diff --git a/src/lib/parser-json-sarif.cc b/src/lib/parser-json-sarif.cc index 0e71e72..a2639ed 100644 --- a/src/lib/parser-json-sarif.cc +++ b/src/lib/parser-json-sarif.cc @@ -23,6 +23,7 @@ #include "regex.hh" #include +#include struct SarifTreeDecoder::Private { void updateCweMap(const pt::ptree *driverNode); @@ -360,7 +361,10 @@ static void expandRelativePaths(Defect *pDef, const std::string &pwd) default: // prepend `pwd` to relative path - fileName = pwd + fileName; + boost::filesystem::path fullPath = pwd + fileName; + + // convert "/a/b/../c" to "a/c" + fileName = fullPath.lexically_normal().string(); } } } diff --git a/tests/csgrep/0133-sarif-gcc-pwd-args.txt b/tests/csgrep/0133-sarif-gcc-pwd-args.txt new file mode 100644 index 0000000..e69de29 diff --git a/tests/csgrep/0133-sarif-gcc-pwd-stdin.txt b/tests/csgrep/0133-sarif-gcc-pwd-stdin.txt new file mode 100644 index 0000000..64e7763 --- /dev/null +++ b/tests/csgrep/0133-sarif-gcc-pwd-stdin.txt @@ -0,0 +1,2322 @@ +{"$schema": "https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/os/schemas/sarif-schema-2.1.0.json", + "version": "2.1.0", + "runs": [{"tool": {"driver": {"name": "GNU C99", + "fullName": "GNU C99 (GCC) version 15.0.1 20250418 (Red Hat 15.0.1-0) (x86_64-redhat-linux)", + "version": "15.0.1 20250418 (Red Hat 15.0.1-0)", + "informationUri": "https://gcc.gnu.org/gcc-15/", + "rules": [{"id": "-Wanalyzer-out-of-bounds", + "helpUri": "https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-out-of-bounds"}, + {"id": "-Wanalyzer-malloc-leak", + "helpUri": "https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-malloc-leak"}]}}, + "taxonomies": [{"name": "CWE", + "version": "4.7", + "organization": "MITRE", + "shortDescription": {"text": "The MITRE Common Weakness Enumeration"}, + "taxa": [{"id": "127", + "helpUri": "https://cwe.mitre.org/data/definitions/127.html"}, + {"id": "401", + "helpUri": "https://cwe.mitre.org/data/definitions/401.html"}]}], + "invocations": [{"arguments": ["/usr/libexec/gcc/x86_64-redhat-linux/15/cc1", + "-quiet", + "-I", + "lsusb.p", + "-I", + ".", + "-I", + "..", + "-I", + "/usr/include/libusb-1.0", + "-D", + "_FILE_OFFSET_BITS=64", + "-include", + "config.h", + "../usbmisc.c", + "-quiet", + "-dumpbase", + "usbmisc.c", + "-dumpbase-ext", + ".c", + "-m64", + "-mtune=generic", + "-march=x86-64", + "-O2", + "-Wno-cast-align", + "-Wno-unused-parameter", + "-Wno-unused-function", + "-Wno-deprecated-declarations", + "-Wno-unknown-pragmas", + "-std=gnu99", + "-flto=auto", + "-ffat-lto-objects", + "-fexceptions", + "-fstack-protector-strong", + "-fasynchronous-unwind-tables", + "-fstack-clash-protection", + "-fcf-protection=full", + "-fno-omit-frame-pointer", + "-fanalyzer", + "-fdiagnostics-path-format=separate-events", + "-fno-diagnostics-show-caret", + "-fno-lto", + "-fdiagnostics-text-art-charset=none", + "-fdiagnostics-set-output=sarif:file=/builddir/gcc-results/418-t9rZ.sarif", + "-o", + "/tmp/ccIUPc5z.s"], + "workingDirectory": {"uri": "/builddir/build/BUILD/usbutils-018-build/usbutils-018/redhat-linux-build"}, + "startTimeUtc": "2025-04-25T16:10:48Z", + "executionSuccessful": true, + "toolExecutionNotifications": [], + "endTimeUtc": "2025-04-25T16:10:48Z"}], + "originalUriBaseIds": {"PWD": {"uri": "file:///builddir/build/BUILD/usbutils-018-build/usbutils-018/redhat-linux-build/"}}, + "artifacts": [{"location": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "sourceLanguage": "c", + "contents": {"text": "// SPDX-License-Identifier: GPL-2.0-or-later\n/*\n * Misc USB routines\n *\n * Copyright (C) 2003 Aurelien Jarno (aurelien@aurel32.net)\n */\n#include \n#include \n#include \n#include \n#include \n#include \n#include \n\n#include \"usbmisc.h\"\n\n/* ---------------------------------------------------------------------- */\n\nstatic const char *devbususb = \"/dev/bus/usb\";\n\n/* ---------------------------------------------------------------------- */\n\nstatic int readlink_recursive(const char *path, char *buf, size_t bufsize)\n{\n\tchar temp[PATH_MAX + 1];\n\tchar *ptemp;\n\tint ret;\n\n\tret = readlink(path, buf, bufsize-1);\n\n\tif (ret > 0) {\n\t\tbuf[ret] = 0;\n\t\tif (*buf != '/') {\n\t\t\tstrncpy(temp, path, sizeof(temp) - 1);\n\t\t\tptemp = temp + strlen(temp);\n\t\t\twhile (*ptemp != '/' && ptemp != temp)\n\t\t\t\tptemp--;\n\t\t\tptemp++;\n\t\t\tstrncpy(ptemp, buf, bufsize + temp - ptemp - 1);\n\t\t} else\n\t\t\tstrncpy(temp, buf, sizeof(temp) - 1);\n\t\treturn readlink_recursive(temp, buf, bufsize);\n\t} else {\n\t\tstrncpy(buf, path, bufsize);\n\t\tbuf[bufsize - 1] = 0;\n\t\treturn strlen(buf);\n\t}\n}\n\nstatic char *get_absolute_path(const char *path, char *result,\n\t\t\t size_t result_size)\n{\n\tconst char *ppath;\t/* pointer on the input string */\n\tchar *presult;\t\t/* pointer on the output string */\n\n\tppath = path;\n\tpresult = result;\n\tresult[0] = 0;\n\n\tif (path == NULL)\n\t\treturn result;\n\n\tif (*ppath != '/') {\n\t\tresult = getcwd(result, result_size);\n\t\tpresult += strlen(result);\n\t\tresult_size -= strlen(result);\n\n\t\t*presult++ = '/';\n\t\tresult_size--;\n\t}\n\n\twhile (*ppath != 0 && result_size > 1) {\n\t\tif (*ppath == '/') {\n\t\t\tdo\n\t\t\t\tppath++;\n\t\t\twhile (*ppath == '/');\n\t\t\t*presult++ = '/';\n\t\t\tresult_size--;\n\t\t} else if (*ppath == '.' && *(ppath + 1) == '.' &&\n\t\t\t *(ppath + 2) == '/' && *(presult - 1) == '/') {\n\t\t\tif ((presult - 1) != result) {\n\t\t\t\t/* go one directory upper */\n\t\t\t\tdo {\n\t\t\t\t\tpresult--;\n\t\t\t\t\tresult_size++;\n\t\t\t\t} while (*(presult - 1) != '/');\n\t\t\t}\n\t\t\tppath += 3;\n\t\t} else if (*ppath == '.' &&\n\t\t\t *(ppath + 1) == '/' &&\n\t\t\t *(presult - 1) == '/') {\n\t\t\tppath += 2;\n\t\t} else {\n\t\t\t*presult++ = *ppath++;\n\t\t\tresult_size--;\n\t\t}\n\t}\n\t/* Don't forget to mark the end of the string! */\n\t*presult = 0;\n\n\treturn result;\n}\n\nlibusb_device *get_usb_device(libusb_context *ctx, const char *path)\n{\n\tlibusb_device **list;\n\tlibusb_device *dev;\n\tssize_t num_devs, i;\n\tchar device_path[PATH_MAX + 1];\n\tchar absolute_path[PATH_MAX + 1];\n\n\treadlink_recursive(path, device_path, sizeof(device_path));\n\tget_absolute_path(device_path, absolute_path, sizeof(absolute_path));\n\n\tdev = NULL;\n\tnum_devs = libusb_get_device_list(ctx, &list);\n\n\tfor (i = 0; i < num_devs; ++i) {\n\t\tuint8_t bnum = libusb_get_bus_number(list[i]);\n\t\tuint8_t dnum = libusb_get_device_address(list[i]);\n\n\t\tsnprintf(device_path, sizeof(device_path), \"%s/%03u/%03u\",\n\t\t\t devbususb, bnum, dnum);\n\t\tif (!strcmp(device_path, absolute_path)) {\n\t\t\tdev = list[i];\n\t\t\tbreak;\n\t\t}\n\t}\n\n\tlibusb_free_device_list(list, 1);\n\treturn dev;\n}\n\nstatic char *get_dev_string_ascii(libusb_device_handle *dev, size_t size,\n uint8_t id)\n{\n\tchar *buf = malloc(size);\n\tint ret = libusb_get_string_descriptor_ascii(dev, id,\n\t (unsigned char *) buf,\n\t size);\n\n\tif (ret < 0) {\n\t\tfree(buf);\n\t\treturn strdup(\"(error)\");\n\t}\n\n\treturn buf;\n}\n\nstatic uint16_t get_any_langid(libusb_device_handle *dev)\n{\n\tunsigned char buf[4];\n\tint ret = libusb_get_string_descriptor(dev, 0, 0, buf, sizeof buf);\n\n\tif (ret != sizeof buf)\n\t\treturn 0;\n\treturn buf[2] | (buf[3] << 8);\n}\n\nstatic char *usb_string_to_native(char * str, size_t len)\n{\n\tsize_t num_converted;\n\ticonv_t conv;\n\tchar *result, *result_end;\n\tsize_t in_bytes_left, out_bytes_left;\n\n\tconv = iconv_open(nl_langinfo(CODESET), \"UTF-16LE\");\n\n\tif (conv == (iconv_t) -1)\n\t\treturn NULL;\n\n\tin_bytes_left = len * 2;\n\tout_bytes_left = len * MB_CUR_MAX;\n\tresult = result_end = malloc(out_bytes_left + 1);\n\n\tnum_converted = iconv(conv, &str, &in_bytes_left,\n\t &result_end, &out_bytes_left);\n\n\ticonv_close(conv);\n\tif (num_converted == (size_t) -1) {\n\t\tfree(result);\n\t\treturn NULL;\n\t}\n\n\t*result_end = 0;\n\treturn result;\n}\n\nchar *get_dev_string(libusb_device_handle *dev, uint8_t id)\n{\n\tint ret;\n\tchar *buf, unicode_buf[254];\n\tuint16_t langid;\n\n\tif (!dev || !id)\n\t\treturn strdup(\"\");\n\n\tlangid = get_any_langid(dev);\n\tif (!langid)\n\t\treturn strdup(\"(error)\");\n\n\t/*\n\t * Some devices lie about their string size, so initialize\n\t * the buffer with all 0 to account for that.\n\t */\n\tmemset(unicode_buf, 0x00, sizeof(unicode_buf));\n\n\tret = libusb_get_string_descriptor(dev, id, langid,\n\t (unsigned char *) unicode_buf,\n\t sizeof unicode_buf);\n\tif (ret < 2) return strdup(\"(error)\");\n\n\tif ((unsigned char)unicode_buf[0] < 2 || unicode_buf[1] != LIBUSB_DT_STRING)\n\t\treturn strdup(\"(error)\");\n\n\tbuf = usb_string_to_native(unicode_buf + 2,\n\t ((unsigned char) unicode_buf[0] - 2) / 2);\n\tif (!buf)\n\t\treturn get_dev_string_ascii(dev, 127, id);\n\n\treturn buf;\n}\n"}, + "roles": ["analysisTarget", + "tracedFile"]}], + "results": [{"ruleId": "-Wanalyzer-out-of-bounds", + "taxa": [{"id": "127", + "toolComponent": {"name": "cwe"}}], + "properties": {"gcc/analyzer/saved_diagnostic/enode": 1408, + "gcc/analyzer/saved_diagnostic/snode": 58, + "gcc/analyzer/saved_diagnostic/stmt": "_9 = MEM[(char *)presult_23 + -1B];", + "gcc/analyzer/saved_diagnostic/idx": 10, + "gcc/analyzer/saved_diagnostic/duplicates": [{"properties": {"gcc/analyzer/saved_diagnostic/enode": 1197, + "gcc/analyzer/saved_diagnostic/snode": 58, + "gcc/analyzer/saved_diagnostic/stmt": "_9 = MEM[(char *)presult_23 + -1B];", + "gcc/analyzer/saved_diagnostic/idx": 5, + "gcc/analyzer/pending_diagnostic/kind": "concrete_buffer_under_read", + "gcc/analyzer/out_of_bounds/dir": "read", + "gcc/analyzer/out_of_bounds/model": {"store": {"root region": {"(*INIT_VAL(ctx_24(D)))": {"escaped": true, + "touched": true, + "map": {"region: (*INIT_VAL(ctx_24(D)))": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(ctx_24(D))))"}}, + "(*INIT_VAL(path_21(D)))": {"escaped": true, + "touched": true, + "map": {"byte 0": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(path_21(D))))"}}}, + "frame: ‘get_usb_device’@1": {"device_path": {"escaped": true, + "touched": true, + "map": {"bytes 0-4095": "UNKNOWN()", + "byte 4096": "(char)0"}}, + "absolute_path": {"escaped": false, + "touched": false, + "map": {"byte 0": "(char)0"}}}, + "frame: ‘get_absolute_path’@2": {"result_52": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "result_size_18": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "(size_t)4097"}}, + "ppath_20": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&device_path"}}, + "presult_23": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "_15": {"escaped": false, + "touched": false, + "map": {"byte 0": "UNKNOWN(const char)"}}, + "_9": {"escaped": false, + "touched": false, + "map": {"byte 0": "INIT_VAL(absolute_path+(char *)-1B)"}}}, + "called_unknown_fn": true}, + "constraints": {"ecs": [{"svals": ["&device_path"]}, + {"svals": ["&absolute_path"]}, + {"svals": ["(void *)0B"], + "constant": "‘0B’"}, + {"svals": ["(&device_path+(long unsigned int)4096)"]}], + "constraints": [{"lhs": 0, + "op": "!=", + "rhs": 2}, + {"lhs": 1, + "op": "!=", + "rhs": 2}, + {"lhs": 3, + "op": "!=", + "rhs": 2}], + "bounded_ranges_constraints": []}, + "current_frame": "frame: ‘get_absolute_path’@2", + "dynamic_extents": {}}, + "gcc/analyzer/out_of_bounds/region": "absolute_path+(char *)-1B", + "gcc/analyzer/out_of_bounds/diag_arg": "absolute_path", + "gcc/analyzer/out_of_bounds/region_creation_event_id": null, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bits": {"start_bit_offset": "-8", + "size_in_bits": "8"}, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bytes": {"start_byte_offset": "-1", + "size_in_bytes": "1"}}}, + {"properties": {"gcc/analyzer/saved_diagnostic/enode": 1197, + "gcc/analyzer/saved_diagnostic/snode": 58, + "gcc/analyzer/saved_diagnostic/stmt": "_9 = MEM[(char *)presult_23 + -1B];", + "gcc/analyzer/saved_diagnostic/idx": 4, + "gcc/analyzer/pending_diagnostic/kind": "concrete_buffer_under_read", + "gcc/analyzer/out_of_bounds/dir": "read", + "gcc/analyzer/out_of_bounds/model": {"store": {"root region": {"(*INIT_VAL(ctx_24(D)))": {"escaped": true, + "touched": true, + "map": {"region: (*INIT_VAL(ctx_24(D)))": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(ctx_24(D))))"}}, + "(*INIT_VAL(path_21(D)))": {"escaped": true, + "touched": true, + "map": {"byte 0": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(path_21(D))))"}}}, + "frame: ‘get_usb_device’@1": {"device_path": {"escaped": true, + "touched": true, + "map": {"bytes 0-4095": "UNKNOWN()", + "byte 4096": "(char)0"}}, + "absolute_path": {"escaped": false, + "touched": false, + "map": {"byte 0": "(char)0"}}}, + "frame: ‘get_absolute_path’@2": {"result_52": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "result_size_18": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "(size_t)4097"}}, + "ppath_20": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&device_path"}}, + "presult_23": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "_15": {"escaped": false, + "touched": false, + "map": {"byte 0": "UNKNOWN(const char)"}}}, + "called_unknown_fn": true}, + "constraints": {"ecs": [{"svals": ["&device_path"]}, + {"svals": ["&absolute_path"]}, + {"svals": ["(void *)0B"], + "constant": "‘0B’"}, + {"svals": ["(&device_path+(long unsigned int)4096)"]}], + "constraints": [{"lhs": 0, + "op": "!=", + "rhs": 2}, + {"lhs": 1, + "op": "!=", + "rhs": 2}, + {"lhs": 3, + "op": "!=", + "rhs": 2}], + "bounded_ranges_constraints": []}, + "current_frame": "frame: ‘get_absolute_path’@2", + "dynamic_extents": {}}, + "gcc/analyzer/out_of_bounds/region": "absolute_path+(char *)-1B", + "gcc/analyzer/out_of_bounds/diag_arg": "absolute_path", + "gcc/analyzer/out_of_bounds/region_creation_event_id": null, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bits": {"start_bit_offset": "-8", + "size_in_bits": "8"}, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bytes": {"start_byte_offset": "-1", + "size_in_bytes": "1"}}}, + {"properties": {"gcc/analyzer/saved_diagnostic/enode": 1408, + "gcc/analyzer/saved_diagnostic/snode": 58, + "gcc/analyzer/saved_diagnostic/stmt": "_9 = MEM[(char *)presult_23 + -1B];", + "gcc/analyzer/saved_diagnostic/idx": 11, + "gcc/analyzer/pending_diagnostic/kind": "concrete_buffer_under_read", + "gcc/analyzer/out_of_bounds/dir": "read", + "gcc/analyzer/out_of_bounds/model": {"store": {"root region": {"(*INIT_VAL(ctx_24(D)))": {"escaped": true, + "touched": true, + "map": {"region: (*INIT_VAL(ctx_24(D)))": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(ctx_24(D))))"}}, + "(*INIT_VAL(path_21(D)))": {"escaped": true, + "touched": true, + "map": {"byte 0": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(path_21(D))))"}}}, + "frame: ‘get_usb_device’@1": {"device_path": {"escaped": true, + "touched": true, + "map": {"bytes 0-4095": "BITS_WITHIN(bytes 0-4095, inner_val: SUB(CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(path_21(D)))), SIZED_REG((*INIT_VAL(path_21(D))), (size_t)4097)))", + "byte 4096": "(char)0"}}, + "absolute_path": {"escaped": false, + "touched": false, + "map": {"byte 0": "(char)0"}}}, + "frame: ‘get_absolute_path’@2": {"result_52": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "result_size_18": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "(size_t)4097"}}, + "ppath_20": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&device_path"}}, + "presult_23": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "_15": {"escaped": false, + "touched": false, + "map": {"byte 0": "UNKNOWN(const char)"}}, + "_9": {"escaped": false, + "touched": false, + "map": {"byte 0": "INIT_VAL(absolute_path+(char *)-1B)"}}}, + "called_unknown_fn": true}, + "constraints": {"ecs": [{"svals": ["&device_path"]}, + {"svals": ["&absolute_path"]}, + {"svals": ["(void *)0B"], + "constant": "‘0B’"}, + {"svals": ["INIT_VAL(path_21(D))"]}, + {"svals": ["(&device_path+(long unsigned int)4096)"]}], + "constraints": [{"lhs": 0, + "op": "!=", + "rhs": 2}, + {"lhs": 1, + "op": "!=", + "rhs": 2}, + {"lhs": 3, + "op": "!=", + "rhs": 2}, + {"lhs": 4, + "op": "!=", + "rhs": 2}], + "bounded_ranges_constraints": []}, + "current_frame": "frame: ‘get_absolute_path’@2", + "dynamic_extents": {}}, + "gcc/analyzer/out_of_bounds/region": "absolute_path+(char *)-1B", + "gcc/analyzer/out_of_bounds/diag_arg": "absolute_path", + "gcc/analyzer/out_of_bounds/region_creation_event_id": null, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bits": {"start_bit_offset": "-8", + "size_in_bits": "8"}, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bytes": {"start_byte_offset": "-1", + "size_in_bytes": "1"}}}], + "gcc/analyzer/pending_diagnostic/kind": "concrete_buffer_under_read", + "gcc/analyzer/out_of_bounds/dir": "read", + "gcc/analyzer/out_of_bounds/model": {"store": {"root region": {"(*INIT_VAL(ctx_24(D)))": {"escaped": true, + "touched": true, + "map": {"region: (*INIT_VAL(ctx_24(D)))": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(ctx_24(D))))"}}, + "(*INIT_VAL(path_21(D)))": {"escaped": true, + "touched": true, + "map": {"byte 0": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(path_21(D))))"}}}, + "frame: ‘get_usb_device’@1": {"device_path": {"escaped": true, + "touched": true, + "map": {"bytes 0-4095": "BITS_WITHIN(bytes 0-4095, inner_val: SUB(CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(path_21(D)))), SIZED_REG((*INIT_VAL(path_21(D))), (size_t)4097)))", + "byte 4096": "(char)0"}}, + "absolute_path": {"escaped": false, + "touched": false, + "map": {"byte 0": "(char)0"}}}, + "frame: ‘get_absolute_path’@2": {"result_52": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "result_size_18": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "(size_t)4097"}}, + "ppath_20": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&device_path"}}, + "presult_23": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "_15": {"escaped": false, + "touched": false, + "map": {"byte 0": "UNKNOWN(const char)"}}}, + "called_unknown_fn": true}, + "constraints": {"ecs": [{"svals": ["&device_path"]}, + {"svals": ["&absolute_path"]}, + {"svals": ["(void *)0B"], + "constant": "‘0B’"}, + {"svals": ["INIT_VAL(path_21(D))"]}, + {"svals": ["(&device_path+(long unsigned int)4096)"]}], + "constraints": [{"lhs": 0, + "op": "!=", + "rhs": 2}, + {"lhs": 1, + "op": "!=", + "rhs": 2}, + {"lhs": 3, + "op": "!=", + "rhs": 2}, + {"lhs": 4, + "op": "!=", + "rhs": 2}], + "bounded_ranges_constraints": []}, + "current_frame": "frame: ‘get_absolute_path’@2", + "dynamic_extents": {}}, + "gcc/analyzer/out_of_bounds/region": "absolute_path+(char *)-1B", + "gcc/analyzer/out_of_bounds/diag_arg": "absolute_path", + "gcc/analyzer/out_of_bounds/region_creation_event_id": "(2)", + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bits": {"start_bit_offset": "-8", + "size_in_bits": "8"}, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bytes": {"start_byte_offset": "-1", + "size_in_bytes": "1"}}, + "level": "warning", + "message": {"text": "stack-based buffer under-read"}, + "locations": [{"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 80, + "startColumn": 51, + "endColumn": 65}, + "contextRegion": {"startLine": 80, + "snippet": {"text": "\t\t\t *(ppath + 2) == '/' && *(presult - 1) == '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}]}], + "codeFlows": [{"threadFlows": [{"id": "main", + "locations": [{"properties": {"gcc/analyzer/checker_event/emission_id": "(1)", + "gcc/analyzer/checker_event/kind": "EK_FUNCTION_ENTRY"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 104, + "startColumn": 16, + "endColumn": 30}, + "contextRegion": {"startLine": 104, + "snippet": {"text": "libusb_device *get_usb_device(libusb_context *ctx, const char *path)\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "entry to ‘get_usb_device’"}}, + "kinds": ["enter", + "function"], + "nestingLevel": 1, + "executionOrder": 1}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(2)", + "gcc/analyzer/checker_event/kind": "EK_REGION_CREATION"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 110, + "startColumn": 14, + "endColumn": 27}, + "contextRegion": {"startLine": 110, + "snippet": {"text": "\tchar absolute_path[PATH_MAX + 1];\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "capacity: 4097 bytes"}}, + "nestingLevel": 1, + "executionOrder": 2}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(3)", + "gcc/analyzer/checker_event/kind": "EK_CALL_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CALL", + "src_idx": 37, + "dst_idx": 76, + "desc": "call"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 112, + "startColumn": 9, + "endColumn": 67}, + "contextRegion": {"startLine": 112, + "snippet": {"text": "\treadlink_recursive(path, device_path, sizeof(device_path));\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "calling ‘readlink_recursive’ from ‘get_usb_device’"}}, + "kinds": ["call", + "function"], + "nestingLevel": 1, + "executionOrder": 3}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(4)", + "gcc/analyzer/checker_event/kind": "EK_FUNCTION_ENTRY"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 23, + "startColumn": 12, + "endColumn": 30}, + "contextRegion": {"startLine": 23, + "snippet": {"text": "static int readlink_recursive(const char *path, char *buf, size_t bufsize)\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "entry to ‘readlink_recursive’"}}, + "kinds": ["enter", + "function"], + "nestingLevel": 2, + "executionOrder": 4}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(5)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 77, + "dst_idx": 87, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 31, + "startColumn": 12, + "endColumn": 13}, + "contextRegion": {"startLine": 31, + "snippet": {"text": "\tif (ret > 0) {\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "following ‘false’ branch (when ‘ret <= 0’)..."}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 5}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(6)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 77, + "dst_idx": 87, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 44, + "startColumn": 17, + "endColumn": 44}, + "contextRegion": {"startLine": 44, + "snippet": {"text": "\t\tstrncpy(buf, path, bufsize);\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 6}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(7)", + "gcc/analyzer/checker_event/kind": "EK_CUSTOM"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 44, + "startColumn": 17, + "endColumn": 44}, + "contextRegion": {"startLine": 44, + "snippet": {"text": "\t\tstrncpy(buf, path, bufsize);\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "when ‘strncpy’ truncates the source string"}}, + "nestingLevel": 2, + "executionOrder": 7}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(8)", + "gcc/analyzer/checker_event/kind": "EK_RETURN_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_RETURN", + "src_idx": 89, + "dst_idx": 38, + "desc": "return"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 112, + "startColumn": 9, + "endColumn": 67}, + "contextRegion": {"startLine": 112, + "snippet": {"text": "\treadlink_recursive(path, device_path, sizeof(device_path));\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "returning to ‘get_usb_device’ from ‘readlink_recursive’"}}, + "kinds": ["return", + "function"], + "nestingLevel": 1, + "executionOrder": 8}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(9)", + "gcc/analyzer/checker_event/kind": "EK_CALL_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CALL", + "src_idx": 38, + "dst_idx": 46, + "desc": "call"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 113, + "startColumn": 9, + "endColumn": 77}, + "contextRegion": {"startLine": 113, + "snippet": {"text": "\tget_absolute_path(device_path, absolute_path, sizeof(absolute_path));\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "calling ‘get_absolute_path’ from ‘get_usb_device’"}}, + "kinds": ["call", + "function"], + "nestingLevel": 1, + "executionOrder": 9}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(10)", + "gcc/analyzer/checker_event/kind": "EK_FUNCTION_ENTRY"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 50, + "startColumn": 14, + "endColumn": 31}, + "contextRegion": {"startLine": 50, + "snippet": {"text": "static char *get_absolute_path(const char *path, char *result,\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "entry to ‘get_absolute_path’"}}, + "kinds": ["enter", + "function"], + "nestingLevel": 2, + "executionOrder": 10}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(11)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 47, + "dst_idx": 48, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 60, + "startColumn": 12, + "endColumn": 13}, + "contextRegion": {"startLine": 60, + "snippet": {"text": "\tif (path == NULL)\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘false’ branch (when ‘path’ is non-NULL)..."}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 11}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(12)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 47, + "dst_idx": 48, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 63, + "startColumn": 13, + "endColumn": 19}, + "contextRegion": {"startLine": 63, + "snippet": {"text": "\tif (*ppath != '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 12}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(13)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 48, + "dst_idx": 69, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 63, + "startColumn": 12, + "endColumn": 13}, + "contextRegion": {"startLine": 63, + "snippet": {"text": "\tif (*ppath != '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘false’ branch..."}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 13}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(14)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 48, + "dst_idx": 69, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 14}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(15)", + "gcc/analyzer/checker_event/kind": "EK_START_CONSOLIDATED_CFG_EDGES"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 72, + "startColumn": 16, + "endColumn": 46}, + "contextRegion": {"startLine": 72, + "snippet": {"text": "\twhile (*ppath != 0 && result_size > 1) {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘true’ branch..."}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 15}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(16)", + "gcc/analyzer/checker_event/kind": "EK_END_CONSOLIDATED_CFG_EDGES"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 73, + "startColumn": 20, + "endColumn": 21}, + "contextRegion": {"startLine": 73, + "snippet": {"text": "\t\tif (*ppath == '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "nestingLevel": 2, + "executionOrder": 16}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(17)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 50, + "dst_idx": 55, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 73, + "startColumn": 20, + "endColumn": 21}, + "contextRegion": {"startLine": 73, + "snippet": {"text": "\t\tif (*ppath == '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘false’ branch..."}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 17}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(18)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 50, + "dst_idx": 55, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 79, + "startColumn": 27, + "endColumn": 28}, + "contextRegion": {"startLine": 79, + "snippet": {"text": "\t\t} else if (*ppath == '.' && *(ppath + 1) == '.' &&\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 18}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(19)", + "gcc/analyzer/checker_event/kind": "EK_START_CONSOLIDATED_CFG_EDGES"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 79, + "startColumn": 27, + "endColumn": 28}, + "contextRegion": {"startLine": 79, + "snippet": {"text": "\t\t} else if (*ppath == '.' && *(ppath + 1) == '.' &&\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘true’ branch..."}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 19}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(20)", + "gcc/analyzer/checker_event/kind": "EK_END_CONSOLIDATED_CFG_EDGES"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 80, + "startColumn": 51, + "endColumn": 65}, + "contextRegion": {"startLine": 80, + "snippet": {"text": "\t\t\t *(ppath + 2) == '/' && *(presult - 1) == '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "nestingLevel": 2, + "executionOrder": 20}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(21)", + "gcc/analyzer/checker_event/kind": "EK_WARNING"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 80, + "startColumn": 51, + "endColumn": 65}, + "contextRegion": {"startLine": 80, + "snippet": {"text": "\t\t\t *(ppath + 2) == '/' && *(presult - 1) == '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "out-of-bounds read at byte -1 but ‘absolute_path’ starts at byte 0"}}, + "kinds": ["danger"], + "nestingLevel": 2, + "executionOrder": 21}]}]}], + "relatedLocations": [{"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 80, + "startColumn": 51, + "endColumn": 65}, + "contextRegion": {"startLine": 80, + "snippet": {"text": "\t\t\t *(ppath + 2) == '/' && *(presult - 1) == '/') {\n"}}}, + "message": {"text": "valid subscripts for ‘absolute_path’ are ‘[0]’ to ‘[4096]’"}, + "properties": {"nestingLevel": 0}}]}, + {"ruleId": "-Wanalyzer-out-of-bounds", + "taxa": [{"id": "127", + "toolComponent": {"name": "cwe"}}], + "properties": {"gcc/analyzer/saved_diagnostic/enode": 1207, + "gcc/analyzer/saved_diagnostic/snode": 61, + "gcc/analyzer/saved_diagnostic/stmt": "_11 = MEM[(char *)presult_39 + -1B];", + "gcc/analyzer/saved_diagnostic/idx": 6, + "gcc/analyzer/saved_diagnostic/duplicates": [{"properties": {"gcc/analyzer/saved_diagnostic/enode": 1207, + "gcc/analyzer/saved_diagnostic/snode": 61, + "gcc/analyzer/saved_diagnostic/stmt": "_11 = MEM[(char *)presult_39 + -1B];", + "gcc/analyzer/saved_diagnostic/idx": 7, + "gcc/analyzer/pending_diagnostic/kind": "concrete_buffer_under_read", + "gcc/analyzer/out_of_bounds/dir": "read", + "gcc/analyzer/out_of_bounds/model": {"store": {"root region": {"(*INIT_VAL(ctx_24(D)))": {"escaped": true, + "touched": true, + "map": {"region: (*INIT_VAL(ctx_24(D)))": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(ctx_24(D))))"}}, + "(*INIT_VAL(path_21(D)))": {"escaped": true, + "touched": true, + "map": {"byte 0": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(path_21(D))))"}}}, + "frame: ‘get_usb_device’@1": {"device_path": {"escaped": true, + "touched": true, + "map": {"bytes 0-4095": "UNKNOWN()", + "byte 4096": "(char)0"}}, + "absolute_path": {"escaped": false, + "touched": false, + "map": {"byte 0": "(char)0"}}}, + "frame: ‘get_absolute_path’@2": {"result_52": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "ppath_20": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&device_path"}}, + "presult_39": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "(&absolute_path+(sizetype)18446744073709551615)"}}, + "result_size_40": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "(size_t)4098"}}, + "_11": {"escaped": false, + "touched": false, + "map": {"byte 0": "INIT_VAL(absolute_path+(char *)-2B)"}}}, + "called_unknown_fn": true}, + "constraints": {"ecs": [{"svals": ["&device_path"]}, + {"svals": ["&absolute_path"]}, + {"svals": ["(void *)0B"], + "constant": "‘0B’"}, + {"svals": ["(&device_path+(long unsigned int)4096)"]}, + {"svals": ["(&absolute_path+(sizetype)18446744073709551615)"]}], + "constraints": [{"lhs": 0, + "op": "!=", + "rhs": 2}, + {"lhs": 1, + "op": "!=", + "rhs": 2}, + {"lhs": 3, + "op": "!=", + "rhs": 2}, + {"lhs": 4, + "op": "!=", + "rhs": 1}, + {"lhs": 4, + "op": "!=", + "rhs": 2}], + "bounded_ranges_constraints": []}, + "current_frame": "frame: ‘get_absolute_path’@2", + "dynamic_extents": {}}, + "gcc/analyzer/out_of_bounds/region": "absolute_path+(char *)-2B", + "gcc/analyzer/out_of_bounds/diag_arg": "absolute_path", + "gcc/analyzer/out_of_bounds/region_creation_event_id": null, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bits": {"start_bit_offset": "-16", + "size_in_bits": "8"}, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bytes": {"start_byte_offset": "-2", + "size_in_bytes": "1"}}}], + "gcc/analyzer/pending_diagnostic/kind": "concrete_buffer_under_read", + "gcc/analyzer/out_of_bounds/dir": "read", + "gcc/analyzer/out_of_bounds/model": {"store": {"root region": {"(*INIT_VAL(ctx_24(D)))": {"escaped": true, + "touched": true, + "map": {"region: (*INIT_VAL(ctx_24(D)))": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(ctx_24(D))))"}}, + "(*INIT_VAL(path_21(D)))": {"escaped": true, + "touched": true, + "map": {"byte 0": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(path_21(D))))"}}}, + "frame: ‘get_usb_device’@1": {"device_path": {"escaped": true, + "touched": true, + "map": {"bytes 0-4095": "UNKNOWN()", + "byte 4096": "(char)0"}}, + "absolute_path": {"escaped": false, + "touched": false, + "map": {"byte 0": "(char)0"}}}, + "frame: ‘get_absolute_path’@2": {"result_52": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "ppath_20": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&device_path"}}, + "presult_39": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "(&absolute_path+(sizetype)18446744073709551615)"}}, + "result_size_40": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "(size_t)4098"}}}, + "called_unknown_fn": true}, + "constraints": {"ecs": [{"svals": ["&device_path"]}, + {"svals": ["&absolute_path"]}, + {"svals": ["(void *)0B"], + "constant": "‘0B’"}, + {"svals": ["(&device_path+(long unsigned int)4096)"]}, + {"svals": ["(&absolute_path+(sizetype)18446744073709551615)"]}], + "constraints": [{"lhs": 0, + "op": "!=", + "rhs": 2}, + {"lhs": 1, + "op": "!=", + "rhs": 2}, + {"lhs": 3, + "op": "!=", + "rhs": 2}, + {"lhs": 4, + "op": "!=", + "rhs": 1}, + {"lhs": 4, + "op": "!=", + "rhs": 2}], + "bounded_ranges_constraints": []}, + "current_frame": "frame: ‘get_absolute_path’@2", + "dynamic_extents": {}}, + "gcc/analyzer/out_of_bounds/region": "absolute_path+(char *)-2B", + "gcc/analyzer/out_of_bounds/diag_arg": "absolute_path", + "gcc/analyzer/out_of_bounds/region_creation_event_id": "(2)", + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bits": {"start_bit_offset": "-16", + "size_in_bits": "8"}, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bytes": {"start_byte_offset": "-2", + "size_in_bytes": "1"}}, + "level": "warning", + "message": {"text": "stack-based buffer under-read"}, + "locations": [{"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 86, + "startColumn": 42, + "endColumn": 56}, + "contextRegion": {"startLine": 86, + "snippet": {"text": "\t\t\t\t} while (*(presult - 1) != '/');\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}]}], + "codeFlows": [{"threadFlows": [{"id": "main", + "locations": [{"properties": {"gcc/analyzer/checker_event/emission_id": "(1)", + "gcc/analyzer/checker_event/kind": "EK_FUNCTION_ENTRY"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 104, + "startColumn": 16, + "endColumn": 30}, + "contextRegion": {"startLine": 104, + "snippet": {"text": "libusb_device *get_usb_device(libusb_context *ctx, const char *path)\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "entry to ‘get_usb_device’"}}, + "kinds": ["enter", + "function"], + "nestingLevel": 1, + "executionOrder": 1}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(2)", + "gcc/analyzer/checker_event/kind": "EK_REGION_CREATION"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 110, + "startColumn": 14, + "endColumn": 27}, + "contextRegion": {"startLine": 110, + "snippet": {"text": "\tchar absolute_path[PATH_MAX + 1];\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "capacity: 4097 bytes"}}, + "nestingLevel": 1, + "executionOrder": 2}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(3)", + "gcc/analyzer/checker_event/kind": "EK_CALL_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CALL", + "src_idx": 37, + "dst_idx": 76, + "desc": "call"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 112, + "startColumn": 9, + "endColumn": 67}, + "contextRegion": {"startLine": 112, + "snippet": {"text": "\treadlink_recursive(path, device_path, sizeof(device_path));\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "calling ‘readlink_recursive’ from ‘get_usb_device’"}}, + "kinds": ["call", + "function"], + "nestingLevel": 1, + "executionOrder": 3}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(4)", + "gcc/analyzer/checker_event/kind": "EK_FUNCTION_ENTRY"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 23, + "startColumn": 12, + "endColumn": 30}, + "contextRegion": {"startLine": 23, + "snippet": {"text": "static int readlink_recursive(const char *path, char *buf, size_t bufsize)\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "entry to ‘readlink_recursive’"}}, + "kinds": ["enter", + "function"], + "nestingLevel": 2, + "executionOrder": 4}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(5)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 77, + "dst_idx": 78, + "desc": "true (flags TRUE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 31, + "startColumn": 12, + "endColumn": 13}, + "contextRegion": {"startLine": 31, + "snippet": {"text": "\tif (ret > 0) {\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "following ‘true’ branch (when ‘ret > 0’)..."}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 5}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(6)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 77, + "dst_idx": 78, + "desc": "true (flags TRUE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 32, + "startColumn": 20, + "endColumn": 21}, + "contextRegion": {"startLine": 32, + "snippet": {"text": "\t\tbuf[ret] = 0;\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 6}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(7)", + "gcc/analyzer/checker_event/kind": "EK_CUSTOM"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 34, + "startColumn": 25, + "endColumn": 62}, + "contextRegion": {"startLine": 34, + "snippet": {"text": "\t\t\tstrncpy(temp, path, sizeof(temp) - 1);\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "when ‘strncpy’ copies the full source string"}}, + "nestingLevel": 2, + "executionOrder": 7}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(8)", + "gcc/analyzer/checker_event/kind": "EK_CUSTOM"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 39, + "startColumn": 25, + "endColumn": 72}, + "contextRegion": {"startLine": 39, + "snippet": {"text": "\t\t\tstrncpy(ptemp, buf, bufsize + temp - ptemp - 1);\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "when ‘strncpy’ truncates the source string"}}, + "nestingLevel": 2, + "executionOrder": 8}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(9)", + "gcc/analyzer/checker_event/kind": "EK_CALL_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CALL", + "src_idx": 85, + "dst_idx": 76, + "desc": "call"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 42, + "startColumn": 24, + "endColumn": 62}, + "contextRegion": {"startLine": 42, + "snippet": {"text": "\t\treturn readlink_recursive(temp, buf, bufsize);\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "calling ‘readlink_recursive’ from ‘readlink_recursive’"}}, + "kinds": ["call", + "function"], + "nestingLevel": 2, + "executionOrder": 9}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(10)", + "gcc/analyzer/checker_event/kind": "EK_FUNCTION_ENTRY"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 23, + "startColumn": 12, + "endColumn": 30}, + "contextRegion": {"startLine": 23, + "snippet": {"text": "static int readlink_recursive(const char *path, char *buf, size_t bufsize)\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "entry to ‘readlink_recursive’"}}, + "kinds": ["enter", + "function"], + "nestingLevel": 3, + "executionOrder": 10}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(11)", + "gcc/analyzer/checker_event/kind": "EK_CUSTOM"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 44, + "startColumn": 17, + "endColumn": 44}, + "contextRegion": {"startLine": 44, + "snippet": {"text": "\t\tstrncpy(buf, path, bufsize);\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "when ‘strncpy’ truncates the source string"}}, + "nestingLevel": 3, + "executionOrder": 11}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(12)", + "gcc/analyzer/checker_event/kind": "EK_RETURN_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_RETURN", + "src_idx": 89, + "dst_idx": 86, + "desc": "return"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 42, + "startColumn": 24, + "endColumn": 62}, + "contextRegion": {"startLine": 42, + "snippet": {"text": "\t\treturn readlink_recursive(temp, buf, bufsize);\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "returning to ‘readlink_recursive’ from ‘readlink_recursive’"}}, + "kinds": ["return", + "function"], + "nestingLevel": 2, + "executionOrder": 12}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(13)", + "gcc/analyzer/checker_event/kind": "EK_RETURN_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_RETURN", + "src_idx": 89, + "dst_idx": 38, + "desc": "return"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 112, + "startColumn": 9, + "endColumn": 67}, + "contextRegion": {"startLine": 112, + "snippet": {"text": "\treadlink_recursive(path, device_path, sizeof(device_path));\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "returning to ‘get_usb_device’ from ‘readlink_recursive’"}}, + "kinds": ["return", + "function"], + "nestingLevel": 1, + "executionOrder": 13}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(14)", + "gcc/analyzer/checker_event/kind": "EK_CALL_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CALL", + "src_idx": 38, + "dst_idx": 46, + "desc": "call"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 113, + "startColumn": 9, + "endColumn": 77}, + "contextRegion": {"startLine": 113, + "snippet": {"text": "\tget_absolute_path(device_path, absolute_path, sizeof(absolute_path));\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "calling ‘get_absolute_path’ from ‘get_usb_device’"}}, + "kinds": ["call", + "function"], + "nestingLevel": 1, + "executionOrder": 14}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(15)", + "gcc/analyzer/checker_event/kind": "EK_FUNCTION_ENTRY"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 50, + "startColumn": 14, + "endColumn": 31}, + "contextRegion": {"startLine": 50, + "snippet": {"text": "static char *get_absolute_path(const char *path, char *result,\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "entry to ‘get_absolute_path’"}}, + "kinds": ["enter", + "function"], + "nestingLevel": 2, + "executionOrder": 15}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(16)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 47, + "dst_idx": 48, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 60, + "startColumn": 12, + "endColumn": 13}, + "contextRegion": {"startLine": 60, + "snippet": {"text": "\tif (path == NULL)\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘false’ branch (when ‘path’ is non-NULL)..."}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 16}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(17)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 47, + "dst_idx": 48, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 63, + "startColumn": 13, + "endColumn": 19}, + "contextRegion": {"startLine": 63, + "snippet": {"text": "\tif (*ppath != '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 17}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(18)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 48, + "dst_idx": 69, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 63, + "startColumn": 12, + "endColumn": 13}, + "contextRegion": {"startLine": 63, + "snippet": {"text": "\tif (*ppath != '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘false’ branch..."}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 18}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(19)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 48, + "dst_idx": 69, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 19}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(20)", + "gcc/analyzer/checker_event/kind": "EK_START_CONSOLIDATED_CFG_EDGES"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 72, + "startColumn": 16, + "endColumn": 46}, + "contextRegion": {"startLine": 72, + "snippet": {"text": "\twhile (*ppath != 0 && result_size > 1) {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘true’ branch..."}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 20}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(21)", + "gcc/analyzer/checker_event/kind": "EK_END_CONSOLIDATED_CFG_EDGES"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 73, + "startColumn": 20, + "endColumn": 21}, + "contextRegion": {"startLine": 73, + "snippet": {"text": "\t\tif (*ppath == '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "nestingLevel": 2, + "executionOrder": 21}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(22)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 50, + "dst_idx": 55, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 73, + "startColumn": 20, + "endColumn": 21}, + "contextRegion": {"startLine": 73, + "snippet": {"text": "\t\tif (*ppath == '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘false’ branch..."}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 22}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(23)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 50, + "dst_idx": 55, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 79, + "startColumn": 27, + "endColumn": 28}, + "contextRegion": {"startLine": 79, + "snippet": {"text": "\t\t} else if (*ppath == '.' && *(ppath + 1) == '.' &&\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 23}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(24)", + "gcc/analyzer/checker_event/kind": "EK_START_CONSOLIDATED_CFG_EDGES"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 79, + "startColumn": 27, + "endColumn": 28}, + "contextRegion": {"startLine": 79, + "snippet": {"text": "\t\t} else if (*ppath == '.' && *(ppath + 1) == '.' &&\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘true’ branch..."}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 24}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(25)", + "gcc/analyzer/checker_event/kind": "EK_END_CONSOLIDATED_CFG_EDGES"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 80, + "startColumn": 51, + "endColumn": 65}, + "contextRegion": {"startLine": 80, + "snippet": {"text": "\t\t\t *(ppath + 2) == '/' && *(presult - 1) == '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "nestingLevel": 2, + "executionOrder": 25}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(26)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 58, + "dst_idx": 59, + "desc": "true (flags TRUE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 79, + "startColumn": 28, + "endLine": 80, + "endColumn": 72}, + "contextRegion": {"startLine": 79, + "endLine": 80, + "snippet": {"text": "\t\t} else if (*ppath == '.' && *(ppath + 1) == '.' &&\n\t\t\t *(ppath + 2) == '/' && *(presult - 1) == '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘true’ branch..."}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 26}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(27)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 58, + "dst_idx": 59, + "desc": "true (flags TRUE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 81, + "startColumn": 29, + "endColumn": 42}, + "contextRegion": {"startLine": 81, + "snippet": {"text": "\t\t\tif ((presult - 1) != result) {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 27}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(28)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 59, + "dst_idx": 60, + "desc": "true (flags TRUE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 81, + "startColumn": 28, + "endColumn": 29}, + "contextRegion": {"startLine": 81, + "snippet": {"text": "\t\t\tif ((presult - 1) != result) {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘true’ branch..."}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 28}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(29)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 59, + "dst_idx": 60, + "desc": "true (flags TRUE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 29}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(30)", + "gcc/analyzer/checker_event/kind": "EK_WARNING"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 86, + "startColumn": 42, + "endColumn": 56}, + "contextRegion": {"startLine": 86, + "snippet": {"text": "\t\t\t\t} while (*(presult - 1) != '/');\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "out-of-bounds read at byte -2 but ‘absolute_path’ starts at byte 0"}}, + "kinds": ["danger"], + "nestingLevel": 2, + "executionOrder": 30}]}]}], + "relatedLocations": [{"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 86, + "startColumn": 42, + "endColumn": 56}, + "contextRegion": {"startLine": 86, + "snippet": {"text": "\t\t\t\t} while (*(presult - 1) != '/');\n"}}}, + "message": {"text": "valid subscripts for ‘absolute_path’ are ‘[0]’ to ‘[4096]’"}, + "properties": {"nestingLevel": 0}}]}, + {"ruleId": "-Wanalyzer-out-of-bounds", + "taxa": [{"id": "127", + "toolComponent": {"name": "cwe"}}], + "properties": {"gcc/analyzer/saved_diagnostic/enode": 1429, + "gcc/analyzer/saved_diagnostic/snode": 66, + "gcc/analyzer/saved_diagnostic/stmt": "_14 = MEM[(char *)presult_23 + -1B];", + "gcc/analyzer/saved_diagnostic/idx": 12, + "gcc/analyzer/saved_diagnostic/duplicates": [{"properties": {"gcc/analyzer/saved_diagnostic/enode": 1233, + "gcc/analyzer/saved_diagnostic/snode": 66, + "gcc/analyzer/saved_diagnostic/stmt": "_14 = MEM[(char *)presult_23 + -1B];", + "gcc/analyzer/saved_diagnostic/idx": 9, + "gcc/analyzer/pending_diagnostic/kind": "concrete_buffer_under_read", + "gcc/analyzer/out_of_bounds/dir": "read", + "gcc/analyzer/out_of_bounds/model": {"store": {"root region": {"(*INIT_VAL(ctx_24(D)))": {"escaped": true, + "touched": true, + "map": {"region: (*INIT_VAL(ctx_24(D)))": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(ctx_24(D))))"}}, + "(*INIT_VAL(path_21(D)))": {"escaped": true, + "touched": true, + "map": {"byte 0": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(path_21(D))))"}}}, + "frame: ‘get_usb_device’@1": {"device_path": {"escaped": true, + "touched": true, + "map": {"bytes 0-4095": "UNKNOWN()", + "byte 4096": "(char)0"}}, + "absolute_path": {"escaped": false, + "touched": false, + "map": {"byte 0": "(char)0"}}}, + "frame: ‘get_absolute_path’@2": {"result_52": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "result_size_18": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "(size_t)4097"}}, + "ppath_20": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&device_path"}}, + "presult_23": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "_15": {"escaped": false, + "touched": false, + "map": {"byte 0": "UNKNOWN(const char)"}}, + "_14": {"escaped": false, + "touched": false, + "map": {"byte 0": "INIT_VAL(absolute_path+(char *)-1B)"}}}, + "called_unknown_fn": true}, + "constraints": {"ecs": [{"svals": ["&device_path"]}, + {"svals": ["&absolute_path"]}, + {"svals": ["(void *)0B"], + "constant": "‘0B’"}, + {"svals": ["(&device_path+(long unsigned int)4096)"]}], + "constraints": [{"lhs": 0, + "op": "!=", + "rhs": 2}, + {"lhs": 1, + "op": "!=", + "rhs": 2}, + {"lhs": 3, + "op": "!=", + "rhs": 2}], + "bounded_ranges_constraints": []}, + "current_frame": "frame: ‘get_absolute_path’@2", + "dynamic_extents": {}}, + "gcc/analyzer/out_of_bounds/region": "absolute_path+(char *)-1B", + "gcc/analyzer/out_of_bounds/diag_arg": "absolute_path", + "gcc/analyzer/out_of_bounds/region_creation_event_id": null, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bits": {"start_bit_offset": "-8", + "size_in_bits": "8"}, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bytes": {"start_byte_offset": "-1", + "size_in_bytes": "1"}}}, + {"properties": {"gcc/analyzer/saved_diagnostic/enode": 1233, + "gcc/analyzer/saved_diagnostic/snode": 66, + "gcc/analyzer/saved_diagnostic/stmt": "_14 = MEM[(char *)presult_23 + -1B];", + "gcc/analyzer/saved_diagnostic/idx": 8, + "gcc/analyzer/pending_diagnostic/kind": "concrete_buffer_under_read", + "gcc/analyzer/out_of_bounds/dir": "read", + "gcc/analyzer/out_of_bounds/model": {"store": {"root region": {"(*INIT_VAL(ctx_24(D)))": {"escaped": true, + "touched": true, + "map": {"region: (*INIT_VAL(ctx_24(D)))": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(ctx_24(D))))"}}, + "(*INIT_VAL(path_21(D)))": {"escaped": true, + "touched": true, + "map": {"byte 0": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(path_21(D))))"}}}, + "frame: ‘get_usb_device’@1": {"device_path": {"escaped": true, + "touched": true, + "map": {"bytes 0-4095": "UNKNOWN()", + "byte 4096": "(char)0"}}, + "absolute_path": {"escaped": false, + "touched": false, + "map": {"byte 0": "(char)0"}}}, + "frame: ‘get_absolute_path’@2": {"result_52": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "result_size_18": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "(size_t)4097"}}, + "ppath_20": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&device_path"}}, + "presult_23": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "_15": {"escaped": false, + "touched": false, + "map": {"byte 0": "UNKNOWN(const char)"}}}, + "called_unknown_fn": true}, + "constraints": {"ecs": [{"svals": ["&device_path"]}, + {"svals": ["&absolute_path"]}, + {"svals": ["(void *)0B"], + "constant": "‘0B’"}, + {"svals": ["(&device_path+(long unsigned int)4096)"]}], + "constraints": [{"lhs": 0, + "op": "!=", + "rhs": 2}, + {"lhs": 1, + "op": "!=", + "rhs": 2}, + {"lhs": 3, + "op": "!=", + "rhs": 2}], + "bounded_ranges_constraints": []}, + "current_frame": "frame: ‘get_absolute_path’@2", + "dynamic_extents": {}}, + "gcc/analyzer/out_of_bounds/region": "absolute_path+(char *)-1B", + "gcc/analyzer/out_of_bounds/diag_arg": "absolute_path", + "gcc/analyzer/out_of_bounds/region_creation_event_id": null, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bits": {"start_bit_offset": "-8", + "size_in_bits": "8"}, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bytes": {"start_byte_offset": "-1", + "size_in_bytes": "1"}}}, + {"properties": {"gcc/analyzer/saved_diagnostic/enode": 1429, + "gcc/analyzer/saved_diagnostic/snode": 66, + "gcc/analyzer/saved_diagnostic/stmt": "_14 = MEM[(char *)presult_23 + -1B];", + "gcc/analyzer/saved_diagnostic/idx": 13, + "gcc/analyzer/pending_diagnostic/kind": "concrete_buffer_under_read", + "gcc/analyzer/out_of_bounds/dir": "read", + "gcc/analyzer/out_of_bounds/model": {"store": {"root region": {"(*INIT_VAL(ctx_24(D)))": {"escaped": true, + "touched": true, + "map": {"region: (*INIT_VAL(ctx_24(D)))": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(ctx_24(D))))"}}, + "(*INIT_VAL(path_21(D)))": {"escaped": true, + "touched": true, + "map": {"byte 0": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(path_21(D))))"}}}, + "frame: ‘get_usb_device’@1": {"device_path": {"escaped": true, + "touched": true, + "map": {"bytes 0-4095": "BITS_WITHIN(bytes 0-4095, inner_val: SUB(CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(path_21(D)))), SIZED_REG((*INIT_VAL(path_21(D))), (size_t)4097)))", + "byte 4096": "(char)0"}}, + "absolute_path": {"escaped": false, + "touched": false, + "map": {"byte 0": "(char)0"}}}, + "frame: ‘get_absolute_path’@2": {"result_52": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "result_size_18": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "(size_t)4097"}}, + "ppath_20": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&device_path"}}, + "presult_23": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "_15": {"escaped": false, + "touched": false, + "map": {"byte 0": "UNKNOWN(const char)"}}, + "_14": {"escaped": false, + "touched": false, + "map": {"byte 0": "INIT_VAL(absolute_path+(char *)-1B)"}}}, + "called_unknown_fn": true}, + "constraints": {"ecs": [{"svals": ["&device_path"]}, + {"svals": ["&absolute_path"]}, + {"svals": ["(void *)0B"], + "constant": "‘0B’"}, + {"svals": ["INIT_VAL(path_21(D))"]}, + {"svals": ["(&device_path+(long unsigned int)4096)"]}], + "constraints": [{"lhs": 0, + "op": "!=", + "rhs": 2}, + {"lhs": 1, + "op": "!=", + "rhs": 2}, + {"lhs": 3, + "op": "!=", + "rhs": 2}, + {"lhs": 4, + "op": "!=", + "rhs": 2}], + "bounded_ranges_constraints": []}, + "current_frame": "frame: ‘get_absolute_path’@2", + "dynamic_extents": {}}, + "gcc/analyzer/out_of_bounds/region": "absolute_path+(char *)-1B", + "gcc/analyzer/out_of_bounds/diag_arg": "absolute_path", + "gcc/analyzer/out_of_bounds/region_creation_event_id": null, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bits": {"start_bit_offset": "-8", + "size_in_bits": "8"}, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bytes": {"start_byte_offset": "-1", + "size_in_bytes": "1"}}}], + "gcc/analyzer/pending_diagnostic/kind": "concrete_buffer_under_read", + "gcc/analyzer/out_of_bounds/dir": "read", + "gcc/analyzer/out_of_bounds/model": {"store": {"root region": {"(*INIT_VAL(ctx_24(D)))": {"escaped": true, + "touched": true, + "map": {"region: (*INIT_VAL(ctx_24(D)))": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(ctx_24(D))))"}}, + "(*INIT_VAL(path_21(D)))": {"escaped": true, + "touched": true, + "map": {"byte 0": "CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(path_21(D))))"}}}, + "frame: ‘get_usb_device’@1": {"device_path": {"escaped": true, + "touched": true, + "map": {"bytes 0-4095": "BITS_WITHIN(bytes 0-4095, inner_val: SUB(CONJURED(_2 = readlink (path_20(D), buf_21(D), _1);, (*INIT_VAL(path_21(D)))), SIZED_REG((*INIT_VAL(path_21(D))), (size_t)4097)))", + "byte 4096": "(char)0"}}, + "absolute_path": {"escaped": false, + "touched": false, + "map": {"byte 0": "(char)0"}}}, + "frame: ‘get_absolute_path’@2": {"result_52": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "result_size_18": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "(size_t)4097"}}, + "ppath_20": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&device_path"}}, + "presult_23": {"escaped": false, + "touched": false, + "map": {"bytes 0-7": "&absolute_path"}}, + "_15": {"escaped": false, + "touched": false, + "map": {"byte 0": "UNKNOWN(const char)"}}}, + "called_unknown_fn": true}, + "constraints": {"ecs": [{"svals": ["&device_path"]}, + {"svals": ["&absolute_path"]}, + {"svals": ["(void *)0B"], + "constant": "‘0B’"}, + {"svals": ["INIT_VAL(path_21(D))"]}, + {"svals": ["(&device_path+(long unsigned int)4096)"]}], + "constraints": [{"lhs": 0, + "op": "!=", + "rhs": 2}, + {"lhs": 1, + "op": "!=", + "rhs": 2}, + {"lhs": 3, + "op": "!=", + "rhs": 2}, + {"lhs": 4, + "op": "!=", + "rhs": 2}], + "bounded_ranges_constraints": []}, + "current_frame": "frame: ‘get_absolute_path’@2", + "dynamic_extents": {}}, + "gcc/analyzer/out_of_bounds/region": "absolute_path+(char *)-1B", + "gcc/analyzer/out_of_bounds/diag_arg": "absolute_path", + "gcc/analyzer/out_of_bounds/region_creation_event_id": "(2)", + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bits": {"start_bit_offset": "-8", + "size_in_bits": "8"}, + "gcc/analyzer/concrete_out_of_bounds/out_of_bounds_bytes": {"start_byte_offset": "-1", + "size_in_bytes": "1"}}, + "level": "warning", + "message": {"text": "stack-based buffer under-read"}, + "locations": [{"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 91, + "startColumn": 28, + "endColumn": 42}, + "contextRegion": {"startLine": 91, + "snippet": {"text": "\t\t\t *(presult - 1) == '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}]}], + "codeFlows": [{"threadFlows": [{"id": "main", + "locations": [{"properties": {"gcc/analyzer/checker_event/emission_id": "(1)", + "gcc/analyzer/checker_event/kind": "EK_FUNCTION_ENTRY"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 104, + "startColumn": 16, + "endColumn": 30}, + "contextRegion": {"startLine": 104, + "snippet": {"text": "libusb_device *get_usb_device(libusb_context *ctx, const char *path)\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "entry to ‘get_usb_device’"}}, + "kinds": ["enter", + "function"], + "nestingLevel": 1, + "executionOrder": 1}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(2)", + "gcc/analyzer/checker_event/kind": "EK_REGION_CREATION"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 110, + "startColumn": 14, + "endColumn": 27}, + "contextRegion": {"startLine": 110, + "snippet": {"text": "\tchar absolute_path[PATH_MAX + 1];\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "capacity: 4097 bytes"}}, + "nestingLevel": 1, + "executionOrder": 2}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(3)", + "gcc/analyzer/checker_event/kind": "EK_CALL_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CALL", + "src_idx": 37, + "dst_idx": 76, + "desc": "call"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 112, + "startColumn": 9, + "endColumn": 67}, + "contextRegion": {"startLine": 112, + "snippet": {"text": "\treadlink_recursive(path, device_path, sizeof(device_path));\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "calling ‘readlink_recursive’ from ‘get_usb_device’"}}, + "kinds": ["call", + "function"], + "nestingLevel": 1, + "executionOrder": 3}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(4)", + "gcc/analyzer/checker_event/kind": "EK_FUNCTION_ENTRY"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 23, + "startColumn": 12, + "endColumn": 30}, + "contextRegion": {"startLine": 23, + "snippet": {"text": "static int readlink_recursive(const char *path, char *buf, size_t bufsize)\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "entry to ‘readlink_recursive’"}}, + "kinds": ["enter", + "function"], + "nestingLevel": 2, + "executionOrder": 4}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(5)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 77, + "dst_idx": 87, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 31, + "startColumn": 12, + "endColumn": 13}, + "contextRegion": {"startLine": 31, + "snippet": {"text": "\tif (ret > 0) {\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "following ‘false’ branch (when ‘ret <= 0’)..."}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 5}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(6)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 77, + "dst_idx": 87, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 44, + "startColumn": 17, + "endColumn": 44}, + "contextRegion": {"startLine": 44, + "snippet": {"text": "\t\tstrncpy(buf, path, bufsize);\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 6}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(7)", + "gcc/analyzer/checker_event/kind": "EK_CUSTOM"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 44, + "startColumn": 17, + "endColumn": 44}, + "contextRegion": {"startLine": 44, + "snippet": {"text": "\t\tstrncpy(buf, path, bufsize);\n"}}}, + "logicalLocations": [{"name": "readlink_recursive", + "fullyQualifiedName": "readlink_recursive", + "decoratedName": "readlink_recursive", + "kind": "function"}], + "message": {"text": "when ‘strncpy’ truncates the source string"}}, + "nestingLevel": 2, + "executionOrder": 7}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(8)", + "gcc/analyzer/checker_event/kind": "EK_RETURN_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_RETURN", + "src_idx": 89, + "dst_idx": 38, + "desc": "return"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 112, + "startColumn": 9, + "endColumn": 67}, + "contextRegion": {"startLine": 112, + "snippet": {"text": "\treadlink_recursive(path, device_path, sizeof(device_path));\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "returning to ‘get_usb_device’ from ‘readlink_recursive’"}}, + "kinds": ["return", + "function"], + "nestingLevel": 1, + "executionOrder": 8}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(9)", + "gcc/analyzer/checker_event/kind": "EK_CALL_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CALL", + "src_idx": 38, + "dst_idx": 46, + "desc": "call"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 113, + "startColumn": 9, + "endColumn": 77}, + "contextRegion": {"startLine": 113, + "snippet": {"text": "\tget_absolute_path(device_path, absolute_path, sizeof(absolute_path));\n"}}}, + "logicalLocations": [{"name": "get_usb_device", + "fullyQualifiedName": "get_usb_device", + "decoratedName": "get_usb_device", + "kind": "function"}], + "message": {"text": "calling ‘get_absolute_path’ from ‘get_usb_device’"}}, + "kinds": ["call", + "function"], + "nestingLevel": 1, + "executionOrder": 9}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(10)", + "gcc/analyzer/checker_event/kind": "EK_FUNCTION_ENTRY"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 50, + "startColumn": 14, + "endColumn": 31}, + "contextRegion": {"startLine": 50, + "snippet": {"text": "static char *get_absolute_path(const char *path, char *result,\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "entry to ‘get_absolute_path’"}}, + "kinds": ["enter", + "function"], + "nestingLevel": 2, + "executionOrder": 10}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(11)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 47, + "dst_idx": 48, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 60, + "startColumn": 12, + "endColumn": 13}, + "contextRegion": {"startLine": 60, + "snippet": {"text": "\tif (path == NULL)\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘false’ branch (when ‘path’ is non-NULL)..."}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 11}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(12)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 47, + "dst_idx": 48, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 63, + "startColumn": 13, + "endColumn": 19}, + "contextRegion": {"startLine": 63, + "snippet": {"text": "\tif (*ppath != '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 12}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(13)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 48, + "dst_idx": 69, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 63, + "startColumn": 12, + "endColumn": 13}, + "contextRegion": {"startLine": 63, + "snippet": {"text": "\tif (*ppath != '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘false’ branch..."}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 13}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(14)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 48, + "dst_idx": 69, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 14}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(15)", + "gcc/analyzer/checker_event/kind": "EK_START_CONSOLIDATED_CFG_EDGES"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 72, + "startColumn": 16, + "endColumn": 46}, + "contextRegion": {"startLine": 72, + "snippet": {"text": "\twhile (*ppath != 0 && result_size > 1) {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘true’ branch..."}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 15}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(16)", + "gcc/analyzer/checker_event/kind": "EK_END_CONSOLIDATED_CFG_EDGES"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 73, + "startColumn": 20, + "endColumn": 21}, + "contextRegion": {"startLine": 73, + "snippet": {"text": "\t\tif (*ppath == '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "nestingLevel": 2, + "executionOrder": 16}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(17)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 50, + "dst_idx": 55, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 73, + "startColumn": 20, + "endColumn": 21}, + "contextRegion": {"startLine": 73, + "snippet": {"text": "\t\tif (*ppath == '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘false’ branch..."}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 17}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(18)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 50, + "dst_idx": 55, + "desc": "false (flags FALSE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 79, + "startColumn": 27, + "endColumn": 28}, + "contextRegion": {"startLine": 79, + "snippet": {"text": "\t\t} else if (*ppath == '.' && *(ppath + 1) == '.' &&\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "false"], + "nestingLevel": 2, + "executionOrder": 18}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(19)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 64, + "dst_idx": 65, + "desc": "true (flags TRUE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 89, + "startColumn": 27, + "endColumn": 28}, + "contextRegion": {"startLine": 89, + "snippet": {"text": "\t\t} else if (*ppath == '.' &&\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘true’ branch..."}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 19}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(20)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 64, + "dst_idx": 65, + "desc": "true (flags TRUE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 90, + "startColumn": 28, + "endColumn": 40}, + "contextRegion": {"startLine": 90, + "snippet": {"text": "\t\t\t *(ppath + 1) == '/' &&\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 20}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(21)", + "gcc/analyzer/checker_event/kind": "EK_START_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 65, + "dst_idx": 66, + "desc": "true (flags TRUE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 89, + "startColumn": 28, + "endLine": 90, + "endColumn": 47}, + "contextRegion": {"startLine": 89, + "endLine": 90, + "snippet": {"text": "\t\t} else if (*ppath == '.' &&\n\t\t\t *(ppath + 1) == '/' &&\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "following ‘true’ branch..."}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 21}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(22)", + "gcc/analyzer/checker_event/kind": "EK_END_CFG_EDGE", + "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CFG_EDGE", + "src_idx": 65, + "dst_idx": 66, + "desc": "true (flags TRUE_VALUE | EXECUTABLE) (has goto_locus)"}}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 91, + "startColumn": 28, + "endColumn": 42}, + "contextRegion": {"startLine": 91, + "snippet": {"text": "\t\t\t *(presult - 1) == '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "...to here"}}, + "kinds": ["branch", + "true"], + "nestingLevel": 2, + "executionOrder": 22}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(23)", + "gcc/analyzer/checker_event/kind": "EK_WARNING"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 91, + "startColumn": 28, + "endColumn": 42}, + "contextRegion": {"startLine": 91, + "snippet": {"text": "\t\t\t *(presult - 1) == '/') {\n"}}}, + "logicalLocations": [{"name": "get_absolute_path", + "fullyQualifiedName": "get_absolute_path", + "decoratedName": "get_absolute_path", + "kind": "function"}], + "message": {"text": "out-of-bounds read at byte -1 but ‘absolute_path’ starts at byte 0"}}, + "kinds": ["danger"], + "nestingLevel": 2, + "executionOrder": 23}]}]}], + "relatedLocations": [{"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 91, + "startColumn": 28, + "endColumn": 42}, + "contextRegion": {"startLine": 91, + "snippet": {"text": "\t\t\t *(presult - 1) == '/') {\n"}}}, + "message": {"text": "valid subscripts for ‘absolute_path’ are ‘[0]’ to ‘[4096]’"}, + "properties": {"nestingLevel": 0}}]}, + {"ruleId": "-Wanalyzer-malloc-leak", + "taxa": [{"id": "401", + "toolComponent": {"name": "cwe"}}], + "properties": {"gcc/analyzer/saved_diagnostic/sm": "malloc", + "gcc/analyzer/saved_diagnostic/enode": 174, + "gcc/analyzer/saved_diagnostic/snode": 19, + "gcc/analyzer/saved_diagnostic/stmt": "if (_14 == -1B)", + "gcc/analyzer/saved_diagnostic/var": "iconv_open (nl_langinfo (14), \"UTF-16LE\")", + "gcc/analyzer/saved_diagnostic/sval": "CONJURED(_14 = iconv_open (_1, \"UTF-16LE\");, _14)", + "gcc/analyzer/saved_diagnostic/state": "unchecked ({‘iconv_close’})", + "gcc/analyzer/saved_diagnostic/idx": 2, + "gcc/analyzer/saved_diagnostic/duplicates": [{"properties": {"gcc/analyzer/saved_diagnostic/sm": "malloc", + "gcc/analyzer/saved_diagnostic/enode": 81, + "gcc/analyzer/saved_diagnostic/snode": 19, + "gcc/analyzer/saved_diagnostic/stmt": "if (_14 == -1B)", + "gcc/analyzer/saved_diagnostic/var": "iconv_open (nl_langinfo (14), \"UTF-16LE\")", + "gcc/analyzer/saved_diagnostic/sval": "CONJURED(_14 = iconv_open (_1, \"UTF-16LE\");, _14)", + "gcc/analyzer/saved_diagnostic/state": "unchecked ({‘iconv_close’})", + "gcc/analyzer/saved_diagnostic/idx": 1, + "gcc/analyzer/pending_diagnostic/kind": "malloc_leak"}}, + {"properties": {"gcc/analyzer/saved_diagnostic/sm": "malloc", + "gcc/analyzer/saved_diagnostic/enode": 81, + "gcc/analyzer/saved_diagnostic/snode": 19, + "gcc/analyzer/saved_diagnostic/stmt": "if (_14 == -1B)", + "gcc/analyzer/saved_diagnostic/var": "iconv_open (nl_langinfo (14), \"UTF-16LE\")", + "gcc/analyzer/saved_diagnostic/sval": "CONJURED(_14 = iconv_open (_1, \"UTF-16LE\");, _14)", + "gcc/analyzer/saved_diagnostic/state": "unchecked ({‘iconv_close’})", + "gcc/analyzer/saved_diagnostic/idx": 0, + "gcc/analyzer/pending_diagnostic/kind": "malloc_leak"}}, + {"properties": {"gcc/analyzer/saved_diagnostic/sm": "malloc", + "gcc/analyzer/saved_diagnostic/enode": 174, + "gcc/analyzer/saved_diagnostic/snode": 19, + "gcc/analyzer/saved_diagnostic/stmt": "if (_14 == -1B)", + "gcc/analyzer/saved_diagnostic/var": "iconv_open (nl_langinfo (14), \"UTF-16LE\")", + "gcc/analyzer/saved_diagnostic/sval": "CONJURED(_14 = iconv_open (_1, \"UTF-16LE\");, _14)", + "gcc/analyzer/saved_diagnostic/state": "unchecked ({‘iconv_close’})", + "gcc/analyzer/saved_diagnostic/idx": 3, + "gcc/analyzer/pending_diagnostic/kind": "malloc_leak"}}], + "gcc/analyzer/pending_diagnostic/kind": "malloc_leak"}, + "level": "warning", + "message": {"text": "leak of ‘iconv_open(nl_langinfo(14), \"UTF-16LE\")’"}, + "locations": [{"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 169, + "startColumn": 12, + "endColumn": 13}, + "contextRegion": {"startLine": 169, + "snippet": {"text": "\tif (conv == (iconv_t) -1)\n"}}}, + "logicalLocations": [{"name": "usb_string_to_native", + "fullyQualifiedName": "usb_string_to_native", + "decoratedName": "usb_string_to_native", + "kind": "function"}]}], + "codeFlows": [{"threadFlows": [{"id": "main", + "locations": [{"properties": {"gcc/analyzer/checker_event/emission_id": "(1)", + "gcc/analyzer/checker_event/kind": "EK_STATE_CHANGE"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 167, + "startColumn": 16, + "endColumn": 60}, + "contextRegion": {"startLine": 167, + "snippet": {"text": "\tconv = iconv_open(nl_langinfo(CODESET), \"UTF-16LE\");\n"}}}, + "logicalLocations": [{"name": "usb_string_to_native", + "fullyQualifiedName": "usb_string_to_native", + "decoratedName": "usb_string_to_native", + "kind": "function"}], + "message": {"text": "allocated here"}}, + "kinds": ["acquire", + "memory"], + "nestingLevel": 1, + "executionOrder": 1}, + {"properties": {"gcc/analyzer/checker_event/emission_id": "(2)", + "gcc/analyzer/checker_event/kind": "EK_WARNING"}, + "location": {"physicalLocation": {"artifactLocation": {"uri": "../usbmisc.c", + "uriBaseId": "PWD"}, + "region": {"startLine": 169, + "startColumn": 12, + "endColumn": 13}, + "contextRegion": {"startLine": 169, + "snippet": {"text": "\tif (conv == (iconv_t) -1)\n"}}}, + "logicalLocations": [{"name": "usb_string_to_native", + "fullyQualifiedName": "usb_string_to_native", + "decoratedName": "usb_string_to_native", + "kind": "function"}], + "message": {"text": "‘iconv_open(nl_langinfo(14), \"UTF-16LE\")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)"}}, + "kinds": ["danger"], + "nestingLevel": 1, + "executionOrder": 2}]}]}]}]}]} diff --git a/tests/csgrep/0133-sarif-gcc-pwd-stdout.txt b/tests/csgrep/0133-sarif-gcc-pwd-stdout.txt new file mode 100644 index 0000000..a1e6f36 --- /dev/null +++ b/tests/csgrep/0133-sarif-gcc-pwd-stdout.txt @@ -0,0 +1,74 @@ +Error: GCC_ANALYZER_WARNING (CWE-127): +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:80:51: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:104:16: enter_function: entry to ‘get_usb_device’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:112:9: call_function: calling ‘readlink_recursive’ from ‘get_usb_device’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:23:12: enter_function: entry to ‘readlink_recursive’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:31:12: branch_false: following ‘false’ branch (when ‘ret <= 0’)... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:44:17: branch_false: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:112:9: return_function: returning to ‘get_usb_device’ from ‘readlink_recursive’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:113:9: call_function: calling ‘get_absolute_path’ from ‘get_usb_device’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:50:14: enter_function: entry to ‘get_absolute_path’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:60:12: branch_false: following ‘false’ branch (when ‘path’ is non-NULL)... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:63:13: branch_false: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:63:12: branch_false: following ‘false’ branch... +: branch_false: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:72:16: branch_true: following ‘true’ branch... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:73:20: branch_false: following ‘false’ branch... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:79:27: branch_false: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:79:27: branch_true: following ‘true’ branch... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:80:51: danger: out-of-bounds read at byte -1 but ‘absolute_path’ starts at byte 0 + +Error: GCC_ANALYZER_WARNING (CWE-127): +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:86:42: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:104:16: enter_function: entry to ‘get_usb_device’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:112:9: call_function: calling ‘readlink_recursive’ from ‘get_usb_device’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:23:12: enter_function: entry to ‘readlink_recursive’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:31:12: branch_true: following ‘true’ branch (when ‘ret > 0’)... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:32:20: branch_true: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:42:24: call_function: calling ‘readlink_recursive’ from ‘readlink_recursive’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:23:12: enter_function: entry to ‘readlink_recursive’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:42:24: return_function: returning to ‘readlink_recursive’ from ‘readlink_recursive’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:112:9: return_function: returning to ‘get_usb_device’ from ‘readlink_recursive’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:113:9: call_function: calling ‘get_absolute_path’ from ‘get_usb_device’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:50:14: enter_function: entry to ‘get_absolute_path’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:60:12: branch_false: following ‘false’ branch (when ‘path’ is non-NULL)... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:63:13: branch_false: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:63:12: branch_false: following ‘false’ branch... +: branch_false: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:72:16: branch_true: following ‘true’ branch... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:73:20: branch_false: following ‘false’ branch... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:79:27: branch_false: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:79:27: branch_true: following ‘true’ branch... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:79:28: branch_true: following ‘true’ branch... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:81:29: branch_true: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:81:28: branch_true: following ‘true’ branch... +: branch_true: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:86:42: danger: out-of-bounds read at byte -2 but ‘absolute_path’ starts at byte 0 + +Error: GCC_ANALYZER_WARNING (CWE-127): +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:91:28: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:104:16: enter_function: entry to ‘get_usb_device’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:112:9: call_function: calling ‘readlink_recursive’ from ‘get_usb_device’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:23:12: enter_function: entry to ‘readlink_recursive’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:31:12: branch_false: following ‘false’ branch (when ‘ret <= 0’)... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:44:17: branch_false: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:112:9: return_function: returning to ‘get_usb_device’ from ‘readlink_recursive’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:113:9: call_function: calling ‘get_absolute_path’ from ‘get_usb_device’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:50:14: enter_function: entry to ‘get_absolute_path’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:60:12: branch_false: following ‘false’ branch (when ‘path’ is non-NULL)... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:63:13: branch_false: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:63:12: branch_false: following ‘false’ branch... +: branch_false: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:72:16: branch_true: following ‘true’ branch... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:73:20: branch_false: following ‘false’ branch... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:79:27: branch_false: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:89:27: branch_true: following ‘true’ branch... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:90:28: branch_true: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:89:28: branch_true: following ‘true’ branch... +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:91:28: branch_true: ...to here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:91:28: danger: out-of-bounds read at byte -1 but ‘absolute_path’ starts at byte 0 + +Error: GCC_ANALYZER_WARNING (CWE-401): +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:169:12: warning[-Wanalyzer-malloc-leak]: leak of ‘iconv_open(nl_langinfo(14), "UTF-16LE")’ +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:167:16: acquire_memory: allocated here +/builddir/build/BUILD/usbutils-018-build/usbutils-018/usbmisc.c:169:12: danger: ‘iconv_open(nl_langinfo(14), "UTF-16LE")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0) diff --git a/tests/csgrep/CMakeLists.txt b/tests/csgrep/CMakeLists.txt index d6ac4df..34479ba 100644 --- a/tests/csgrep/CMakeLists.txt +++ b/tests/csgrep/CMakeLists.txt @@ -176,3 +176,4 @@ test_csgrep("0129-sarif-gcc-pwd" ) test_csgrep("0130-file-glob" ) test_csgrep("0131-unicontrol-perl-man-page" ) test_csgrep("0132-cov-parser-nested-evt" ) +test_csgrep("0133-sarif-gcc-pwd" )