pugixml-1.15-1.fc44

List of Findings

Error: CPPCHECK_WARNING (CWE-562): [#def1]
pugixml-1.15/tests/main.cpp:179: error[danglingLifetime]: Non-local variable '_temp_path' will use pointer to local variable 'temp'.
#  177|   	temp.erase((slash != std::string::npos) ? slash + 1 : 0);
#  178|   
#  179|-> 	test_runner::_temp_path = temp.c_str();
#  180|   
#  181|   	replace_memory_management();

Error: CPPCHECK_WARNING (CWE-476): [#def2]
pugixml-1.15/tests/test_document.cpp:1174: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: temp
# 1172|   	// copy buffer to heap (to enable out-of-bounds checks)
# 1173|   	void* temp = malloc(size);
# 1174|-> 	memcpy(temp, buffer, size);
# 1175|   
# 1176|   	// check that this parses without buffer overflows (yielding an error)

Error: CPPCHECK_WARNING (CWE-457): [#def3]
pugixml-1.15/tests/test_document.cpp:1241: error[uninitvar]: Uninitialized variable: buffer
# 1239|   
# 1240|   		xml_document doc;
# 1241|-> 		CHECK(doc.load_buffer(buffer, 0, parse_default, encoding).status == status_no_document_element && !doc.first_child());
# 1242|   		CHECK(doc.load_buffer(0, 0, parse_default, encoding).status == status_no_document_element && !doc.first_child());
# 1243|   

Error: CPPCHECK_WARNING (CWE-457): [#def4]
pugixml-1.15/tests/test_document.cpp:1277: error[uninitvar]: Uninitialized variable: buffer
# 1275|   
# 1276|   		xml_document doc;
# 1277|-> 		CHECK(doc.load_buffer(buffer, 0, parse_fragment, encoding) && !doc.first_child());
# 1278|   		CHECK(doc.load_buffer(0, 0, parse_fragment, encoding) && !doc.first_child());
# 1279|   

Error: CPPCHECK_WARNING (CWE-664): [#def5]
pugixml-1.15/tests/test_dom_traverse.cpp:421: warning[mismatchingContainerExpression]: Iterators to containers from different expressions 'node1' and 'node2' are used together.
#  419|   	xml_node node3 = doc.child(STR("node")).child(STR("node3"));
#  420|   
#  421|-> 	CHECK(node1.end() != node2.end() && node1.end() != node3.end() && node2.end() != node3.end());
#  422|   	CHECK(node1.end() != xml_node_iterator() && node2.end() != xml_node_iterator() && node3.end() != xml_node_iterator());
#  423|   }

Error: CPPCHECK_WARNING (CWE-664): [#def6]
pugixml-1.15/tests/test_dom_traverse.cpp:421: warning[mismatchingContainerExpression]: Iterators to containers from different expressions 'node1' and 'node3' are used together.
#  419|   	xml_node node3 = doc.child(STR("node")).child(STR("node3"));
#  420|   
#  421|-> 	CHECK(node1.end() != node2.end() && node1.end() != node3.end() && node2.end() != node3.end());
#  422|   	CHECK(node1.end() != xml_node_iterator() && node2.end() != xml_node_iterator() && node3.end() != xml_node_iterator());
#  423|   }

Error: CPPCHECK_WARNING (CWE-664): [#def7]
pugixml-1.15/tests/test_dom_traverse.cpp:421: warning[mismatchingContainerExpression]: Iterators to containers from different expressions 'node2' and 'node3' are used together.
#  419|   	xml_node node3 = doc.child(STR("node")).child(STR("node3"));
#  420|   
#  421|-> 	CHECK(node1.end() != node2.end() && node1.end() != node3.end() && node2.end() != node3.end());
#  422|   	CHECK(node1.end() != xml_node_iterator() && node2.end() != xml_node_iterator() && node3.end() != xml_node_iterator());
#  423|   }

Error: CPPCHECK_WARNING (CWE-664): [#def8]
pugixml-1.15/tests/test_dom_traverse.cpp:1161: warning[mismatchingContainerExpression]: Iterators to containers from different expressions 'r1' and 'doc' are used together.
# 1159|   	xml_object_range<xml_node_iterator> r1 = doc.children();
# 1160|   
# 1161|-> 	CHECK(r1.begin() == doc.begin());
# 1162|   	CHECK(r1.end() == doc.end());
# 1163|   

Error: CPPCHECK_WARNING (CWE-664): [#def9]
pugixml-1.15/tests/test_dom_traverse.cpp:1162: warning[mismatchingContainerExpression]: Iterators to containers from different expressions 'r1' and 'doc' are used together.
# 1160|   
# 1161|   	CHECK(r1.begin() == doc.begin());
# 1162|-> 	CHECK(r1.end() == doc.end());
# 1163|   
# 1164|   	xml_object_range<xml_node_iterator> r2 = xml_node().children();

Scan Properties

analyzer-version-clippy	1.90.0
analyzer-version-cppcheck	2.18.3
analyzer-version-gcc	15.2.1
analyzer-version-gcc-analyzer	16.0.0
analyzer-version-shellcheck	0.11.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-172.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch
mock-config	fedora-rawhide-gcc-latest-x86_64
project-name	pugixml-1.15-1.fc44
store-results-to	/tmp/tmpn2bffprh/pugixml-1.15-1.fc44.tar.xz
time-created	2025-10-28 19:45:14
time-finished	2025-10-28 19:46:44
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmpn2bffprh/pugixml-1.15-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpn2bffprh/pugixml-1.15-1.fc44.src.rpm'
tool-version	csmock-3.8.3.20251027.143044.ge6b947b-1.el9