Minor fixes · Soviet-Linux/libspm@da00334

Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11

src/install.c:92:9 [clang-analyzer-unix.Malloc]: src/install.c#L92

Potential leak of memory pointed to by 'env_path'

src/install.c:96:9 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]: src/install.c#L96

Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11

src/install.c:98:15 [cppcoreguidelines-init-variables]: src/install.c#L98

variable 'env_file' is not initialized

src/install.c:99:18 [clang-analyzer-unix.Malloc]: src/install.c#L99

Potential leak of memory pointed to by 'env_path'

src/install.c:118:17 [clang-analyzer-core.NonNullParamChecker]: src/install.c#L118

Null pointer passed to 2nd parameter expecting 'nonnull'

src/install.c:163:8 [clang-analyzer-core.NonNullParamChecker]: src/install.c#L163

Null pointer passed to 1st parameter expecting 'nonnull'

src/install.c:167:9 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]: src/install.c#L167

Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Minor fixes #196

Summary

Minor fixes #196

Jobs

Run details

c-lint.yml

Annotations