2025-09-17 16:31
ftp://ftp.de.debian.org/debian/pool/main/b/barada-pam/barada-pam_0.5.3.orig.tar.gz
cppcheck-options: --library=posix --library=gnu --library=bsd --library=boost --library=openssl  --inconclusive --enable=style,information --inline-suppr --template=daca2 --disable=missingInclude --suppress=unmatchedSuppression --check-library --debug-warnings --suppress=autoNoType --suppress=valueFlowBailout --suppress=bailoutUninitVar --suppress=symbolDatabaseWarning --suppress=normalCheckLevelConditionExpressions -D__GNUC__ --platform=unix64 -j1
platform: Linux-6.8.0-83-generic-x86_64-with-glibc2.39
python: 3.12.3
client-version: 1.3.69
compiler: g++ (Ubuntu 14.2.0-4ubuntu2~24.04) 14.2.0
cppcheck: head 2.18.0
head-info: 3e169d6 (2025-09-15 13:38:15 +0200)
count: 44 44
elapsed-time: 0.1 0.3
head-timing-info:

old-timing-info:

head results:
barada-pam-0.5.3/src/HOTP.cpp:83:16: performance:inconclusive: Technically the member function 'HOTP::truncate' can be static (but you may consider moving to unnamed namespace). [functionStatic]
barada-pam-0.5.3/src/HOTP.h:33:12: note: Technically the member function 'HOTP::truncate' can be static (but you may consider moving to unnamed namespace).
barada-pam-0.5.3/src/HOTP.cpp:83:16: note: Technically the member function 'HOTP::truncate' can be static (but you may consider moving to unnamed namespace).
barada-pam-0.5.3/src/HOTP.cpp:79:16: style:inconclusive: Technically the member function 'HOTP::getOneTimePasscode' can be const. [functionConst]
barada-pam-0.5.3/src/HOTP.h:39:12: note: Technically the member function 'HOTP::getOneTimePasscode' can be const.
barada-pam-0.5.3/src/HOTP.cpp:79:16: note: Technically the member function 'HOTP::getOneTimePasscode' can be const.
barada-pam-0.5.3/src/HOTP.cpp:43:10: warning: If memory allocation fails, then there is a possible null pointer dereference: pinActivatedKey [nullPointerOutOfMemory]
barada-pam-0.5.3/src/HOTP.cpp:41:58: note: Assuming allocation function fails
barada-pam-0.5.3/src/HOTP.cpp:41:36: note: Assignment 'pinActivatedKey=(unsigned char*)malloc(pinActivatedKeyLength)', assigned value is 0
barada-pam-0.5.3/src/HOTP.cpp:43:10: note: Null pointer dereference
barada-pam-0.5.3/src/HOTP.cpp:74:10: warning:inconclusive: If memory allocation fails, then there is a possible null pointer dereference: pinActivatedKey [nullPointerOutOfMemory]
barada-pam-0.5.3/src/HOTP.cpp:41:58: note: Assuming allocation function fails
barada-pam-0.5.3/src/HOTP.cpp:41:36: note: Assignment 'pinActivatedKey=(unsigned char*)malloc(pinActivatedKeyLength)', assigned value is 0
barada-pam-0.5.3/src/HOTP.cpp:74:10: note: Null pointer dereference
barada-pam-0.5.3/src/HOTP.cpp:44:47: error: If memory allocation fails: pointer addition with NULL pointer. [nullPointerArithmeticOutOfMemory]
barada-pam-0.5.3/src/HOTP.cpp:41:58: note: Assuming allocation function fails
barada-pam-0.5.3/src/HOTP.cpp:41:36: note: Assignment 'pinActivatedKey=(unsigned char*)malloc(pinActivatedKeyLength)', assigned value is 0
barada-pam-0.5.3/src/HOTP.cpp:44:47: note: Null pointer addition
barada-pam-0.5.3/src/HOTP.cpp:41:36: style: C-style pointer casting [cstyleCast]
barada-pam-0.5.3/src/HOTP.cpp:83:40: style: Parameter 'hmac' can be declared as pointer to const [constParameterPointer]
barada-pam-0.5.3/src/HOTPCredentials.cpp:90:27: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable endl [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/HOTPCredentials.cpp:101:27: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable endl [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/HOTPCredentials.cpp:110:35: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable endl [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/HOTPCredentials.cpp:120:38: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable eofbit [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/HOTPCredentials.cpp:140:34: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable eofbit [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/HOTPCredentials.cpp:157:34: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable eofbit [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/HOTPCredentials.cpp:86:23: style:inconclusive: Technically the member function 'HOTPCredentials::serializePin' can be const. [functionConst]
barada-pam-0.5.3/src/HOTPCredentials.h:45:8: note: Technically the member function 'HOTPCredentials::serializePin' can be const.
barada-pam-0.5.3/src/HOTPCredentials.cpp:86:23: note: Technically the member function 'HOTPCredentials::serializePin' can be const.
barada-pam-0.5.3/src/HOTPCredentials.cpp:96:23: style:inconclusive: Technically the member function 'HOTPCredentials::serializeKey' can be const. [functionConst]
barada-pam-0.5.3/src/HOTPCredentials.h:46:8: note: Technically the member function 'HOTPCredentials::serializeKey' can be const.
barada-pam-0.5.3/src/HOTPCredentials.cpp:96:23: note: Technically the member function 'HOTPCredentials::serializeKey' can be const.
barada-pam-0.5.3/src/HOTPCredentials.cpp:106:23: style:inconclusive: Technically the member function 'HOTPCredentials::serializeCounter' can be const. [functionConst]
barada-pam-0.5.3/src/HOTPCredentials.h:52:8: note: Technically the member function 'HOTPCredentials::serializeCounter' can be const.
barada-pam-0.5.3/src/HOTPCredentials.cpp:106:23: note: Technically the member function 'HOTPCredentials::serializeCounter' can be const.
barada-pam-0.5.3/src/HOTPCredentials.cpp:70:27: style:inconclusive: Technically the member function 'HOTPCredentials::getCounter' can be const. [functionConst]
barada-pam-0.5.3/src/HOTPCredentials.h:54:12: note: Technically the member function 'HOTPCredentials::getCounter' can be const.
barada-pam-0.5.3/src/HOTPCredentials.cpp:70:27: note: Technically the member function 'HOTPCredentials::getCounter' can be const.
barada-pam-0.5.3/src/HOTPCredentials.cpp:74:27: style:inconclusive: Technically the member function 'HOTPCredentials::getPin' can be const. [functionConst]
barada-pam-0.5.3/src/HOTPCredentials.h:55:12: note: Technically the member function 'HOTPCredentials::getPin' can be const.
barada-pam-0.5.3/src/HOTPCredentials.cpp:74:27: note: Technically the member function 'HOTPCredentials::getPin' can be const.
barada-pam-0.5.3/src/HOTPCredentials.cpp:78:39: style:inconclusive: Technically the member function 'HOTPCredentials::getKey' can be const. [functionConst]
barada-pam-0.5.3/src/HOTPCredentials.h:56:24: note: Technically the member function 'HOTPCredentials::getKey' can be const.
barada-pam-0.5.3/src/HOTPCredentials.cpp:78:39: note: Technically the member function 'HOTPCredentials::getKey' can be const.
barada-pam-0.5.3/src/HOTPCredentials.cpp:82:27: style:inconclusive: Technically the member function 'HOTPCredentials::getKeyLength' can be const. [functionConst]
barada-pam-0.5.3/src/HOTPCredentials.h:57:12: note: Technically the member function 'HOTPCredentials::getKeyLength' can be const.
barada-pam-0.5.3/src/HOTPCredentials.cpp:82:27: note: Technically the member function 'HOTPCredentials::getKeyLength' can be const.
barada-pam-0.5.3/src/HOTPCredentials.cpp:47:81: style: Parameter 'key' can be declared as pointer to const [constParameterPointer]
barada-pam-0.5.3/src/HexTest.cpp:17:13: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable stderr [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/Util.cpp:58:20: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable LOG_EMERG [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/Util.cpp:83:42: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable basefield [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/Util.cpp:52:18: style: C-style pointer casting [cstyleCast]
barada-pam-0.5.3/src/Util.cpp:63:73: style: Parameter 'hexString' can be declared as reference to const [constParameterReference]
barada-pam-0.5.3/src/Util.cpp:51:61: style: Parameter 'buf' can be declared as pointer to const [constParameterPointer]
barada-pam-0.5.3/src/barada-add.cpp:45:3: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable cerr [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/barada-add.cpp:60:15: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable stderr [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/barada-add.cpp:74:6: portability: Non reentrant function 'getpwnam' called. For threadsafe applications it is recommended to use the reentrant replacement function 'getpwnam_r'. [prohibitedgetpwnamCalled]
barada-pam-0.5.3/src/barada-add.cpp:63:5: style: Exception should be caught by reference. [catchExceptionByValue]
barada-pam-0.5.3/src/barada-add.cpp:98:3: style: Exception should be caught by reference. [catchExceptionByValue]
barada-pam-0.5.3/src/barada-add.cpp:104:3: style: Exception should be caught by reference. [catchExceptionByValue]
barada-pam-0.5.3/src/barada-add.cpp:44:22: style: Parameter 'name' can be declared as pointer to const [constParameterPointer]
barada-pam-0.5.3/src/pam_barada.cpp:46:31: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PAM_USER [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/pam_barada.cpp:60:32: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PAM_AUTHTOK [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/pam_barada.cpp:73:22: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PAM_PROMPT_ECHO_ON [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/pam_barada.cpp:91:22: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PAM_PROMPT_ECHO_OFF [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/pam_barada.cpp:121:12: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PAM_USER_UNKNOWN [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/pam_barada.cpp:163:15: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PAM_CRED_UNAVAIL [valueFlowBailoutIncompleteVar]
barada-pam-0.5.3/src/pam_barada.cpp:50:20: style: C-style pointer casting [cstyleCast]
barada-pam-0.5.3/src/pam_barada.cpp:65:22: style: C-style pointer casting [cstyleCast]
barada-pam-0.5.3/src/pam_barada.cpp:101:32: style: Variable 'exception' can be declared as reference to const [constVariableReference]
barada-pam-0.5.3/src/pam_barada.cpp:159:22: style: Parameter 'pamh' can be declared as pointer to const [constParameterPointer]
diff:


DONE