Error: GCC_ANALYZER_WARNING (CWE-404): [#def1] xfce4-settings-4.20.2/common/debug.c:85:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' xfce4-settings-4.20.2/common/debug.c:115:1: enter_function: entry to 'xfsettings_dbg_filtered' xfce4-settings-4.20.2/common/debug.c:121:5: branch_true: following 'true' branch (when 'message' is non-NULL)... xfce4-settings-4.20.2/common/debug.c:124:10: branch_true: ...to here xfce4-settings-4.20.2/common/debug.c:124:8: branch_false: following 'false' branch... xfce4-settings-4.20.2/common/debug.c:127:5: branch_false: ...to here xfce4-settings-4.20.2/common/debug.c:127:5: acquire_resource: 'va_start' called here xfce4-settings-4.20.2/common/debug.c:128:5: call_function: calling 'xfsettings_dbg_print' from 'xfsettings_dbg_filtered' # 83| } # 84| # 85|-> g_assert (domain_name != NULL); # 86| # 87| string = g_strdup_vprintf (message, args); Error: GCC_ANALYZER_WARNING (CWE-404): [#def2] xfce4-settings-4.20.2/common/debug.c:87:14: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' xfce4-settings-4.20.2/common/debug.c:115:1: enter_function: entry to 'xfsettings_dbg_filtered' xfce4-settings-4.20.2/common/debug.c:121:5: branch_true: following 'true' branch (when 'message' is non-NULL)... xfce4-settings-4.20.2/common/debug.c:124:10: branch_true: ...to here xfce4-settings-4.20.2/common/debug.c:124:8: branch_false: following 'false' branch... xfce4-settings-4.20.2/common/debug.c:127:5: branch_false: ...to here xfce4-settings-4.20.2/common/debug.c:127:5: acquire_resource: 'va_start' called here xfce4-settings-4.20.2/common/debug.c:128:5: call_function: calling 'xfsettings_dbg_print' from 'xfsettings_dbg_filtered' # 85| g_assert (domain_name != NULL); # 86| # 87|-> string = g_strdup_vprintf (message, args); # 88| g_printerr (PACKAGE_NAME "(%s): %s\n", domain_name, string); # 89| g_free (string); Error: GCC_ANALYZER_WARNING (CWE-121): [#def3] xfce4-settings-4.20.2/dialogs/display-settings/display-settings-wayland.c:245:5: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow # 243| XfceWlrOutput *output = g_ptr_array_index (outputs, 0); # 244| XfceWlrMode *modes[outputs->len]; # 245|-> modes[outputs->len - 1] = NULL; # 246| # 247| /* walk supported modes from the first output */ Error: GCC_ANALYZER_WARNING (CWE-121): [#def4] xfce4-settings-4.20.2/dialogs/display-settings/display-settings-wayland.c:275:13: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read xfce4-settings-4.20.2/dialogs/display-settings/display-settings-wayland.c:248:37: branch_true: following ‘true’ branch (when ‘lp’ is non-NULL)... xfce4-settings-4.20.2/dialogs/display-settings/display-settings-wayland.c:250:20: branch_true: ...to here xfce4-settings-4.20.2/dialogs/display-settings/display-settings-wayland.c:275:13: danger: read of 8 bytes at offset ‘*outputs.len * 8 + 34359738360’ exceeds the buffer # 273| # 274| /* modes[0] is supported by all outputs: let's go with it */ # 275|-> if (modes[outputs->len - 1] != NULL) # 276| break; # 277| } Error: GCC_ANALYZER_WARNING (CWE-121): [#def5] xfce4-settings-4.20.2/dialogs/display-settings/display-settings-wayland.c:279:9: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read xfce4-settings-4.20.2/dialogs/display-settings/display-settings-wayland.c:248:37: branch_false: following ‘false’ branch (when ‘lp’ is NULL)... xfce4-settings-4.20.2/dialogs/display-settings/display-settings-wayland.c:279:9: branch_false: ...to here xfce4-settings-4.20.2/dialogs/display-settings/display-settings-wayland.c:279:9: danger: read of 8 bytes at offset ‘*outputs.len * 8 + 34359738360’ exceeds the buffer # 277| } # 278| # 279|-> if (modes[outputs->len - 1] != NULL) # 280| return g_memdup2 (modes, sizeof (XfceWlrMode *) * outputs->len); # 281| Error: GCC_ANALYZER_WARNING (CWE-476): [#def6] xfce4-settings-4.20.2/dialogs/display-settings/main.c:357:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xfce4-settings-4.20.2/dialogs/display-settings/main.c:336:1: enter_function: entry to ‘update_output_positions’ xfce4-settings-4.20.2/dialogs/display-settings/main.c:351:8: branch_true: following ‘true’ branch (when ‘mirrored == 0’)... xfce4-settings-4.20.2/dialogs/display-settings/main.c:353:30: branch_true: ...to here xfce4-settings-4.20.2/dialogs/display-settings/main.c:353:30: call_function: calling ‘get_nth_xfce_output’ from ‘update_output_positions’ xfce4-settings-4.20.2/dialogs/display-settings/main.c:353:30: return_function: returning to ‘update_output_positions’ from ‘get_nth_xfce_output’ xfce4-settings-4.20.2/dialogs/display-settings/main.c:357:25: danger: dereference of NULL ‘get_nth_xfce_output(settings, selected_id)’ # 355| GrabInfo info = { 0 }; # 356| # 357|-> info.output_x = output->x; # 358| info.output_y = output->y; # 359| keep_output_snapped (output, &event, &info, settings); Error: GCC_ANALYZER_WARNING (CWE-476): [#def7] xfce4-settings-4.20.2/dialogs/display-settings/main.c:630:27: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xfce4-settings-4.20.2/dialogs/display-settings/main.c:599:1: enter_function: entry to ‘display_setting_refresh_rates_populate’ xfce4-settings-4.20.2/dialogs/display-settings/main.c:616:8: branch_false: following ‘false’ branch... xfce4-settings-4.20.2/dialogs/display-settings/main.c:622:5: branch_false: ...to here xfce4-settings-4.20.2/dialogs/display-settings/main.c:629:14: call_function: calling ‘get_nth_xfce_output’ from ‘display_setting_refresh_rates_populate’ xfce4-settings-4.20.2/dialogs/display-settings/main.c:629:14: return_function: returning to ‘display_setting_refresh_rates_populate’ from ‘get_nth_xfce_output’ xfce4-settings-4.20.2/dialogs/display-settings/main.c:630:27: danger: dereference of NULL ‘get_nth_xfce_output(settings, selected_id)’ # 628| /* Walk all supported modes */ # 629| output = get_nth_xfce_output (settings, selected_id); # 630|-> for (guint n = 0; n < output->n_modes; n++) # 631| { # 632| /* The mode resolution does not match the selected one */ Error: GCC_ANALYZER_WARNING (CWE-476): [#def8] xfce4-settings-4.20.2/dialogs/display-settings/main.c:744:5: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ xfce4-settings-4.20.2/dialogs/display-settings/main.c:708:1: enter_function: entry to ‘display_setting_resolutions_populate’ xfce4-settings-4.20.2/dialogs/display-settings/main.c:727:14: call_function: calling ‘get_nth_xfce_output’ from ‘display_setting_resolutions_populate’ xfce4-settings-4.20.2/dialogs/display-settings/main.c:727:14: return_function: returning to ‘display_setting_resolutions_populate’ from ‘get_nth_xfce_output’ xfce4-settings-4.20.2/dialogs/display-settings/main.c:730:8: branch_false: following ‘false’ branch... xfce4-settings-4.20.2/dialogs/display-settings/main.c:737:5: branch_false: ...to here xfce4-settings-4.20.2/dialogs/display-settings/main.c:744:5: danger: dereference of NULL ‘get_nth_xfce_output(settings, selected_id)’ # 742| # 743| /* Walk all supported modes */ # 744|-> modes = output->modes; # 745| for (guint n = 0; n < output->n_modes; n++) # 746| { Error: GCC_ANALYZER_WARNING (CWE-688): [#def9] xfce4-settings-4.20.2/dialogs/mime-settings/xfce-mime-chooser.c:648:11: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected xfce4-settings-4.20.2/dialogs/mime-settings/xfce-mime-chooser.c:633:1: enter_function: entry to ‘xfce_mime_chooser_get_app_info’ xfce4-settings-4.20.2/dialogs/mime-settings/xfce-mime-chooser.c:642:6: branch_true: following ‘true’ branch... xfce4-settings-4.20.2/dialogs/mime-settings/xfce-mime-chooser.c:644:34: branch_true: ...to here xfce4-settings-4.20.2/dialogs/mime-settings/xfce-mime-chooser.c:648:11: danger: argument 1 (‘<unknown>’) NULL where non-null expected #argument 1 of ‘__builtin_strchr’ must be non-null # 646| /* determine the path for the custom command */ # 647| path = g_strdup (exec); # 648|-> s = strchr (path, ' '); # 649| if (G_UNLIKELY (s != NULL)) # 650| *s = '\0';
| analyzer-version-clippy | 1.90.0 |
| analyzer-version-cppcheck | 2.18.3 |
| analyzer-version-gcc | 15.2.1 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-117.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | xfce4-settings-4.20.2-1.fc44 |
| store-results-to | /tmp/tmpfqxyrpbn/xfce4-settings-4.20.2-1.fc44.tar.xz |
| time-created | 2025-10-28 20:47:22 |
| time-finished | 2025-10-28 20:51:03 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmpfqxyrpbn/xfce4-settings-4.20.2-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpfqxyrpbn/xfce4-settings-4.20.2-1.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251027.143044.ge6b947b-1.el9 |