diff --git a/src/lib/writer-html.cc b/src/lib/writer-html.cc
index bf9a2dc2..9e7bb716 100644
--- a/src/lib/writer-html.cc
+++ b/src/lib/writer-html.cc
@@ -476,7 +476,7 @@ void HtmlWriter::handleDef(const Defect &def)
d->writeLinkToDetails(def);
// link to self
- d->str << " defCnt << "'>[#def"
<< d->defCnt << "]";
diff --git a/tests/cshtml/0001-smoke/scan-results.html b/tests/cshtml/0001-smoke/scan-results.html
index e53a5b57..2fd03b0e 100644
--- a/tests/cshtml/0001-smoke/scan-results.html
+++ b/tests/cshtml/0001-smoke/scan-results.html
@@ -6,7 +6,7 @@ curl-7.60.0-1.el8+7
[Show plain-text results]
List of Defects
-Error: SHELLCHECK_WARNING: [#def1]
+Error: SHELLCHECK_WARNING: [#def1]
/usr/bin/curl-config:25:1: warning[SC2034]: exec_prefix appears unused. Verify it or export it.
# 23|
# 24| prefix=/usr
@@ -14,7 +14,7 @@ List of Defects
# 26| includedir=/usr/include
# 27| cppflag_curl_staticlib=
-Error: SHELLCHECK_WARNING: [#def2]
+Error: SHELLCHECK_WARNING: [#def2]
/usr/bin/curl-config:26:1: warning[SC2034]: includedir appears unused. Verify it or export it.
# 24| prefix=/usr
# 25| exec_prefix=/usr
@@ -22,7 +22,7 @@ List of Defects
# 27| cppflag_curl_staticlib=
# 28|
-Error: SHELLCHECK_WARNING: [#def3]
+Error: SHELLCHECK_WARNING: [#def3]
/usr/bin/curl-config:66:8: warning[SC2034]: value appears unused. Verify it or export it.
# 64| # [not currently used]
# 65| -*=*) value=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
@@ -30,7 +30,7 @@ List of Defects
# 67| esac
# 68|
-Error: SHELLCHECK_WARNING: [#def4]
+Error: SHELLCHECK_WARNING: [#def4]
/usr/bin/curl-config:146:14: warning[SC2039]: In POSIX sh, echo flags are undefined.
# 144|
# 145| --libs)
@@ -38,7 +38,7 @@ List of Defects
# 147| ;;
# 148| --ssl-backends)
-Error: DEADCODE (CWE-561): [#def5]
+Error: DEADCODE (CWE-561): [#def5]
curl-7.60.0/lib/base64.c:183: assignment: Assigning: "convbuf" = "NULL".
curl-7.60.0/lib/base64.c:213: null: At condition "convbuf", the value of "convbuf" must be "NULL".
curl-7.60.0/lib/base64.c:213: dead_error_condition: The condition "convbuf" cannot be true.
@@ -50,7 +50,7 @@ List of Defects
# 215|
# 216| while(insize > 0) {
-Error: OVERRUN (CWE-119): [#def6]
+Error: OVERRUN (CWE-119): [#def6]
curl-7.60.0/lib/connect.c:1353: cond_true: Condition "!addr", taking true branch.
curl-7.60.0/lib/connect.c:1367: cond_true: Condition "conn->socktype == SOCK_DGRAM", taking true branch.
curl-7.60.0/lib/connect.c:1370: cond_true: Condition "addr->addrlen > 128UL /* sizeof (struct Curl_sockaddr_storage) */", taking true branch.
@@ -62,7 +62,7 @@ List of Defects
# 1373|
# 1374| if(data->set.fopensocket) {
-Error: CPPCHECK_WARNING (CWE-456): [#def7] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: CPPCHECK_WARNING (CWE-456): [#def7] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/curl_ntlm_core.c:414: error[uninitvar]: Uninitialized variable: ks
# 412| DES_key_schedule ks;
# 413|
@@ -70,7 +70,7 @@ List of Defects
# 415| DES_ecb_encrypt((DES_cblock*) plaintext, (DES_cblock*) results,
# 416| DESKEY(ks), DES_ENCRYPT);
-Error: DEADCODE (CWE-561): [#def8]
+Error: DEADCODE (CWE-561): [#def8]
curl-7.60.0/lib/curl_ntlm_core.c:479: assignment: Assigning: "result" = "((void)data) , CURLE_OK".
curl-7.60.0/lib/curl_ntlm_core.c:480: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/curl_ntlm_core.c:480: dead_error_condition: The condition "result" cannot be true.
@@ -81,7 +81,7 @@ List of Defects
# 482|
# 483| {
-Error: CPPCHECK_WARNING (CWE-456): [#def9] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: CPPCHECK_WARNING (CWE-456): [#def9] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/curl_ntlm_core.c:489: error[uninitvar]: Uninitialized variable: ks
# 487| DES_key_schedule ks;
# 488|
@@ -89,7 +89,7 @@ List of Defects
# 490| DES_ecb_encrypt((DES_cblock *)magic, (DES_cblock *)lmbuffer,
# 491| DESKEY(ks), DES_ENCRYPT);
-Error: DEADCODE (CWE-561): [#def10] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: DEADCODE (CWE-561): [#def10] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/curl_ntlm_core.c:571: assignment: Assigning: "result" = "((void)data) , CURLE_OK".
curl-7.60.0/lib/curl_ntlm_core.c:572: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/curl_ntlm_core.c:572: dead_error_condition: The condition "result" cannot be true.
@@ -100,7 +100,7 @@ List of Defects
# 574|
# 575| {
-Error: TAINTED_STRING (CWE-20): [#def11] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: TAINTED_STRING (CWE-20): [#def11] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_socket != -1", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_pid", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:131: if_end: End of if statement.
@@ -139,7 +139,7 @@ List of Defects
# 221| "--helper-protocol", "ntlmssp-client-1",
# 222| "--use-cached-creds",
-Error: TAINTED_STRING (CWE-20): [#def12] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: TAINTED_STRING (CWE-20): [#def12] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_socket != -1", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_pid", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:131: if_end: End of if statement.
@@ -177,7 +177,7 @@ List of Defects
# 221| "--helper-protocol", "ntlmssp-client-1",
# 222| "--use-cached-creds",
-Error: TOCTOU (CWE-367): [#def13]
+Error: TOCTOU (CWE-367): [#def13]
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_socket != -1", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_pid", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:131: if_end: End of if statement.
@@ -209,7 +209,7 @@ List of Defects
# 221| "--helper-protocol", "ntlmssp-client-1",
# 222| "--use-cached-creds",
-Error: TOCTOU (CWE-367): [#def14]
+Error: TOCTOU (CWE-367): [#def14]
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_socket != -1", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_pid", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:131: if_end: End of if statement.
@@ -241,16 +241,16 @@ List of Defects
# 228| "--helper-protocol", "ntlmssp-client-1",
# 229| "--use-cached-creds",
-Error: CLANG_WARNING: [#def15] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: CLANG_WARNING: [#def15] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/formdata.c: internal warning: child 19175 timed out after 30s
-Error: CLANG_WARNING: [#def16] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: CLANG_WARNING: [#def16] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/formdata.c: internal warning: child 31044 timed out after 30s
-Error: CLANG_WARNING: [#def17] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: CLANG_WARNING: [#def17] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/ftp.c: internal warning: child 31022 timed out after 30s
-Error: DEADCODE (CWE-561): [#def18] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: DEADCODE (CWE-561): [#def18] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/ftp.c:3975: assignment: Assigning: "result" = "((void)conn->data) , CURLE_OK".
curl-7.60.0/lib/ftp.c:3977: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/ftp.c:3977: dead_error_condition: The condition "result" cannot be true.
@@ -261,7 +261,7 @@ List of Defects
# 3979|
# 3980| for(;;) {
-Error: CONSTANT_EXPRESSION_RESULT (CWE-398): [#def19] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: CONSTANT_EXPRESSION_RESULT (CWE-398): [#def19] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/getinfo.c:159: result_independent_of_operands: "data->info.filetime > 9223372036854775807L" is always false regardless of the values of its operands. This occurs as the logical operand of "if".
# 157| break;
# 158| case CURLINFO_FILETIME:
@@ -269,7 +269,7 @@ List of Defects
# 160| *param_longp = LONG_MAX;
# 161| else if(data->info.filetime < LONG_MIN)
-Error: CONSTANT_EXPRESSION_RESULT (CWE-398): [#def20] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: CONSTANT_EXPRESSION_RESULT (CWE-398): [#def20] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/getinfo.c:161: result_independent_of_operands: "data->info.filetime < -9223372036854775808L /* -9223372036854775807L - 1L */" is always false regardless of the values of its operands. This occurs as the logical operand of "if".
# 159| if(data->info.filetime > LONG_MAX)
# 160| *param_longp = LONG_MAX;
@@ -277,7 +277,7 @@ List of Defects
# 162| *param_longp = LONG_MIN;
# 163| else
-Error: DEADCODE (CWE-561): [#def21] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: DEADCODE (CWE-561): [#def21] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/http.c:1086: assignment: Assigning: "result" = "((void)conn->data) , CURLE_OK".
curl-7.60.0/lib/http.c:1088: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/http.c:1088: dead_error_condition: The condition "result" cannot be true.
@@ -288,7 +288,7 @@ List of Defects
# 1091| return result;
# 1092| }
-Error: DEADCODE (CWE-561): [#def22]
+Error: DEADCODE (CWE-561): [#def22]
curl-7.60.0/lib/http.c:3566: assignment: Assigning: "result" = "((void)data) , CURLE_OK".
curl-7.60.0/lib/http.c:3568: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/http.c:3568: dead_error_condition: The condition "result" cannot be true.
@@ -299,7 +299,7 @@ List of Defects
# 3570|
# 3571| /* Check for Content-Length: header lines to get size */
-Error: DEADCODE (CWE-561): [#def23] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: DEADCODE (CWE-561): [#def23] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/http_chunks.c:157: assignment: Assigning: "result" = "((void)conn->data) , CURLE_OK".
curl-7.60.0/lib/http_chunks.c:159: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/http_chunks.c:159: dead_error_condition: The condition "result" cannot be true.
@@ -310,7 +310,7 @@ List of Defects
# 163| }
# 164|
-Error: DEADCODE (CWE-561): [#def24]
+Error: DEADCODE (CWE-561): [#def24]
curl-7.60.0/lib/http_chunks.c:237: assignment: Assigning: "result" = "((void)conn->data) , CURLE_OK".
curl-7.60.0/lib/http_chunks.c:239: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/http_chunks.c:239: dead_error_condition: The condition "result" cannot be true.
@@ -321,7 +321,7 @@ List of Defects
# 243|
# 244| if(!data->set.http_te_skip) {
-Error: DEADCODE (CWE-561): [#def25] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: DEADCODE (CWE-561): [#def25] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/http_proxy.c:413: assignment: Assigning: "result" = "((void)data) , CURLE_OK".
curl-7.60.0/lib/http_proxy.c:416: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/http_proxy.c:416: dead_error_condition: The condition "result" cannot be true.
@@ -332,10 +332,10 @@ List of Defects
# 418|
# 419| /* output debug if that is requested */
-Error: CLANG_WARNING: [#def26] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: CLANG_WARNING: [#def26] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/multi.c: internal warning: child 32119 timed out after 30s
-Error: FORWARD_NULL (CWE-476): [#def27]
+Error: FORWARD_NULL (CWE-476): [#def27]
curl-7.60.0/lib/multi.c:959: assign_zero: Assigning: "ufds" = "NULL".
curl-7.60.0/lib/multi.c:965: cond_true: Condition "multi", taking true branch.
curl-7.60.0/lib/multi.c:965: cond_true: Condition "multi->type == 764702", taking true branch.
@@ -446,7 +446,7 @@ List of Defects
# 1035| ufds[nfds].events = POLLIN;
# 1036| ++nfds;
-Error: FORWARD_NULL (CWE-476): [#def28]
+Error: FORWARD_NULL (CWE-476): [#def28]
curl-7.60.0/lib/multi.c:959: assign_zero: Assigning: "ufds" = "NULL".
curl-7.60.0/lib/multi.c:965: cond_true: Condition "multi", taking true branch.
curl-7.60.0/lib/multi.c:965: cond_true: Condition "multi->type == 764702", taking true branch.
@@ -559,7 +559,7 @@ List of Defects
# 1041| ufds[nfds].events = POLLOUT;
# 1042| ++nfds;
-Error: FORWARD_NULL (CWE-476): [#def29]
+Error: FORWARD_NULL (CWE-476): [#def29]
curl-7.60.0/lib/multi.c:959: assign_zero: Assigning: "ufds" = "NULL".
curl-7.60.0/lib/multi.c:965: cond_true: Condition "multi", taking true branch.
curl-7.60.0/lib/multi.c:965: cond_true: Condition "multi->type == 764702", taking true branch.
@@ -681,7 +681,7 @@ List of Defects
# 1057| ufds[nfds].events = 0;
# 1058| if(extra_fds[i].events & CURL_WAIT_POLLIN)
-Error: DEADCODE (CWE-561): [#def30] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: DEADCODE (CWE-561): [#def30] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/sendf.c:441: assignment: Assigning: "nread" = "0L".
curl-7.60.0/lib/sendf.c:442: const: At condition "nread > 0L", the value of "nread" must be equal to 0.
curl-7.60.0/lib/sendf.c:442: dead_error_condition: The condition "nread > 0L" cannot be true.
@@ -692,7 +692,7 @@ List of Defects
# 444| return nread;
# 445| }
-Error: DEADCODE (CWE-561): [#def31] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: DEADCODE (CWE-561): [#def31] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/sendf.c:657: assignment: Assigning: "result" = "((void)data) , CURLE_OK".
curl-7.60.0/lib/sendf.c:659: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/sendf.c:659: dead_error_condition: The condition "result" cannot be true.
@@ -703,7 +703,7 @@ List of Defects
# 661|
# 662| #ifdef CURL_DO_LINEEND_CONV
-Error: DEADCODE (CWE-561): [#def32] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: DEADCODE (CWE-561): [#def32] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/smb.c:734: assignment: Assigning: "next_state" = "SMB_DONE".
curl-7.60.0/lib/smb.c:773: assignment: Assigning: "next_state" = "SMB_OPEN".
curl-7.60.0/lib/smb.c:779: assignment: Assigning: "next_state" = "SMB_TREE_DISCONNECT".
@@ -721,7 +721,7 @@ List of Defects
# 897| break;
# 898| }
-Error: STRING_OVERFLOW (CWE-120): [#def33]
+Error: STRING_OVERFLOW (CWE-120): [#def33]
curl-7.60.0/lib/socks_gssapi.c:51: cond_true: Condition "major_status & (4294901760U /* ((OM_uint32)255UL << 24) | ((OM_uint32)255UL << 16) */)", taking true branch.
curl-7.60.0/lib/socks_gssapi.c:60: cond_true: Condition "!msg_ctx", taking true branch.
curl-7.60.0/lib/socks_gssapi.c:66: cond_true: Condition "maj_stat == 0", taking true branch.
@@ -733,7 +733,7 @@ List of Defects
# 69| len += status_string.length;
# 70| }
-Error: STRING_OVERFLOW (CWE-120): [#def34]
+Error: STRING_OVERFLOW (CWE-120): [#def34]
curl-7.60.0/lib/socks_gssapi.c:51: cond_true: Condition "major_status & (4294901760U /* ((OM_uint32)255UL << 24) | ((OM_uint32)255UL << 16) */)", taking true branch.
curl-7.60.0/lib/socks_gssapi.c:60: cond_true: Condition "!msg_ctx", taking true branch.
curl-7.60.0/lib/socks_gssapi.c:66: cond_true: Condition "maj_stat == 0", taking true branch.
@@ -751,7 +751,7 @@ List of Defects
# 90| gss_release_buffer(&min_stat, &status_string);
# 91| break;
-Error: CLANG_WARNING: [#def35] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: CLANG_WARNING: [#def35] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/ssh-libssh.c:1116:15: warning: Null pointer passed as an argument to a 'nonnull' parameter
# (strlen(protop->path) > 1))) {
# ^ ~~~~~~~~~~~~
@@ -901,7 +901,7 @@ List of Defects
# 1117| /* try to create the path remotely */
# 1118| rc = 0;
-Error: CLANG_WARNING: [#def36] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: CLANG_WARNING: [#def36] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/ssh-libssh.c:1208:10: warning: Null pointer passed as an argument to a 'nonnull' parameter
# if(strlen(protop->path) > 1) {
# ^ ~~~~~~~~~~~~
@@ -1020,7 +1020,7 @@ List of Defects
# 1209| sshc->slash_pos = protop->path + 1; /* ignore the leading '/' */
# 1210| state(conn, SSH_SFTP_CREATE_DIRS);
-Error: FORWARD_NULL (CWE-476): [#def37] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: FORWARD_NULL (CWE-476): [#def37] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/src/tool_getparam.c:2140: cond_true: Condition "i < argc", taking true branch.
curl-7.60.0/src/tool_getparam.c:2140: cond_true: Condition "!result", taking true branch.
curl-7.60.0/src/tool_getparam.c:2143: cond_true: Condition "stillflags", taking true branch.
@@ -1148,7 +1148,7 @@ List of Defects
# 224| str++;
# 225| if('-' == *str) {
-Error: STRING_NULL (CWE-170): [#def38]
+Error: STRING_NULL (CWE-170): [#def38]
curl-7.60.0/lib/tftp.c:1110: string_null_argument: Function "recvfrom" does not terminate string "*state->rpacket.data". [Note: The source code implementation of the function has been overridden by a builtin model.]
curl-7.60.0/lib/tftp.c:1116: cond_true: Condition "state->remote_addrlen == 0", taking true branch.
curl-7.60.0/lib/tftp.c:1122: cond_false: Condition "state->rbytes < 4", taking false branch.
@@ -1171,7 +1171,7 @@ List of Defects
# 1159| (const char *)state->rpacket.data + 2,
# 1160| state->rbytes-2);
-Error: NEGATIVE_RETURNS (CWE-394): [#def39] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: NEGATIVE_RETURNS (CWE-394): [#def39] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/transfer.c:131: cond_true: Condition "data->req.upload_chunky", taking true branch.
curl-7.60.0/lib/transfer.c:144: cond_false: Condition "nread == 268435456", taking false branch.
curl-7.60.0/lib/transfer.c:148: if_end: End of if statement.
@@ -1200,13 +1200,13 @@ List of Defects
# 220|
# 221| /* always append ASCII CRLF to the data */
-Error: CLANG_WARNING: [#def40] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: CLANG_WARNING: [#def40] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/url.c: internal warning: child 19172 timed out after 30s
-Error: CLANG_WARNING: [#def41] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: CLANG_WARNING: [#def41] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/url.c: internal warning: child 31100 timed out after 30s
-Error: NEGATIVE_RETURNS (CWE-394): [#def42] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: NEGATIVE_RETURNS (CWE-394): [#def42] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/vauth/ntlm.c:541: cond_true: Condition "!user", taking true branch.
curl-7.60.0/lib/vauth/ntlm.c:544: cond_false: Condition "user", taking false branch.
curl-7.60.0/lib/vauth/ntlm.c:550: else_branch: Reached else branch.
@@ -1249,7 +1249,7 @@ List of Defects
# 811| else
# 812| memcpy(&ntlmbuf[size], domain, domlen);
-Error: DEADCODE (CWE-561): [#def43] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: DEADCODE (CWE-561): [#def43] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/vauth/ntlm.c:833: assignment: Assigning: "result" = "((void)data) , CURLE_OK".
curl-7.60.0/lib/vauth/ntlm.c:835: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/vauth/ntlm.c:835: dead_error_condition: The condition "result" cannot be true.
@@ -1260,7 +1260,7 @@ List of Defects
# 837|
# 838| /* Return with binary blob encoded into base64 */
-Error: COMPILER_WARNING: [#def44] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: COMPILER_WARNING: [#def44] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/vtls/openssl.c: scope_hint: In function 'ossl_connect_step1'
curl-7.60.0/lib/vtls/openssl.c:2217:5: warning[-Wdeprecated-declarations]: 'SSLv3_client_method' is deprecated
# req_method = SSLv3_client_method();
@@ -1278,7 +1278,7 @@ List of Defects
# 2218| use_sni(FALSE);
# 2219| break;
-Error: DEADCODE (CWE-561): [#def45] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: DEADCODE (CWE-561): [#def45] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/vtls/openssl.c:2214: cond_cannot_single: Condition "ssl_authtype == CURL_TLSAUTH_SRP", taking false branch. Now the value of "ssl_authtype" cannot be equal to 1.
curl-7.60.0/lib/vtls/openssl.c:2309: cannot_single: At condition "ssl_authtype == CURL_TLSAUTH_SRP", the value of "ssl_authtype" cannot be equal to 1.
curl-7.60.0/lib/vtls/openssl.c:2309: dead_error_condition: The condition "ssl_authtype == CURL_TLSAUTH_SRP" cannot be true.
@@ -1289,7 +1289,7 @@ List of Defects
# 2311| }
# 2312| #endif
-Error: DEADCODE (CWE-561): [#def46] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: DEADCODE (CWE-561): [#def46] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/vtls/openssl.c:2181: equality_cond: Jumping to case "CURL_SSLVERSION_DEFAULT".
curl-7.60.0/lib/vtls/openssl.c:2182: equality_cond: Jumping to case "CURL_SSLVERSION_TLSv1".
curl-7.60.0/lib/vtls/openssl.c:2183: equality_cond: Jumping to case "CURL_SSLVERSION_TLSv1_0".
@@ -1306,7 +1306,7 @@ List of Defects
# 2340| #ifndef OPENSSL_NO_SSL2
# 2341| ctx_options |= SSL_OP_NO_SSLv3;
-Error: DEADCODE (CWE-561): [#def47] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: DEADCODE (CWE-561): [#def47] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/lib/vtls/openssl.c:2181: equality_cond: Jumping to case "CURL_SSLVERSION_DEFAULT".
curl-7.60.0/lib/vtls/openssl.c:2182: equality_cond: Jumping to case "CURL_SSLVERSION_TLSv1".
curl-7.60.0/lib/vtls/openssl.c:2183: equality_cond: Jumping to case "CURL_SSLVERSION_TLSv1_0".
@@ -1323,7 +1323,7 @@ List of Defects
# 2357| failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
# 2358| return CURLE_SSL_CONNECT_ERROR;
-Error: TOCTOU (CWE-367): [#def48]
+Error: TOCTOU (CWE-367): [#def48]
curl-7.60.0/src/tool_dirhie.c:113: cond_false: Condition "!outdup", taking false branch.
curl-7.60.0/src/tool_dirhie.c:114: if_end: End of if statement.
curl-7.60.0/src/tool_dirhie.c:117: cond_false: Condition "!dirbuildup", taking false branch.
@@ -1342,7 +1342,7 @@ List of Defects
# 144| show_dir_errno(errors, dirbuildup);
# 145| result = CURLE_WRITE_ERROR;
-Error: COPY_PASTE_ERROR (CWE-398): [#def49] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: COPY_PASTE_ERROR (CWE-398): [#def49] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/tests/python_dependencies/impacket/ntlm.py:595: original: "user.decode" looks like the original copy.
curl-7.60.0/tests/python_dependencies/impacket/ntlm.py:603: copy_paste_error: "user" in "user.decode" looks like a copy-paste error.
curl-7.60.0/tests/python_dependencies/impacket/ntlm.py:603: remediation: Should it say "domain" instead?
@@ -1352,7 +1352,7 @@ List of Defects
# 604|
# 605| ntlmChallenge = NTLMAuthChallenge(type2)
-Error: FORWARD_NULL (CWE-476): [#def50] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: FORWARD_NULL (CWE-476): [#def50] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/tests/python_dependencies/impacket/smb.py:3504: assign_undefined: Assigning: "readAndX" = "undefined".
curl-7.60.0/tests/python_dependencies/impacket/smb.py:3504: cond_true: Condition "!max_size", taking true branch.
curl-7.60.0/tests/python_dependencies/impacket/smb.py:3505: cond_true: Condition "self._dialects_parameters["Capabilities"] & SMB.CAP_LARGE_READX", taking true branch.
@@ -1374,7 +1374,7 @@ List of Defects
# 3543| else:
# 3544| self.sendSMB(smb)
-Error: IDENTICAL_BRANCHES: [#def51] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: IDENTICAL_BRANCHES: [#def51] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/tests/python_dependencies/impacket/smb.py:3775: identical_branches: Ternary expression on condition "self.__flags2 & SMB.FLAGS2_UNICODE" has identical then and else expressions: """". Should one of the expressions be modified, or the entire ternary expression replaced?
# 3773| findFirstParameter['InformationLevel'] = SMB_FIND_FILE_BOTH_DIRECTORY_INFO
# 3774| findFirstParameter['SearchStorageType'] = 0
@@ -1382,7 +1382,7 @@ List of Defects
# 3776| self.send_trans2(tid, SMB.TRANS2_FIND_FIRST2, '\x00', findFirstParameter, '')
# 3777| files = [ ]
-Error: IDENTICAL_BRANCHES: [#def52] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: IDENTICAL_BRANCHES: [#def52] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/tests/python_dependencies/impacket/smb.py:3818: identical_branches: Ternary expression on condition "self.__flags2 & SMB.FLAGS2_UNICODE" has identical then and else expressions: """". Should one of the expressions be modified, or the entire ternary expression replaced?
# 3816| findNextParameter['ResumeKey'] = 0
# 3817| findNextParameter['Flags'] = SMB_FIND_RETURN_RESUME_KEYS | SMB_FIND_CLOSE_AT_EOS
@@ -1390,7 +1390,7 @@ List of Defects
# 3819| self.send_trans2(tid, SMB.TRANS2_FIND_NEXT2, '\x00', findNextParameter, '')
# 3820| findData = ''
-Error: FORWARD_NULL (CWE-476): [#def53] [warning: defect not occurring in curl-7.29.0-46.el7]
+Error: FORWARD_NULL (CWE-476): [#def53] [warning: defect not occurring in curl-7.29.0-46.el7]
curl-7.60.0/tests/python_dependencies/impacket/smbserver.py:2066: assign_undefined: Assigning: "mode" = "undefined".
curl-7.60.0/tests/python_dependencies/impacket/smbserver.py:2077: cond_false: Condition "connData["ConnectedShares"].has_key(recvPacket["Tid"])", taking false branch.
curl-7.60.0/tests/python_dependencies/impacket/smbserver.py:2085: else_branch: Reached else branch.
diff --git a/tests/cshtml/0002-cwe-names/scan-results.html b/tests/cshtml/0002-cwe-names/scan-results.html
index 86f54853..318b77e1 100644
--- a/tests/cshtml/0002-cwe-names/scan-results.html
+++ b/tests/cshtml/0002-cwe-names/scan-results.html
@@ -5,7 +5,7 @@
curl-7.60.0-1.el8+7
List of Defects
-Error: SHELLCHECK_WARNING: [#def1]
+Error: SHELLCHECK_WARNING: [#def1]
/usr/bin/curl-config:25:1: warning[SC2034]: exec_prefix appears unused. Verify it or export it.
# 23|
# 24| prefix=/usr
@@ -13,7 +13,7 @@ List of Defects
# 26| includedir=/usr/include
# 27| cppflag_curl_staticlib=
-Error: SHELLCHECK_WARNING: [#def2]
+Error: SHELLCHECK_WARNING: [#def2]
/usr/bin/curl-config:26:1: warning[SC2034]: includedir appears unused. Verify it or export it.
# 24| prefix=/usr
# 25| exec_prefix=/usr
@@ -21,7 +21,7 @@ List of Defects
# 27| cppflag_curl_staticlib=
# 28|
-Error: SHELLCHECK_WARNING: [#def3]
+Error: SHELLCHECK_WARNING: [#def3]
/usr/bin/curl-config:66:8: warning[SC2034]: value appears unused. Verify it or export it.
# 64| # [not currently used]
# 65| -*=*) value=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
@@ -29,7 +29,7 @@ List of Defects
# 67| esac
# 68|
-Error: SHELLCHECK_WARNING: [#def4]
+Error: SHELLCHECK_WARNING: [#def4]
/usr/bin/curl-config:146:14: warning[SC2039]: In POSIX sh, echo flags are undefined.
# 144|
# 145| --libs)
@@ -37,7 +37,7 @@ List of Defects
# 147| ;;
# 148| --ssl-backends)
-Error: DEADCODE (CWE-561): [#def5]
+Error: DEADCODE (CWE-561): [#def5]
curl-7.60.0/lib/base64.c:183: assignment: Assigning: "convbuf" = "NULL".
curl-7.60.0/lib/base64.c:213: null: At condition "convbuf", the value of "convbuf" must be "NULL".
curl-7.60.0/lib/base64.c:213: dead_error_condition: The condition "convbuf" cannot be true.
@@ -49,7 +49,7 @@ List of Defects
# 215|
# 216| while(insize > 0) {
-Error: OVERRUN (CWE-119): [#def6]
+Error: OVERRUN (CWE-119): [#def6]
curl-7.60.0/lib/connect.c:1353: cond_true: Condition "!addr", taking true branch.
curl-7.60.0/lib/connect.c:1367: cond_true: Condition "conn->socktype == SOCK_DGRAM", taking true branch.
curl-7.60.0/lib/connect.c:1370: cond_true: Condition "addr->addrlen > 128UL /* sizeof (struct Curl_sockaddr_storage) */", taking true branch.
@@ -61,7 +61,7 @@ List of Defects
# 1373|
# 1374| if(data->set.fopensocket) {
-Error: CPPCHECK_WARNING (CWE-456): [#def7]
+Error: CPPCHECK_WARNING (CWE-456): [#def7]
curl-7.60.0/lib/curl_ntlm_core.c:414: error[uninitvar]: Uninitialized variable: ks
# 412| DES_key_schedule ks;
# 413|
@@ -69,7 +69,7 @@ List of Defects
# 415| DES_ecb_encrypt((DES_cblock*) plaintext, (DES_cblock*) results,
# 416| DESKEY(ks), DES_ENCRYPT);
-Error: DEADCODE (CWE-561): [#def8]
+Error: DEADCODE (CWE-561): [#def8]
curl-7.60.0/lib/curl_ntlm_core.c:479: assignment: Assigning: "result" = "((void)data) , CURLE_OK".
curl-7.60.0/lib/curl_ntlm_core.c:480: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/curl_ntlm_core.c:480: dead_error_condition: The condition "result" cannot be true.
@@ -80,7 +80,7 @@ List of Defects
# 482|
# 483| {
-Error: CPPCHECK_WARNING (CWE-456): [#def9]
+Error: CPPCHECK_WARNING (CWE-456): [#def9]
curl-7.60.0/lib/curl_ntlm_core.c:489: error[uninitvar]: Uninitialized variable: ks
# 487| DES_key_schedule ks;
# 488|
@@ -88,7 +88,7 @@ List of Defects
# 490| DES_ecb_encrypt((DES_cblock *)magic, (DES_cblock *)lmbuffer,
# 491| DESKEY(ks), DES_ENCRYPT);
-Error: DEADCODE (CWE-561): [#def10]
+Error: DEADCODE (CWE-561): [#def10]
curl-7.60.0/lib/curl_ntlm_core.c:571: assignment: Assigning: "result" = "((void)data) , CURLE_OK".
curl-7.60.0/lib/curl_ntlm_core.c:572: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/curl_ntlm_core.c:572: dead_error_condition: The condition "result" cannot be true.
@@ -99,7 +99,7 @@ List of Defects
# 574|
# 575| {
-Error: TAINTED_STRING (CWE-20): [#def11]
+Error: TAINTED_STRING (CWE-20): [#def11]
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_socket != -1", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_pid", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:131: if_end: End of if statement.
@@ -138,7 +138,7 @@ List of Defects
# 221| "--helper-protocol", "ntlmssp-client-1",
# 222| "--use-cached-creds",
-Error: TAINTED_STRING (CWE-20): [#def12]
+Error: TAINTED_STRING (CWE-20): [#def12]
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_socket != -1", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_pid", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:131: if_end: End of if statement.
@@ -176,7 +176,7 @@ List of Defects
# 221| "--helper-protocol", "ntlmssp-client-1",
# 222| "--use-cached-creds",
-Error: TOCTOU (CWE-367): [#def13]
+Error: TOCTOU (CWE-367): [#def13]
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_socket != -1", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_pid", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:131: if_end: End of if statement.
@@ -208,7 +208,7 @@ List of Defects
# 221| "--helper-protocol", "ntlmssp-client-1",
# 222| "--use-cached-creds",
-Error: TOCTOU (CWE-367): [#def14]
+Error: TOCTOU (CWE-367): [#def14]
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_socket != -1", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:129: cond_false: Condition "conn->ntlm_auth_hlpr_pid", taking false branch.
curl-7.60.0/lib/curl_ntlm_wb.c:131: if_end: End of if statement.
@@ -240,16 +240,16 @@ List of Defects
# 228| "--helper-protocol", "ntlmssp-client-1",
# 229| "--use-cached-creds",
-Error: CLANG_WARNING: [#def15]
+Error: CLANG_WARNING: [#def15]
curl-7.60.0/lib/formdata.c: internal warning: child 19175 timed out after 30s
-Error: CLANG_WARNING: [#def16]
+Error: CLANG_WARNING: [#def16]
curl-7.60.0/lib/formdata.c: internal warning: child 31044 timed out after 30s
-Error: CLANG_WARNING: [#def17]
+Error: CLANG_WARNING: [#def17]
curl-7.60.0/lib/ftp.c: internal warning: child 31022 timed out after 30s
-Error: DEADCODE (CWE-561): [#def18]
+Error: DEADCODE (CWE-561): [#def18]
curl-7.60.0/lib/ftp.c:3975: assignment: Assigning: "result" = "((void)conn->data) , CURLE_OK".
curl-7.60.0/lib/ftp.c:3977: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/ftp.c:3977: dead_error_condition: The condition "result" cannot be true.
@@ -260,7 +260,7 @@ List of Defects
# 3979|
# 3980| for(;;) {
-Error: CONSTANT_EXPRESSION_RESULT (CWE-398): [#def19]
+Error: CONSTANT_EXPRESSION_RESULT (CWE-398): [#def19]
curl-7.60.0/lib/getinfo.c:159: result_independent_of_operands: "data->info.filetime > 9223372036854775807L" is always false regardless of the values of its operands. This occurs as the logical operand of "if".
# 157| break;
# 158| case CURLINFO_FILETIME:
@@ -268,7 +268,7 @@ List of Defects
# 160| *param_longp = LONG_MAX;
# 161| else if(data->info.filetime < LONG_MIN)
-Error: CONSTANT_EXPRESSION_RESULT (CWE-398): [#def20]
+Error: CONSTANT_EXPRESSION_RESULT (CWE-398): [#def20]
curl-7.60.0/lib/getinfo.c:161: result_independent_of_operands: "data->info.filetime < -9223372036854775808L /* -9223372036854775807L - 1L */" is always false regardless of the values of its operands. This occurs as the logical operand of "if".
# 159| if(data->info.filetime > LONG_MAX)
# 160| *param_longp = LONG_MAX;
@@ -276,7 +276,7 @@ List of Defects
# 162| *param_longp = LONG_MIN;
# 163| else
-Error: DEADCODE (CWE-561): [#def21]
+Error: DEADCODE (CWE-561): [#def21]
curl-7.60.0/lib/http.c:1086: assignment: Assigning: "result" = "((void)conn->data) , CURLE_OK".
curl-7.60.0/lib/http.c:1088: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/http.c:1088: dead_error_condition: The condition "result" cannot be true.
@@ -287,7 +287,7 @@ List of Defects
# 1091| return result;
# 1092| }
-Error: DEADCODE (CWE-561): [#def22]
+Error: DEADCODE (CWE-561): [#def22]
curl-7.60.0/lib/http.c:3566: assignment: Assigning: "result" = "((void)data) , CURLE_OK".
curl-7.60.0/lib/http.c:3568: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/http.c:3568: dead_error_condition: The condition "result" cannot be true.
@@ -298,7 +298,7 @@ List of Defects
# 3570|
# 3571| /* Check for Content-Length: header lines to get size */
-Error: DEADCODE (CWE-561): [#def23]
+Error: DEADCODE (CWE-561): [#def23]
curl-7.60.0/lib/http_chunks.c:157: assignment: Assigning: "result" = "((void)conn->data) , CURLE_OK".
curl-7.60.0/lib/http_chunks.c:159: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/http_chunks.c:159: dead_error_condition: The condition "result" cannot be true.
@@ -309,7 +309,7 @@ List of Defects
# 163| }
# 164|
-Error: DEADCODE (CWE-561): [#def24]
+Error: DEADCODE (CWE-561): [#def24]
curl-7.60.0/lib/http_chunks.c:237: assignment: Assigning: "result" = "((void)conn->data) , CURLE_OK".
curl-7.60.0/lib/http_chunks.c:239: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/http_chunks.c:239: dead_error_condition: The condition "result" cannot be true.
@@ -320,7 +320,7 @@ List of Defects
# 243|
# 244| if(!data->set.http_te_skip) {
-Error: DEADCODE (CWE-561): [#def25]
+Error: DEADCODE (CWE-561): [#def25]
curl-7.60.0/lib/http_proxy.c:413: assignment: Assigning: "result" = "((void)data) , CURLE_OK".
curl-7.60.0/lib/http_proxy.c:416: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/http_proxy.c:416: dead_error_condition: The condition "result" cannot be true.
@@ -331,10 +331,10 @@ List of Defects
# 418|
# 419| /* output debug if that is requested */
-Error: CLANG_WARNING: [#def26]
+Error: CLANG_WARNING: [#def26]
curl-7.60.0/lib/multi.c: internal warning: child 32119 timed out after 30s
-Error: FORWARD_NULL (CWE-476): [#def27]
+Error: FORWARD_NULL (CWE-476): [#def27]
curl-7.60.0/lib/multi.c:959: assign_zero: Assigning: "ufds" = "NULL".
curl-7.60.0/lib/multi.c:965: cond_true: Condition "multi", taking true branch.
curl-7.60.0/lib/multi.c:965: cond_true: Condition "multi->type == 764702", taking true branch.
@@ -445,7 +445,7 @@ List of Defects
# 1035| ufds[nfds].events = POLLIN;
# 1036| ++nfds;
-Error: FORWARD_NULL (CWE-476): [#def28]
+Error: FORWARD_NULL (CWE-476): [#def28]
curl-7.60.0/lib/multi.c:959: assign_zero: Assigning: "ufds" = "NULL".
curl-7.60.0/lib/multi.c:965: cond_true: Condition "multi", taking true branch.
curl-7.60.0/lib/multi.c:965: cond_true: Condition "multi->type == 764702", taking true branch.
@@ -558,7 +558,7 @@ List of Defects
# 1041| ufds[nfds].events = POLLOUT;
# 1042| ++nfds;
-Error: FORWARD_NULL (CWE-476): [#def29]
+Error: FORWARD_NULL (CWE-476): [#def29]
curl-7.60.0/lib/multi.c:959: assign_zero: Assigning: "ufds" = "NULL".
curl-7.60.0/lib/multi.c:965: cond_true: Condition "multi", taking true branch.
curl-7.60.0/lib/multi.c:965: cond_true: Condition "multi->type == 764702", taking true branch.
@@ -680,7 +680,7 @@ List of Defects
# 1057| ufds[nfds].events = 0;
# 1058| if(extra_fds[i].events & CURL_WAIT_POLLIN)
-Error: DEADCODE (CWE-561): [#def30]
+Error: DEADCODE (CWE-561): [#def30]
curl-7.60.0/lib/sendf.c:441: assignment: Assigning: "nread" = "0L".
curl-7.60.0/lib/sendf.c:442: const: At condition "nread > 0L", the value of "nread" must be equal to 0.
curl-7.60.0/lib/sendf.c:442: dead_error_condition: The condition "nread > 0L" cannot be true.
@@ -691,7 +691,7 @@ List of Defects
# 444| return nread;
# 445| }
-Error: DEADCODE (CWE-561): [#def31]
+Error: DEADCODE (CWE-561): [#def31]
curl-7.60.0/lib/sendf.c:657: assignment: Assigning: "result" = "((void)data) , CURLE_OK".
curl-7.60.0/lib/sendf.c:659: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/sendf.c:659: dead_error_condition: The condition "result" cannot be true.
@@ -702,7 +702,7 @@ List of Defects
# 661|
# 662| #ifdef CURL_DO_LINEEND_CONV
-Error: DEADCODE (CWE-561): [#def32]
+Error: DEADCODE (CWE-561): [#def32]
curl-7.60.0/lib/smb.c:734: assignment: Assigning: "next_state" = "SMB_DONE".
curl-7.60.0/lib/smb.c:773: assignment: Assigning: "next_state" = "SMB_OPEN".
curl-7.60.0/lib/smb.c:779: assignment: Assigning: "next_state" = "SMB_TREE_DISCONNECT".
@@ -720,7 +720,7 @@ List of Defects
# 897| break;
# 898| }
-Error: STRING_OVERFLOW (CWE-120): [#def33]
+Error: STRING_OVERFLOW (CWE-120): [#def33]
curl-7.60.0/lib/socks_gssapi.c:51: cond_true: Condition "major_status & (4294901760U /* ((OM_uint32)255UL << 24) | ((OM_uint32)255UL << 16) */)", taking true branch.
curl-7.60.0/lib/socks_gssapi.c:60: cond_true: Condition "!msg_ctx", taking true branch.
curl-7.60.0/lib/socks_gssapi.c:66: cond_true: Condition "maj_stat == 0", taking true branch.
@@ -732,7 +732,7 @@ List of Defects
# 69| len += status_string.length;
# 70| }
-Error: STRING_OVERFLOW (CWE-120): [#def34]
+Error: STRING_OVERFLOW (CWE-120): [#def34]
curl-7.60.0/lib/socks_gssapi.c:51: cond_true: Condition "major_status & (4294901760U /* ((OM_uint32)255UL << 24) | ((OM_uint32)255UL << 16) */)", taking true branch.
curl-7.60.0/lib/socks_gssapi.c:60: cond_true: Condition "!msg_ctx", taking true branch.
curl-7.60.0/lib/socks_gssapi.c:66: cond_true: Condition "maj_stat == 0", taking true branch.
@@ -750,7 +750,7 @@ List of Defects
# 90| gss_release_buffer(&min_stat, &status_string);
# 91| break;
-Error: CLANG_WARNING: [#def35]
+Error: CLANG_WARNING: [#def35]
curl-7.60.0/lib/ssh-libssh.c:1116:15: warning: Null pointer passed as an argument to a 'nonnull' parameter
# (strlen(protop->path) > 1))) {
# ^ ~~~~~~~~~~~~
@@ -900,7 +900,7 @@ List of Defects
# 1117| /* try to create the path remotely */
# 1118| rc = 0;
-Error: CLANG_WARNING: [#def36]
+Error: CLANG_WARNING: [#def36]
curl-7.60.0/lib/ssh-libssh.c:1208:10: warning: Null pointer passed as an argument to a 'nonnull' parameter
# if(strlen(protop->path) > 1) {
# ^ ~~~~~~~~~~~~
@@ -1019,7 +1019,7 @@ List of Defects
# 1209| sshc->slash_pos = protop->path + 1; /* ignore the leading '/' */
# 1210| state(conn, SSH_SFTP_CREATE_DIRS);
-Error: FORWARD_NULL (CWE-476): [#def37]
+Error: FORWARD_NULL (CWE-476): [#def37]
curl-7.60.0/src/tool_getparam.c:2140: cond_true: Condition "i < argc", taking true branch.
curl-7.60.0/src/tool_getparam.c:2140: cond_true: Condition "!result", taking true branch.
curl-7.60.0/src/tool_getparam.c:2143: cond_true: Condition "stillflags", taking true branch.
@@ -1147,7 +1147,7 @@ List of Defects
# 224| str++;
# 225| if('-' == *str) {
-Error: STRING_NULL (CWE-170): [#def38]
+Error: STRING_NULL (CWE-170): [#def38]
curl-7.60.0/lib/tftp.c:1110: string_null_argument: Function "recvfrom" does not terminate string "*state->rpacket.data". [Note: The source code implementation of the function has been overridden by a builtin model.]
curl-7.60.0/lib/tftp.c:1116: cond_true: Condition "state->remote_addrlen == 0", taking true branch.
curl-7.60.0/lib/tftp.c:1122: cond_false: Condition "state->rbytes < 4", taking false branch.
@@ -1170,7 +1170,7 @@ List of Defects
# 1159| (const char *)state->rpacket.data + 2,
# 1160| state->rbytes-2);
-Error: NEGATIVE_RETURNS (CWE-394): [#def39]
+Error: NEGATIVE_RETURNS (CWE-394): [#def39]
curl-7.60.0/lib/transfer.c:131: cond_true: Condition "data->req.upload_chunky", taking true branch.
curl-7.60.0/lib/transfer.c:144: cond_false: Condition "nread == 268435456", taking false branch.
curl-7.60.0/lib/transfer.c:148: if_end: End of if statement.
@@ -1199,13 +1199,13 @@ List of Defects
# 220|
# 221| /* always append ASCII CRLF to the data */
-Error: CLANG_WARNING: [#def40]
+Error: CLANG_WARNING: [#def40]
curl-7.60.0/lib/url.c: internal warning: child 19172 timed out after 30s
-Error: CLANG_WARNING: [#def41]
+Error: CLANG_WARNING: [#def41]
curl-7.60.0/lib/url.c: internal warning: child 31100 timed out after 30s
-Error: NEGATIVE_RETURNS (CWE-394): [#def42]
+Error: NEGATIVE_RETURNS (CWE-394): [#def42]
curl-7.60.0/lib/vauth/ntlm.c:541: cond_true: Condition "!user", taking true branch.
curl-7.60.0/lib/vauth/ntlm.c:544: cond_false: Condition "user", taking false branch.
curl-7.60.0/lib/vauth/ntlm.c:550: else_branch: Reached else branch.
@@ -1248,7 +1248,7 @@ List of Defects
# 811| else
# 812| memcpy(&ntlmbuf[size], domain, domlen);
-Error: DEADCODE (CWE-561): [#def43]
+Error: DEADCODE (CWE-561): [#def43]
curl-7.60.0/lib/vauth/ntlm.c:833: assignment: Assigning: "result" = "((void)data) , CURLE_OK".
curl-7.60.0/lib/vauth/ntlm.c:835: const: At condition "result", the value of "result" must be equal to 0.
curl-7.60.0/lib/vauth/ntlm.c:835: dead_error_condition: The condition "result" cannot be true.
@@ -1259,7 +1259,7 @@ List of Defects
# 837|
# 838| /* Return with binary blob encoded into base64 */
-Error: COMPILER_WARNING: [#def44]
+Error: COMPILER_WARNING: [#def44]
curl-7.60.0/lib/vtls/openssl.c: scope_hint: In function 'ossl_connect_step1'
curl-7.60.0/lib/vtls/openssl.c:2217:5: warning[-Wdeprecated-declarations]: 'SSLv3_client_method' is deprecated
# req_method = SSLv3_client_method();
@@ -1277,7 +1277,7 @@ List of Defects
# 2218| use_sni(FALSE);
# 2219| break;
-Error: DEADCODE (CWE-561): [#def45]
+Error: DEADCODE (CWE-561): [#def45]
curl-7.60.0/lib/vtls/openssl.c:2214: cond_cannot_single: Condition "ssl_authtype == CURL_TLSAUTH_SRP", taking false branch. Now the value of "ssl_authtype" cannot be equal to 1.
curl-7.60.0/lib/vtls/openssl.c:2309: cannot_single: At condition "ssl_authtype == CURL_TLSAUTH_SRP", the value of "ssl_authtype" cannot be equal to 1.
curl-7.60.0/lib/vtls/openssl.c:2309: dead_error_condition: The condition "ssl_authtype == CURL_TLSAUTH_SRP" cannot be true.
@@ -1288,7 +1288,7 @@ List of Defects
# 2311| }
# 2312| #endif
-Error: DEADCODE (CWE-561): [#def46]
+Error: DEADCODE (CWE-561): [#def46]
curl-7.60.0/lib/vtls/openssl.c:2181: equality_cond: Jumping to case "CURL_SSLVERSION_DEFAULT".
curl-7.60.0/lib/vtls/openssl.c:2182: equality_cond: Jumping to case "CURL_SSLVERSION_TLSv1".
curl-7.60.0/lib/vtls/openssl.c:2183: equality_cond: Jumping to case "CURL_SSLVERSION_TLSv1_0".
@@ -1305,7 +1305,7 @@ List of Defects
# 2340| #ifndef OPENSSL_NO_SSL2
# 2341| ctx_options |= SSL_OP_NO_SSLv3;
-Error: DEADCODE (CWE-561): [#def47]
+Error: DEADCODE (CWE-561): [#def47]
curl-7.60.0/lib/vtls/openssl.c:2181: equality_cond: Jumping to case "CURL_SSLVERSION_DEFAULT".
curl-7.60.0/lib/vtls/openssl.c:2182: equality_cond: Jumping to case "CURL_SSLVERSION_TLSv1".
curl-7.60.0/lib/vtls/openssl.c:2183: equality_cond: Jumping to case "CURL_SSLVERSION_TLSv1_0".
@@ -1322,7 +1322,7 @@ List of Defects
# 2357| failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
# 2358| return CURLE_SSL_CONNECT_ERROR;
-Error: TOCTOU (CWE-367): [#def48]
+Error: TOCTOU (CWE-367): [#def48]
curl-7.60.0/src/tool_dirhie.c:113: cond_false: Condition "!outdup", taking false branch.
curl-7.60.0/src/tool_dirhie.c:114: if_end: End of if statement.
curl-7.60.0/src/tool_dirhie.c:117: cond_false: Condition "!dirbuildup", taking false branch.
@@ -1341,7 +1341,7 @@ List of Defects
# 144| show_dir_errno(errors, dirbuildup);
# 145| result = CURLE_WRITE_ERROR;
-Error: COPY_PASTE_ERROR (CWE-398): [#def49]
+Error: COPY_PASTE_ERROR (CWE-398): [#def49]
curl-7.60.0/tests/python_dependencies/impacket/ntlm.py:595: original: "user.decode" looks like the original copy.
curl-7.60.0/tests/python_dependencies/impacket/ntlm.py:603: copy_paste_error: "user" in "user.decode" looks like a copy-paste error.
curl-7.60.0/tests/python_dependencies/impacket/ntlm.py:603: remediation: Should it say "domain" instead?
@@ -1351,7 +1351,7 @@ List of Defects
# 604|
# 605| ntlmChallenge = NTLMAuthChallenge(type2)
-Error: FORWARD_NULL (CWE-476): [#def50]
+Error: FORWARD_NULL (CWE-476): [#def50]
curl-7.60.0/tests/python_dependencies/impacket/smb.py:3504: assign_undefined: Assigning: "readAndX" = "undefined".
curl-7.60.0/tests/python_dependencies/impacket/smb.py:3504: cond_true: Condition "!max_size", taking true branch.
curl-7.60.0/tests/python_dependencies/impacket/smb.py:3505: cond_true: Condition "self._dialects_parameters["Capabilities"] & SMB.CAP_LARGE_READX", taking true branch.
@@ -1373,7 +1373,7 @@ List of Defects
# 3543| else:
# 3544| self.sendSMB(smb)
-Error: IDENTICAL_BRANCHES: [#def51]
+Error: IDENTICAL_BRANCHES: [#def51]
curl-7.60.0/tests/python_dependencies/impacket/smb.py:3775: identical_branches: Ternary expression on condition "self.__flags2 & SMB.FLAGS2_UNICODE" has identical then and else expressions: """". Should one of the expressions be modified, or the entire ternary expression replaced?
# 3773| findFirstParameter['InformationLevel'] = SMB_FIND_FILE_BOTH_DIRECTORY_INFO
# 3774| findFirstParameter['SearchStorageType'] = 0
@@ -1381,7 +1381,7 @@ List of Defects
# 3776| self.send_trans2(tid, SMB.TRANS2_FIND_FIRST2, '\x00', findFirstParameter, '')
# 3777| files = [ ]
-Error: IDENTICAL_BRANCHES: [#def52]
+Error: IDENTICAL_BRANCHES: [#def52]
curl-7.60.0/tests/python_dependencies/impacket/smb.py:3818: identical_branches: Ternary expression on condition "self.__flags2 & SMB.FLAGS2_UNICODE" has identical then and else expressions: """". Should one of the expressions be modified, or the entire ternary expression replaced?
# 3816| findNextParameter['ResumeKey'] = 0
# 3817| findNextParameter['Flags'] = SMB_FIND_RETURN_RESUME_KEYS | SMB_FIND_CLOSE_AT_EOS
@@ -1389,7 +1389,7 @@ List of Defects
# 3819| self.send_trans2(tid, SMB.TRANS2_FIND_NEXT2, '\x00', findNextParameter, '')
# 3820| findData = ''
-Error: FORWARD_NULL (CWE-476): [#def53]
+Error: FORWARD_NULL (CWE-476): [#def53]
curl-7.60.0/tests/python_dependencies/impacket/smbserver.py:2066: assign_undefined: Assigning: "mode" = "undefined".
curl-7.60.0/tests/python_dependencies/impacket/smbserver.py:2077: cond_false: Condition "connData["ConnectedShares"].has_key(recvPacket["Tid"])", taking false branch.
curl-7.60.0/tests/python_dependencies/impacket/smbserver.py:2085: else_branch: Reached else branch.