Merge pull request #121 from AleksArt000/main · Soviet-Linux/libspm@258c13b

Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11

src/install.c:120:9 [clang-analyzer-unix.Malloc]: src/install.c#L120

Potential leak of memory pointed to by 'env_path'

src/install.c:124:9 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]: src/install.c#L124

Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11

src/install.c:126:15 [cppcoreguidelines-init-variables]: src/install.c#L126

variable 'env_file' is not initialized

src/install.c:127:18 [clang-analyzer-unix.Malloc]: src/install.c#L127

Potential leak of memory pointed to by 'env_path'

src/install.c:148:17 [clang-analyzer-core.NonNullParamChecker]: src/install.c#L148

Null pointer passed to 2nd parameter expecting 'nonnull'

src/install.c:158:8 [clang-analyzer-core.NonNullParamChecker]: src/install.c#L158

Null pointer passed to 1st parameter expecting 'nonnull'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #121 from AleksArt000/main #230

Summary

Merge pull request #121 from AleksArt000/main #230

Jobs

Run details

c-lint.yml

Annotations