ‘interface’ where non-null expected
oddjob-0.34.7/src/oddjob_request.c:47:15: release_memory: ‘outbuf’ is NULL
oddjob-0.34.7/src/oddjob_request.c:47:31: release_memory: ‘outbuf’ is NULL
oddjob-0.34.7/src/oddjob_request.c:106:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/oddjob_request.c:114:12: branch_false: ...to here
oddjob-0.34.7/src/oddjob_request.c:114:12: branch_true: following ‘true’ branch (when ‘method’ is NULL)...
oddjob-0.34.7/src/oddjob_request.c:115:20: branch_true: ...to here
oddjob-0.34.7/src/oddjob_request.c:115:20: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjob_request.c:116:39: branch_true: ...to here
oddjob-0.34.7/src/oddjob_request.c:118:20: branch_true: following ‘true’ branch (when ‘method’ is non-NULL)...
oddjob-0.34.7/src/oddjob_request.c:119:29: branch_true: ...to here
oddjob-0.34.7/src/oddjob_request.c:119:28: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjob_request.c:120:52: branch_true: ...to here
oddjob-0.34.7/src/oddjob_request.c:121:36: branch_false: following ‘false’ branch (when ‘interface’ is NULL)...
oddjob-0.34.7/src/oddjob_request.c:145:45: branch_false: ...to here
oddjob-0.34.7/src/oddjob_request.c:133:13: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/oddjob_request.c:148:12: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjob_request.c:159:30: branch_true: ...to here
oddjob-0.34.7/src/oddjob_request.c:159:30: danger: argument 1 (‘interface’) NULL where non-null expected
#  157|   			/* If it's introspection data, discard the error result
#  158|   			 * which we never got. */
#  159|-> 			if ((strcmp(interface,
#  160|   				    ODDJOB_INTROSPECTION_INTERFACE) == 0) &&
#  161|   			    (strcmp(method,

Error: COMPILER_WARNING (CWE-704): [#def17]
oddjob-0.34.7/src/oddjobd.c: scope_hint: In function ‘check_one_ac_selinux’
oddjob-0.34.7/src/oddjobd.c:260:21: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
#  260 |                 ctx = context_str(context);
#      |                     ^
#  258|   	if (selinux_context != NULL) {
#  259|   		context = context_new(selinux_context);
#  260|-> 		ctx = context_str(context);
#  261|   		user = context_user_get(context);
#  262|   		role = context_role_get(context);

Error: COMPILER_WARNING (CWE-704): [#def18]
oddjob-0.34.7/src/oddjobd.c:260:21: warning[-Wdiscarded-qualifiers]: assignment discards ‘const’ qualifier from pointer target type
#  258|   	if (selinux_context != NULL) {
#  259|   		context = context_new(selinux_context);
#  260|-> 		ctx = context_str(context);
#  261|   		user = context_user_get(context);
#  262|   		role = context_role_get(context);

Error: COMPILER_WARNING (CWE-477): [#def19]
oddjob-0.34.7/src/oddjobd.c: scope_hint: In function ‘load_config’
oddjob-0.34.7/src/oddjobd.c:1360:9: warning[-Wdeprecated-declarations]: ‘xmlInitGlobals’ is deprecated
# 1360 |         xmlInitGlobals();
#      |         ^~~~~~~~~~~~~~
/usr/include/libxml2/libxml/HTMLparser.h:16: included_from: Included from here.
/usr/include/libxml2/libxml/globals.h:18: included_from: Included from here.
oddjob-0.34.7/src/oddjobd.c:50: included_from: Included from here.
/usr/include/libxml2/libxml/parser.h:923:17: note: declared here
#  923 |                 xmlInitGlobals          (void);
#      |                 ^~~~~~~~~~~~~~
# 1358|   	}
# 1359|   
# 1360|-> 	xmlInitGlobals();
# 1361|   	doc = xmlParseFile(filename);
# 1362|   	if (doc == NULL) {

Error: COMPILER_WARNING (CWE-477): [#def20]
oddjob-0.34.7/src/oddjobd.c:1360:9: warning[-Wdeprecated-declarations]: ‘xmlInitGlobals’ is deprecated
# 1358|   	}
# 1359|   
# 1360|-> 	xmlInitGlobals();
# 1361|   	doc = xmlParseFile(filename);
# 1362|   	if (doc == NULL) {

Error: COMPILER_WARNING (CWE-477): [#def21]
oddjob-0.34.7/src/oddjobd.c:1383:9: warning[-Wdeprecated-declarations]: ‘xmlCleanupGlobals’ is deprecated
# 1383 |         xmlCleanupGlobals();
#      |         ^~~~~~~~~~~~~~~~~
/usr/include/libxml2/libxml/parser.h:926:17: note: declared here
#  926 |                 xmlCleanupGlobals       (void);
#      |                 ^~~~~~~~~~~~~~~~~
# 1381|   
# 1382|   	xmlFreeDoc(doc);
# 1383|-> 	xmlCleanupGlobals();
# 1384|   
# 1385|   	return parsed;

Error: COMPILER_WARNING (CWE-477): [#def22]
oddjob-0.34.7/src/oddjobd.c:1383:9: warning[-Wdeprecated-declarations]: ‘xmlCleanupGlobals’ is deprecated
# 1381|   
# 1382|   	xmlFreeDoc(doc);
# 1383|-> 	xmlCleanupGlobals();
# 1384|   
# 1385|   	return parsed;

Error: GCC_ANALYZER_WARNING: [#def23]
oddjob-0.34.7/src/oddjobd.c:1550:21: warning[-Wanalyzer-fd-use-without-check]: ‘read’ on possibly invalid file descriptor ‘invalid_fd’
oddjob-0.34.7/src/oddjobd.c:1535:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/oddjobd.c:1539:20: branch_false: ...to here
oddjob-0.34.7/src/oddjobd.c:1539:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/oddjobd.c:1549:12: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:1550:21: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:1550:21: danger: ‘invalid_fd’ could be invalid
# 1548|   	/* Based on the flags, do I/O and buffer management. */
# 1549|   	if (flags & DBUS_WATCH_READABLE) {
# 1550|-> 		i = read(*fdp, buf, sizeof(buf));
# 1551|   		switch (i) {
# 1552|   		case -1:

Error: GCC_ANALYZER_WARNING: [#def24]
oddjob-0.34.7/src/oddjobd.c:1571:29: warning[-Wanalyzer-fd-use-without-check]: ‘write’ on possibly invalid file descriptor ‘invalid_fd’
oddjob-0.34.7/src/oddjobd.c:1535:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/oddjobd.c:1539:20: branch_false: ...to here
oddjob-0.34.7/src/oddjobd.c:1539:12: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/oddjobd.c:1549:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
oddjob-0.34.7/src/oddjobd.c:1565:12: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:1566:21: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:1566:20: branch_false: following ‘false’ branch...
oddjob-0.34.7/src/oddjobd.c:1571:29: branch_false: ...to here
oddjob-0.34.7/src/oddjobd.c:1571:29: danger: ‘invalid_fd’ could be invalid
# 1569|   			stop_watching = TRUE;
# 1570|   		} else {
# 1571|-> 			i = write(*fdp,
# 1572|   				  oddjob_buffer_data(manip_buffer),
# 1573|   				  oddjob_buffer_length(manip_buffer));

Error: COMPILER_WARNING (CWE-477): [#def25]
oddjob-0.34.7/src/oddjobd.c: scope_hint: In function ‘oddjobd_exec_method’
oddjob-0.34.7/src/oddjobd.c:1951:25: warning[-Wdeprecated-declarations]: ‘security_context_t’ is deprecated
# 1951 |                         security_context_t helper_context, exec_context;
#      |                         ^~~~~~~~~~~~~~~~~~
# 1949|   		if (globals.selinux_enabled) {
# 1950|   			const char *client_secontext;
# 1951|-> 			security_context_t helper_context, exec_context;
# 1952|   
# 1953|   			client_secontext = oddjob_dbus_message_get_selinux_context(msg);

Error: COMPILER_WARNING (CWE-477): [#def26]
oddjob-0.34.7/src/oddjobd.c:1951:25: warning[-Wdeprecated-declarations]: ‘security_context_t’ is deprecated
# 1949|   		if (globals.selinux_enabled) {
# 1950|   			const char *client_secontext;
# 1951|-> 			security_context_t helper_context, exec_context;
# 1952|   
# 1953|   			client_secontext = oddjob_dbus_message_get_selinux_context(msg);

Error: COMPILER_WARNING (CWE-252): [#def27]
oddjob-0.34.7/src/oddjobd.c:1957:33: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
# 1957 |                                 write(3, &exec_errno, 1);
#      |                                 ^~~~~~~~~~~~~~~~~~~~~~~~
# 1955|   				/* Wha....? */
# 1956|   				exec_errno = 0xff;
# 1957|-> 				write(3, &exec_errno, 1);
# 1958|   				_exit(-1);
# 1959|   			}

Error: COMPILER_WARNING (CWE-252): [#def28]
oddjob-0.34.7/src/oddjobd.c:1971:33: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
# 1971 |                                 write(3, &exec_errno, 1);
#      |                                 ^~~~~~~~~~~~~~~~~~~~~~~~
# 1969|   					break;
# 1970|   				}
# 1971|-> 				write(3, &exec_errno, 1);
# 1972|   				_exit(-1);
# 1973|   			}

Error: COMPILER_WARNING (CWE-252): [#def29]
oddjob-0.34.7/src/oddjobd.c:1980:33: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
# 1980 |                                 write(3, &exec_errno, 1);
#      |                                 ^~~~~~~~~~~~~~~~~~~~~~~~
# 1978|   				/* Failed to compute exec context? */
# 1979|   				exec_errno = 0xfe;
# 1980|-> 				write(3, &exec_errno, 1);
# 1981|   				_exit(-1);
# 1982|   			}

Error: COMPILER_WARNING (CWE-252): [#def30]
oddjob-0.34.7/src/oddjobd.c:1986:33: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
# 1986 |                                 write(3, &exec_errno, 1);
#      |                                 ^~~~~~~~~~~~~~~~~~~~~~~~
# 1984|   				/* Failed to set exec context? */
# 1985|   				exec_errno = 0xfc;
# 1986|-> 				write(3, &exec_errno, 1);
# 1987|   				_exit(-1);
# 1988|   			}

Error: COMPILER_WARNING (CWE-252): [#def31]
oddjob-0.34.7/src/oddjobd.c:1995:17: warning[-Wunused-result]: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’
# 1995 |                 write(3, &exec_errno, 1);
#      |                 ^~~~~~~~~~~~~~~~~~~~~~~~
# 1993|   		/* uh-oh. send errno to the caller and bail */
# 1994|   		exec_errno = errno;
# 1995|-> 		write(3, &exec_errno, 1);
# 1996|   		_exit(-1);
# 1997|   		break;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def32]
oddjob-0.34.7/src/oddjobd.c:2650:25: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘service’
oddjob-0.34.7/src/oddjobd.c:2694:1: enter_function: entry to ‘config_register’
oddjob-0.34.7/src/oddjobd.c:2704:21: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2705:28: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2707:29: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2708:35: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2711:37: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2712:46: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2711:37: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2712:46: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2711:37: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2712:46: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2711:37: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2712:46: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2719:54: call_function: inlined call to ‘config_contains’ from ‘config_register’
# 2648|   	}
# 2649|   	/* Find the matching object. */
# 2650|-> 	for (i = 0; i < service->n_objects; i++) {
# 2651|   		object = &service->objects[i];
# 2652|   		if (strcmp(object->name, object_name) == 0) {

Error: GCC_ANALYZER_WARNING (CWE-457): [#def33]
oddjob-0.34.7/src/oddjobd.c:2660:25: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘object’
oddjob-0.34.7/src/oddjobd.c:2694:1: enter_function: entry to ‘config_register’
oddjob-0.34.7/src/oddjobd.c:2704:21: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2705:28: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2707:29: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2708:35: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2711:37: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2712:46: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2714:45: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2715:51: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2717:44: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2718:52: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2718:52: branch_false: following ‘false’ branch (when ‘old_config’ is non-NULL)...
oddjob-0.34.7/src/oddjobd.c:2723:70: branch_false: ...to here
oddjob-0.34.7/src/oddjobd.c:2719:54: call_function: inlined call to ‘config_contains’ from ‘config_register’
# 2658|   	}
# 2659|   	/* Find the matching interface. */
# 2660|-> 	for (i = 0; i < object->n_interfaces; i++) {
# 2661|   		interface = &object->interfaces[i];
# 2662|   		if (strcmp(interface->name, interface_name) == 0) {

Error: GCC_ANALYZER_WARNING (CWE-457): [#def34]
oddjob-0.34.7/src/oddjobd.c:2670:25: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘interface’
oddjob-0.34.7/src/oddjobd.c:2694:1: enter_function: entry to ‘config_register’
oddjob-0.34.7/src/oddjobd.c:2704:21: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2705:28: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2707:29: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2708:35: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2711:37: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2712:46: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2714:45: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2715:51: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2717:44: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/oddjobd.c:2718:52: branch_true: ...to here
oddjob-0.34.7/src/oddjobd.c:2718:52: branch_false: following ‘false’ branch (when ‘old_config’ is non-NULL)...
oddjob-0.34.7/src/oddjobd.c:2723:70: branch_false: ...to here
oddjob-0.34.7/src/oddjobd.c:2719:54: call_function: inlined call to ‘config_contains’ from ‘config_register’
# 2668|   	}
# 2669|   	/* Search for the matching method. */
# 2670|-> 	for (i = 0; i < interface->n_methods; i++) {
# 2671|   		method = &interface->methods[i];
# 2672|   		if (strcmp(method->name, method_name) == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def35]
oddjob-0.34.7/src/pam_oddjob_mkhomedir.c:98:31: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
oddjob-0.34.7/src/pam_oddjob_mkhomedir.c:87:12: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/pam_oddjob_mkhomedir.c:88:13: branch_true: ...to here
oddjob-0.34.7/src/pam_oddjob_mkhomedir.c:87:13: branch_true: following ‘true’ branch...
oddjob-0.34.7/src/pam_oddjob_mkhomedir.c:89:13: branch_true: ...to here
oddjob-0.34.7/src/pam_oddjob_mkhomedir.c:87:13: branch_true: following ‘true’ branch...
 branch_true: ...to here
oddjob-0.34.7/src/pam_oddjob_mkhomedir.c:94:31: acquire_memory: allocated here
oddjob-0.34.7/src/pam_oddjob_mkhomedir.c:95:28: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
oddjob-0.34.7/src/pam_oddjob_mkhomedir.c:98:31: branch_false: ...to here
oddjob-0.34.7/src/pam_oddjob_mkhomedir.c:98:31: danger: ‘buf’ leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#   96|   				break;
#   97|   			}
#   98|-> 			ret = getpwnam_r(user, &pwd, buf, bufsize, &pw);
#   99|   			if ((ret != 0) || (pw != &pwd)) {
#  100|   				pw = NULL;

Error: COMPILER_WARNING (CWE-477): [#def36]
oddjob-0.34.7/src/selinux.c: scope_hint: In function ‘oddjob_check_selinux_enabled’
oddjob-0.34.7/src/selinux.c:62:25: warning[-Wdeprecated-declarations]: ‘matchpathcon_init’ is deprecated: Use selabel_open with backend SELABEL_CTX_FILE
#   62 |                         matchpathcon_init(NULL);
#      |                         ^~~~~~~~~~~~~~~~~
oddjob-0.34.7/src/selinux.c:47: included_from: Included from here.
/usr/include/selinux/selinux.h:495:12: note: declared here
#  495 | extern int matchpathcon_init(const char *path)
#      |            ^~~~~~~~~~~~~~~~~
#   60|   		selinux_enabled = is_selinux_enabled();
#   61|   		if (selinux_enabled == 1) {
#   62|-> 			matchpathcon_init(NULL);
#   63|   		}
#   64|   	}

Error: COMPILER_WARNING (CWE-477): [#def37]
oddjob-0.34.7/src/selinux.c:62:25: warning[-Wdeprecated-declarations]: ‘matchpathcon_init’ is deprecated: Use selabel_open with backend SELABEL_CTX_FILE
#   60|   		selinux_enabled = is_selinux_enabled();
#   61|   		if (selinux_enabled == 1) {
#   62|-> 			matchpathcon_init(NULL);
#   63|   		}
#   64|   	}

Error: COMPILER_WARNING (CWE-477): [#def38]
oddjob-0.34.7/src/selinux.c: scope_hint: In function ‘oddjob_set_selinux_file_creation_context’
oddjob-0.34.7/src/selinux.c:71:9: warning[-Wdeprecated-declarations]: ‘security_context_t’ is deprecated
#   71 |         security_context_t context;
#      |         ^~~~~~~~~~~~~~~~~~
#   69|   oddjob_set_selinux_file_creation_context(const char *path, mode_t mode)
#   70|   {
#   71|-> 	security_context_t context;
#   72|   
#   73|   	if (!oddjob_check_selinux_enabled()) {

Error: COMPILER_WARNING (CWE-477): [#def39]
oddjob-0.34.7/src/selinux.c:71:9: warning[-Wdeprecated-declarations]: ‘security_context_t’ is deprecated
#   69|   oddjob_set_selinux_file_creation_context(const char *path, mode_t mode)
#   70|   {
#   71|-> 	security_context_t context;
#   72|   
#   73|   	if (!oddjob_check_selinux_enabled()) {

Error: COMPILER_WARNING (CWE-477): [#def40]
oddjob-0.34.7/src/selinux.c:78:9: warning[-Wdeprecated-declarations]: ‘matchpathcon’ is deprecated: Use selabel_lookup instead
#   78 |         if (matchpathcon(path, mode, &context) == 0) {
#      |         ^~
/usr/include/selinux/selinux.h:523:12: note: declared here
#  523 | extern int matchpathcon(const char *path,
#      |            ^~~~~~~~~~~~
#   76|   
#   77|   	context = NULL;
#   78|-> 	if (matchpathcon(path, mode, &context) == 0) {
#   79|   		if (context != NULL) {
#   80|   			if (strcmp(context, "<<none>>") == 0) {

Error: COMPILER_WARNING (CWE-477): [#def41]
oddjob-0.34.7/src/selinux.c:78:9: warning[-Wdeprecated-declarations]: ‘matchpathcon’ is deprecated: Use selabel_lookup instead
#   76|   
#   77|   	context = NULL;
#   78|-> 	if (matchpathcon(path, mode, &context) == 0) {
#   79|   		if (context != NULL) {
#   80|   			if (strcmp(context, "<<none>>") == 0) {
Scan Properties

analyzer-version-clippy	1.90.0
analyzer-version-cppcheck	2.18.3
analyzer-version-gcc	15.2.1
analyzer-version-gcc-analyzer	16.0.0
analyzer-version-shellcheck	0.11.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-15.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	oddjob-0.34.7-17.fc44
store-results-to	/tmp/tmp2l086m51/oddjob-0.34.7-17.fc44.tar.xz
time-created	2025-10-28 19:33:00
time-finished	2025-10-28 19:34:19
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmp2l086m51/oddjob-0.34.7-17.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp2l086m51/oddjob-0.34.7-17.fc44.src.rpm'
tool-version	csmock-3.8.3.20251027.143044.ge6b947b-1.el9