libpst-0.6.76
List of Defects
Error: CHECKED_RETURN (CWE-252): [#def1]
libpst-devel/python/python-libpst.cpp:69: check_return: Calling "pst_load_index" without checking return value (as is done elsewhere 5 out of 6 times).
libpst-devel/src/dumpblocks.c:42: example_checked: Example 1: "pst_load_index(&pstfile)" has its value checked in "pst_load_index(&pstfile)".
libpst-devel/src/getidblock.c:125: example_checked: Example 2: "pst_load_index(&pstfile)" has its value checked in "pst_load_index(&pstfile) != 0".
libpst-devel/src/lspst.c:263: example_checked: Example 3: "pst_load_index(&pstfile)" has its value checked in "pst_load_index(&pstfile)".
libpst-devel/src/pst2ldif.cpp:633: example_checked: Example 4: "pst_load_index(&pstfile)" has its value checked in "pst_load_index(&pstfile)".
libpst-devel/src/readpst.c:622: example_checked: Example 5: "pst_load_index(&pstfile)" has its value checked in "pst_load_index(&pstfile)".
# 67| topf = NULL;
# 68| if (is_open) {
# 69|-> ::pst_load_index(&pf);
# 70| ::pst_load_extended_attributes(&pf);
# 71| if (pf.d_head) root = ::pst_parse_item(&pf, pf.d_head, NULL);
Error: CHECKED_RETURN (CWE-252): [#def2]
libpst-devel/src/deltasearch.cpp:53: check_return: Calling "fstat(fd, &st)" without checking return value. This library function may fail and return an error code.
# 51| if (fd) {
# 52| struct stat st;
# 53|-> fstat(fd, &st);
# 54| off_t size = st.st_size;
# 55| vector <char> buf(size);
Error: NEGATIVE_RETURNS (CWE-394): [#def3]
libpst-devel/src/deltasearch.cpp:47: negative_return_fn: Function "open(argv[1], 0)" returns a negative number. [Note: The source code implementation of the function has been overridden by a user model.]
libpst-devel/src/deltasearch.cpp:47: assign: Assigning: "fd" = "open(argv[1], 0)".
libpst-devel/src/deltasearch.cpp:53: negative_returns: "fd" is passed to a parameter that cannot be negative.
# 51| if (fd) {
# 52| struct stat st;
# 53|-> fstat(fd, &st);
# 54| off_t size = st.st_size;
# 55| vector <char> buf(size);
Error: NEGATIVE_RETURNS (CWE-394): [#def4]
libpst-devel/src/deltasearch.cpp:56: negative_return_fn: Function "read(fd, buf[0UL], size)" returns a negative number. [Note: The source code implementation of the function has been overridden by a builtin model.]
libpst-devel/src/deltasearch.cpp:56: assign: Assigning: "s" = "read(fd, buf[0UL], size)".
libpst-devel/src/deltasearch.cpp:57: negative_returns: "s" is passed to a parameter that cannot be negative.
# 55| vector <char> buf(size);
# 56| size_t s = read(fd, &buf[0], size);
# 57|-> pst_debug_hexdumper(stdout, &buf[0], s, 16, 0);
# 58| printf("\n\n dump decrypted data \n");
# 59| for (off_t i=0; i<size; i++) {
Error: NEGATIVE_RETURNS (CWE-394): [#def5]
libpst-devel/src/deltasearch.cpp:56: negative_return_fn: Function "read(fd, buf[0UL], size)" returns a negative number. [Note: The source code implementation of the function has been overridden by a builtin model.]
libpst-devel/src/deltasearch.cpp:56: assign: Assigning: "s" = "read(fd, buf[0UL], size)".
libpst-devel/src/deltasearch.cpp:62: negative_returns: "s" is passed to a parameter that cannot be negative.
# 60| buf[i] = comp_enc[(unsigned char)buf[i]];
# 61| }
# 62|-> pst_debug_hexdumper(stdout, &buf[0], s, 16, 0);
# 63| close(fd);
# 64| }
Error: RESOURCE_LEAK (CWE-772): [#def6] [important]
libpst-devel/src/getidblock.c:56: alloc_fn: Storage is returned from allocation function "pst_malloc".
libpst-devel/src/getidblock.c:56: var_assign: Assigning: "ptr" = storage returned from "pst_malloc(76UL)".
libpst-devel/src/getidblock.c:57: noescape: Resource "ptr" is not freed or pointed-to in "memset". [Note: The source code implementation of the function has been overridden by a builtin model.]
libpst-devel/src/getidblock.c:60: noescape: Resource "ptr" is not freed or pointed-to in "pst_parse_item".
libpst-devel/src/getidblock.c:63: leaked_storage: Variable "ptr" going out of scope leaks the storage it points to.
# 61| if (item) pst_freeItem(item);
# 62| }
# 63|-> }
# 64|
# 65|
Error: REVERSE_INULL (CWE-476): [#def7]
libpst-devel/src/libpst.c:1054: alias: Assigning: "bptr" = "buf".
libpst-devel/src/libpst.c:1055: deref_ptr_in_call: Dereferencing pointer "buf".
libpst-devel/src/libpst.c:1065: check_after_deref: Null-checking "buf" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
# 1063| if (item_count > count_max) {
# 1064| DEBUG_WARN(("Item count %"PRIi32" too large, max is %"PRIi32"\n", item_count, count_max));
# 1065|-> if (buf) free(buf);
# 1066| DEBUG_RET();
# 1067| return -1;
Error: REVERSE_INULL (CWE-476): [#def8]
libpst-devel/src/libpst.c:1054: alias: Assigning: "bptr" = "buf".
libpst-devel/src/libpst.c:1055: deref_ptr_in_call: Dereferencing pointer "buf".
libpst-devel/src/libpst.c:1072: check_after_deref: Null-checking "buf" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
# 1070| if (index.id != linku1) {
# 1071| DEBUG_WARN(("Backlink %#"PRIx64" in this node does not match required %#"PRIx64"\n", index.id, linku1));
# 1072|-> if (buf) free(buf);
# 1073| DEBUG_RET();
# 1074| return -1;
Error: PRINTF_ARGS (CWE-685): [#def9]
libpst-devel/src/libpst.c:1086: extra_argument: This argument was not used by the format string: "index.size".
# 1084| x++;
# 1085| if (index.id == 0) break;
# 1086|-> DEBUG_INFO(("["PRIi32"]%"PRIi32" Item [id = %#"PRIx64", offset = %#"PRIx64", u1 = %#"PRIx32", size = %"PRIu16"(%#"PRIx16")]\n",
# 1087| depth, x, index.id, index.offset, index.u1, index.size, index.size));
# 1088| // if (index.id & 0x02) DEBUG_INFO(("two-bit set!!\n"));
Error: PRINTF_ARGS (CWE-686): [#def10]
libpst-devel/src/libpst.c:1086: invalid_type: Argument "index.offset" to format specifier "%#x" was expected to have type "unsigned int" but has type "unsigned long".
# 1084| x++;
# 1085| if (index.id == 0) break;
# 1086|-> DEBUG_INFO(("["PRIi32"]%"PRIi32" Item [id = %#"PRIx64", offset = %#"PRIx64", u1 = %#"PRIx32", size = %"PRIu16"(%#"PRIx16")]\n",
# 1087| depth, x, index.id, index.offset, index.u1, index.size, index.size));
# 1088| // if (index.id & 0x02) DEBUG_INFO(("two-bit set!!\n"));
Error: PRINTF_ARGS (CWE-686): [#def11]
libpst-devel/src/libpst.c:1086: invalid_type: Argument "x" to format specifier "%#lx" was expected to have type "unsigned long" but has type "int".
# 1084| x++;
# 1085| if (index.id == 0) break;
# 1086|-> DEBUG_INFO(("["PRIi32"]%"PRIi32" Item [id = %#"PRIx64", offset = %#"PRIx64", u1 = %#"PRIx32", size = %"PRIu16"(%#"PRIx16")]\n",
# 1087| depth, x, index.id, index.offset, index.u1, index.size, index.size));
# 1088| // if (index.id & 0x02) DEBUG_INFO(("two-bit set!!\n"));
Error: REVERSE_INULL (CWE-476): [#def12]
libpst-devel/src/libpst.c:1054: alias: Assigning: "bptr" = "buf".
libpst-devel/src/libpst.c:1055: deref_ptr_in_call: Dereferencing pointer "buf".
libpst-devel/src/libpst.c:1091: check_after_deref: Null-checking "buf" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
# 1089| if ((index.id >= end_val) || (index.id < old)) {
# 1090| DEBUG_WARN(("This item isn't right. Must be corruption, or I got it wrong!\n"));
# 1091|-> if (buf) free(buf);
# 1092| DEBUG_RET();
# 1093| return -1;
Error: PRINTF_ARGS (CWE-685): [#def13]
libpst-devel/src/libpst.c:1121: extra_argument: This argument was not used by the format string: "table.offset".
# 1119| table2.start = end_val;
# 1120| }
# 1121|-> DEBUG_INFO(("["PRIi32"] "PRIi32" Index Table [start id = %#"PRIx64", u1 = %#"PRIx64", offset = %#"PRIx64", end id = %#"PRIx64"]\n",
# 1122| depth, x, table.start, table.u1, table.offset, table2.start));
# 1123| if ((table.start >= end_val) || (table.start < old)) {
Error: PRINTF_ARGS (CWE-686): [#def14]
libpst-devel/src/libpst.c:1121: invalid_type: Argument "depth" to format specifier "%#lx" was expected to have type "unsigned long" but has type "int".
# 1119| table2.start = end_val;
# 1120| }
# 1121|-> DEBUG_INFO(("["PRIi32"] "PRIi32" Index Table [start id = %#"PRIx64", u1 = %#"PRIx64", offset = %#"PRIx64", end id = %#"PRIx64"]\n",
# 1122| depth, x, table.start, table.u1, table.offset, table2.start));
# 1123| if ((table.start >= end_val) || (table.start < old)) {
Error: PRINTF_ARGS (CWE-686): [#def15]
libpst-devel/src/libpst.c:1121: invalid_type: Argument "x" to format specifier "%#lx" was expected to have type "unsigned long" but has type "int".
# 1119| table2.start = end_val;
# 1120| }
# 1121|-> DEBUG_INFO(("["PRIi32"] "PRIi32" Index Table [start id = %#"PRIx64", u1 = %#"PRIx64", offset = %#"PRIx64", end id = %#"PRIx64"]\n",
# 1122| depth, x, table.start, table.u1, table.offset, table2.start));
# 1123| if ((table.start >= end_val) || (table.start < old)) {
Error: REVERSE_INULL (CWE-476): [#def16]
libpst-devel/src/libpst.c:1054: alias: Assigning: "bptr" = "buf".
libpst-devel/src/libpst.c:1055: deref_ptr_in_call: Dereferencing pointer "buf".
libpst-devel/src/libpst.c:1125: check_after_deref: Null-checking "buf" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
# 1123| if ((table.start >= end_val) || (table.start < old)) {
# 1124| DEBUG_WARN(("This table isn't right. Must be corruption, or I got it wrong!\n"));
# 1125|-> if (buf) free(buf);
# 1126| DEBUG_RET();
# 1127| return -1;
Error: REVERSE_INULL (CWE-476): [#def17]
libpst-devel/src/libpst.c:1054: alias: Assigning: "bptr" = "buf".
libpst-devel/src/libpst.c:1055: deref_ptr_in_call: Dereferencing pointer "buf".
libpst-devel/src/libpst.c:1133: check_after_deref: Null-checking "buf" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
# 1131| }
# 1132| }
# 1133|-> if (buf) free (buf);
# 1134| DEBUG_RET();
# 1135| return 0;
Error: REVERSE_INULL (CWE-476): [#def18]
libpst-devel/src/libpst.c:1165: alias: Assigning: "bptr" = "buf".
libpst-devel/src/libpst.c:1167: deref_ptr: Directly dereferencing pointer "buf".
libpst-devel/src/libpst.c:1176: check_after_deref: Null-checking "buf" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
# 1174| if (desc_rec.d_id != linku1) {
# 1175| DEBUG_WARN(("Backlink %#"PRIx64" in this node does not match required %#"PRIx64"\n", desc_rec.d_id, linku1));
# 1176|-> if (buf) free(buf);
# 1177| DEBUG_RET();
# 1178| return -1;
Error: REVERSE_INULL (CWE-476): [#def19]
libpst-devel/src/libpst.c:1165: alias: Assigning: "bptr" = "buf".
libpst-devel/src/libpst.c:1167: deref_ptr: Directly dereferencing pointer "buf".
libpst-devel/src/libpst.c:1186: check_after_deref: Null-checking "buf" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
# 1184| if (item_count > count_max) {
# 1185| DEBUG_WARN(("Item count %"PRIi32" too large, max is %"PRIi32"\n", item_count, count_max));
# 1186|-> if (buf) free(buf);
# 1187| DEBUG_RET();
# 1188| return -1;
Error: PRINTF_ARGS (CWE-685): [#def20]
libpst-devel/src/libpst.c:1193: extra_argument: This argument was not used by the format string: "desc_rec.parent_d_id".
# 1191| pst_decode_desc(pf, &desc_rec, bptr);
# 1192| bptr += entry_size;
# 1193|-> DEBUG_INFO(("["PRIi32"] Item(%#x) = [d_id = %#"PRIx64", desc_id = %#"PRIx64", tree_id = %#"PRIx64", parent_d_id = %#"PRIx32"]\n",
# 1194| depth, x, desc_rec.d_id, desc_rec.desc_id, desc_rec.tree_id, desc_rec.parent_d_id));
# 1195| if ((desc_rec.d_id >= end_val) || (desc_rec.d_id < old)) {
Error: PRINTF_ARGS (CWE-686): [#def21]
libpst-devel/src/libpst.c:1193: invalid_type: Argument "desc_rec.tree_id" to format specifier "%#x" was expected to have type "unsigned int" but has type "unsigned long".
# 1191| pst_decode_desc(pf, &desc_rec, bptr);
# 1192| bptr += entry_size;
# 1193|-> DEBUG_INFO(("["PRIi32"] Item(%#x) = [d_id = %#"PRIx64", desc_id = %#"PRIx64", tree_id = %#"PRIx64", parent_d_id = %#"PRIx32"]\n",
# 1194| depth, x, desc_rec.d_id, desc_rec.desc_id, desc_rec.tree_id, desc_rec.parent_d_id));
# 1195| if ((desc_rec.d_id >= end_val) || (desc_rec.d_id < old)) {
Error: PRINTF_ARGS (CWE-686): [#def22]
libpst-devel/src/libpst.c:1193: invalid_type: Argument "x" to format specifier "%#lx" was expected to have type "unsigned long" but has type "int".
# 1191| pst_decode_desc(pf, &desc_rec, bptr);
# 1192| bptr += entry_size;
# 1193|-> DEBUG_INFO(("["PRIi32"] Item(%#x) = [d_id = %#"PRIx64", desc_id = %#"PRIx64", tree_id = %#"PRIx64", parent_d_id = %#"PRIx32"]\n",
# 1194| depth, x, desc_rec.d_id, desc_rec.desc_id, desc_rec.tree_id, desc_rec.parent_d_id));
# 1195| if ((desc_rec.d_id >= end_val) || (desc_rec.d_id < old)) {
Error: REVERSE_INULL (CWE-476): [#def23]
libpst-devel/src/libpst.c:1165: alias: Assigning: "bptr" = "buf".
libpst-devel/src/libpst.c:1167: deref_ptr: Directly dereferencing pointer "buf".
libpst-devel/src/libpst.c:1198: check_after_deref: Null-checking "buf" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
# 1196| DEBUG_WARN(("This item isn't right. Must be corruption, or I got it wrong!\n"));
# 1197| DEBUG_HEXDUMPC(buf, DESC_BLOCK_SIZE, 16);
# 1198|-> if (buf) free(buf);
# 1199| DEBUG_RET();
# 1200| return -1;
Error: REVERSE_INULL (CWE-476): [#def24]
libpst-devel/src/libpst.c:1165: alias: Assigning: "bptr" = "buf".
libpst-devel/src/libpst.c:1167: deref_ptr: Directly dereferencing pointer "buf".
libpst-devel/src/libpst.c:1218: check_after_deref: Null-checking "buf" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
# 1216| if (item_count > count_max) {
# 1217| DEBUG_WARN(("Item count %"PRIi32" too large, max is %"PRIi32"\n", item_count, count_max));
# 1218|-> if (buf) free(buf);
# 1219| DEBUG_RET();
# 1220| return -1;
Error: REVERSE_INULL (CWE-476): [#def25]
libpst-devel/src/libpst.c:1165: alias: Assigning: "bptr" = "buf".
libpst-devel/src/libpst.c:1167: deref_ptr: Directly dereferencing pointer "buf".
libpst-devel/src/libpst.c:1236: check_after_deref: Null-checking "buf" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
# 1234| if ((table.start >= end_val) || (table.start < old)) {
# 1235| DEBUG_WARN(("This table isn't right. Must be corruption, or I got it wrong!\n"));
# 1236|-> if (buf) free(buf);
# 1237| DEBUG_RET();
# 1238| return -1;
Error: REVERSE_INULL (CWE-476): [#def26]
libpst-devel/src/libpst.c:1165: alias: Assigning: "bptr" = "buf".
libpst-devel/src/libpst.c:1167: deref_ptr: Directly dereferencing pointer "buf".
libpst-devel/src/libpst.c:1244: check_after_deref: Null-checking "buf" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
# 1242| }
# 1243| }
# 1244|-> if (buf) free(buf);
# 1245| DEBUG_RET();
# 1246| return 0;
Error: SIZEOF_MISMATCH (CWE-398): [#def27]
libpst-devel/src/libpst.c:1689: suspicious_sizeof: Passing argument "32UL /* sizeof (pst_mapi_element) */ * num_mapi_elements" to function "pst_malloc" and then casting the return value to "struct pst_mapi_element **" is suspicious.
# 1687| mo_head = mo_ptr;
# 1688| // allocate the array of mapi elements
# 1689|-> mo_ptr->elements = (pst_mapi_element**) pst_malloc(sizeof(pst_mapi_element)*num_mapi_elements);
# 1690| mo_ptr->count_elements = num_mapi_elements;
# 1691| mo_ptr->orig_count = num_mapi_elements;
Error: PRINTF_ARGS (CWE-475): [#def28]
libpst-devel/src/libpst.c:1896: format_error: Flag "#" not applicable to conversion specifier in "%#p".
# 1894| x++;
# 1895| }
# 1896|-> DEBUG_INFO(("increasing ind2_ptr by %"PRIi32" [%#"PRIx32"] bytes. Was %p, Now %#p\n", rec_size, rec_size, (void*)ind2_ptr, (void*)(ind2_ptr+rec_size)));
# 1897| ind2_ptr += rec_size;
# 1898| // ind2 rows do not get split between blocks. See PST spec, 2.3.4.4 "Row Matrix".
Error: FORWARD_NULL (CWE-476): [#def29]
libpst-devel/src/libpst.c:3305: assign_zero: Assigning: "buf" = "NULL".
libpst-devel/src/libpst.c:3311: no_write_call: Although "pst_read_block_size" does overwrite "buf" on some paths, it also contains at least one feasible path which does not overwrite it.
libpst-devel/src/libpst.c:3318: var_deref_model: Passing null pointer "buf" to "pst_debug_hexdump", which dereferences it.
# 3316| return NULL;
# 3317| }
# 3318|-> DEBUG_HEXDUMPC(buf, list->size, 16);
# 3319|
# 3320| memcpy(&block_head, buf, sizeof(block_head));
Error: FORWARD_NULL (CWE-476): [#def30]
libpst-devel/src/libpst.c:3305: assign_zero: Assigning: "buf" = "NULL".
libpst-devel/src/libpst.c:3311: no_write_call: Although "pst_read_block_size" does overwrite "buf" on some paths, it also contains at least one feasible path which does not overwrite it.
libpst-devel/src/libpst.c:3320: var_deref_model: Passing null pointer "buf" to "memcpy", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
# 3318| DEBUG_HEXDUMPC(buf, list->size, 16);
# 3319|
# 3320|-> memcpy(&block_head, buf, sizeof(block_head));
# 3321| LE16_CPU(block_head.type);
# 3322| LE16_CPU(block_head.count);
Error: FORWARD_NULL (CWE-476): [#def31]
libpst-devel/src/libpst.c:4057: assign_zero: Assigning: "b" = "NULL".
libpst-devel/src/libpst.c:4060: no_write_call: Although "pst_ff_getIDblock_dec" does overwrite "b" on some paths, it also contains at least one feasible path which does not overwrite it.
libpst-devel/src/libpst.c:4061: var_deref_model: Passing "&b" to "pst_append_holder", which dereferences null "b".
# 4059| if (!(ptr->i_id & 0x02)) {
# 4060| ret = pst_ff_getIDblock_dec(pf, ptr->i_id, &b);
# 4061|-> ret = pst_append_holder(h, (size_t)0, &b, ret);
# 4062| free(b);
# 4063| } else {
Error: GCC_ANALYZER_WARNING (CWE-688): [#def32]
libpst-devel/src/libpst.c: scope_hint: In function 'pst_append_holder'
libpst-devel/src/libpst.c:4167:9: warning[-Wanalyzer-null-argument]: use of NULL 'b' where non-null expected
libpst-devel/src/libpst.c:8: included_from: Included from here.
libpst-devel/src/define.h:195:33: note: in expansion of macro 'MESSAGEPRINT2'
libpst-devel/src/libpst.c:3718:9: note: in expansion of macro 'DEBUG_INFO'
libpst-devel/src/libpst.c:8: included_from: Included from here.
libpst-devel/src/libpst.c:3998:5: note: in expansion of macro 'DEBUG_HEXDUMPC'
libpst-devel/src/define.h:22: included_from: Included from here.
libpst-devel/src/libpst.c:8: included_from: Included from here.
/usr/include/string.h:43:14: note: argument 2 of 'memcpy' must be non-null
# 4165| *(h->buf) = pst_realloc(*(h->buf), size+z+1);
# 4166| DEBUG_INFO(("appending read data of size %zu onto main buffer from pos %zu\n", z, size));
# 4167|-> memcpy(*(h->buf)+size, *buf, z);
# 4168|
# 4169| // base64 encoding to a file
Error: GCC_ANALYZER_WARNING (CWE-688): [#def33]
libpst-devel/src/libpst.c:4167:9: warning[-Wanalyzer-null-argument]: use of NULL 'buf2' where non-null expected
libpst-devel/src/libpst.c:8: included_from: Included from here.
libpst-devel/src/define.h:195:33: note: in expansion of macro 'MESSAGEPRINT2'
libpst-devel/src/libpst.c:3718:9: note: in expansion of macro 'DEBUG_INFO'
libpst-devel/src/libpst.c:8: included_from: Included from here.
libpst-devel/src/define.h:195:33: note: in expansion of macro 'MESSAGEPRINT2'
libpst-devel/src/libpst.c:4065:9: note: in expansion of macro 'DEBUG_INFO'
libpst-devel/src/libpst.c:8: included_from: Included from here.
libpst-devel/src/define.h:195:33: note: in expansion of macro 'MESSAGEPRINT2'
libpst-devel/src/libpst.c:4022:5: note: in expansion of macro 'DEBUG_INFO'
libpst-devel/src/libpst.c:8: included_from: Included from here.
libpst-devel/src/libpst.c:4099:5: note: in expansion of macro 'DEBUG_HEXDUMPC'
libpst-devel/src/libpst.c:8: included_from: Included from here.
libpst-devel/src/libpst.c:3998:5: note: in expansion of macro 'DEBUG_HEXDUMPC'
libpst-devel/src/define.h:22: included_from: Included from here.
libpst-devel/src/libpst.c:8: included_from: Included from here.
/usr/include/string.h:43:14: note: argument 2 of 'memcpy' must be non-null
# 4165| *(h->buf) = pst_realloc(*(h->buf), size+z+1);
# 4166| DEBUG_INFO(("appending read data of size %zu onto main buffer from pos %zu\n", z, size));
# 4167|-> memcpy(*(h->buf)+size, *buf, z);
# 4168|
# 4169| // base64 encoding to a file
Error: GCC_ANALYZER_WARNING (CWE-688): [#def34]
libpst-devel/src/libpst.c:4167:9: warning[-Wanalyzer-null-argument]: use of NULL 'buf3' where non-null expected
libpst-devel/src/libpst.c:8: included_from: Included from here.
libpst-devel/src/define.h:195:33: note: in expansion of macro 'MESSAGEPRINT2'
libpst-devel/src/libpst.c:3718:9: note: in expansion of macro 'DEBUG_INFO'
libpst-devel/src/libpst.c:8: included_from: Included from here.
libpst-devel/src/define.h:195:33: note: in expansion of macro 'MESSAGEPRINT2'
libpst-devel/src/libpst.c:4065:9: note: in expansion of macro 'DEBUG_INFO'
libpst-devel/src/libpst.c:8: included_from: Included from here.
libpst-devel/src/define.h:195:33: note: in expansion of macro 'MESSAGEPRINT2'
libpst-devel/src/libpst.c:4022:5: note: in expansion of macro 'DEBUG_INFO'
libpst-devel/src/libpst.c:8: included_from: Included from here.
libpst-devel/src/libpst.c:4099:5: note: in expansion of macro 'DEBUG_HEXDUMPC'
libpst-devel/src/libpst.c:8: included_from: Included from here.
libpst-devel/src/libpst.c:4099:5: note: in expansion of macro 'DEBUG_HEXDUMPC'
libpst-devel/src/libpst.c:4099:5: note: in expansion of macro 'DEBUG_HEXDUMPC'
libpst-devel/src/libpst.c:8: included_from: Included from here.
libpst-devel/src/define.h:194:33: note: in expansion of macro 'MESSAGEPRINT3'
libpst-devel/src/libpst.c:4123:9: note: in expansion of macro 'DEBUG_WARN'
libpst-devel/src/define.h:22: included_from: Included from here.
libpst-devel/src/libpst.c:8: included_from: Included from here.
/usr/include/string.h:43:14: note: argument 2 of 'memcpy' must be non-null
# 4165| *(h->buf) = pst_realloc(*(h->buf), size+z+1);
# 4166| DEBUG_INFO(("appending read data of size %zu onto main buffer from pos %zu\n", z, size));
# 4167|-> memcpy(*(h->buf)+size, *buf, z);
# 4168|
# 4169| // base64 encoding to a file
Error: COMPILER_WARNING (CWE-758): [#def35]
libpst-devel/src/libpst.c: scope_hint: In function 'pst_rfc2231'
libpst-devel/src/libpst.c:4485:22: warning[-Wpointer-sign]: pointer targets in passing argument 1 of 'snprintf' differ in signedness
# 4485 | snprintf(z, 3, "%2x", *y);
# | ^
# | |
# | uint8_t * {aka unsigned char *}
/usr/include/features.h:490: included_from: Included from here.
/usr/include/bits/libc-header-start.h:33: included_from: Included from here.
/usr/include/stdlib.h:25: included_from: Included from here.
libpst-devel/src/common.h:6: included_from: Included from here.
libpst-devel/src/libpst.h:13: included_from: Included from here.
libpst-devel/src/define.h:15: included_from: Included from here.
libpst-devel/src/libpst.c:8: included_from: Included from here.
/usr/include/bits/stdio2.h:68:1: note: expected 'char * restrict' but argument is of type 'uint8_t *' {aka 'unsigned char *'}
# 68 | __NTH (snprintf (char *__restrict __s, size_t __n,
# | ^~~~~
# 4483| if (*x <= 32) {
# 4484| *(z++) = (uint8_t)'%';
# 4485|-> snprintf(z, 3, "%2x", *y);
# 4486| z += 2;
# 4487| }
Error: OVERRUN (CWE-119): [#def36]
libpst-devel/src/msg.cpp:41: strlen_assign: Setting variable "strsize" to the return value of strlen called with argument "str.str".
libpst-devel/src/msg.cpp:42: alloc_strlen: Allocating insufficient memory for the terminating null of the string.
# 40| pst_vbuf *newer = pst_vballoc(2);
# 41| size_t strsize = strlen(str.str);
# 42|-> size_t rc = pst_vb_utf8to8bit(newer, str.str, strsize, charset);
# 43| if (rc == (size_t)-1) {
# 44| // unable to convert, change the charset to utf8
Error: RESOURCE_LEAK (CWE-772): [#def37] [important]
libpst-devel/src/pst2ldif.cpp:464: alloc_fn: Storage is returned from allocation function "realloc".
libpst-devel/src/pst2ldif.cpp:464: var_assign: Assigning: "addr" = storage returned from "realloc(address, len)".
libpst-devel/src/pst2ldif.cpp:466: var_assign: Assigning: "address" = "addr".
libpst-devel/src/pst2ldif.cpp:467: leaked_storage: Variable "addr" going out of scope leaks the storage it points to.
libpst-devel/src/pst2ldif.cpp:482: leaked_storage: Variable "address" going out of scope leaks the storage it points to.
# 480| }
# 481| va_end(ap);
# 482|-> if (i == 0) return; // Nothing to do
# 483| address[i] = 0;
# 484| print_ldif_single(attr, address);
Error: CLANG_WARNING: [#def38]
libpst-devel/src/readpst.c:210:9: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 208| // If children have called sem_post but not exited yet, we could have available > 0 but active_children == max_children
# 209| if (available && active_children < max_children) {
# 210|-> sem_wait(global_children);
# 211| pid_t child = fork();
# 212| if (child < 0) {
Error: CLANG_WARNING: [#def39]
libpst-devel/src/readpst.c:293:25: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 291| // free my child count slot before really exiting, since
# 292| // all I am doing here is waiting for my children to exit
# 293|-> sem_post(global_children);
# 294| grim_reaper(1); // wait for all my child processes to exit
# 295| exit(0); // really exit
Error: CLANG_WARNING: [#def40]
libpst-devel/src/readpst.c:482:28: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 480| break;
# 481| case 'j':
# 482|-> max_children = atoi(optarg);
# 483| max_child_specified = 1;
# 484| break;
Error: CLANG_WARNING: [#def41]
libpst-devel/src/readpst.c:502:32: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull'
# 500| break;
# 501| case 'L':
# 502|-> pst_debug_setlevel(atoi(optarg));
# 503| break;
# 504| case 'm':
Error: TOCTOU (CWE-367): [#def42]
libpst-devel/src/readpst.c:924: fs_check_call: Calling function "lstat" to perform check on "dirent->d_name".
libpst-devel/src/readpst.c:926: toctou: Calling function "unlink" that uses "dirent->d_name" after a check function. This can cause a time-of-check, time-of-use race condition.
# 922| } else {
# 923| while ((dirent = readdir(sdir))) {
# 924|-> if (lstat(dirent->d_name, &filestat) != -1)
# 925| if (S_ISREG(filestat.st_mode)) {
# 926| if (unlink(dirent->d_name)) {
Error: CHECKED_RETURN (CWE-252): [#def43]
libpst-devel/src/readpst.c:977: check_return: Calling "stat(f->name[t], &st)" without checking return value. This library function may fail and return an error code.
# 975| struct stat st;
# 976| fclose(f->output[t]);
# 977|-> stat(f->name[t], &st);
# 978| if (!st.st_size) {
# 979| DEBUG_WARN(("removing empty output file %s\n", f->name[t]));
Error: TOCTOU (CWE-367): [#def44]
libpst-devel/src/readpst.c:977: fs_check_call: Calling function "stat" to perform check on "f->name[t]".
libpst-devel/src/readpst.c:980: toctou: Calling function "remove" that uses "f->name[t]" after a check function. This can cause a time-of-check, time-of-use race condition.
# 975| struct stat st;
# 976| fclose(f->output[t]);
# 977|-> stat(f->name[t], &st);
# 978| if (!st.st_size) {
# 979| DEBUG_WARN(("removing empty output file %s\n", f->name[t]));
Error: CHECKED_RETURN (CWE-252): [#def45]
libpst-devel/src/readpst.c:980: check_return: Calling "remove(f->name[t])" without checking return value. This library function may fail and return an error code.
# 978| if (!st.st_size) {
# 979| DEBUG_WARN(("removing empty output file %s\n", f->name[t]));
# 980|-> remove(f->name[t]);
# 981| }
# 982| f->output[t] = NULL;
Error: PRINTF_ARGS (CWE-686): [#def46]
libpst-devel/src/readpst.c:1071: invalid_type: Argument "attach->data.data" to format specifier "%#lx" was expected to have type "unsigned long" but has type "char *".
# 1069| : attach->filename1.str;
# 1070| DEBUG_ENT("write_separate_attachment");
# 1071|-> DEBUG_INFO(("Attachment %s Size is %#"PRIx64", data = %#"PRIxPTR", id %#"PRIx64"\n", attach_filename, (uint64_t)attach->data.size, attach->data.data, attach->i_id));
# 1072|
# 1073| if (!attach->data.data) {
Error: RESOURCE_LEAK (CWE-772): [#def47] [important]
libpst-devel/src/readpst.c:1097: alloc_fn: Storage is returned from allocation function "fopen".
libpst-devel/src/readpst.c:1097: var_assign: Assigning: "fp" = storage returned from "fopen(temp, "r")".
libpst-devel/src/readpst.c:1103: overwrite_var: Overwriting "fp" in "fp = fopen(temp, "w")" leaks the storage that "fp" points to.
# 1101| }
# 1102| DEBUG_INFO(("Saving attachment to %s\n", temp));
# 1103|-> if (!(fp = fopen(temp, "w"))) {
# 1104| DEBUG_WARN(("write_separate_attachment: Cannot open attachment save file \"%s\"\n", temp));
# 1105| } else {
Error: REVERSE_INULL (CWE-476): [#def48]
libpst-devel/src/readpst.c:1109: check_after_deref: Null-checking "temp" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
libpst-devel/src/readpst.c:1087: deref_ptr_in_call: Dereferencing pointer "temp". [Note: The source code implementation of the function has been overridden by a builtin model.]
libpst-devel/src/readpst.c:1094: deref_ptr_in_call: Dereferencing pointer "temp". [Note: The source code implementation of the function has been overridden by a builtin model.]
# 1107| fclose(fp);
# 1108| }
# 1109|-> if (temp) free(temp);
# 1110| DEBUG_RET();
# 1111| }
Error: COMPILER_WARNING (CWE-758): [#def49]
libpst-devel/src/readpst.c: scope_hint: In function 'rfc2231_string'
libpst-devel/src/readpst.c:1237:22: warning[-Wpointer-sign]: pointer targets in passing argument 1 of 'snprintf' differ in signedness
# 1237 | snprintf(z, 3, "%2x", *y);
# | ^
# | |
# | uint8_t * {aka unsigned char *}
/usr/include/features.h:490: included_from: Included from here.
/usr/include/bits/libc-header-start.h:33: included_from: Included from here.
/usr/include/stdlib.h:25: included_from: Included from here.
libpst-devel/src/common.h:6: included_from: Included from here.
libpst-devel/src/libpst.h:13: included_from: Included from here.
libpst-devel/src/define.h:15: included_from: Included from here.
libpst-devel/src/readpst.c:8: included_from: Included from here.
/usr/include/bits/stdio2.h:68:1: note: expected 'char * restrict' but argument is of type 'uint8_t *' {aka 'unsigned char *'}
# 68 | __NTH (snprintf (char *__restrict __s, size_t __n,
# | ^~~~~
# 1235| if (!is_attribute_char(*x)) {
# 1236| *(z++) = (uint8_t)'%';
# 1237|-> snprintf(z, 3, "%2x", *y);
# 1238| z += 2;
# 1239| }
Error: PRINTF_ARGS (CWE-686): [#def50]
libpst-devel/src/readpst.c:1253: invalid_type: Argument "attach->data.data" to format specifier "%#lx" was expected to have type "unsigned long" but has type "char *".
# 1251| {
# 1252| DEBUG_ENT("write_inline_attachment");
# 1253|-> DEBUG_INFO(("Attachment Size is %#"PRIx64", data = %#"PRIxPTR", id %#"PRIx64"\n", (uint64_t)attach->data.size, attach->data.data, attach->i_id));
# 1254|
# 1255| if (!attach->data.data) {
Error: OVERRUN (CWE-119): [#def51]
libpst-devel/src/readpst.c:1582: strlen_assign: Setting variable "body_len" to the return value of strlen called with argument "body->str".
libpst-devel/src/readpst.c:1594: alloc_strlen: Allocating insufficient memory for the terminating null of the string.
# 1592| DEBUG_INFO(("Convert %s utf-8 to %s\n", mime, charset));
# 1593| pst_vbuf *newer = pst_vballoc(2);
# 1594|-> rc = pst_vb_utf8to8bit(newer, body->str, body_len, charset);
# 1595| if (rc == (size_t)-1) {
# 1596| // unable to convert, change the charset to utf8
Error: DC.WEAK_CRYPTO (CWE-327): [#def52]
libpst-devel/src/readpst.c:1665: dont_call: "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
libpst-devel/src/readpst.c:1665: remediation: Use a compliant random number generator, such as "/dev/random" or "/dev/urandom" on Unix-like systems, and CNG (Cryptography API: Next Generation) on Windows.
# 1663|
# 1664| // attachment appointment request
# 1665|-> snprintf(fname, sizeof(fname), "i%i.ics", rand());
# 1666| fprintf(f_output, "\n--%s\n", boundary);
# 1667| fprintf(f_output, "Content-Type: %s; charset=\"%s\"; name=\"%s\"\n", "text/calendar", "utf-8", fname);
Error: DC.WEAK_CRYPTO (CWE-327): [#def53]
libpst-devel/src/readpst.c:1729: dont_call: "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
libpst-devel/src/readpst.c:1729: remediation: Use a compliant random number generator, such as "/dev/random" or "/dev/urandom" on Unix-like systems, and CNG (Cryptography API: Next Generation) on Windows.
# 1727|
# 1728| // create our MIME boundaries here.
# 1729|-> snprintf(boundary, sizeof(boundary), "--boundary-LibPST-iamunique-%i_-_-", rand());
# 1730| snprintf(altboundary, sizeof(altboundary), "alt-%s", boundary);
# 1731|
Error: REVERSE_INULL (CWE-476): [#def54]
libpst-devel/src/readpst.c:2229: deref_ptr_in_call: Dereferencing pointer "appointment".
libpst-devel/src/readpst.c:2241: check_after_deref: Null-checking "appointment" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
# 2239| if (item->body.str)
# 2240| fprintf(f_output, "DESCRIPTION:%s\n", pst_rfc2426_escape(item->body.str, &result, &resultlen));
# 2241|-> if (appointment && appointment->start)
# 2242| fprintf(f_output, "DTSTART;VALUE=DATE-TIME:%s\n", pst_rfc2445_datetime_format(appointment->start, sizeof(time_buffer), time_buffer));
# 2243| if (appointment && appointment->end)
Error: MISSING_BREAK (CWE-484): [#def55]
libpst-devel/src/readpst.c:2252: unterminated_case: The case for value "0" is not terminated by a "break" statement.
libpst-devel/src/readpst.c:2255: fallthrough: The above case falls through to this one.
# 2250| fprintf(f_output, "STATUS:TENTATIVE\n");
# 2251| break;
# 2252|-> case PST_FREEBUSY_FREE:
# 2253| // mark as transparent and as confirmed
# 2254| fprintf(f_output, "TRANSP:TRANSPARENT\n");
Error: STRING_OVERFLOW (CWE-120): [#def56]
libpst-devel/src/readpst.c:2281: string_overflow: You might overrun the 40-character destination string "byday" by writing 49 characters from "temp".
# 2279| char temp[49];
# 2280| snprintf(temp, sizeof(temp), "%s%s%s", byday, (empty) ? ";BYDAY=" : ";", days[i]);
# 2281|-> strcpy(byday, temp);
# 2282| empty = 0;
# 2283| }
Error: NULL_RETURNS (CWE-476): [#def57]
libpst-devel/src/readpst.c:2366: returned_null: "fopen" returns "NULL".
libpst-devel/src/readpst.c:2366: var_assigned: Assigning: "type_file" = "NULL" return value from "fopen".
libpst-devel/src/readpst.c:2367: dereference: Dereferencing a pointer that might be "NULL" "type_file" when calling "fprintf". [Note: The source code implementation of the function has been overridden by a builtin model.]
# 2365| if (mode_thunder) {
# 2366| FILE *type_file = fopen(".type", "w");
# 2367|-> fprintf(type_file, "%d\n", item->type);
# 2368| fclose(type_file);
# 2369| }
Error: GCC_ANALYZER_WARNING (CWE-688): [#def58]
libpst-devel/src/readpst.c: scope_hint: In function 'create_enter_dir'
libpst-devel/src/readpst.c:2367:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'fopen(".type", "w")' where non-null expected
libpst-devel/src/readpst.c:8: included_from: Included from here.
libpst-devel/src/readpst.c:868:5: note: in expansion of macro 'DEBUG_RET'
libpst-devel/src/common.h:7: included_from: Included from here.
libpst-devel/src/libpst.h:13: included_from: Included from here.
libpst-devel/src/define.h:15: included_from: Included from here.
libpst-devel/src/readpst.c:8: included_from: Included from here.
/usr/include/stdio.h:344:12: note: argument 1 of 'fprintf' must be non-null
# 2365| if (mode_thunder) {
# 2366| FILE *type_file = fopen(".type", "w");
# 2367|-> fprintf(type_file, "%d\n", item->type);
# 2368| fclose(type_file);
# 2369| }
Error: CHECKED_RETURN (CWE-252): [#def59]
libpst-devel/src/readpst.c:2449: check_return: Calling "stat(f->name[t], &st)" without checking return value. This library function may fail and return an error code.
# 2447| if (f->name[t]) {
# 2448| struct stat st;
# 2449|-> stat(f->name[t], &st);
# 2450| if (!st.st_size) {
# 2451| DEBUG_WARN(("removing empty output file %s\n", f->name[t]));
Error: TOCTOU (CWE-367): [#def60]
libpst-devel/src/readpst.c:2449: fs_check_call: Calling function "stat" to perform check on "f->name[t]".
libpst-devel/src/readpst.c:2452: toctou: Calling function "remove" that uses "f->name[t]" after a check function. This can cause a time-of-check, time-of-use race condition.
# 2447| if (f->name[t]) {
# 2448| struct stat st;
# 2449|-> stat(f->name[t], &st);
# 2450| if (!st.st_size) {
# 2451| DEBUG_WARN(("removing empty output file %s\n", f->name[t]));
Error: CHECKED_RETURN (CWE-252): [#def61]
libpst-devel/src/readpst.c:2452: check_return: Calling "remove(f->name[t])" without checking return value. This library function may fail and return an error code.
# 2450| if (!st.st_size) {
# 2451| DEBUG_WARN(("removing empty output file %s\n", f->name[t]));
# 2452|-> remove(f->name[t]);
# 2453| }
# 2454| free(f->name[t]);
Error: GCC_ANALYZER_WARNING (CWE-688): [#def62]
libpst-devel/src/readpst.c: scope_hint: In function 'close_enter_dir'
libpst-devel/src/readpst.c:2465:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'fopen(".size", "w")' where non-null expected
libpst-devel/src/common.h:7: included_from: Included from here.
libpst-devel/src/libpst.h:13: included_from: Included from here.
libpst-devel/src/define.h:15: included_from: Included from here.
libpst-devel/src/readpst.c:8: included_from: Included from here.
/usr/include/stdio.h:344:12: note: argument 1 of 'fprintf' must be non-null
# 2463| if (mode_thunder) {
# 2464| FILE *type_file = fopen(".size", "w");
# 2465|-> fprintf(type_file, "%i %i\n", f->item_count, f->stored_count);
# 2466| fclose(type_file);
# 2467| }
Scan Properties
| analyzer-version-clang | 13.0.1 |
| analyzer-version-coverity | 2021.9.0 |
| analyzer-version-cppcheck | 2.6 |
| analyzer-version-gcc | 11.3.1 |
| analyzer-version-gcc-analyzer | 11.3.1 |
| analyzer-version-shellcheck | 0.7.1 |
| analyzer-version-unicontrol | 0.0.2 |
| cov-compilation-unit-count | 23 |
| cov-compilation-unit-ratio | 100 |
| cov-lines-processed | 356738 |
| cov-time-elapsed-analysis | 00:01:35 |
| enabled-plugins | clang, coverity, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |