2025-05-10 03:34
ftp://ftp.de.debian.org/debian/pool/main/d/duo-unix/duo-unix_1.11.3.orig.tar.gz
cppcheck-options: --library=posix --library=gnu --library=bsd --library=openssl  --inconclusive --enable=style,information --inline-suppr --template=daca2 --disable=missingInclude --suppress=unmatchedSuppression --check-library --debug-warnings --suppress=autoNoType --suppress=valueFlowBailout --suppress=bailoutUninitVar --suppress=symbolDatabaseWarning --suppress=normalCheckLevelConditionExpressions -D__GNUC__ --platform=unix64 -j3
platform: Linux-6.8.0-1022-oracle-aarch64-with-glibc2.39
python: 3.12.3
client-version: 1.3.67
compiler: g++ (Ubuntu 13.3.0-6ubuntu2~24.04) 13.3.0
cppcheck: head 2.17.0
head-info: b3c7f00 (2025-05-09 17:59:20 +0200)
count: 149 146
elapsed-time: 0.7 0.7
head-timing-info:

old-timing-info:

head results:
duo_unix-1.11.3/compat/asprintf.c:80:2: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable errno [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/compat/groupaccess.c:63:12: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable NGROUPS_MAX [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/compat/groupaccess.c:81:13: portability: Non reentrant function 'getgrgid' called. For threadsafe applications it is recommended to use the reentrant replacement function 'getgrgid_r'. [prohibitedgetgrgidCalled]
duo_unix-1.11.3/compat/groupaccess.c:55:16: style: Variable 'gr' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/compat/asprintf.c:48:2: error: va_list 'ap2' used before va_start() was called. [va_list_usedBeforeStarted]
duo_unix-1.11.3/compat/getgrouplist.c:66:16: portability: Non reentrant function 'getgrent' called. For threadsafe applications it is recommended to use the reentrant replacement function 'getgrent_r'. [prohibitedgetgrentCalled]
duo_unix-1.11.3/compat/getgrouplist.c:44:16: style: Variable 'grp' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/compat/vsyslog.c:58:23: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable errno [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/compat/vsyslog.c:84:15: style: Variable 'prlen' is assigned a value that is never used. [unreadVariable]
duo_unix-1.11.3/lib/bson.c:204:22: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable stderr [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/bson.c:690:14: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable stderr [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/duo.c:69:12: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable stdout [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/duo.c:115:30: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable O_RDONLY [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/duo.c:256:23: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable AF_UNSPEC [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/bson.c:175:35: style:inconclusive: Function 'bson_print_raw' argument 1 names different: declaration 'bson' definition 'data'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/bson.h:101:35: note: Function 'bson_print_raw' argument 1 names different: declaration 'bson' definition 'data'.
duo_unix-1.11.3/lib/bson.c:175:35: note: Function 'bson_print_raw' argument 1 names different: declaration 'bson' definition 'data'.
duo_unix-1.11.3/lib/bson.c:533:89: style:inconclusive: Function 'bson_append_bool' argument 3 names different: declaration 'v' definition 'i'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/bson.h:189:89: note: Function 'bson_append_bool' argument 3 names different: declaration 'v' definition 'i'.
duo_unix-1.11.3/lib/bson.c:533:89: note: Function 'bson_append_bool' argument 3 names different: declaration 'v' definition 'i'.
duo_unix-1.11.3/lib/bson.c:553:86: style:inconclusive: Function 'bson_append_string' argument 3 names different: declaration 'str' definition 'value'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/bson.h:184:86: note: Function 'bson_append_string' argument 3 names different: declaration 'str' definition 'value'.
duo_unix-1.11.3/lib/bson.c:553:86: note: Function 'bson_append_string' argument 3 names different: declaration 'str' definition 'value'.
duo_unix-1.11.3/lib/bson.c:556:86: style:inconclusive: Function 'bson_append_symbol' argument 3 names different: declaration 'str' definition 'value'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/bson.h:185:86: note: Function 'bson_append_symbol' argument 3 names different: declaration 'str' definition 'value'.
duo_unix-1.11.3/lib/bson.c:556:86: note: Function 'bson_append_symbol' argument 3 names different: declaration 'str' definition 'value'.
duo_unix-1.11.3/lib/bson.c:559:84: style:inconclusive: Function 'bson_append_code' argument 3 names different: declaration 'str' definition 'value'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/bson.h:186:84: note: Function 'bson_append_code' argument 3 names different: declaration 'str' definition 'value'.
duo_unix-1.11.3/lib/bson.c:559:84: note: Function 'bson_append_code' argument 3 names different: declaration 'str' definition 'value'.
duo_unix-1.11.3/lib/bson.c:171:25: style: Parameter 'b' can be declared as pointer to const [constParameterPointer]
duo_unix-1.11.3/lib/bson.c:466:12: style: Variable 'orig' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/lib/http_parser.c:379:36: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable HPE_OK [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/http_parser.c:1767:25: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable F_CONNECTION_CLOSE [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/http_parser.c:1793:25: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable HTTP_REQUEST [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/https.c:94:9: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable errno [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/https.c:108:14: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable GENERAL_NAME [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/https.c:163:18: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable POLLOUT [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/https.c:198:22: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable POLLOUT [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/https.c:234:23: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable BIO_FLAGS_BASE64_NO_NL [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/https.c:411:28: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable SSL_OP_NO_SSLv2 [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/https.c:490:31: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable errno [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/https.c:651:22: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable SHA_DIGEST_LENGTH [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/http_parser.c:1763:38: style: Parameter 'parser' can be declared as pointer to const [constParameterPointer]
duo_unix-1.11.3/lib/duo.c:490:9: portability: Non reentrant function 'strtok' called. For threadsafe applications it is recommended to use the reentrant replacement function 'strtok_r'. [prohibitedstrtokCalled]
duo_unix-1.11.3/lib/duo.c:215:5: error: Memory leak: p [memleak]
duo_unix-1.11.3/lib/duo.c:147:27: style:inconclusive: Function 'duo_close' argument 1 names different: declaration 'd' definition 'ctx'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/duo.h:77:25: note: Function 'duo_close' argument 1 names different: declaration 'd' definition 'ctx'.
duo_unix-1.11.3/lib/duo.c:147:27: note: Function 'duo_close' argument 1 names different: declaration 'd' definition 'ctx'.
duo_unix-1.11.3/lib/duo.c:175:36: style:inconclusive: Function 'duo_set_conv_funcs' argument 1 names different: declaration 'd' definition 'ctx'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/duo.h:54:12: note: Function 'duo_set_conv_funcs' argument 1 names different: declaration 'd' definition 'ctx'.
duo_unix-1.11.3/lib/duo.c:175:36: note: Function 'duo_set_conv_funcs' argument 1 names different: declaration 'd' definition 'ctx'.
duo_unix-1.11.3/lib/duo.c:178:11: style:inconclusive: Function 'duo_set_conv_funcs' argument 4 names different: declaration 'conv_arg' definition 'arg'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/duo.h:57:11: note: Function 'duo_set_conv_funcs' argument 4 names different: declaration 'conv_arg' definition 'arg'.
duo_unix-1.11.3/lib/duo.c:178:11: note: Function 'duo_set_conv_funcs' argument 4 names different: declaration 'conv_arg' definition 'arg'.
duo_unix-1.11.3/lib/duo.c:186:38: style:inconclusive: Function 'duo_reset_conv_funcs' argument 1 names different: declaration 'd' definition 'ctx'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/duo.h:61:34: note: Function 'duo_reset_conv_funcs' argument 1 names different: declaration 'd' definition 'ctx'.
duo_unix-1.11.3/lib/duo.c:186:38: note: Function 'duo_reset_conv_funcs' argument 1 names different: declaration 'd' definition 'ctx'.
duo_unix-1.11.3/lib/duo.c:379:28: style:inconclusive: Function 'duo_geterr' argument 1 names different: declaration 'd' definition 'ctx'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/duo.h:74:31: note: Function 'duo_geterr' argument 1 names different: declaration 'd' definition 'ctx'.
duo_unix-1.11.3/lib/duo.c:379:28: note: Function 'duo_geterr' argument 1 names different: declaration 'd' definition 'ctx'.
duo_unix-1.11.3/lib/duo.c:505:27: style:inconclusive: Function 'duo_login' argument 1 names different: declaration 'd' definition 'ctx'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/duo.h:65:12: note: Function 'duo_login' argument 1 names different: declaration 'd' definition 'ctx'.
duo_unix-1.11.3/lib/duo.c:505:27: note: Function 'duo_login' argument 1 names different: declaration 'd' definition 'ctx'.
duo_unix-1.11.3/lib/duo.c:567:42: style: Clarify calculation precedence for '&' and '?'. [clarifyCalculation]
duo_unix-1.11.3/lib/duo.c:74:19: style: Parameter 'arg' can be declared as pointer to const. However it seems that '__status_fn' is a callback function, if 'arg' is declared with const you might also need to cast function pointer(s). [constParameterCallback]
duo_unix-1.11.3/lib/duo.c:189:24: note: You might need to cast the function pointer here
duo_unix-1.11.3/lib/duo.c:74:19: note: Parameter 'arg' can be declared as pointer to const
duo_unix-1.11.3/lib/duo.c:449:11: style: Variable 'pos' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/lib/duo.c:246:36: style: Unused variable: p [unusedVariable]
duo_unix-1.11.3/lib/duo.c:347:18: style: Variable 'err' is assigned a value that is never used. [unreadVariable]
duo_unix-1.11.3/lib/duo.c:469:22: style: Variable 'pos' is assigned a value that is never used. [unreadVariable]
duo_unix-1.11.3/lib/duo.c:471:29: style: Variable 'pos' is assigned a value that is never used. [unreadVariable]
duo_unix-1.11.3/lib/testduo.c:25:11: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable stderr [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/testduo.c:64:22: style: Redundant condition: The condition 'code == 0' is redundant since 'code != 1' is sufficient. [redundantCondition]
duo_unix-1.11.3/lib/testduo.c:21:8: style: Variable 'host' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/lib/testduo.c:21:15: style: Variable 'ikey' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/lib/testduo.c:21:22: style: Variable 'skey' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/lib/testduo.c:21:29: style: Variable 'username' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/lib/https.c:457:9: portability: Non reentrant function 'strtok' called. For threadsafe applications it is recommended to use the reentrant replacement function 'strtok_r'. [prohibitedstrtokCalled]
duo_unix-1.11.3/lib/https.c:564:26: portability: Non reentrant function 'strtok' called. For threadsafe applications it is recommended to use the reentrant replacement function 'strtok_r'. [prohibitedstrtokCalled]
duo_unix-1.11.3/lib/https.c:451:33: warning: If memory allocation fails, then there is a possible null pointer dereference: p [nullPointerOutOfMemory]
duo_unix-1.11.3/lib/https.c:449:19: note: Assuming allocation function fails
duo_unix-1.11.3/lib/https.c:449:19: note: Assignment 'p=strdup(http_proxy)', assigned value is 0
duo_unix-1.11.3/lib/https.c:451:33: note: Null pointer dereference
duo_unix-1.11.3/lib/https.c:475:35: style:inconclusive: Function 'https_open' argument 1 names different: declaration 'hp' definition 'reqp'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/https.h:25:32: note: Function 'https_open' argument 1 names different: declaration 'hp' definition 'reqp'.
duo_unix-1.11.3/lib/https.c:475:35: note: Function 'https_open' argument 1 names different: declaration 'hp' definition 'reqp'.
duo_unix-1.11.3/lib/https.c:646:34: style:inconclusive: Function 'https_send' argument 1 names different: declaration 'h' definition 'req'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/https.h:29:14: note: Function 'https_send' argument 1 names different: declaration 'h' definition 'req'.
duo_unix-1.11.3/lib/https.c:646:34: note: Function 'https_send' argument 1 names different: declaration 'h' definition 'req'.
duo_unix-1.11.3/lib/https.c:647:9: style:inconclusive: Function 'https_send' argument 4 names different: declaration 'param_cnt' definition 'argc'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/https.h:32:9: note: Function 'https_send' argument 4 names different: declaration 'param_cnt' definition 'argc'.
duo_unix-1.11.3/lib/https.c:647:9: note: Function 'https_send' argument 4 names different: declaration 'param_cnt' definition 'argc'.
duo_unix-1.11.3/lib/https.c:647:21: style:inconclusive: Function 'https_send' argument 5 names different: declaration 'params' definition 'argv'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/https.h:33:11: note: Function 'https_send' argument 5 names different: declaration 'params' definition 'argv'.
duo_unix-1.11.3/lib/https.c:647:21: note: Function 'https_send' argument 5 names different: declaration 'params' definition 'argv'.
duo_unix-1.11.3/lib/https.c:724:34: style:inconclusive: Function 'https_recv' argument 1 names different: declaration 'h' definition 'req'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/https.h:44:14: note: Function 'https_recv' argument 1 names different: declaration 'h' definition 'req'.
duo_unix-1.11.3/lib/https.c:724:34: note: Function 'https_recv' argument 1 names different: declaration 'h' definition 'req'.
duo_unix-1.11.3/lib/https.c:724:74: style:inconclusive: Function 'https_recv' argument 4 names different: declaration 'length' definition 'len'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/https.h:47:10: note: Function 'https_recv' argument 4 names different: declaration 'length' definition 'len'.
duo_unix-1.11.3/lib/https.c:724:74: note: Function 'https_recv' argument 4 names different: declaration 'length' definition 'len'.
duo_unix-1.11.3/lib/https.c:763:36: style:inconclusive: Function 'https_close' argument 1 names different: declaration 'hp' definition 'reqp'. [funcArgNamesDifferent]
duo_unix-1.11.3/lib/https.h:55:28: note: Function 'https_close' argument 1 names different: declaration 'hp' definition 'reqp'.
duo_unix-1.11.3/lib/https.c:763:36: note: Function 'https_close' argument 1 names different: declaration 'hp' definition 'reqp'.
duo_unix-1.11.3/lib/https.c:360:15: style: Local variable 'ctx' shadows outer variable [shadowVariable]
duo_unix-1.11.3/lib/https.c:55:18: note: Shadowed declaration
duo_unix-1.11.3/lib/https.c:360:15: note: Shadow variable
duo_unix-1.11.3/lib/https.c:108:28: warning:inconclusive: Found suspicious operator '*', result is not used. [constStatement]
duo_unix-1.11.3/lib/https.c:180:38: style: Clarify calculation precedence for '&' and '?'. [clarifyCalculation]
duo_unix-1.11.3/lib/https.c:225:38: style: Clarify calculation precedence for '&' and '?'. [clarifyCalculation]
duo_unix-1.11.3/lib/testutil_duo_split_at.c:27:11: style: Variable 'delimiter' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/lib/testutil_duo_split_at.c:29:11: style: Variable 'expected' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/lib/testutil_duo_split_at.c:35:11: style: Variable 'result' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/lib/https.c:486:7: style: Variable 'n' is assigned a value that is never used. [unreadVariable]
duo_unix-1.11.3/lib/util.c:69:21: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable stderr [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/util.c:201:21: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable LOG_ERR [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/util.c:251:17: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable stderr [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/lib/util.c:269:22: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable AF_INET [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/login_duo/login_duo.c:53:14: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable stderr [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/login_duo/login_duo.c:69:21: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable stderr [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/login_duo/login_duo.c:111:53: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable stdout [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/login_duo/login_duo.c:137:42: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable DUO_CONF_DIR [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/login_duo/login_duo.c:360:20: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable _DEFAULT_SHELL [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/login_duo/login_duo.c:399:22: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PACKAGE_VERSION [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/login_duo/login_duo.c:425:27: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable optarg [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/login_duo/login_duo.c:132:15: portability: Non reentrant function 'getpwuid' called. For threadsafe applications it is recommended to use the reentrant replacement function 'getpwuid_r'. [prohibitedgetpwuidCalled]
duo_unix-1.11.3/login_duo/login_duo.c:231:18: portability: Non reentrant function 'strtok' called. For threadsafe applications it is recommended to use the reentrant replacement function 'strtok_r'. [prohibitedstrtokCalled]
duo_unix-1.11.3/login_duo/login_duo.c:354:15: portability: Non reentrant function 'getpwuid' called. For threadsafe applications it is recommended to use the reentrant replacement function 'getpwuid_r'. [prohibitedgetpwuidCalled]
duo_unix-1.11.3/login_duo/login_duo.c:450:19: portability: Non reentrant function 'getpwnam' called. For threadsafe applications it is recommended to use the reentrant replacement function 'getpwnam_r'. [prohibitedgetpwnamCalled]
duo_unix-1.11.3/login_duo/login_duo.c:77:28: style: Parameter 'arg' can be declared as pointer to const. However it seems that '__autopush_status_fn' is a callback function, if 'arg' is declared with const you might also need to cast function pointer(s). [constParameterCallback]
duo_unix-1.11.3/login_duo/login_duo.c:260:39: note: You might need to cast the function pointer here
duo_unix-1.11.3/login_duo/login_duo.c:77:28: note: Parameter 'arg' can be declared as pointer to const
duo_unix-1.11.3/login_duo/login_duo.c:346:27: style: Parameter 'ctx' can be declared as pointer to const [constParameterPointer]
duo_unix-1.11.3/login_duo/login_duo.c:348:20: style: Variable 'pw' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/login_duo/login_duo.c:412:20: style: Variable 'pw' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/login_duo/login_duo.c:479:15: style: Variable 'cmd' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/pam_duo/pam_duo.c:79:20: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable LOG_ERR [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/pam_duo/pam_duo.c:96:41: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PAM_PROMPT_ECHO_ON [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/pam_duo/pam_duo.c:130:14: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable DUO_CONF_DIR [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/pam_duo/pam_duo.c:322:13: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PAM_SUCCESS [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/pam_duo/pam_duo.c:329:13: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PAM_SUCCESS [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/pam_duo/pam_duo.c:336:13: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PAM_SUCCESS [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/pam_duo/pam_duo.c:343:13: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PAM_SUCCESS [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/pam_duo/pam_duo.c:350:13: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PAM_SERVICE_ERR [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/pam_duo/pam_duo.c:179:15: portability: Non reentrant function 'getpwnam' called. For threadsafe applications it is recommended to use the reentrant replacement function 'getpwnam_r'. [prohibitedgetpwnamCalled]
duo_unix-1.11.3/pam_duo/pam_duo.c:202:19: portability: Non reentrant function 'getpwuid' called. For threadsafe applications it is recommended to use the reentrant replacement function 'getpwuid_r'. [prohibitedgetpwuidCalled]
duo_unix-1.11.3/pam_duo/pam_duo.c:319:30: style: Parameter 'pamh' can be declared as pointer to const [constParameterPointer]
duo_unix-1.11.3/pam_duo/pam_duo.c:326:32: style: Parameter 'pamh' can be declared as pointer to const [constParameterPointer]
duo_unix-1.11.3/pam_duo/pam_duo.c:333:35: style: Parameter 'pamh' can be declared as pointer to const [constParameterPointer]
duo_unix-1.11.3/pam_duo/pam_duo.c:340:36: style: Parameter 'pamh' can be declared as pointer to const [constParameterPointer]
duo_unix-1.11.3/pam_duo/pam_duo.c:347:32: style: Parameter 'pamh' can be declared as pointer to const [constParameterPointer]
duo_unix-1.11.3/lib/ini.c:108:35: style: Condition '*start!=';'' is always true [knownConditionTrueFalse]
duo_unix-1.11.3/pam_duo/pam_duo_private.c:12:13: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable duo_debug [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/pam_duo/pam_extra.c:96:33: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PAM_CONV [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/tests/groups_preload.c:66:32: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable pw_uid [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/tests/groups_preload.c:79:32: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable gr_gid [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/pam_duo/pam_extra.c:123:9: error: Uninitialized variable: __xx__ [legacyUninitvar]
duo_unix-1.11.3/tests/groups_preload.c:49:15: style: Variable 'p' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/tests/groups_preload.c:114:23: style: Variable 'gr' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/tests/login_duo_preload.c:47:27: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable RTLD_NEXT [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/tests/login_duo_preload.c:60:52: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable AF_INET [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/tests/login_duo_preload.c:76:34: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable RTLD_NEXT [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/tests/login_duo_preload.c:93:32: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable RTLD_NEXT [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/tests/login_duo_preload.c:118:32: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable pw_uid [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/tests/login_duo_preload.c:33:15: style: Variable 't' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/tests/login_duo_preload.c:40:15: style: Variable 't' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/tests/login_duo_preload.c:61:33: style: Variable 'addr_in' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/tests/login_duo_preload.c:101:15: style: Variable 'p' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/tests/testpam.c:28:11: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable PAM_MAX_RESP_SIZE [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/tests/testpam.c:99:11: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable stderr [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/tests/testpam_preload.c:119:32: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable RTLD_NEXT [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/tests/testpam_preload.c:149:18: portability: Non reentrant function 'getpwuid' called. For threadsafe applications it is recommended to use the reentrant replacement function 'getpwuid_r'. [prohibitedgetpwuidCalled]
duo_unix-1.11.3/tests/testpam_preload.c:84:15: style: Variable 't' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/tests/testpam.c:85:19: style: Parameter 'pamh' can be declared as pointer to const [constParameterPointer]
duo_unix-1.11.3/lib/util.c:72:25: portability: Non reentrant function 'strtok' called. For threadsafe applications it is recommended to use the reentrant replacement function 'strtok_r'. [prohibitedstrtokCalled]
duo_unix-1.11.3/lib/util.c:72:72: portability: Non reentrant function 'strtok' called. For threadsafe applications it is recommended to use the reentrant replacement function 'strtok_r'. [prohibitedstrtokCalled]
duo_unix-1.11.3/lib/util.c:83:28: portability: Non reentrant function 'strtok' called. For threadsafe applications it is recommended to use the reentrant replacement function 'strtok_r'. [prohibitedstrtokCalled]
duo_unix-1.11.3/lib/util.c:87:25: warning:inconclusive: If memory allocation fails, then there is a possible null pointer dereference: tmpString [nullPointerOutOfMemory]
duo_unix-1.11.3/lib/util.c:85:44: note: Assuming allocation function fails
duo_unix-1.11.3/lib/util.c:85:29: note: Assignment 'tmpString=(char*)malloc(new_length)', assigned value is 0
duo_unix-1.11.3/lib/util.c:87:25: note: Null pointer dereference
duo_unix-1.11.3/lib/util.c:54:28: style: Variable 'nextWord' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/lib/util.c:239:11: style: Variable 'n' is assigned a value that is never used. [unreadVariable]
duo_unix-1.11.3/tests/unity_tests/bson_iter_init_test.c:37:11: style: Variable 'expected_error_msg' can be declared as pointer to const [constVariablePointer]
duo_unix-1.11.3/tests/unity_tests/bson_iter_init_test.c:37:30: style: Variable 'expected_error_msg' is assigned a value that is never used. [unreadVariable]
duo_unix-1.11.3/tests/unity_tests/bson_iter_init_test.c:37:11: style: Variable 'expected_error_msg' is assigned a value that is never used. [unreadVariable]
duo_unix-1.11.3/tests/unity_tests/common_ini_failmode_test.c:8:29: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable DUO_FAIL_SAFE [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/tests/unity_tests/common_ini_failmode_test.c:18:29: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable DUO_FAIL_SECURE [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/tests/unity_tests/common_ini_string_options.c:104:32: style: Variable 'expected_value' is assigned a value that is never used. [unreadVariable]
duo_unix-1.11.3/tests/unity_tests/common_ini_string_options.c:104:17: style: Variable 'expected_value' is assigned a value that is never used. [unreadVariable]
duo_unix-1.11.3/tests/unity_tests/pam_argv_parse_test.c:36:5: debug: valueFlowConditionExpressions bailout: Skipping function due to incomplete variable duo_debug [valueFlowBailoutIncompleteVar]
duo_unix-1.11.3/tests/unity_tests/Unity-2.4.3/src/unity.c:176:39: style:inconclusive: Function 'UnityPrintNumber' argument 1 names different: declaration 'number' definition 'number_to_print'. [funcArgNamesDifferent]
duo_unix-1.11.3/tests/unity_tests/Unity-2.4.3/src/unity_internals.h:445:39: note: Function 'UnityPrintNumber' argument 1 names different: declaration 'number' definition 'number_to_print'.
duo_unix-1.11.3/tests/unity_tests/Unity-2.4.3/src/unity.c:176:39: note: Function 'UnityPrintNumber' argument 1 names different: declaration 'number' definition 'number_to_print'.
duo_unix-1.11.3/tests/unity_tests/Unity-2.4.3/src/unity.c:210:62: style:inconclusive: Function 'UnityPrintNumberHex' argument 2 names different: declaration 'nibbles' definition 'nibbles_to_print'. [funcArgNamesDifferent]
duo_unix-1.11.3/tests/unity_tests/Unity-2.4.3/src/unity_internals.h:447:62: note: Function 'UnityPrintNumberHex' argument 2 names different: declaration 'nibbles' definition 'nibbles_to_print'.
duo_unix-1.11.3/tests/unity_tests/Unity-2.4.3/src/unity.c:210:62: note: Function 'UnityPrintNumberHex' argument 2 names different: declaration 'nibbles' definition 'nibbles_to_print'.
duo_unix-1.11.3/tests/unity_tests/Unity-2.4.3/src/unity.c:1280:28: style:inconclusive: Function 'UnityFail' argument 1 names different: declaration 'message' definition 'msg'. [funcArgNamesDifferent]
duo_unix-1.11.3/tests/unity_tests/Unity-2.4.3/src/unity_internals.h:521:28: note: Function 'UnityFail' argument 1 names different: declaration 'message' definition 'msg'.
duo_unix-1.11.3/tests/unity_tests/Unity-2.4.3/src/unity.c:1280:28: note: Function 'UnityFail' argument 1 names different: declaration 'message' definition 'msg'.
duo_unix-1.11.3/tests/unity_tests/Unity-2.4.3/src/unity.c:1314:30: style:inconclusive: Function 'UnityIgnore' argument 1 names different: declaration 'message' definition 'msg'. [funcArgNamesDifferent]
duo_unix-1.11.3/tests/unity_tests/Unity-2.4.3/src/unity_internals.h:523:30: note: Function 'UnityIgnore' argument 1 names different: declaration 'message' definition 'msg'.
duo_unix-1.11.3/tests/unity_tests/Unity-2.4.3/src/unity.c:1314:30: note: Function 'UnityIgnore' argument 1 names different: declaration 'message' definition 'msg'.
duo_unix-1.11.3/tests/unity_tests/Unity-2.4.3/src/unity.c:1090:20: style: Variable 'i' is assigned a value that is never used. [unreadVariable]
diff:
head duo_unix-1.11.3/lib/util.c:72:72: portability: Non reentrant function 'strtok' called. For threadsafe applications it is recommended to use the reentrant replacement function 'strtok_r'. [prohibitedstrtokCalled]
head duo_unix-1.11.3/tests/unity_tests/bson_iter_init_test.c:37:11: style: Variable 'expected_error_msg' is assigned a value that is never used. [unreadVariable]
head duo_unix-1.11.3/tests/unity_tests/common_ini_string_options.c:104:17: style: Variable 'expected_value' is assigned a value that is never used. [unreadVariable]


DONE