✘New compile warnings...

Gary E. Miller gem at rellim.com
Mon Nov 1 01:33:51 UTC 2021


Yo All!

I am getting new warnings when I compile NTPsec.  See below

gcc version: 
    armv7a-unknown-linux-gnueabihf-10.3.0


RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588

	    Veritas liberabit vos. -- Quid est veritas?
    "If you can't measure it, you can't improve it." - Lord Kelvin


[...]
[195/312] Compiling libntp/authreadkeys.c
../../libntp/authkeys.c: In function ‘alloc_auth_info’:
../../libntp/authkeys.c:295:16: warning: dereference of NULL ‘auth’ [CWE-690] [-Wanalyzer-null-dereference]
  295 |   auth->cipher = NULL;
      |                ^
  ‘auth_setkey’: events 1-2
    |
    |  419 | auth_setkey(
    |      | ^~~~~~~~~~~
    |      | |
    |      | (1) entry to ‘auth_setkey’
    |......
    |  476 |  alloc_auth_info(bucket, keyno, type, name, 0,
    |      |  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |  |
    |      |  (2) calling ‘alloc_auth_info’ from ‘auth_setkey’
    |  477 |       (unsigned short)key_size, newkey);
    |      |       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |
    +--> ‘alloc_auth_info’: events 3-4
           |
           |  270 | alloc_auth_info(
           |      | ^~~~~~~~~~~~~~~
           |      | |
           |      | (3) entry to ‘alloc_auth_info’
           |......
           |  282 |  if (authnumfreekeys < 1) {
           |      |     ~
           |      |     |
           |      |     (4) following ‘false’ branch...
           |
         ‘alloc_auth_info’: event 5
           |
           |../../include/ntp_lists.h:171:1:
           |  171 | do {        \
           |      | ^~
           |      | |
           |      | (5) ...to here
../../libntp/authkeys.c:285:2: note: in expansion of macro ‘UNLINK_HEAD_SLIST’
           |  285 |  UNLINK_HEAD_SLIST(auth, authfreekeys, llink.f);
           |      |  ^~~~~~~~~~~~~~~~~
           |
         ‘alloc_auth_info’: event 6
           |
           |../../include/ntp_lists.h:173:5:
           |  173 |  if (NULL != (punlinked)) {    \
           |      |     ^
           |      |     |
           |      |     (6) following ‘false’ branch (when ‘auth’ is NULL)...
../../libntp/authkeys.c:285:2: note: in expansion of macro ‘UNLINK_HEAD_SLIST’
           |  285 |  UNLINK_HEAD_SLIST(auth, authfreekeys, llink.f);
           |      |  ^~~~~~~~~~~~~~~~~
           |
         ‘alloc_auth_info’: event 7
           |
           |../../include/ntp_lists.h:177:9:
           |  177 | } while (false)
           |      |         ^
           |      |         |
           |      |         (7) ...to here
../../libntp/authkeys.c:285:2: note: in expansion of macro ‘UNLINK_HEAD_SLIST’
           |  285 |  UNLINK_HEAD_SLIST(auth, authfreekeys, llink.f);
           |      |  ^~~~~~~~~~~~~~~~~
           |
         ‘alloc_auth_info’: events 8-10
           |
           |  292 |  switch (type) {
           |      |  ^~~~~~
           |      |  |
           |      |  (8) following ‘case 0:’ branch...
           |  293 |    case AUTH_NONE:
           |      |    ~~~~
           |      |    |
           |      |    (9) ...to here
           |      |    (10) ‘auth’ is NULL
           |
         ‘alloc_auth_info’: event 11
           |
           |  295 |   auth->cipher = NULL;
           |      |                ^
           |      |                |
           |      |                (11) dereference of NULL ‘auth’
           |
In file included from ../../include/ntp.h:14,
                 from ../../libntp/authkeys.c:10:
../../include/ntp_lists.h:130:21: warning: dereference of NULL ‘auth’ [CWE-690] [-Wanalyzer-null-dereference]
  130 |  (pentry)->nextlink = (listhead);   \
      |  ~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~
../../libntp/authkeys.c:309:2: note: in expansion of macro ‘LINK_SLIST’
  309 |  LINK_SLIST(*bucket, auth, hlink);
      |  ^~~~~~~~~~
  ‘auth_setkey’: events 1-2
    |
    |  419 | auth_setkey(
    |      | ^~~~~~~~~~~
    |      | |
    |      | (1) entry to ‘auth_setkey’
    |......
    |  476 |  alloc_auth_info(bucket, keyno, type, name, 0,
    |      |  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |  |
    |      |  (2) calling ‘alloc_auth_info’ from ‘auth_setkey’
    |  477 |       (unsigned short)key_size, newkey);
    |      |       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |
    +--> ‘alloc_auth_info’: events 3-4
           |
           |  270 | alloc_auth_info(
           |      | ^~~~~~~~~~~~~~~
           |      | |
           |      | (3) entry to ‘alloc_auth_info’
           |......
           |  282 |  if (authnumfreekeys < 1) {
           |      |     ~
           |      |     |
           |      |     (4) following ‘false’ branch...
           |
         ‘alloc_auth_info’: event 5
           |
           |../../include/ntp_lists.h:171:1:
           |  171 | do {        \
           |      | ^~
           |      | |
           |      | (5) ...to here
../../libntp/authkeys.c:285:2: note: in expansion of macro ‘UNLINK_HEAD_SLIST’
           |  285 |  UNLINK_HEAD_SLIST(auth, authfreekeys, llink.f);
           |      |  ^~~~~~~~~~~~~~~~~
           |
         ‘alloc_auth_info’: event 6
           |
           |../../include/ntp_lists.h:173:5:
           |  173 |  if (NULL != (punlinked)) {    \
           |      |     ^
           |      |     |
           |      |     (6) following ‘false’ branch (when ‘auth’ is NULL)...
../../libntp/authkeys.c:285:2: note: in expansion of macro ‘UNLINK_HEAD_SLIST’
           |  285 |  UNLINK_HEAD_SLIST(auth, authfreekeys, llink.f);
           |      |  ^~~~~~~~~~~~~~~~~
           |
         ‘alloc_auth_info’: event 7
           |
           |../../include/ntp_lists.h:177:9:
           |  177 | } while (false)
           |      |         ^
           |      |         |
           |      |         (7) ...to here
../../libntp/authkeys.c:285:2: note: in expansion of macro ‘UNLINK_HEAD_SLIST’
           |  285 |  UNLINK_HEAD_SLIST(auth, authfreekeys, llink.f);
           |      |  ^~~~~~~~~~~~~~~~~
           |
         ‘alloc_auth_info’: events 8-10
           |
           |  292 |  switch (type) {
           |      |  ^~~~~~
           |      |  |
           |      |  (8) following ‘case 2:’ branch...
           |......
           |  297 |    case AUTH_DIGEST:
           |      |    ~~~~
           |      |    |
           |      |    (9) ...to here
           |      |    (10) ‘auth’ is NULL
           |
         ‘alloc_auth_info’: event 11
           |
           |../../include/ntp_lists.h:130:21:
           |  130 |  (pentry)->nextlink = (listhead);   \
           |      |  ~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~
           |      |                     |
           |      |                     (11) dereference of NULL ‘auth’
../../libntp/authkeys.c:309:2: note: in expansion of macro ‘LINK_SLIST’
           |  309 |  LINK_SLIST(*bucket, auth, hlink);
           |      |  ^~~~~~~~~~
           |

[196/312] Compiling libntp/prettydate.c

[...]

[230/312] Compiling ntpd/ntp_control.c
../../ntpd/ntp_monitor.c: In function ‘mon_get_oldest_age’:
../../ntpd/ntp_monitor.c:295:18: warning: dereference of NULL ‘<unknown>’ [CWE-690] [-Wanalyzer-null-dereference]
  295 |     now -= oldest->last;
      |            ~~~~~~^~~~~~
  ‘mon_get_oldest_age’: events 1-2
    |
    |  292 |     if (mon_data.mru_entries == 0)
    |      |        ^
    |      |        |
    |      |        (1) following ‘false’ branch...
    |  293 |  return 0;
    |  294 |     oldest = TAIL_DLIST(mon_data.mon_mru_list, mru);
    |      |     ~~~~~~
    |      |     |
    |      |     (2) ...to here
    |
  ‘mon_get_oldest_age’: event 3
    |
    |../../include/ntp_lists.h:377:7:
    |  374 |  (       \
    |      |  ~~~~~~~~~
    |  375 |   (&(listhead) != (listhead).link.b)  \
    |      |   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |  376 |       ? (listhead).link.b    \
    |      |       ~~~~~~~~~~~~~~~~~~~~~~~~
    |  377 |       : NULL     \
    |      |       ^~~~~~~~~~~~
    |      |       |
    |      |       (3) following ‘false’ branch...
    |  378 |  )
    |      |  ~     
../../ntpd/ntp_monitor.c:294:14: note: in expansion of macro ‘TAIL_DLIST’
    |  294 |     oldest = TAIL_DLIST(mon_data.mon_mru_list, mru);
    |      |              ^~~~~~~~~~
    |
  ‘mon_get_oldest_age’: events 4-5
    |
    |  294 |     oldest = TAIL_DLIST(mon_data.mon_mru_list, mru);
    |  295 |     now -= oldest->last;
    |      |            ~~~~~~~~~~~~
    |      |                  |
    |      |                  (5) dereference of NULL ‘<unknown>’
    |

[231/312] Compiling ntpd/ntp_recvbuff.c
[232/312] Compiling ntpd/ntp_filegen.c
[233/312] Compiling libntp/statestr.c
In function ‘leapsec_validate’:
../../ntpd/ntp_leapsec.c:962:5: warning: leak of FILE ‘farg’ [CWE-775] [-Wanalyzer-file-leak]
  962 |  if (0 > hlseen) {
      |     ^
  ‘leapsec_load_file’: events 1-12
    |
    |  450 | leapsec_load_file(
    |      | ^~~~~~~~~~~~~~~~~
    |      | |
    |      | (1) entry to ‘leapsec_load_file’
    |......
    |  461 |  if ( !(fname && *fname) )
    |      |     ~ ~~~~~~~~~~~~~~~~~~
    |      |     | |          |
    |      |     | |          (3) ...to here
    |      |     | (4) following ‘false’ branch...
    |      |     (2) following ‘false’ branch (when ‘fname’ is non-NULL)...
    |......
    |  466 |  if (0 != stat(fname, &sb_new)) {
    |      |  ~~ ~
    |      |  |  |
    |      |  |  (6) following ‘false’ branch...
    |      |  (5) ...to here
    |......
    |  474 |  if (NULL != sb_old) {
    |      |  ~~
    |      |  |
    |      |  (7) ...to here
    |......
    |  500 |  if ((fp = fopen(fname, "r")) == NULL) {
    |      |  ~~ ~
    |      |  |  |
    |      |  |  (9) assuming ‘fp’ is non-NULL
    |      |  |  (10) following ‘false’ branch (when ‘fp’ is non-NULL)...
    |      |  (8) opened here
    |......
    |  508 |  rc = leapsec_load_stream(fp, fname, logall);
    |      |  ~~   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |  |    |
    |      |  |    (12) calling ‘leapsec_load_stream’ from ‘leapsec_load_file’
    |      |  (11) ...to here
    |
    +--> ‘leapsec_load_stream’: events 13-16
           |
           |  374 | leapsec_load_stream(
           |      | ^~~~~~~~~~~~~~~~~~~
           |      | |
           |      | (13) entry to ‘leapsec_load_stream’
           |......
           |  382 |  if (NULL == fname) {
           |      |     ~
           |      |     |
           |      |     (14) following ‘false’ branch (when ‘fname’ is non-NULL)...
           |......
           |  386 |  rcheck = leapsec_validate((leapsec_reader)getc, ifp);
           |      |  ~~~~~~   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
           |      |  |        |
           |      |  |        (16) calling ‘leapsec_validate’ from ‘leapsec_load_stream’
           |      |  (15) ...to here
           |
           +--> ‘leapsec_validate’: events 17-18
                  |
                  |  937 | leapsec_validate(
                  |      | ^~~~~~~~~~~~~~~~
                  |      | |
                  |      | (17) entry to ‘leapsec_validate’
                  |......
                  |  948 |  while (get_line(func, farg, line, sizeof(line))) {
                  |      |         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  |      |         |
                  |      |         (18) calling ‘get_line’ from ‘leapsec_validate’
                  |
                  +--> ‘get_line’: events 19-20
                         |
                         |  649 | get_line(
                         |      | ^~~~~~~~
                         |      | |
                         |      | (19) entry to ‘get_line’
                         |......
                         |  659 |  if (buff == NULL || size == 0) {
                         |      |     ~
                         |      |     |
                         |      |     (20) following ‘false’ branch...
                         |
                       ‘get_line’: event 21
                         |
                         |cc1:
                         | (21): ...to here
                         |
                       ‘get_line’: events 22-24
                         |
                         |  671 |  while (ptr != buff && isspace((uint8_t)ptr[-1])) {
                         |      |        ^
                         |      |        |
                         |      |        (22) following ‘false’ branch (when ‘ptr == buff’)...
                         |......
                         |  674 |  *ptr = '\0';
                         |      |  ~      
                         |      |  |
                         |      |  (23) ...to here
                         |  675 |  return (ptr == buff && ch == EOF) ? NULL : buff;
                         |      |         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                         |      |                                           |
                         |      |                                           (24) following ‘false’ branch...
                         |
                       ‘get_line’: event 25
                         |
                         |cc1:
                         | (25): ...to here
                         |
                  <------+
                  |
                ‘leapsec_validate’: events 26-29
                  |
                  |  948 |  while (get_line(func, farg, line, sizeof(line))) {
                  |      |        ~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  |      |        ||
                  |      |        |(26) returning to ‘leapsec_validate’ from ‘get_line’
                  |      |        (27) following ‘false’ branch...
                  |......
                  |  959 |  EVP_DigestFinal_ex(mdctx, ldig.hv, NULL);
                  |      |  ~~~~~~~~~~~~~~~~~~
                  |      |  |
                  |      |  (28) ...to here
                  |......
                  |  962 |  if (0 > hlseen) {
                  |      |     ~    
                  |      |     |
                  |      |     (29) following ‘true’ branch (when ‘hlseen < 0’)...
                  |
                ‘leapsec_validate’: event 30
                  |
                  |cc1:
                  | (30): ...to here
                  |
                ‘leapsec_validate’: event 31
                  |
                  |  962 |  if (0 > hlseen) {
                  |      |     ^
                  |      |     |
                  |      |     (31) ‘farg’ leaks here; was opened at (8)
                  |

[234/312] Compiling libntp/msyslog.c
[235/312] Compiling libntp/hextolfp.c
[236/312] Compiling libntp/timespecops.c
[237/312] Compiling libntp/prettydate.c
[238/312] Compiling libntp/ntp_calendar.c
[239/312] Compiling libntp/lib_strbuf.c
[240/312] Linking build/main/ntpd/libntpd_lib.a
[241/312] Compiling libntp/ntp_random.c
[242/312] Compiling libntp/assert.c
[243/312] Compiling libntp/ntp_c.c
[244/312] Compiling libntp/pymodule-mac.c
[245/312] Compiling libntp/clockwork.c
[246/312] Compiling libntp/emalloc.c
[247/312] Compiling libntp/strl_obsd.c
[248/312] Compiling libntp/systime.c
[249/312] Compiling ntpd/refclock_conf.c
[250/312] Compiling ntpd/ntp_wrapdate.c
[251/312] Compiling ntpd/ntp_refclock.c
[252/312] Compiling ntpd/refclock_local.c
[253/312] Compiling ntpd/refclock_spectracom.c
[254/312] Compiling ntpd/refclock_truetime.c
[255/312] Linking build/main/pylib/libntpc.so
[256/312] Compiling ntpd/refclock_generic.c
[257/312] Compiling ntpd/refclock_arbiter.c
[258/312] Compiling ntpd/refclock_modem.c
[259/312] Compiling ntpd/refclock_nmea.c
[260/312] Compiling ntpd/refclock_pps.c
[261/312] Compiling ntpd/refclock_hpgps.c
[262/312] Compiling ntpd/refclock_shm.c
[263/312] Compiling ntpd/refclock_trimble.c
[264/312] Compiling ntpd/refclock_oncore.c
[265/312] Compiling ntpd/refclock_jjy.c
[266/312] Compiling ntpd/refclock_zyfer.c
[267/312] Compiling ntpd/refclock_gpsd.c
[268/312] Compiling build/host/ntpd/ntp_parser.tab.c
[269/312] Compiling ntpd/ntp_timer.c
[270/312] Compiling ntpd/ntp_packetstamp.c
[271/312] Compiling ntpd/ntp_proto.c
[272/312] Compiling ntpd/ntp_config.c
[273/312] Compiling ntpd/ntp_io.c
[274/312] Compiling ntpd/ntp_sandbox.c
[275/312] Compiling ntpd/ntp_dns.c
[276/312] Compiling ntpd/ntp_scanner.c
../../ntpd/ntp_scanner.c: In function ‘lex_push_file’:
../../ntpd/ntp_scanner.c:434:4: warning: use of possibly-NULL ‘baselist’ where non-null expected [CWE-690] [-Wanalyzer-possible-null-argument]
  434 |    qsort(baselist, (size_t)basecount, sizeof(char *),
      |    ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  435 |                               rcmpstring);
      |                               ~~~~~~~~~~~
  ‘lex_push_file’: events 1-4
    |
    |  401 | bool lex_push_file(
    |      |      ^~~~~~~~~~~~~
    |      |      |
    |      |      (1) entry to ‘lex_push_file’
    |......
    |  407 |  if (NULL != path) {
    |      |     ~ 
    |      |     |
    |      |     (2) following ‘true’ branch (when ‘path’ is non-NULL)...
    |  408 |   char fullpath[PATH_MAX];
    |      |   ~~~~
    |      |   |
    |      |   (3) ...to here
    |......
    |  415 |   if (is_directory(fullpath)) {
    |      |       ~~~~~~~~~~~~~~~~~~~~~~
    |      |       |
    |      |       (4) calling ‘is_directory’ from ‘lex_push_file’
    |
    +--> ‘is_directory’: event 5
           |
           |  364 | bool is_directory(const char *path) {
           |      |      ^~~~~~~~~~~~
           |      |      |
           |      |      (5) entry to ‘is_directory’
           |
         ‘is_directory’: event 6
           |
           |  366 |  return stat(path, &sb) == 0 && S_ISDIR(sb.st_mode);
           |      |                              ^
           |      |                              |
           |      |                              (6) following ‘true’ branch...
           |
         ‘is_directory’: event 7
           |
           |  366 |  return stat(path, &sb) == 0 && S_ISDIR(sb.st_mode);
           |      |                                           ^
           |      |                                           |
           |      |                                           (7) ...to here
           |
         ‘is_directory’: event 8
           |
           |  366 |  return stat(path, &sb) == 0 && S_ISDIR(sb.st_mode);
           |      |                              ^
           |      |                              |
           |      |                              (8) following ‘true’ branch...
           |
         ‘is_directory’: event 9
           |
           |
    <------+
    |
  ‘lex_push_file’: events 10-18
    |
    |  415 |   if (is_directory(fullpath)) {
    |      |      ~^~~~~~~~~~~~~~~~~~~~~~
    |      |      ||
    |      |      |(10) returning to ‘lex_push_file’ from ‘is_directory’
    |      |      (11) following ‘true’ branch...
    |  416 |    /* directory scanning */
    |  417 |    DIR *dfd;
    |      |    ~~~ 
    |      |    |
    |      |    (12) ...to here
    |......
    |  421 |    if ((dfd = opendir(fullpath)) == NULL)
    |      |       ~
    |      |       |
    |      |       (13) following ‘false’ branch (when ‘dfd’ is non-NULL)...
    |  422 |     return false;
    |  423 |    baselist = (char **)malloc(sizeof(char *));
    |      |    ~~~~~~~~
    |      |    |
    |      |    (14) ...to here
    |      |    (15) this call could return NULL
    |  424 |    while ((dp = readdir(dfd)) != NULL)
    |      |          ~
    |      |          |
    |      |          (16) following ‘false’ branch (when ‘dp’ is NULL)...
    |......
    |  433 |    closedir(dfd);
    |      |    ~~~~~~~~
    |      |    |
    |      |    (17) ...to here
    |  434 |    qsort(baselist, (size_t)basecount, sizeof(char *),
    |      |    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |    |
    |      |    (18) argument 1 (‘baselist’) from (15) could be NULL where non-null expected
    |  435 |                               rcmpstring);
    |      |                               ~~~~~~~~~~~
    |
In file included from ../../ntpd/ntp_scanner.c:18:
/usr/include/stdlib.h:830:13: note: argument 1 of ‘qsort’ must be non-null
  830 | extern void qsort (void *__base, size_t __nmemb, size_t __size,
      |             ^~~~~

[277/312] Compiling ntpd/ntp_peer.c

[...]

[318/475] Compiling tests/common/tests_main.c
In function ‘unity_malloc’:
../../tests/unity/unity_memory.c:104:5: warning: leak of ‘guard’ [CWE-401] [-Wanalyzer-malloc-leak]
  104 |     return (void*)mem;
      |     ^~~~~~
  ‘unity_malloc’: events 1-7
    |
    |   82 |     if (size == 0) return NULL;
    |      |        ^
    |      |        |
    |      |        (1) following ‘false’ branch (when ‘size != 0’)...
    |......
    |   95 |     guard = (Guard*)UNITY_MALLOC(total_size);
    |      |     ~~~~~
    |      |     |
    |      |     (2) ...to here
    |      |     (3) allocated here
    |   96 | #endif
    |   97 |     if (guard == NULL) return NULL;
    |      |        ~
    |      |        |
    |      |        (4) assuming ‘guard’ is non-NULL
    |      |        (5) following ‘false’ branch (when ‘guard’ is non-NULL)...
    |   98 |     malloc_count++;
    |      |     ~~~~~~~~~~~~
    |      |     |
    |      |     (6) ...to here
    |......
    |  104 |     return (void*)mem;
    |      |     ~~~~~~
    |      |     |
    |      |     (7) ‘guard’ leaks here; was allocated at (3)
    |

[319/475] Compiling tests/libntp/vi64ops.c
[...]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20211031/a80f9858/attachment.bin>


More information about the devel mailing list