cryptsetup-2.8.0-1.fc39

List of Defects

Error: SNYK_CODE_WARNING (CWE-170): [#def1]
cryptsetup-2.8.0-git/lib/fvault2/fvault2.c:384:68: note[cpp/ImproperNullTermination]: Potential improperly null terminated input from a pointer to an input buffer flows into strlen, where it is used as a string. This may result in an information disclosure or buffer overflow vulnerability.
#  382|   	if (r < 0)
#  383|   		goto out;
#  384|-> 	r = crypt_base64_decode((char **)&pwk, &decoded_size, pwk_base64, strlen(pwk_base64));
#  385|   	if (r < 0)
#  386|   		goto out;

Error: SNYK_CODE_WARNING (CWE-170): [#def2]
cryptsetup-2.8.0-git/lib/fvault2/fvault2.c:395:70: note[cpp/ImproperNullTermination]: Potential improperly null terminated input from a pointer to an input buffer flows into strlen, where it is used as a string. This may result in an information disclosure or buffer overflow vulnerability.
#  393|   	if (r < 0)
#  394|   		goto out;
#  395|-> 	r = crypt_base64_decode((char **)&kwvk, &decoded_size, kwvk_base64, strlen(kwvk_base64));
#  396|   	if (r < 0)
#  397|   		goto out;

Error: SNYK_CODE_WARNING (CWE-416): [#def3]
cryptsetup-2.8.0-git/lib/luks2/luks2_digest_pbkdf2.c:159:71: warning[cpp/UseAfterFree]: Use after free. base64_str is used in json_object_new_string after it may already have been freed with call to free.
#  157|   		return r;
#  158|   	}
#  159|-> 	json_object_object_add(jobj_digest, "digest", json_object_new_string(base64_str));
#  160|   	free(base64_str);
#  161|   

Error: SNYK_CODE_WARNING (CWE-415): [#def4]
cryptsetup-2.8.0-git/lib/luks2/luks2_digest_pbkdf2.c:160:7: warning[cpp/DoubleFree]: Potential double call to free. base64_str may have already been freed by call to free.
#  158|   	}
#  159|   	json_object_object_add(jobj_digest, "digest", json_object_new_string(base64_str));
#  160|-> 	free(base64_str);
#  161|   
#  162|   	if (jobj_digests) {

Error: SNYK_CODE_WARNING (CWE-416): [#def5]
cryptsetup-2.8.0-git/lib/luks2/luks2_luks1_convert.c:363:37: warning[cpp/UseAfterFree]: Use after free. base64_str is used in json_object_new_string_len after it may already have been freed with call to free.
#  361|   	}
#  362|   
#  363|-> 	field = json_object_new_string_len(base64_str, base64_len);
#  364|   	free(base64_str);
#  365|   	if (!field) {

Error: SNYK_CODE_WARNING (CWE-415): [#def6]
cryptsetup-2.8.0-git/lib/luks2/luks2_luks1_convert.c:364:7: warning[cpp/DoubleFree]: Potential double call to free. base64_str may have already been freed by call to free.
#  362|   
#  363|   	field = json_object_new_string_len(base64_str, base64_len);
#  364|-> 	free(base64_str);
#  365|   	if (!field) {
#  366|   		json_object_put(digest_obj);

Error: SNYK_CODE_WARNING (CWE-415): [#def7]
cryptsetup-2.8.0-git/lib/luks2/luks2_luks1_convert.c:872:9: warning[cpp/DoubleFree]: Potential double call to free. buf may have already been freed by call to free.
#  870|   			continue;
#  871|   		if (len > 0 && len != LUKS_SALTSIZE) {
#  872|-> 			free(buf);
#  873|   			continue;
#  874|   		}

Error: SNYK_CODE_WARNING (CWE-416): [#def8]
cryptsetup-2.8.0-git/lib/luks2/luks2_luks1_convert.c:875:42: warning[cpp/UseAfterFree]: Use after free. buf is used in memcpy after it may already have been freed with call to free.
#  873|   			continue;
#  874|   		}
#  875|-> 		memcpy(hdr1->keyblock[i].passwordSalt, buf, LUKS_SALTSIZE);
#  876|   		free(buf);
#  877|   	}

Error: SNYK_CODE_WARNING (CWE-415): [#def9]
cryptsetup-2.8.0-git/lib/luks2/luks2_luks1_convert.c:876:8: warning[cpp/DoubleFree]: Potential double call to free. buf may have already been freed by call to free.
#  874|   		}
#  875|   		memcpy(hdr1->keyblock[i].passwordSalt, buf, LUKS_SALTSIZE);
#  876|-> 		free(buf);
#  877|   	}
#  878|   

Error: SNYK_CODE_WARNING (CWE-190): [#def10]
cryptsetup-2.8.0-git/lib/utils.c:282:16: warning[cpp/IntegerOverflow]: Unsanitized input from a file flows into a subtraction operator (-), where it is used in integer arithmetic. This may result in an integer overflow vulnerability.
#  280|   			/* char_to_read = min(key_size - i, buflen - i) */
#  281|   			char_to_read = key_size < buflen ?
#  282|-> 				key_size - i : buflen - i;
#  283|   		}
#  284|   		char_read = read_buffer(fd, &pass[i], char_to_read);

Error: SNYK_CODE_WARNING (CWE-190): [#def11]
cryptsetup-2.8.0-git/lib/utils.c:282:29: warning[cpp/IntegerOverflow]: Unsanitized input from a file flows into a subtraction operator (-), where it is used in integer arithmetic. This may result in an integer overflow vulnerability.
#  280|   			/* char_to_read = min(key_size - i, buflen - i) */
#  281|   			char_to_read = key_size < buflen ?
#  282|-> 				key_size - i : buflen - i;
#  283|   		}
#  284|   		char_read = read_buffer(fd, &pass[i], char_to_read);

Error: SNYK_CODE_WARNING (CWE-122): [#def12]
cryptsetup-2.8.0-git/lib/utils_crypt.c:29:6: warning[cpp/UnsafeFunctionStringHandling]: Using sscanf can lead to buffer overflow vulnerabilities, if arbitrary user input is able to flow into this function without the length of the input being checked. Use the safer alternative sscanf_s instead.
#   27|   		return -EINVAL;
#   28|   
#   29|-> 	if (sscanf(s, "%" MAX_CIPHER_LEN_STR "[^-]-%" MAX_CIPHER_LEN_STR "s",
#   30|   		   cipher, cipher_mode) == 2) {
#   31|   		if (!strncmp(cipher, "capi:", 5)) {

Error: SNYK_CODE_WARNING (CWE-122): [#def13]
cryptsetup-2.8.0-git/lib/utils_crypt.c:60:6: warning[cpp/UnsafeFunctionStringHandling]: Using sscanf can lead to buffer overflow vulnerabilities, if arbitrary user input is able to flow into this function without the length of the input being checked. Use the safer alternative sscanf_s instead.
#   58|   	}
#   59|   
#   60|-> 	if (sscanf(s, "%" MAX_CIPHER_LEN_STR "[^-]", cipher) == 1) {
#   61|   		if (strncmp(cipher, "capi:", 5))
#   62|   			strcpy(cipher_mode, "cbc-plain");

Error: SNYK_CODE_WARNING (CWE-122): [#def14]
cryptsetup-2.8.0-git/lib/utils_io.c:169:3: warning[cpp/BufferOverflow]: Unsanitized input from a file flows into memcpy, where it is used to manipulate application memory. This may result in a buffer overflow vulnerability.
#  167|   			goto out;
#  168|   
#  169|-> 		memcpy((char *)buf + solid, hangover_buf, hangover);
#  170|   	}
#  171|   	ret = length;

Error: SNYK_CODE_WARNING (CWE-122): [#def15]
cryptsetup-2.8.0-git/lib/utils_io.c:176:4: warning[cpp/BufferOverflow]: Unsanitized input from a file flows into memcpy, where it is used to manipulate application memory. This may result in a buffer overflow vulnerability.
#  174|   	if (buf != orig_buf) {
#  175|   		if (ret != -1)
#  176|-> 			memcpy(orig_buf, buf, length);
#  177|   		free(buf);
#  178|   	}

Error: SNYK_CODE_WARNING (CWE-122): [#def16]
cryptsetup-2.8.0-git/lib/utils_io.c:275:3: warning[cpp/BufferOverflow]: Unsanitized input from a file flows into memcpy, where it is used to manipulate application memory. This may result in a buffer overflow vulnerability.
#  273|   			goto out;
#  274|   
#  275|-> 		memcpy(buf, (char*)frontPadBuf + frontHang, innerCount);
#  276|   
#  277|   		buf = (char*)buf + innerCount;

Error: SNYK_CODE_WARNING (CWE-190): [#def17]
cryptsetup-2.8.0-git/lib/utils_keyring.c:93:7: warning[cpp/IntegerOverflow]: Unsanitized input from a file flows into an addition operator (+), where it is used in integer arithmetic. This may result in an integer overflow vulnerability.
#   91|   	assert(desc);
#   92|   	dlen = strlen(desc);
#   93|-> 	cp = line + strlen(line);
#   94|   
#   95|   	ndesc = 0;

Error: SNYK_CODE_WARNING (CWE-190): [#def18]
cryptsetup-2.8.0-git/lib/utils_keyring.c:98:38: warning[cpp/IntegerOverflow]: Unsanitized input from a file flows into a subtraction operator (-), where it is used in integer arithmetic. This may result in an integer overflow vulnerability.
#   96|   	n = sscanf(line, "%x %*s %*u %*s %*x %*d %*d %40s %n",
#   97|   			&id, typebuf, &ndesc);
#   98|-> 	if (n == 2 && ndesc > 0 && ndesc <= cp - line) {
#   99|   		if (strcmp(typebuf, type) != 0)
#  100|   			return 0;

Error: SNYK_CODE_WARNING (CWE-190): [#def19]
cryptsetup-2.8.0-git/lib/utils_keyring.c:160:22: warning[cpp/IntegerOverflow]: Unsanitized input from a file flows into an addition operator (+), where it is used in integer arithmetic. This may result in an integer overflow vulnerability.
#  158|   		return 0;
#  159|   
#  160|-> 	while ((n = read(f, buf + buffer_len, sizeof(buf) - buffer_len - 1)) > 0) {
#  161|   		/* coverity[overflow:FALSE] */
#  162|   		buffer_len += (size_t)n;

Error: SNYK_CODE_WARNING (CWE-190): [#def20]
cryptsetup-2.8.0-git/lib/utils_keyring.c:160:28: warning[cpp/IntegerOverflow]: Unsanitized input from a file flows into an addition operator (+), where it is used in integer arithmetic. This may result in an integer overflow vulnerability.
#  158|   		return 0;
#  159|   
#  160|-> 	while ((n = read(f, buf + buffer_len, sizeof(buf) - buffer_len - 1)) > 0) {
#  161|   		/* coverity[overflow:FALSE] */
#  162|   		buffer_len += (size_t)n;

Error: SNYK_CODE_WARNING (CWE-190): [#def21]
cryptsetup-2.8.0-git/lib/utils_keyring.c:160:54: warning[cpp/IntegerOverflow]: Unsanitized input from a file flows into a subtraction operator (-), where it is used in integer arithmetic. This may result in an integer overflow vulnerability.
#  158|   		return 0;
#  159|   
#  160|-> 	while ((n = read(f, buf + buffer_len, sizeof(buf) - buffer_len - 1)) > 0) {
#  161|   		/* coverity[overflow:FALSE] */
#  162|   		buffer_len += (size_t)n;

Error: SNYK_CODE_WARNING (CWE-23): [#def22]
cryptsetup-2.8.0-git/lib/utils_loop.c:282:7: warning[cpp/PT]: Unsanitized input from a file flows into open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.
#  280|   		return NULL;
#  281|   
#  282|-> 	fd = open(buf, O_RDONLY);
#  283|   	if (fd < 0)
#  284|   		return NULL;

Error: SNYK_CODE_WARNING (CWE-23): [#def23]
cryptsetup-2.8.0-git/misc/dict_search/crypt_dict.c:37:6: warning[cpp/PT]: Unsanitized input from a command line argument flows into fopen, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitary files.
#   35|   
#   36|   	/* open password file, now in separate process */
#   37|-> 	f = fopen(pwd_file, "r");
#   38|   	if (!f) {
#   39|   		printf("Cannot open %s.\n", pwd_file);

Error: SNYK_CODE_WARNING (CWE-23): [#def24]
cryptsetup-2.8.0-git/misc/dict_search/crypt_dict.c:133:3: warning[cpp/PT]: Unsanitized input from a command line argument flows into fopen, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitary files.
#  131|   	/* run scan in separate processes, it is up to scheduler to assign CPUs inteligently */
#  132|   	for (i = 0; i < procs; i++)
#  133|-> 		check(cd, argv[3], i, procs);
#  134|   
#  135|   	/* wait until at least one finishes with error or status 2 (key found) */

Error: SNYK_CODE_WARNING (CWE-190): [#def25]
cryptsetup-2.8.0-git/misc/keyslot_checker/chk_luks_keyslots.c:150:37: warning[cpp/IntegerOverflow]: Unsanitized input from a file flows into an addition operator (+), where it is used in integer arithmetic. This may result in an integer overflow vulnerability.
#  148|   	done = 0;
#  149|   	while (len - done >= 16) {
#  150|-> 		hexdump_line(out, address + done, buf + done);
#  151|   		done += 16;
#  152|   	}

Error: SNYK_CODE_WARNING (CWE-190): [#def26]
cryptsetup-2.8.0-git/misc/keyslot_checker/chk_luks_keyslots.c:212:6: warning[cpp/IntegerOverflow]: Unsanitized input from a file flows into an addition operator (+), where it is used in integer arithmetic. This may result in an integer overflow vulnerability.
#  210|   				if (verbose) {
#  211|   					fprintf(out, "  Binary dump:\n");
#  212|-> 					hexdump_sector(out, buffer, (uint64_t)ofs, sector_size);
#  213|   					fprintf(out,"\n");
#  214|   				}

Error: SNYK_CODE_WARNING (CWE-23): [#def27]
cryptsetup-2.8.0-git/misc/keyslot_checker/chk_luks_keyslots.c:314:11: warning[cpp/PT]: Unsanitized input from a command line argument flows into open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.
#  312|   	* in the keyslots directly from the LUKS container.
#  313|   	*/
#  314|-> 	f_luks = open(device, O_RDONLY);
#  315|   	if (f_luks == -1) {
#  316|   		fprintf(stderr,"\nError: Opening of device %s failed:\n", device);

Error: SNYK_CODE_WARNING (CWE-170): [#def28]
cryptsetup-2.8.0-git/src/utils_password.c:251:14: note[cpp/ImproperNullTermination]: Potential improperly null terminated input from a pointer to an input buffer flows into strlen, where it is used as a string. This may result in an information disclosure or buffer overflow vulnerability.
#  249|   	*key = pass;
#  250|   	/* coverity[string_null] (crypt_safe_alloc wipes string with additional \0) */
#  251|-> 	*key_size = strlen(pass);
#  252|   	r = 0;
#  253|   out:

Error: SNYK_CODE_WARNING (CWE-78): [#def29]
cryptsetup-2.8.0-git/tests/all-symbols-test.c:152:6: note[cpp/CommandInjection/test]: Unsanitized input from a command line argument flows into dlopen, where it is used as a shell command. This may result in a Command Injection vulnerability.
#  150|   	log_std("Checking dlopen(%s)...", libfile);
#  151|   
#  152|-> 	h = dlopen(libfile, RTLD_NOW);
#  153|   	if (!h) {
#  154|   		log_err("dlopen(): %s.", dlerror());

Error: SNYK_CODE_WARNING (CWE-416): [#def30]
cryptsetup-2.8.0-git/tests/api-test-2.c:549:18: note[cpp/UseAfterFree/test]: Use after free. DEVICE_1 is used in global::loop_device after it may already have been freed with call to free.
#  547|   		loop_detach(THE_LOOP_DEV);
#  548|   
#  549|-> 	if (loop_device(DEVICE_1))
#  550|   		loop_detach(DEVICE_1);
#  551|   

Error: SNYK_CODE_WARNING (CWE-416): [#def31]
cryptsetup-2.8.0-git/tests/api-test-2.c:550:15: note[cpp/UseAfterFree/test]: Use after free. DEVICE_1 is used in global::loop_detach after it may already have been freed with call to free.
#  548|   
#  549|   	if (loop_device(DEVICE_1))
#  550|-> 		loop_detach(DEVICE_1);
#  551|   
#  552|   	if (loop_device(DEVICE_2))

Error: SNYK_CODE_WARNING (CWE-416): [#def32]
cryptsetup-2.8.0-git/tests/api-test-2.c:552:18: note[cpp/UseAfterFree/test]: Use after free. DEVICE_2 is used in global::loop_device after it may already have been freed with call to free.
#  550|   		loop_detach(DEVICE_1);
#  551|   
#  552|-> 	if (loop_device(DEVICE_2))
#  553|   		loop_detach(DEVICE_2);
#  554|   

Error: SNYK_CODE_WARNING (CWE-416): [#def33]
cryptsetup-2.8.0-git/tests/api-test-2.c:553:15: note[cpp/UseAfterFree/test]: Use after free. DEVICE_2 is used in global::loop_detach after it may already have been freed with call to free.
#  551|   
#  552|   	if (loop_device(DEVICE_2))
#  553|-> 		loop_detach(DEVICE_2);
#  554|   
#  555|   	if (loop_device(DEVICE_3))

Error: SNYK_CODE_WARNING (CWE-416): [#def34]
cryptsetup-2.8.0-git/tests/api-test-2.c:555:18: note[cpp/UseAfterFree/test]: Use after free. DEVICE_3 is used in global::loop_device after it may already have been freed with call to free.
#  553|   		loop_detach(DEVICE_2);
#  554|   
#  555|-> 	if (loop_device(DEVICE_3))
#  556|   		loop_detach(DEVICE_3);
#  557|   

Error: SNYK_CODE_WARNING (CWE-416): [#def35]
cryptsetup-2.8.0-git/tests/api-test-2.c:556:15: note[cpp/UseAfterFree/test]: Use after free. DEVICE_3 is used in global::loop_detach after it may already have been freed with call to free.
#  554|   
#  555|   	if (loop_device(DEVICE_3))
#  556|-> 		loop_detach(DEVICE_3);
#  557|   
#  558|   	if (loop_device(DEVICE_4))

Error: SNYK_CODE_WARNING (CWE-416): [#def36]
cryptsetup-2.8.0-git/tests/api-test-2.c:558:18: note[cpp/UseAfterFree/test]: Use after free. DEVICE_4 is used in global::loop_device after it may already have been freed with call to free.
#  556|   		loop_detach(DEVICE_3);
#  557|   
#  558|-> 	if (loop_device(DEVICE_4))
#  559|   		loop_detach(DEVICE_4);
#  560|   

Error: SNYK_CODE_WARNING (CWE-416): [#def37]
cryptsetup-2.8.0-git/tests/api-test-2.c:559:15: note[cpp/UseAfterFree/test]: Use after free. DEVICE_4 is used in global::loop_detach after it may already have been freed with call to free.
#  557|   
#  558|   	if (loop_device(DEVICE_4))
#  559|-> 		loop_detach(DEVICE_4);
#  560|   
#  561|   	if (loop_device(DEVICE_5))

Error: SNYK_CODE_WARNING (CWE-416): [#def38]
cryptsetup-2.8.0-git/tests/api-test-2.c:561:18: note[cpp/UseAfterFree/test]: Use after free. DEVICE_5 is used in global::loop_device after it may already have been freed with call to free.
#  559|   		loop_detach(DEVICE_4);
#  560|   
#  561|-> 	if (loop_device(DEVICE_5))
#  562|   		loop_detach(DEVICE_5);
#  563|   

Error: SNYK_CODE_WARNING (CWE-416): [#def39]
cryptsetup-2.8.0-git/tests/api-test-2.c:562:15: note[cpp/UseAfterFree/test]: Use after free. DEVICE_5 is used in global::loop_detach after it may already have been freed with call to free.
#  560|   
#  561|   	if (loop_device(DEVICE_5))
#  562|-> 		loop_detach(DEVICE_5);
#  563|   
#  564|   	if (loop_device(DEVICE_6))

Error: SNYK_CODE_WARNING (CWE-416): [#def40]
cryptsetup-2.8.0-git/tests/api-test-2.c:564:18: note[cpp/UseAfterFree/test]: Use after free. DEVICE_6 is used in global::loop_device after it may already have been freed with call to free.
#  562|   		loop_detach(DEVICE_5);
#  563|   
#  564|-> 	if (loop_device(DEVICE_6))
#  565|   		loop_detach(DEVICE_6);
#  566|   

Error: SNYK_CODE_WARNING (CWE-416): [#def41]
cryptsetup-2.8.0-git/tests/api-test-2.c:565:15: note[cpp/UseAfterFree/test]: Use after free. DEVICE_6 is used in global::loop_detach after it may already have been freed with call to free.
#  563|   
#  564|   	if (loop_device(DEVICE_6))
#  565|-> 		loop_detach(DEVICE_6);
#  566|   
#  567|   	_system("rm -f " IMAGE_EMPTY, 0);

Error: SNYK_CODE_WARNING (CWE-416): [#def42]
cryptsetup-2.8.0-git/tests/api-test-2.c:575:10: note[cpp/UseAfterFree/test]: Use after free. tmp_file_1 is used in remove after it may already have been freed with call to free.
#  573|   		remove(test_loop_file);
#  574|   	if (tmp_file_1)
#  575|-> 		remove(tmp_file_1);
#  576|   
#  577|   	remove(REQS_LUKS2_HEADER);

Error: SNYK_CODE_WARNING (CWE-415): [#def43]
cryptsetup-2.8.0-git/tests/api-test-2.c:587:7: note[cpp/DoubleFree/test]: Potential double call to free. tmp_file_1 may have already been freed by call to free.
#  585|   	_remove_keyfiles();
#  586|   
#  587|-> 	free(tmp_file_1);
#  588|   	free(test_loop_file);
#  589|   	free(THE_LOOP_DEV);

Error: SNYK_CODE_WARNING (CWE-415): [#def44]
cryptsetup-2.8.0-git/tests/api-test-2.c:590:7: note[cpp/DoubleFree/test]: Potential double call to free. DEVICE_1 may have already been freed by call to free.
#  588|   	free(test_loop_file);
#  589|   	free(THE_LOOP_DEV);
#  590|-> 	free(DEVICE_1);
#  591|   	free(DEVICE_2);
#  592|   	free(DEVICE_3);

Error: SNYK_CODE_WARNING (CWE-415): [#def45]
cryptsetup-2.8.0-git/tests/api-test-2.c:591:7: note[cpp/DoubleFree/test]: Potential double call to free. DEVICE_2 may have already been freed by call to free.
#  589|   	free(THE_LOOP_DEV);
#  590|   	free(DEVICE_1);
#  591|-> 	free(DEVICE_2);
#  592|   	free(DEVICE_3);
#  593|   	free(DEVICE_4);

Error: SNYK_CODE_WARNING (CWE-415): [#def46]
cryptsetup-2.8.0-git/tests/api-test-2.c:592:7: note[cpp/DoubleFree/test]: Potential double call to free. DEVICE_3 may have already been freed by call to free.
#  590|   	free(DEVICE_1);
#  591|   	free(DEVICE_2);
#  592|-> 	free(DEVICE_3);
#  593|   	free(DEVICE_4);
#  594|   	free(DEVICE_5);

Error: SNYK_CODE_WARNING (CWE-415): [#def47]
cryptsetup-2.8.0-git/tests/api-test-2.c:593:7: note[cpp/DoubleFree/test]: Potential double call to free. DEVICE_4 may have already been freed by call to free.
#  591|   	free(DEVICE_2);
#  592|   	free(DEVICE_3);
#  593|-> 	free(DEVICE_4);
#  594|   	free(DEVICE_5);
#  595|   	free(DEVICE_6);

Error: SNYK_CODE_WARNING (CWE-415): [#def48]
cryptsetup-2.8.0-git/tests/api-test-2.c:594:7: note[cpp/DoubleFree/test]: Potential double call to free. DEVICE_5 may have already been freed by call to free.
#  592|   	free(DEVICE_3);
#  593|   	free(DEVICE_4);
#  594|-> 	free(DEVICE_5);
#  595|   	free(DEVICE_6);
#  596|   

Error: SNYK_CODE_WARNING (CWE-415): [#def49]
cryptsetup-2.8.0-git/tests/api-test-2.c:595:7: note[cpp/DoubleFree/test]: Potential double call to free. DEVICE_6 may have already been freed by call to free.
#  593|   	free(DEVICE_4);
#  594|   	free(DEVICE_5);
#  595|-> 	free(DEVICE_6);
#  596|   
#  597|   #ifdef KERNEL_KEYRING

Error: SNYK_CODE_WARNING (CWE-416): [#def50]
cryptsetup-2.8.0-git/tests/api-test.c:186:18: note[cpp/UseAfterFree/test]: Use after free. DEVICE_1 is used in global::loop_device after it may already have been freed with call to free.
#  184|   		loop_detach(THE_LOOP_DEV);
#  185|   
#  186|-> 	if (loop_device(DEVICE_1))
#  187|   		loop_detach(DEVICE_1);
#  188|   

Error: SNYK_CODE_WARNING (CWE-416): [#def51]
cryptsetup-2.8.0-git/tests/api-test.c:187:15: note[cpp/UseAfterFree/test]: Use after free. DEVICE_1 is used in global::loop_detach after it may already have been freed with call to free.
#  185|   
#  186|   	if (loop_device(DEVICE_1))
#  187|-> 		loop_detach(DEVICE_1);
#  188|   
#  189|   	if (loop_device(DEVICE_2))

Error: SNYK_CODE_WARNING (CWE-416): [#def52]
cryptsetup-2.8.0-git/tests/api-test.c:189:18: note[cpp/UseAfterFree/test]: Use after free. DEVICE_2 is used in global::loop_device after it may already have been freed with call to free.
#  187|   		loop_detach(DEVICE_1);
#  188|   
#  189|-> 	if (loop_device(DEVICE_2))
#  190|   		loop_detach(DEVICE_2);
#  191|   

Error: SNYK_CODE_WARNING (CWE-416): [#def53]
cryptsetup-2.8.0-git/tests/api-test.c:190:15: note[cpp/UseAfterFree/test]: Use after free. DEVICE_2 is used in global::loop_detach after it may already have been freed with call to free.
#  188|   
#  189|   	if (loop_device(DEVICE_2))
#  190|-> 		loop_detach(DEVICE_2);
#  191|   
#  192|   	if (loop_device(DEVICE_3))

Error: SNYK_CODE_WARNING (CWE-416): [#def54]
cryptsetup-2.8.0-git/tests/api-test.c:192:18: note[cpp/UseAfterFree/test]: Use after free. DEVICE_3 is used in global::loop_device after it may already have been freed with call to free.
#  190|   		loop_detach(DEVICE_2);
#  191|   
#  192|-> 	if (loop_device(DEVICE_3))
#  193|   		loop_detach(DEVICE_3);
#  194|   

Error: SNYK_CODE_WARNING (CWE-416): [#def55]
cryptsetup-2.8.0-git/tests/api-test.c:193:15: note[cpp/UseAfterFree/test]: Use after free. DEVICE_3 is used in global::loop_detach after it may already have been freed with call to free.
#  191|   
#  192|   	if (loop_device(DEVICE_3))
#  193|-> 		loop_detach(DEVICE_3);
#  194|   
#  195|   	_system("rm -f " IMAGE_EMPTY, 0);

Error: SNYK_CODE_WARNING (CWE-416): [#def56]
cryptsetup-2.8.0-git/tests/api-test.c:199:10: note[cpp/UseAfterFree/test]: Use after free. test_loop_file is used in remove after it may already have been freed with call to free.
#  197|   
#  198|   	if (test_loop_file)
#  199|-> 		remove(test_loop_file);
#  200|   	if (tmp_file_1)
#  201|   		remove(tmp_file_1);

Error: SNYK_CODE_WARNING (CWE-416): [#def57]
cryptsetup-2.8.0-git/tests/api-test.c:201:10: note[cpp/UseAfterFree/test]: Use after free. tmp_file_1 is used in remove after it may already have been freed with call to free.
#  199|   		remove(test_loop_file);
#  200|   	if (tmp_file_1)
#  201|-> 		remove(tmp_file_1);
#  202|   
#  203|   	remove(EVL_HEADER_1);

Error: SNYK_CODE_WARNING (CWE-415): [#def58]
cryptsetup-2.8.0-git/tests/api-test.c:213:7: note[cpp/DoubleFree/test]: Potential double call to free. tmp_file_1 may have already been freed by call to free.
#  211|   	_remove_keyfiles();
#  212|   
#  213|-> 	free(tmp_file_1);
#  214|   	free(test_loop_file);
#  215|   	free(THE_LOOP_DEV);

Error: SNYK_CODE_WARNING (CWE-415): [#def59]
cryptsetup-2.8.0-git/tests/api-test.c:214:7: note[cpp/DoubleFree/test]: Potential double call to free. test_loop_file may have already been freed by call to free.
#  212|   
#  213|   	free(tmp_file_1);
#  214|-> 	free(test_loop_file);
#  215|   	free(THE_LOOP_DEV);
#  216|   	free(DEVICE_1);

Error: SNYK_CODE_WARNING (CWE-415): [#def60]
cryptsetup-2.8.0-git/tests/api-test.c:216:7: note[cpp/DoubleFree/test]: Potential double call to free. DEVICE_1 may have already been freed by call to free.
#  214|   	free(test_loop_file);
#  215|   	free(THE_LOOP_DEV);
#  216|-> 	free(DEVICE_1);
#  217|   	free(DEVICE_2);
#  218|   	free(DEVICE_3);

Error: SNYK_CODE_WARNING (CWE-415): [#def61]
cryptsetup-2.8.0-git/tests/api-test.c:217:7: note[cpp/DoubleFree/test]: Potential double call to free. DEVICE_2 may have already been freed by call to free.
#  215|   	free(THE_LOOP_DEV);
#  216|   	free(DEVICE_1);
#  217|-> 	free(DEVICE_2);
#  218|   	free(DEVICE_3);
#  219|   }

Error: SNYK_CODE_WARNING (CWE-415): [#def62]
cryptsetup-2.8.0-git/tests/api-test.c:218:7: note[cpp/DoubleFree/test]: Potential double call to free. DEVICE_3 may have already been freed by call to free.
#  216|   	free(DEVICE_1);
#  217|   	free(DEVICE_2);
#  218|-> 	free(DEVICE_3);
#  219|   }
#  220|   

Error: SNYK_CODE_WARNING (CWE-23): [#def63]
cryptsetup-2.8.0-git/tests/differ.c:96:10: note[cpp/PT/test]: Unsanitized input from a command line argument flows into open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.
#   94|   	struct stat st;
#   95|   
#   96|-> 	f->fd = open(f->name, O_RDONLY);
#   97|   	if (f->fd == -1 || fstat(f->fd, &st) == -1)
#   98|   		return 0;

Error: SNYK_CODE_WARNING (CWE-170): [#def64]
cryptsetup-2.8.0-git/tests/differ.c:141:7: note[cpp/ImproperNullTermination/test]: Potential improperly null terminated input from a pointer to an input buffer flows into fopen, where it is used as a string. This may result in an information disclosure or buffer overflow vulnerability.
#  139|   
#  140|   	for (i = 3; i < argc; i++)
#  141|-> 		if (check(argv[i], file_old.addr, file_new.addr) == FAIL) {
#  142|   			printf ("FAILED for %s\n", argv[i]);
#  143|   			r = 1;

Error: SNYK_CODE_WARNING (CWE-23): [#def65]
cryptsetup-2.8.0-git/tests/differ.c:141:7: note[cpp/PT/test]: Unsanitized input from a command line argument flows into fopen, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitary files.
#  139|   
#  140|   	for (i = 3; i < argc; i++)
#  141|-> 		if (check(argv[i], file_old.addr, file_new.addr) == FAIL) {
#  142|   			printf ("FAILED for %s\n", argv[i]);
#  143|   			r = 1;

Error: SNYK_CODE_WARNING (CWE-23): [#def66]
cryptsetup-2.8.0-git/tests/fuzz/plain_json_proto_to_luks2.cc:34:8: note[cpp/PT/test]: Unsanitized input from a command line argument flows into open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.
#   32|     }
#   33|   
#   34|->   fd = open(argv[1], O_RDONLY);
#   35|     if (fd < 0) {
#   36|       std::cerr << "Failed to open " << argv[1] << std::endl;

Error: SNYK_CODE_WARNING (CWE-23): [#def67]
cryptsetup-2.8.0-git/tests/fuzz/plain_json_proto_to_luks2.cc:52:8: note[cpp/PT/test]: Unsanitized input from a command line argument flows into open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.
#   50|     out_img_name += ".img";
#   51|   
#   52|->   fd = open(out_img_name.c_str(), O_RDWR|O_CREAT|O_EXCL|O_CLOEXEC|O_TRUNC, 0644);
#   53|     if (fd < 0) {
#   54|       std::cerr << "Failed to open output file " << out_img_name << std::endl;

Error: SNYK_CODE_WARNING (CWE-23): [#def68]
cryptsetup-2.8.0-git/tests/fuzz/proto_to_luks2.cc:34:8: note[cpp/PT/test]: Unsanitized input from a command line argument flows into open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.
#   32|     }
#   33|   
#   34|->   fd = open(argv[1], O_RDONLY);
#   35|     if (fd < 0) {
#   36|       std::cerr << "Failed to open " << argv[1] << std::endl;

Error: SNYK_CODE_WARNING (CWE-23): [#def69]
cryptsetup-2.8.0-git/tests/fuzz/proto_to_luks2.cc:52:8: note[cpp/PT/test]: Unsanitized input from a command line argument flows into open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.
#   50|     out_img_name += ".img";
#   51|   
#   52|->   fd = open(out_img_name.c_str(), O_RDWR|O_CREAT|O_EXCL|O_CLOEXEC|O_TRUNC, 0644);
#   53|     if (fd < 0) {
#   54|       std::cerr << "Failed to open output file " << out_img_name << std::endl;

Error: SNYK_CODE_WARNING (CWE-23): [#def70]
cryptsetup-2.8.0-git/tests/unit-utils-io.c:48:7: note[cpp/PT/test]: Unsanitized input from a command line argument flows into open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.
#   46|   	}
#   47|   
#   48|-> 	fd = open(test_file, O_RDONLY | O_DIRECT);
#   49|   	if (fd < 0) {
#   50|   		fprintf(stderr, "Failed to open %s.\n", test_file);

Error: SNYK_CODE_WARNING (CWE-23): [#def71]
cryptsetup-2.8.0-git/tests/unit-utils-io.c:79:7: note[cpp/PT/test]: Unsanitized input from a command line argument flows into open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.
#   77|   	}
#   78|   
#   79|-> 	fd = open(test_file, O_WRONLY | O_DIRECT);
#   80|   	if (fd < 0) {
#   81|   		fprintf(stderr, "Failed to open %s.\n", test_file);

Error: SNYK_CODE_WARNING (CWE-23): [#def72]
cryptsetup-2.8.0-git/tests/unit-utils-io.c:111:7: note[cpp/PT/test]: Unsanitized input from a command line argument flows into open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.
#  109|   	}
#  110|   
#  111|-> 	fd = open(test_file, O_RDONLY | O_DIRECT);
#  112|   	if (fd < 0) {
#  113|   		fprintf(stderr, "Failed to open %s.\n", test_file);

Error: SNYK_CODE_WARNING (CWE-23): [#def73]
cryptsetup-2.8.0-git/tests/unit-utils-io.c:143:7: note[cpp/PT/test]: Unsanitized input from a command line argument flows into open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.
#  141|   	}
#  142|   
#  143|-> 	fd = open(test_file, O_RDWR | O_DIRECT);
#  144|   	if (fd < 0) {
#  145|   		fprintf(stderr, "Failed to open %s.\n", test_file);

Error: SNYK_CODE_WARNING (CWE-23): [#def74]
cryptsetup-2.8.0-git/tests/unit-utils-io.c:174:7: note[cpp/PT/test]: Unsanitized input from a command line argument flows into open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.
#  172|   	}
#  173|   
#  174|-> 	fd = open(test_file, O_RDONLY | O_DIRECT);
#  175|   	if (fd < 0) {
#  176|   		fprintf(stderr, "Failed to open %s.\n", test_file);

Error: SNYK_CODE_WARNING (CWE-23): [#def75]
cryptsetup-2.8.0-git/tests/unit-utils-io.c:205:7: note[cpp/PT/test]: Unsanitized input from a command line argument flows into open, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.
#  203|   	}
#  204|   
#  205|-> 	fd = open(test_file, O_RDWR | O_DIRECT);
#  206|   	if (fd < 0) {
#  207|   		fprintf(stderr, "Failed to open %s.\n", test_file);
Scan Properties

analyzer-version-clang	18.1.2
analyzer-version-clippy	1.79.0
analyzer-version-coverity	2024.3.0
analyzer-version-cppcheck	2.14.1
analyzer-version-gcc	14.1.1
analyzer-version-gcc-analyzer	14.1.1
analyzer-version-shellcheck	0.9.0
analyzer-version-snyk-code	1.1233.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clang, clippy, coverity, cppcheck, gcc, shellcheck, snyk, unicontrol
exit-code	1
host	osh-worker-005.osh-001.prod.iad2.dc.redhat.com
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-2.2.0.20240703.103728.gbf0dd0b-1.el9.noarch
mock-config	rhel-10-beta-x86_64
project-name	cryptsetup-2.8.0-1.fc39
snyk-scanned-files-coverage	85
snyk-scanned-files-success	139
snyk-scanned-files-total	162
store-results-to	/tmp/tmp7gr4uo4o/cryptsetup-2.8.0-1.fc39.tar.xz
time-created	2024-07-12 11:38:19
time-finished	2024-07-12 11:41:26
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'rhel-10-beta-x86_64' '-t' 'coverity,clang,shellcheck,gcc,clippy,unicontrol,snyk,cppcheck' '-o' '/tmp/tmp7gr4uo4o/cryptsetup-2.8.0-1.fc39.tar.xz' '--keep-going' '--use-host-cppcheck' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '/tmp/tmp7gr4uo4o/cryptsetup-2.8.0-1.fc39.src.rpm'
tool-version	csmock-3.6.0.20240621.181148.g9f7c028.internal-1.el9