clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name remtest.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -mframe-pointer=all -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/var/lib/jenkins/workspace/nss-scan-build/nss/cmd/tests -ffunction-sections -fdata-sections -fcoverage-compilation-dir=/var/lib/jenkins/workspace/nss-scan-build/nss/cmd/tests -resource-dir /usr/lib/llvm-18/lib/clang/18 -D HAVE_STRERROR -D LINUX -D linux -D XP_UNIX -D XP_UNIX -D DEBUG -U NDEBUG -D _DEFAULT_SOURCE -D _BSD_SOURCE -D _POSIX_SOURCE -D SDB_MEASURE_USE_TEMP_DIR -D _REENTRANT -D DEBUG -U NDEBUG -D _DEFAULT_SOURCE -D _BSD_SOURCE -D _POSIX_SOURCE -D SDB_MEASURE_USE_TEMP_DIR -D _REENTRANT -D NSS_DISABLE_SSE3 -D NSS_NO_INIT_SUPPORT -D USE_UTIL_DIRECTLY -D NO_NSPR_10_SUPPORT -D SSL_DISABLE_DEPRECATED_CIPHER_SUITE_NAMES -I ../../../dist/Linux4.19_x86_64_gcc_glibc_PTH_64_DBG.OBJ/include -I ../../../dist/public/nss -I ../../../dist/private/nss -I ../../../dist/public/seccmd -I ../../../dist/public/dbm -internal-isystem /usr/lib/llvm-18/lib/clang/18/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -std=c99 -ferror-limit 19 -fgnuc-version=4.2.1 -analyzer-output=html -analyzer-config stable-report-filename=true -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2024-05-18-082241-28900-1 -x c remtest.c
1 | |
2 | |
3 | |
4 | |
5 | |
6 | |
7 | |
8 | |
9 | |
10 | |
11 | #include "secutil.h" |
12 | |
13 | #if defined(XP_UNIX) |
14 | #include <unistd.h> |
15 | #else |
16 | #include "ctype.h" /* for isalpha() */ |
17 | #endif |
18 | |
19 | #include <stdio.h> |
20 | #include <string.h> |
21 | #include <stdlib.h> |
22 | #include <errno.h> |
23 | #include <fcntl.h> |
24 | #include <stdarg.h> |
25 | |
26 | #include "nspr.h" |
27 | #include "prio.h" |
28 | #include "prnetdb.h" |
29 | #include "nss.h" |
30 | #include "pk11func.h" |
31 | #include "plgetopt.h" |
32 | |
33 | void |
34 | Usage(char *progName) |
35 | { |
36 | fprintf(stderr, "usage: %s [-d profiledir] -t tokenName [-r]\n", progName); |
37 | exit(1); |
38 | } |
39 | |
40 | int |
41 | main(int argc, char **argv) |
42 | { |
43 | char *certDir = NULL; |
44 | PLOptState *optstate; |
45 | PLOptStatus optstatus; |
46 | SECStatus rv; |
47 | char *tokenName = NULL; |
48 | PRBool cont = PR_TRUE; |
49 | PK11TokenEvent event = PK11TokenPresentEvent; |
50 | PK11TokenStatus status; |
51 | char *progName; |
52 | PK11SlotInfo *slot; |
53 | |
54 | progName = strrchr(argv[0], '/'); |
55 | if (!progName) |
| 1 | Assuming 'progName' is non-null | |
|
56 | progName = strrchr(argv[0], '\\'); |
57 | progName = progName ? progName + 1 : argv[0]; |
| |
| |
58 | |
59 | optstate = PL_CreateOptState(argc, argv, "rd:t:"); |
60 | while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) { |
| 4 | | Assuming the condition is true | |
|
| 5 | | Loop condition is true. Entering loop body | |
|
| 8 | | Execution continues on line 60 | |
|
| 9 | | Potential leak of memory pointed to by 'certDir' |
|
61 | switch (optstate->option) { |
| 6 | | Control jumps to 'case 100:' at line 63 | |
|
62 | |
63 | case 'd': |
64 | certDir = strdup(optstate->value); |
| |
65 | certDir = SECU_ConfigDirectory(certDir); |
66 | break; |
67 | case 't': |
68 | tokenName = strdup(optstate->value); |
69 | break; |
70 | case 'r': |
71 | event = PK11TokenRemovedOrChangedEvent; |
72 | break; |
73 | } |
74 | } |
75 | if (optstatus == PL_OPT_BAD) |
76 | Usage(progName); |
77 | |
78 | if (tokenName == NULL) { |
79 | Usage(progName); |
80 | } |
81 | |
82 | if (!certDir) { |
83 | certDir = SECU_DefaultSSLDir(); |
84 | certDir = SECU_ConfigDirectory(certDir); |
85 | } |
86 | |
87 | PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); |
88 | |
89 | PK11_SetPasswordFunc(SECU_GetModulePassword); |
90 | |
91 | |
92 | rv = NSS_Init(certDir); |
93 | if (rv != SECSuccess) { |
94 | SECU_PrintError(progName, "unable to open cert database"); |
95 | return 1; |
96 | } |
97 | |
98 | printf("Looking up tokenNamed: <%s>\n", tokenName); |
99 | slot = PK11_FindSlotByName(tokenName); |
100 | if (slot == NULL) { |
101 | SECU_PrintError(progName, "unable to find token"); |
102 | return 1; |
103 | } |
104 | |
105 | do { |
106 | status = |
107 | PK11_WaitForTokenEvent(slot, event, PR_INTERVAL_NO_TIMEOUT, 0, 0); |
108 | |
109 | switch (status) { |
110 | case PK11TokenNotRemovable: |
111 | cont = PR_FALSE; |
112 | printf("%s Token Not Removable\n", tokenName); |
113 | break; |
114 | case PK11TokenChanged: |
115 | event = PK11TokenRemovedOrChangedEvent; |
116 | printf("%s Token Changed\n", tokenName); |
117 | break; |
118 | case PK11TokenRemoved: |
119 | event = PK11TokenPresentEvent; |
120 | printf("%s Token Removed\n", tokenName); |
121 | break; |
122 | case PK11TokenPresent: |
123 | event = PK11TokenRemovedOrChangedEvent; |
124 | printf("%s Token Present\n", tokenName); |
125 | break; |
126 | } |
127 | } while (cont); |
128 | |
129 | PK11_FreeSlot(slot); |
130 | |
131 | if (NSS_Shutdown() != SECSuccess) { |
132 | exit(1); |
133 | } |
134 | PR_Cleanup(); |
135 | return 0; |
136 | } |