LDRA Testbed ® Code Review Report

System : Dovecot-src-auth





Overall Result: FAIL





Report Production Report Configuration Analysis phases
  • C/C++ LDRA Testbed Version: 8.3.0
  • Config. File: C:\Testbed\CCPP_830_Release\C\sate_creport.dat
  • Produced On: Mon Aug 09 2010 at 16:53:28
  • Penalty File: C:\Testbed\CCPP_830_Release\c\cpen.dat
  • Report Level: Summary Report
  • Procedures Reported: Fails Only
  • Programming Standards Model: SATE 2010 L1 Plus
  • Line Numbers refer to: Original Source File
  • Violation Details: Violations Only
  • Reporting Scope: Full analysis scope
  • Static: Yes
  • Complexity: Yes
  • Static Data Flow: Yes
  • Information Flow: Yes
  • Cross Reference: Yes


Contents

Overall Quality Summary
Report on Program Components

Overall Quality Summary



Totals for Violated Quality Standards


Number of Violations LDRA Code (M) Mandatory Standards CERT Code
4 47 S Array Bound exceeded. CERT ARR30-C
87 77 S Macro replacement list needs parentheses. CERT PRE02-C
64 78 S Macro parameter not in brackets. CERT PRE01-C,PRE02-C
1 403 S Negative (or potentially negative) shift. CERT INT34-C
2 484 S Attempt to use already freed object. CERT MEM31-C
25 577 S Sizeof argument is a pointer. CERT EXP01-C
100 5 D Procedure contains UR data flow anomalies. CERT EXP33-C
870 45 D Pointer not checked for null before use CERT EXP08-C,EXP34-C
9 50 D Memory not freed after last reference. CERT MEM00-C
9 51 D Attempt to read from freed memory. CERT MEM30-C
27 57 D Global not initialised at declaration. CERT EXP33-C
332 69 D Procedure contains UR data flow anomalies. CERT EXP33-C
37 77 D Local structure returned in function result  
3 86 D User input not checked before use. CERT FIO30-C
11 1 X Declaration types do not match across a system. CERT ARR31-C
27 69 X Global array bound exceeded at use CERT ARR30-C


Number of Violations LDRA Code (C) Checking (Mandatory) Standards CERT Code
3 76 D Procedure not called in code analysed  


Number of Violations LDRA Code (O) Optional Standards CERT Code
3 80 D Potentially unused function return value. CERT FIO04-C


Number of Mandatory Standards checked 27
Number of Checking Standards checked 1
Number of Optional Standards checked 3
Total Standards checked 31





OVERALL RESULT: FAIL


Out of 580 program components, 218 (37.59 %) pass ( of which 0 conditionally pass ) and 362 fail ( of which 0 fail only because of insufficient comments )

Procedure Results

Quality Result   Procedure   Source File   Unique Violations   Failure Density  
          (Viols/R.Line %)  
FAIL Global Program
FAIL auth_cache_parse_key auth-cache.c 1 - 4 -
Pass auth_cache_node_unlink auth-cache.c 0 0
Pass auth_cache_node_link_head auth-cache.c 0 0
FAIL auth_cache_node_destroy auth-cache.c 1 - 9 -
Pass sig_auth_cache_clear auth-cache.c 0 0
Pass sig_auth_cache_stats auth-cache.c 0 0
FAIL auth_cache_new auth-cache.c 1 - 20 -
FAIL auth_cache_free auth-cache.c 1 - 13 -
Pass auth_cache_clear auth-cache.c 0 0
FAIL auth_cache_lookup auth-cache.c 1 - 4 -
FAIL auth_cache_insert auth-cache.c 1 - 9 -
FAIL auth_cache_remove auth-cache.c 1 - 11 -
Pass buffer_get_data buffer.h analysed in auth-client-connection.c 0 0
Pass buffer_get_used_size buffer.h analysed in auth-client-connection.c 0 0
Pass array_create_from_buffer_i array.h analysed in auth-client-connection.c 0 0
FAIL array_create_i array.h analysed in auth-client-connection.c 1 - 17 -
Pass array_free_i array.h analysed in auth-client-connection.c 0 0
Pass array_is_created_i array.h analysed in auth-client-connection.c 0 0
Pass array_get_pool_i array.h analysed in auth-client-connection.c 0 0
Pass array_clear_i array.h analysed in auth-client-connection.c 0 0
Pass array_append_i array.h analysed in auth-client-connection.c 0 0
Pass array_append_array_i array.h analysed in auth-client-connection.c 0 0
Pass array_insert_i array.h analysed in auth-client-connection.c 0 0
Pass array_delete_i array.h analysed in auth-client-connection.c 0 0
Pass array_get_i array.h analysed in auth-client-connection.c 0 0
Pass array_idx_i array.h analysed in auth-client-connection.c 0 0
Pass array_get_modifiable_i array.h analysed in auth-client-connection.c 0 0
Pass array_append_space_i array.h analysed in auth-client-connection.c 0 0
Pass array_copy array.h analysed in auth-client-connection.c 0 0
Pass array_count_i array.h analysed in auth-client-connection.c 0 0
FAIL reply_line_hide_pass auth-client-connection.c 1 - 12 -
Pass auth_client_send auth-client-connection.c 0 0
Pass auth_callback auth-client-connection.c 0 0
FAIL auth_client_input_cpid auth-client-connection.c 1 - 9 -
Pass auth_client_output auth-client-connection.c 0 0
FAIL auth_line_hide_pass auth-client-connection.c 1 - 12 -
Pass cont_line_hide_pass auth-client-connection.c 0 0
FAIL auth_client_cancel auth-client-connection.c 1 - 14 -
Pass auth_client_handle_line auth-client-connection.c 0 0
FAIL auth_client_input auth-client-connection.c 1 - 2 -
FAIL auth_client_connection_create auth-client-connection.c 1 - 19 -
Pass auth_client_con ection_destroy_full auth-client-connection.c 0 0
Pass auth_client_connection_destroy auth-client-connection.c 0 0
FAIL auth_client_connection_unref auth-client-connection.c 1 - 6 -
FAIL auth_client_connection_lookup auth-client-connection.c 1 - 10 -
FAIL auth_client_connections_init auth-client-connection.c 1 - 80 -
FAIL auth_client_connections_deinit auth-client-connection.c 1 - 5 -
FAIL auth_server_send_new_request auth-client-request.c 1 - 1 -

Quality Result   Procedure   Source File   Unique Violations   Failure Density  
          (Viols/R.Line %)  
FAIL auth_client_request_new auth-client-request.c 1 - 13 -
FAIL auth_client_request_continue auth-client-request.c 1 - 6 -
FAIL auth_client_request_abort auth-client-request.c 1 - 8 -
Pass auth_client_request_get_id auth-client-request.c 0 0
Pass auth_client_req est_get_server_pid auth-client-request.c 0 0
Pass auth_client_request_get_cookie auth-client-request.c 0 0
Pass auth_client_request_is_aborted auth-client-request.c 0 0
FAIL auth_client_request_server_input auth-client-request.c 1 - 4 -
FAIL auth_client_send_cancel auth-client-request.c 1 - 11 -
FAIL auth_client_init auth-client.c 1 - 30 -
FAIL auth_client_deinit auth-client.c 1 - 33 -
Pass auth_client_connect auth-client.c 0 0
Pass auth_client_disconnect auth-client.c 0 0
Pass auth_client_is_connected auth-client.c 0 0
Pass auth_client_is_disconnected auth-client.c 0 0
Pass auth_client_set_connect_notify auth-client.c 0 0
Pass auth_client_get available_mechs auth-client.c 0 0
FAIL auth_client_find_mech auth-client.c 1 - 5 -
Pass auth_client_get_connect_id auth-client.c 0 0
FAIL auth_master_request_callback auth-master-connection.c 1 - 13 -
FAIL master_input_request auth-master-connection.c 1 - 13 -
FAIL master_input_auth_request auth-master-connection.c 1 - 10 -
FAIL user_callback auth-master-connection.c 1 - 7 -
FAIL master_input_user auth-master-connection.c 1 - 13 -
FAIL pass_callback auth-master-connection.c 1 - 9 -
FAIL master_input_pass auth-master-connection.c 1 - 13 -
Pass master_input_list_finish auth-master-connection.c 0 0
Pass master_output_list auth-master-connection.c 0 0
FAIL master_input_list_callback auth-master-connection.c 1 - 3 -
FAIL master_input_list auth-master-connection.c 1 - 9 -
Pass auth_master_input_line auth-master-connection.c 0 0
FAIL master_input auth-master-connection.c 1 - 4 -
Pass master_output auth-master-connection.c 0 0
FAIL auth_master_connection_create auth-master-connection.c 1 - 40 -
Pass auth_master_connection_destroy auth-master-connection.c 0 0
Pass auth_master_connection_ref auth-master-connection.c 0 0
FAIL auth_master_connection_unref auth-master-connection.c 1 - 3 -
FAIL auth_master_connections_init auth-master-connection.c 1 - 80 -
FAIL auth_master_connections_deinit auth-master-connection.c 1 - 10 -
FAIL auth_master_init auth-master.c 1 - 33 -
Pass auth_connection_close auth-master.c 0 0
FAIL auth_master_deinit auth-master.c 1 - 29 -
Pass auth_request_lookup_abort auth-master.c 0 0
FAIL auth_input_handshake auth-master.c 1 - 2 -
Pass parse_reply auth-master.c 0 0
FAIL auth_lookup_reply_callback auth-master.c 1 - 2 -
FAIL auth_handle_line auth-master.c 1 - 10 -
Pass auth_input auth-master.c 0 0
Pass auth_master_connect auth-master.c 0 0

Quality Result   Procedure   Source File   Unique Violations   Failure Density  
          (Viols/R.Line %)  
Pass auth_request_timeout auth-master.c 0 0
Pass auth_idle_timeout auth-master.c 0 0
Pass auth_master_set_io auth-master.c 0 0
Pass auth_master_unset_io auth-master.c 0 0
Pass is_valid_string auth-master.c 0 0
FAIL auth_master_run_cmd auth-master.c 1 - 10 -
Pass auth_master_next_request_id auth-master.c 0 0
Pass auth_user_info_export auth-master.c 0 0
FAIL auth_master_user_lookup auth-master.c 1 - 4 -
FAIL auth_user_fields_parse auth-master.c 1 - 6 -
FAIL auth_master_pass_lookup auth-master.c 1 - 6 -
FAIL auth_user_list_reply_callback auth-master.c 1 - 5 -
FAIL auth_master_user_list_init auth-master.c 1 - 18 -
Pass auth_master_user_list_next auth-master.c 0 0
Pass auth_master_user_list_count auth-master.c 0 0
Pass auth_master_user_list_deinit auth-master.c 0 0
FAIL auth_penalty_init auth-penalty.c 1 - 15 -
FAIL auth_penalty_deinit auth-penalty.c 1 - 13 -
Pass auth_penalty_to_secs auth-penalty.c 0 0
Pass auth_penalty_anvil_callback auth-penalty.c 0 0
Pass auth_penalty_get_ident auth-penalty.c 0 0
FAIL auth_penalty_lookup auth-penalty.c 1 - 7 -
Pass get_userpass_checksum auth-penalty.c 0 0
FAIL auth_penalty_update auth-penalty.c 1 - 5 -
Pass aqueue_idx aqueue.h analysed in auth-request-handler.c 0 0
FAIL auth_request_handler_create auth-request-handler.c 1 - 33 -
FAIL auth_request_handler_abort_requests auth-request-handler.c 1 - 23 -
Pass auth_request_handler_unref auth-request-handler.c 0 0
Pass auth_request_handler_set auth-request-handler.c 0 0
Pass auth_request_handler_remove auth-request-handler.c 0 0
FAIL get_client_extra_fields auth-request-handler.c 1 - 3 -
FAIL auth_request_handle_failure auth-request-handler.c 1 - 2 -
FAIL auth_request_handler_reply auth-request-handler.c 1 - 13 -
Pass auth_request_ha dler_reply_continue auth-request-handler.c 0 0
FAIL auth_request_handler_auth_fail auth-request-handler.c 1 - 23 -
Pass auth_request_timeout auth-request-handler.c 0 0
Pass auth_request_penalty_finish auth-request-handler.c 0 0
Pass auth_penalty_callback auth-request-handler.c 0 0
FAIL auth_request_handler_auth_begin auth-request-handler.c 1 - 7 -
FAIL auth_request_handler_auth_continue auth-request-handler.c 1 - 8 -
FAIL userdb_callback auth-request-handler.c 1 - 14 -
FAIL auth_request_handler_master_request auth-request-handler.c 1 - 12 -
Pass auth_request_ha dler_cancel_request auth-request-handler.c 0 0
FAIL auth_request_handler_flush_failures auth-request-handler.c 1 - 7 -
Pass auth_failure_timeout auth-request-handler.c 0 0
FAIL auth_request_handler_init auth-request-handler.c 1 - 67 -
FAIL auth_request_handler_deinit auth-request-handler.c 1 - 6 -
FAIL auth_request_new auth-request.c 1 - 19 -
FAIL auth_request_new_dummy auth-request.c 1 - 33 -

Quality Result   Procedure   Source File   Unique Violations   Failure Density  
          (Viols/R.Line %)  
Pass auth_request_set_state auth-request.c 0 0
FAIL auth_request_init auth-request.c 1 - 13 -
Pass auth_request_get_auth auth-request.c 0 0
Pass auth_request_success auth-request.c 0 0
FAIL auth_request_fail auth-request.c 1 - 6 -
Pass auth_request_internal_failure auth-request.c 0 0
Pass auth_request_ref auth-request.c 0 0
Pass auth_request_unref auth-request.c 0 0
Pass auth_request_export auth-request.c 0 0
Pass auth_request_import auth-request.c 0 0
Pass auth_request_initial auth-request.c 0 0
Pass auth_request_continue auth-request.c 0 0
FAIL auth_request_save_cache auth-request.c 1 - 4 -
Pass auth_request_ma ter_lookup_finish auth-request.c 0 0
Pass auth_request_ha dle_passdb_callback auth-request.c 0 0
FAIL auth_request_verify_plain_callback_finish auth-request.c 1 - 8 -
FAIL auth_request_verify_plain_callback auth-request.c 1 - 3 -
Pass password_has_illegal_chars auth-request.c 0 0
FAIL auth_request_verify_plain auth-request.c 1 - 3 -
FAIL auth_request_lookup_credentials_finish auth-request.c 1 - 10 -
FAIL auth_request_lookup_credentials_callback auth-request.c 1 - 9 -
FAIL auth_request_lookup_credentials auth-request.c 1 - 8 -
FAIL auth_request_set_credentials auth-request.c 1 - 10 -
FAIL auth_request_userdb_save_cache auth-request.c 1 - 5 -
FAIL auth_request_lookup_user_cache auth-request.c 1 - 12 -
FAIL auth_request_userdb_callback auth-request.c 1 - 3 -
FAIL auth_request_lookup_user auth-request.c 1 - 10 -
FAIL auth_request_fix_username auth-request.c 1 - 12 -
FAIL auth_request_set_username auth-request.c 1 - 2 -
Pass auth_request_se _login_username auth-request.c 0 0
FAIL auth_request_validate_networks auth-request.c 1 - 5 -
Pass auth_request_set_password auth-request.c 0 0
FAIL auth_request_set_reply_field auth-request.c 1 - 11 -
FAIL auth_request_set_field auth-request.c 1 - 3 -
Pass auth_request_set_fields auth-request.c 0 0
FAIL auth_request_init_userdb_reply auth-request.c 1 - 25 -
FAIL auth_request_userdb_reply_update_user auth-request.c 1 - 14 -
FAIL auth_request_change_userdb_user auth-request.c 1 - 12 -
FAIL auth_request_set_uidgid_file auth-request.c 1 - 13 -
FAIL auth_request_set_userdb_field auth-request.c 1 - 1 -
FAIL auth_request_set_userdb_field_values auth-request.c 1 - 2 -
FAIL auth_request_proxy_is_self auth-request.c 1 - 1 -
FAIL auth_request_proxy_finish auth-request.c 1 - 2 -
FAIL log_password_failure auth-request.c 1 - 5 -
FAIL auth_request_log_password_mismatch auth-request.c 1 - 7 -
FAIL auth_request_password_verify auth-request.c 1 - 6 -
Pass escape_none auth-request.c 0 0
Pass auth_request_str_escape auth-request.c 0 0
FAIL auth_request_get_var_expand_table auth-request.c 1 - 2 -

Quality Result   Procedure   Source File   Unique Violations   Failure Density  
          (Viols/R.Line %)  
Pass get_log_prefix auth-request.c 0 0
FAIL get_log_str auth-request.c 1 - 13 -
Pass auth_request_log_debug auth-request.c 0 0
Pass auth_request_log_info auth-request.c 0 0
Pass auth_request_log_error auth-request.c 0 0
Pass auth_request_re resh_last_access auth-request.c 0 0
FAIL auth_server_input_mech auth-server-connection.c 1 - 1 -
Pass auth_server_input_spid auth-server-connection.c 0 0
Pass auth_server_input_cuid auth-server-connection.c 0 0
Pass auth_server_input_cookie auth-server-connection.c 0 0
Pass auth_server_input_done auth-server-connection.c 0 0
FAIL auth_server_lookup_request auth-server-connection.c 1 - 5 -
FAIL auth_server_input_ok auth-server-connection.c 1 - 7 -
FAIL auth_server_input_cont auth-server-connection.c 1 - 5 -
FAIL auth_server_input_fail auth-server-connection.c 1 - 7 -
Pass auth_server_con ection_input_line auth-server-connection.c 0 0
FAIL auth_server_connection_input auth-server-connection.c 1 - 1 -
FAIL auth_server_connection_init auth-server-connection.c 1 - 31 -
FAIL auth_server_connection_remove_requests auth-server-connection.c 1 - 25 -
Pass auth_server_con ection_disconnect auth-server-connection.c 0 0
Pass auth_server_reconnect_timeout auth-server-connection.c 0 0
Pass auth_server_con ection_reconnect auth-server-connection.c 0 0
Pass auth_server_connection_deinit auth-server-connection.c 0 0
Pass auth_client_handshake_timeout auth-server-connection.c 0 0
FAIL auth_server_connection_connect auth-server-connection.c 1 - 2 -
Pass auth_server_con ection_add_request auth-server-connection.c 0 0
FAIL auth_settings_check auth-settings.c 1 - 5 -
Pass auth_passdb_settings_check auth-settings.c 0 0
Pass auth_userdb_settings_check auth-settings.c 0 0
FAIL auth_settings_read auth-settings.c 1 - 14 -
FAIL auth_stream_reply_init auth-stream.c 1 - 33 -
Pass auth_stream_reply_add auth-stream.c 0 0
Pass auth_stream_reply_find_area auth-stream.c 0 0
FAIL auth_stream_reply_remove auth-stream.c 1 - 9 -
FAIL auth_stream_reply_find auth-stream.c 1 - 8 -
Pass auth_stream_reply_reset auth-stream.c 0 0
Pass auth_stream_reply_import auth-stream.c 0 0
Pass auth_stream_reply_export auth-stream.c 0 0
Pass auth_stream_is_empty auth-stream.c 0 0
Pass auth_stream_split auth-stream.c 0 0
Pass auth_stream_reply_get_str auth-stream.c 0 0
Pass auth_worker_cli nt_check_throttle auth-worker-client.c 0 0
FAIL worker_auth_request_new auth-worker-client.c 1 - 15 -
Pass auth_worker_send_reply auth-worker-client.c 0 0
FAIL verify_plain_callback auth-worker-client.c 1 - 15 -
FAIL auth_worker_handle_passv auth-worker-client.c 1 - 8 -
FAIL lookup_credentials_callback auth-worker-client.c 1 - 18 -
FAIL auth_worker_handle_passl auth-worker-client.c 1 - 10 -
FAIL set_credentials_callback auth-worker-client.c 1 - 5 -

Quality Result   Procedure   Source File   Unique Violations   Failure Density  
          (Viols/R.Line %)  
FAIL auth_worker_handle_setcred auth-worker-client.c 1 - 12 -
FAIL lookup_user_callback auth-worker-client.c 1 - 3 -
Pass auth_userdb_find_by_id auth-worker-client.c 0 0
FAIL auth_worker_handle_user auth-worker-client.c 1 - 7 -
FAIL list_iter_deinit auth-worker-client.c 1 - 8 -
FAIL list_iter_callback auth-worker-client.c 1 - 1 -
Pass auth_worker_list_output auth-worker-client.c 0 0
FAIL auth_worker_handle_list auth-worker-client.c 1 - 8 -
FAIL auth_worker_handle_line auth-worker-client.c 1 - 12 -
FAIL auth_worker_verify_db_hash auth-worker-client.c 1 - 31 -
FAIL auth_worker_input auth-worker-client.c 1 - 1 -
Pass auth_worker_output auth-worker-client.c 0 0
FAIL auth_worker_client_create auth-worker-client.c 1 - 20 -
Pass auth_worker_client_destroy auth-worker-client.c 0 0
FAIL auth_worker_client_unref auth-worker-client.c 1 - 6 -
FAIL auth_worker_idle_timeout auth-worker-server.c 1 - 4 -
Pass auth_worker_call_timeout auth-worker-server.c 0 0
FAIL auth_worker_request_send auth-worker-server.c 1 - 3 -
FAIL auth_worker_request_send_next auth-worker-server.c 1 - 11 -
FAIL auth_worker_send_handshake auth-worker-server.c 1 - 29 -
FAIL auth_worker_create auth-worker-server.c 1 - 6 -
FAIL auth_worker_destroy auth-worker-server.c 1 - 6 -
FAIL auth_worker_find_free auth-worker-server.c 1 - 3 -
Pass auth_worker_request_handle auth-worker-server.c 0 0
FAIL worker_input auth-worker-server.c 1 - 4 -
FAIL auth_worker_call auth-worker-server.c 1 - 5 -
Pass auth_worker_ser er_resume_input auth-worker-server.c 0 0
FAIL auth_worker_server_init auth-worker-server.c 1 - 70 -
FAIL auth_worker_server_deinit auth-worker-server.c 1 - 9 -
FAIL auth_passdb_preinit auth.c 1 - 17 -
FAIL auth_userdb_preinit auth.c 1 - 22 -
FAIL auth_preinit auth.c 1 - 5 -
Pass auth_passdb_lis _have_verify_plain auth.c 0 0
Pass auth_passdb_lis _have_lookup_credentials auth.c 0 0
Pass auth_passdb_lis _have_set_credentials auth.c 0 0
Pass auth_mech_verify_passdb auth.c 0 0
Pass auth_mech_list_verify_passdb auth.c 0 0
Pass auth_init auth.c 0 0
Pass auth_deinit auth.c 0 0
FAIL auth_find_service auth.c 1 - 2 -
FAIL auths_preinit auth.c 1 - 37 -
Pass auths_init auth.c 0 0
Pass auths_deinit auth.c 0 0
FAIL auths_free auth.c 1 - 20 -
FAIL main checkpassword-reply.c 1 - 4 -
FAIL env_put_extra_fields db-checkpassword.c 1 - 11 -
Pass checkpassword_request_close db-checkpassword.c 0 0
FAIL checkpassword_request_free db-checkpassword.c 1 - 11 -
Pass checkpassword_sigchld_handler db-checkpassword.c 0 0

Quality Result   Procedure   Source File   Unique Violations   Failure Density  
          (Viols/R.Line %)  
FAIL checkpassword_setup_env db-checkpassword.c 1 - 2 -
FAIL checkpassword_get_cmd db-checkpassword.c 1 - 22 -
FAIL checkpassword_child_input db-checkpassword.c 1 - 3 -
FAIL checkpassword_child_output db-checkpassword.c 1 - 6 -
FAIL passwd_file_add db-passwd-file.c 1 - 4 -
FAIL passwd_file_new db-passwd-file.c 1 - 20 -
FAIL passwd_file_open db-passwd-file.c 1 - 5 -
Pass passwd_file_close db-passwd-file.c 0 0
FAIL passwd_file_free db-passwd-file.c 1 - 15 -
Pass passwd_file_sync db-passwd-file.c 0 0
FAIL db_passwd_file_find db-passwd-file.c 1 - 5 -
FAIL db_passwd_file_init db-passwd-file.c 1 - 11 -
Pass db_passwd_file_parse db-passwd-file.c 0 0
FAIL db_passwd_file_unref db-passwd-file.c 1 - 13 -
Pass path_fix db-passwd-file.c 0 0
FAIL db_passwd_file_lookup db-passwd-file.c 1 - 11 -
Pass auth_refresh_proctitle main.c 0 0
FAIL read_global_settings main.c 1 - 42 -
FAIL main_preinit main.c 1 - 16 -
Pass main_init main.c 0 0
FAIL main_deinit main.c 1 - 20 -
FAIL worker_connected main.c 1 - 14 -
FAIL client_connected main.c 1 - 13 -
FAIL auth_die main.c 1 - 50 -
FAIL main main.c 1 - 113
FAIL mech_anonymous_auth_continue mech-anonymous.c 1 - 5 -
FAIL mech_anonymous_auth_new mech-anonymous.c 1 - 43 -
FAIL verify_credentials mech-apop.c 1 - 125
FAIL apop_credentials_callback mech-apop.c 1 - 4 -
FAIL mech_apop_auth_initial mech-apop.c 1 - 2 -
FAIL mech_apop_auth_new mech-apop.c 1 - 25 -
Pass hmac_md5_update hmac-md5.h analysed in mech-cram-md5.c 0 0
FAIL get_cram_challenge mech-cram-md5.c 1 - 11 -
FAIL verify_credentials mech-cram-md5.c 1 - 66 -
Pass parse_cram_response mech-cram-md5.c 0 0
FAIL credentials_callback mech-cram-md5.c 1 - 4 -
Pass mech_cram_md5_auth_continue mech-cram-md5.c 0 0
Pass mech_cram_md5_auth_initial mech-cram-md5.c 0 0
FAIL mech_cram_md5_auth_new mech-cram-md5.c 1 - 25 -
FAIL get_digest_challenge mech-digest-md5.c 1 - 15 -
FAIL verify_credentials mech-digest-md5.c 1 - 14 -
FAIL parse_next mech-digest-md5.c 1 - 10 -
Pass auth_handle_response mech-digest-md5.c 0 0
FAIL parse_digest_response mech-digest-md5.c 1 - 6 -
Pass credentials_callback mech-digest-md5.c 0 0
FAIL mech_digest_md5_auth_continue mech-digest-md5.c 1 - 4 -
FAIL mech_digest_md5_auth_initial mech-digest-md5.c 1 - 13 -
FAIL mech_digest_md5_auth_new mech-digest-md5.c 1 - 22 -
FAIL mech_external_auth_continue mech-external.c 1 - 3 -

Quality Result   Procedure   Source File   Unique Violations   Failure Density  
          (Viols/R.Line %)  
FAIL mech_external_auth_new mech-external.c 1 - 43 -
FAIL mech_login_auth_continue mech-login.c 1 - 11 -
Pass mech_login_auth_initial mech-login.c 0 0
FAIL mech_login_auth_new mech-login.c 1 - 43 -
Pass read_le16 ntlm-byteorder.h analysed in mech-ntlm.c 0 0
Pass read_le32 ntlm-byteorder.h analysed in mech-ntlm.c 0 0
Pass read_le64 ntlm-byteorder.h analysed in mech-ntlm.c 0 0
Pass write_le16 ntlm-byteorder.h analysed in mech-ntlm.c 0 0
Pass write_le32 ntlm-byteorder.h analysed in mech-ntlm.c 0 0
Pass write_le64 ntlm-byteorder.h analysed in mech-ntlm.c 0 0
Pass ntlmssp_buffer_data_i ntlm.h analysed in mech-ntlm.c 0 0
Pass ntlmssp_buffer_length_i ntlm.h analysed in mech-ntlm.c 0 0
FAIL lm_verify_credentials mech-ntlm.c 1 - 11 -
FAIL lm_credentials_callback mech-ntlm.c 1 - 4 -
FAIL ntlm_verify_credentials mech-ntlm.c 1 - 7 -
FAIL ntlm_credentials_callback mech-ntlm.c 1 - 3 -
FAIL mech_ntlm_auth_continue mech-ntlm.c 1 - 9 -
FAIL mech_ntlm_auth_new mech-ntlm.c 1 - 25 -
Pass otp_parity otp-parity.h analysed in mech-otp-skey-common.c 0 0
Pass otp_lock_init mech-otp-skey-common.c 0 0
Pass otp_try_lock mech-otp-skey-common.c 0 0
Pass otp_unlock mech-otp-skey-common.c 0 0
FAIL otp_set_credentials_callback mech-otp-skey-common.c 1 - 16 -
Pass mech_otp_skey_auth_free mech-otp-skey-common.c 0 0
FAIL otp_send_challenge mech-otp.c 1 - 5 -
Pass skey_credentials_callback mech-otp.c 0 0
Pass otp_credentials_callback mech-otp.c 0 0
FAIL mech_otp_auth_phase1 mech-otp.c 1 - 6 -
FAIL mech_otp_verify mech-otp.c 1 - 21 -
FAIL mech_otp_verify_init mech-otp.c 1 - 36 -
FAIL mech_otp_auth_phase2 mech-otp.c 1 - 4 -
Pass mech_otp_auth_continue mech-otp.c 0 0
FAIL mech_otp_auth_new mech-otp.c 1 - 18 -
FAIL plain_verify_callback mech-plain-common.c 1 - 6 -
FAIL mech_plain_auth_continue mech-plain.c 1 - 4 -
FAIL mech_plain_auth_new mech-plain.c 1 - 43 -
FAIL rpa_user_response mech-rpa.c 1 - 79 -
FAIL rpa_server_response mech-rpa.c 1 - 39 -
FAIL rpa_check_message mech-rpa.c 1 - 1 -
Pass rpa_parse_token1 mech-rpa.c 0 0
Pass rpa_read_buffer mech-rpa.c 0 0
FAIL rpa_parse_token3 mech-rpa.c 1 - 8 -
Pass buffer_append_asn1_length mech-rpa.c 0 0
Pass rpa_add_realm mech-rpa.c 0 0
FAIL mech_rpa_build_token2 mech-rpa.c 1 - 8 -
FAIL mech_rpa_build_token4 mech-rpa.c 1 - 33 -
FAIL verify_credentials mech-rpa.c 1 - 25 -
FAIL rpa_credentials_callback mech-rpa.c 1 - 3 -
FAIL mech_rpa_auth_phase1 mech-rpa.c 1 - 10 -

Quality Result   Procedure   Source File   Unique Violations   Failure Density  
          (Viols/R.Line %)  
Pass mech_rpa_auth_phase2 mech-rpa.c 0 0
FAIL mech_rpa_auth_phase3 mech-rpa.c 1 - 5 -
Pass mech_rpa_auth_continue mech-rpa.c 0 0
FAIL mech_rpa_auth_free mech-rpa.c 1 - 9 -
FAIL mech_rpa_auth_new mech-rpa.c 1 - 22 -
FAIL skey_send_challenge mech-skey.c 1 - 4 -
Pass otp_credentials_callback mech-skey.c 0 0
Pass skey_credentials_callback mech-skey.c 0 0
FAIL mech_skey_auth_phase1 mech-skey.c 1 - 7 -
FAIL mech_skey_auth_phase2 mech-skey.c 1 - 21 -
Pass mech_skey_auth_continue mech-skey.c 0 0
FAIL mech_skey_auth_new mech-skey.c 1 - 18 -
Pass winbind_helper_disconnect mech-winbind.c 0 0
FAIL winbind_wait_pid mech-winbind.c 1 - 4 -
Pass sigchld_handler mech-winbind.c 0 0
FAIL winbind_helper_connect mech-winbind.c 1 - 7 -
FAIL do_auth_continue mech-winbind.c 1 - 3 -
Pass mech_winbind_auth_initial mech-winbind.c 0 0
FAIL mech_winbind_auth_continue mech-winbind.c 1 - 5 -
FAIL do_auth_new mech-winbind.c 1 - 25 -
FAIL mech_winbind_ntlm_auth_new mech-winbind.c 1 - 50 -
FAIL mech_winbind_spnego_auth_new mech-winbind.c 1 - 50 -
FAIL mech_register_module mech.c 1 - 43 -
FAIL mech_unregister_module mech.c 1 - 8 -
FAIL mech_module_find mech.c 1 - 5 -
FAIL mech_generic_auth_initial mech.c 1 - 8 -
Pass mech_generic_auth_free mech.c 0 0
FAIL mech_register_add mech.c 1 - 2 -
FAIL mech_register_init mech.c 1 - 8 -
Pass mech_register_deinit mech.c 0 0
FAIL mech_init mech.c 1 - 36 -
FAIL mech_deinit mech.c 1 - 60 -
Pass mycrypt mycrypt.c 0 0
FAIL auth_worker_reply_parse_args passdb-blocking.c 1 - 3 -
FAIL auth_worker_reply_parse passdb-blocking.c 1 - 17 -
FAIL verify_plain_callback passdb-blocking.c 1 - 22 -
FAIL passdb_blocking_verify_plain passdb-blocking.c 1 - 15 -
Pass lookup_credentials_callback passdb-blocking.c 0 0
FAIL passdb_blocking_lookup_credentials passdb-blocking.c 1 - 15 -
Pass set_credentials_callback passdb-blocking.c 0 0
FAIL passdb_blocking_set_credentials passdb-blocking.c 1 - 33 -
FAIL passdb_cache_log_hit passdb-cache.c 1 - 7 -
FAIL passdb_cache_verify_plain passdb-cache.c 1 - 6 -
FAIL passdb_cache_lookup_credentials passdb-cache.c 1 - 6 -
Pass passdb_cache_init passdb-cache.c 0 0
Pass passdb_cache_deinit passdb-cache.c 0 0
FAIL checkpassword_request_finish passdb-checkpassword.c 1 - 3 -
Pass checkpassword_r quest_half_finish passdb-checkpassword.c 0 0
FAIL sigchld_handler passdb-checkpassword.c 1 - 5 -

Quality Result   Procedure   Source File   Unique Violations   Failure Density  
          (Viols/R.Line %)  
FAIL checkpassword_verify_plain_child passdb-checkpassword.c 1 - 10 -
FAIL checkpassword_verify_plain passdb-checkpassword.c 1 - 3 -
FAIL checkpassword_preinit passdb-checkpassword.c 1 - 25 -
FAIL checkpassword_deinit passdb-checkpassword.c 1 - 19 -
FAIL pam_userpass_conv passdb-pam.c 1 - 8 -
FAIL pam_get_missing_service_file_path passdb-pam.c 1 - 3 -
FAIL try_pam_auth passdb-pam.c 1 - 5 -
Pass set_pam_items passdb-pam.c 0 0
FAIL pam_verify_plain_call passdb-pam.c 1 - 5 -
FAIL pam_verify_plain passdb-pam.c 1 - 11 -
FAIL pam_preinit passdb-pam.c 1 - 1 -
FAIL passwd_file_save_results passdb-passwd-file.c 1 - 11 -
FAIL passwd_file_verify_plain passdb-passwd-file.c 1 - 7 -
FAIL passwd_file_lookup_credentials passdb-passwd-file.c 1 - 6 -
FAIL passwd_file_preinit passdb-passwd-file.c 1 - 7 -
Pass passwd_file_init passdb-passwd-file.c 0 0
Pass passwd_file_deinit passdb-passwd-file.c 0 0
FAIL passwd_verify_plain passdb-passwd.c 1 - 2 -
Pass passwd_init passdb-passwd.c 0 0
Pass passwd_deinit passdb-passwd.c 0 0
FAIL shadow_verify_plain passdb-shadow.c 1 - 2 -
Pass shadow_init passdb-shadow.c 0 0
Pass shadow_deinit passdb-shadow.c 0 0
FAIL static_verify_plain passdb-static.c 1 - 8 -
FAIL static_preinit passdb-static.c 1 - 19 -
FAIL passdb_interface_find passdb.c 1 - 10 -
Pass passdb_register_module passdb.c 0 0
FAIL passdb_unregister_module passdb.c 1 - 4 -
FAIL passdb_get_credentials passdb.c 1 - 7 -
FAIL passdb_handle_credentials passdb.c 1 - 3 -
FAIL passdb_find passdb.c 1 - 8 -
FAIL passdb_preinit passdb.c 1 - 3 -
Pass passdb_init passdb.c 0 0
FAIL passdb_deinit passdb.c 1 - 5 -
FAIL passdbs_generate_md5 passdb.c 1 - 60 -
FAIL passdbs_init passdb.c 1 - 37 -
FAIL passdbs_deinit passdb.c 1 - 75 -
Pass password_set_encryption_rounds password-scheme-crypt.c 0 0
FAIL crypt_generate_blowfisch password-scheme-crypt.c 1 - 9 -
FAIL crypt_generate_sha256 password-scheme-crypt.c 1 - 9 -
FAIL crypt_generate_sha512 password-scheme-crypt.c 1 - 9 -
Pass password_scheme_register_crypt password-scheme-crypt.c 0 0
Pass to64 password-scheme-md5crypt.c 0 0
FAIL password_generate_md5_crypt password-scheme-md5crypt.c 1 - 13 -
FAIL password_generate_otp password-scheme-otp.c 1 - 21 -
FAIL ucs2be_str password-scheme-rpa.c 1 - 14 -
FAIL password_generate_rpa password-scheme-rpa.c 1 - 29 -
FAIL password_scheme_lookup_name password-scheme.c 1 - 5 -
FAIL password_scheme_lookup password-scheme.c 1 - 3 -

Quality Result   Procedure   Source File   Unique Violations   Failure Density  
          (Viols/R.Line %)  
FAIL password_verify password-scheme.c 1 - 10 -
Pass password_get_scheme password-scheme.c 0 0
FAIL password_decode password-scheme.c 1 - 1 -
Pass password_generate password-scheme.c 0 0
FAIL password_generate_encoded password-scheme.c 1 - 11 -
FAIL password_generate_salt password-scheme.c 1 - 6 -
FAIL password_scheme_is_alias password-scheme.c 1 - 4 -
FAIL password_scheme_detect password-scheme.c 1 - 16 -
FAIL crypt_verify password-scheme.c 1 - 5 -
FAIL crypt_generate password-scheme.c 1 - 22 -
FAIL md5_verify password-scheme.c 1 - 18 -
FAIL md5_crypt_verify password-scheme.c 1 - 40 -
FAIL md5_crypt_generate password-scheme.c 1 - 17 -
FAIL sha1_generate password-scheme.c 1 - 10 -
FAIL sha256_generate password-scheme.c 1 - 10 -
FAIL sha512_generate password-scheme.c 1 - 10 -
FAIL ssha_generate password-scheme.c 1 - 63 -
FAIL ssha_verify password-scheme.c 1 - 43 -
FAIL ssha256_generate password-scheme.c 1 - 44 -
FAIL ssha256_verify password-scheme.c 1 - 29 -
FAIL ssha512_generate password-scheme.c 1 - 44 -
FAIL ssha512_verify password-scheme.c 1 - 29 -
FAIL smd5_generate password-scheme.c 1 - 69 -
FAIL smd5_verify password-scheme.c 1 - 48 -
Pass plain_generate password-scheme.c 0 0
FAIL cram_md5_generate password-scheme.c 1 - 225
FAIL digest_md5_generate password-scheme.c 1 - 13 -
FAIL plain_md4_generate password-scheme.c 1 - 10 -
FAIL plain_md5_generate password-scheme.c 1 - 10 -
FAIL lm_generate password-scheme.c 1 - 17 -
FAIL ntlm_generate password-scheme.c 1 - 17 -
FAIL otp_verify password-scheme.c 1 - 14 -
FAIL otp_generate password-scheme.c 1 - 40 -
FAIL skey_generate password-scheme.c 1 - 40 -
FAIL rpa_generate password-scheme.c 1 - 11 -
Pass password_scheme_register password-scheme.c 0 0
FAIL password_scheme_unregister password-scheme.c 1 - 7 -
FAIL password_schemes_init password-scheme.c 1 - 5 -
FAIL password_schemes_deinit password-scheme.c 1 - 60 -
Pass user_callback userdb-blocking.c 0 0
FAIL userdb_blocking_lookup userdb-blocking.c 1 - 27 -
Pass iter_callback userdb-blocking.c 0 0
FAIL userdb_blocking_iter_init userdb-blocking.c 1 - 35 -
Pass userdb_blocking_iter_next userdb-blocking.c 0 0
Pass userdb_blocking_iter_deinit userdb-blocking.c 0 0
FAIL checkpassword_request_finish userdb-checkpassword.c 1 - 3 -
Pass checkpassword_r quest_half_finish userdb-checkpassword.c 0 0
FAIL sigchld_handler userdb-checkpassword.c 1 - 5 -
FAIL checkpassword_lookup_child userdb-checkpassword.c 1 - 10 -

Quality Result   Procedure   Source File   Unique Violations   Failure Density  
          (Viols/R.Line %)  
FAIL checkpassword_lookup userdb-checkpassword.c 1 - 4 -
FAIL checkpassword_preinit userdb-checkpassword.c 1 - 25 -
FAIL checkpassword_deinit userdb-checkpassword.c 1 - 19 -
FAIL userdb_nss_lookup userdb-nss.c 1 - 6 -
FAIL userdb_nss_load_module userdb-nss.c 1 - 9 -
FAIL userdb_nss_preinit userdb-nss.c 1 - 4 -
FAIL userdb_nss_deinit userdb-nss.c 1 - 9 -
FAIL passwd_file_lookup userdb-passwd-file.c 1 - 9 -
FAIL passwd_file_iterate_init userdb-passwd-file.c 1 - 6 -
FAIL passwd_file_iterate_next userdb-passwd-file.c 1 - 4 -
FAIL passwd_file_iterate_deinit userdb-passwd-file.c 1 - 13 -
FAIL passwd_file_preinit userdb-passwd-file.c 1 - 6 -
Pass passwd_file_init userdb-passwd-file.c 0 0
Pass passwd_file_deinit userdb-passwd-file.c 0 0
FAIL passwd_lookup userdb-passwd.c 1 - 2 -
FAIL passwd_iterate_init userdb-passwd.c 1 - 13 -
Pass passwd_iterate_next userdb-passwd.c 0 0
FAIL passwd_iterate_next_timeout userdb-passwd.c 1 - 33 -
Pass passwd_iterate_deinit userdb-passwd.c 0 0
FAIL passwd_passwd_preinit userdb-passwd.c 1 - 17 -
Pass prefetch_lookup userdb-prefetch.c 0 0
FAIL userdb_static_template_build userdb-static.c 1 - 14 -
FAIL userdb_static_template_isset userdb-static.c 1 - 3 -
FAIL userdb_static_template_remove userdb-static.c 1 - 3 -
FAIL userdb_static_template_export userdb-static.c 1 - 15 -
Pass static_lookup_real userdb-static.c 0 0
Pass static_credentials_callback userdb-static.c 0 0
FAIL static_lookup userdb-static.c 1 - 3 -
FAIL static_preinit userdb-static.c 1 - 15 -
FAIL userdb_interface_find userdb.c 1 - 10 -
Pass userdb_register_module userdb.c 0 0
FAIL userdb_unregister_module userdb.c 1 - 4 -
FAIL userdb_parse_uid userdb.c 1 - 6 -
FAIL userdb_parse_gid userdb.c 1 - 6 -
FAIL userdb_find userdb.c 1 - 8 -
FAIL userdb_preinit userdb.c 1 - 3 -
Pass userdb_init userdb.c 0 0
FAIL userdb_deinit userdb.c 1 - 5 -
FAIL userdbs_generate_md5 userdb.c 1 - 60 -
FAIL userdbs_init userdb.c 1 - 37 -
FAIL userdbs_deinit userdb.c 1 - 75 -


Global Information

Source Files in System

Name Last Modification Date
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\lib-auth\auth-server-connection.c Wed May 19 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\lib-auth\auth-master.c Mon May 03 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\lib-auth\auth-client.c Wed May 26 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\lib-auth\auth-client-request.c Thu May 20 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\userdb.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\userdb-vpopmail.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\userdb-static.c Wed Jun 02 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\userdb-sql.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\userdb-prefetch.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\userdb-passwd.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\userdb-passwd-file.c Mon Apr 05 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\userdb-nss.c Mon Jun 14 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\userdb-ldap.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\userdb-checkpassword.c Fri Apr 30 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\userdb-blocking.c Wed Apr 14 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\password-scheme.c Sun May 09 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\password-scheme-rpa.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\password-scheme-otp.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\password-scheme-md5crypt.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\password-scheme-crypt.c Sun May 09 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\passdb.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\passdb-vpopmail.c Sat Apr 03 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\passdb-static.c Wed Jun 02 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\passdb-sql.c Mon Apr 05 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\passdb-sia.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\passdb-shadow.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\passdb-passwd.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\passdb-passwd-file.c Mon Apr 05 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\passdb-pam.c Tue Apr 06 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\passdb-ldap.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\passdb-checkpassword.c Fri Apr 30 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\passdb-cache.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\passdb-bsdauth.c Tue May 04 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\passdb-blocking.c Wed Mar 31 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mycrypt.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-winbind.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-skey.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-rpa.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-plain.c Mon Jun 14 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-plain-common.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-otp.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-otp-skey-common.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-ntlm.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-login.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-gssapi.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-external.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-digest-md5.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-cram-md5.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-apop.c Fri Mar 26 07:16:36 2010

Name Last Modification Date
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\mech-anonymous.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\main.c Tue Jun 15 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\db-sql.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\db-passwd-file.c Mon May 31 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\db-ldap.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\db-checkpassword.c Fri Apr 30 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\checkpassword-reply.c Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\auth.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\auth-worker-server.c Tue Apr 06 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\auth-worker-client.c Wed Jun 02 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\auth-stream.c Wed Apr 14 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\auth-settings.c Fri Jun 25 08:22:16 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\auth-request.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\auth-request-handler.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\auth-penalty.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\auth-master-connection.c Mon Jun 21 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\auth-client-connection.c Tue Jun 08 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\auth\auth-cache.c Fri Mar 26 07:16:36 2010



Global Basic Information

Number of procedures: 579
Number of locally uncalled procedures: 0
Maximum loop depth: 2
Total Cyclomatic Complexity: 1899
Number of reformatted executable lines: 20983
Number of lines of comments: 48006


Summary Report on all Program Components which FAIL



Globals / code outside procedures - FAIL

Standards Violation Summary - All files

Code File: Src Line Violation Standard
M compat.h: 214 Macro replacement list needs parentheses. CERT PRE02-C
M compat.h: 215 Macro replacement list needs parentheses. CERT PRE02-C
M compat.h: 216 Macro replacement list needs parentheses. CERT PRE02-C
M compat.h: 217 Macro replacement list needs parentheses. CERT PRE02-C
M compat.h: 218 Macro replacement list needs parentheses. CERT PRE02-C
M compat.h: 219 Macro replacement list needs parentheses. CERT PRE02-C
M compat.h: 220 Macro replacement list needs parentheses. CERT PRE02-C
M compat.h: 221 Macro replacement list needs parentheses. CERT PRE02-C
M compat.h: 222 Macro replacement list needs parentheses. CERT PRE02-C
M compat.h: 223 Macro replacement list needs parentheses. CERT PRE02-C
M compat.h: 224 Macro replacement list needs parentheses. CERT PRE02-C
M compat.h: 225 Macro replacement list needs parentheses. CERT PRE02-C
M compat.h: 226 Macro replacement list needs parentheses. CERT PRE02-C
M macros.h: 196 Macro replacement list needs parentheses. CERT PRE02-C
M macros.h: 197 Macro replacement list needs parentheses. CERT PRE02-C
M macros.h: 204 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M macros.h: 204 Macro replacement list needs parentheses. CERT PRE02-C
M macros.h: 205 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M macros.h: 205 Macro replacement list needs parentheses. CERT PRE02-C
M macros.h: 223 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M macros.h: 223 Macro replacement list needs parentheses. CERT PRE02-C
M macros.h: 232 Macro replacement list needs parentheses. CERT PRE02-C
M data-stack.h: 49 Macro replacement list needs parentheses. CERT PRE02-C
M data-stack.h: 51 Macro replacement list needs parentheses. CERT PRE02-C
M data-stack.h: 75 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M data-stack.h: 85 Macro replacement list needs parentheses. CERT PRE02-C
M data-stack.h: 90 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M data-stack.h: 90 Macro replacement list needs parentheses. CERT PRE02-C
M data-stack.h: 97 Macro replacement list needs parentheses. CERT PRE02-C
M mempool.h: 84 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M mempool.h: 87 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M mempool.h: 88 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M mempool.h: 99 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M mempool.h: 99 Macro replacement list needs parentheses. CERT PRE02-C
M mempool.h: 102 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M mempool.h: 102 Macro replacement list needs parentheses. CERT PRE02-C
M imem.h: 8 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M imem.h: 8 Macro replacement list needs parentheses. CERT PRE02-C
M imem.h: 14 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M imem.h: 14 Macro replacement list needs parentheses. CERT PRE02-C
M imem.h: 15 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M imem.h: 15 Macro replacement list needs parentheses. CERT PRE02-C
M array-decl.h: 4 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array-decl.h: 4 Macro replacement list needs parentheses. CERT PRE02-C
M array-decl.h: 7 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array-decl.h: 7 Macro replacement list needs parentheses. CERT PRE02-C
M array-decl.h: 9 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array-decl.h: 9 Macro replacement list needs parentheses. CERT PRE02-C
M auth-request-handler.h: 21 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 35 Macro parameter not in brackets. CERT PRE01-C,PRE02-C

Code File: Src Line Violation Standard
M array.h: 35 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 37 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 37 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 39 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 39 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 53 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 58 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 58 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 62 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 62 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 90 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 90 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 102 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 102 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 110 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 118 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 126 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 134 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 143 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 143 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 153 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 164 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 164 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 174 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 174 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 183 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 183 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 192 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 192 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 201 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 201 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 206 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 206 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 211 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 211 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 216 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 216 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 228 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 232 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 232 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 252 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 257 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 261 Macro replacement list needs parentheses. CERT PRE02-C
M array.h: 266 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 279 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M array.h: 279 Macro replacement list needs parentheses. CERT PRE02-C
M ioloop.h: 50 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M ioloop.h: 50 Macro replacement list needs parentheses. CERT PRE02-C
M ioloop.h: 56 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M ioloop.h: 75 Macro parameter not in brackets. CERT PRE01-C,PRE02-C

Code File: Src Line Violation Standard
M ioloop.h: 75 Macro replacement list needs parentheses. CERT PRE02-C
M istream.h: 53 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M istream.h: 53 Macro replacement list needs parentheses. CERT PRE02-C
M ostream.h: 61 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M ostream.h: 61 Macro replacement list needs parentheses. CERT PRE02-C
M auth-client-connection.c: 27 Global not initialised at declaration. : auth_client_connections CERT EXP33-C
M auth-master-connection.c: 45 Global not initialised at declaration. : auth_master_connections CERT EXP33-C
M auth-request-handler.c: 34 Global not initialised at declaration. : auth_failures_arr CERT EXP33-C
M auth-request-handler.c: 35 Global not initialised at declaration. : auth_failures CERT EXP33-C
M auth-request-handler.c: 36 Global not initialised at declaration. : to_auth_failures CERT EXP33-C
M sha1.h: 71 Macro replacement list needs parentheses. CERT PRE02-C
M sha1.h: 72 Macro replacement list needs parentheses. CERT PRE02-C
M sha1.h: 73 Macro replacement list needs parentheses. CERT PRE02-C
M auth-request.c: 30 Global not initialised at declaration. : auth_request_state_count CERT EXP33-C
M auth-request.c: 30 Declaration types do not match across a system. : auth_request_state_count CERT ARR31-C
  116 (auth-request.h)    
M settings-parser.h: 46 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M settings-parser.h: 46 Macro replacement list needs parentheses. CERT PRE02-C
M settings-parser.h: 50 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M settings-parser.h: 50 Macro replacement list needs parentheses. CERT PRE02-C
M settings-parser.h: 54 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M settings-parser.h: 54 Macro replacement list needs parentheses. CERT PRE02-C
M settings-parser.h: 58 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M settings-parser.h: 58 Macro replacement list needs parentheses. CERT PRE02-C
M settings-parser.h: 62 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M settings-parser.h: 62 Macro replacement list needs parentheses. CERT PRE02-C
M auth-settings.c: 32 Sizeof argument is a pointer. CERT EXP01-C
M auth-settings.c: 70 Sizeof argument is a pointer. CERT EXP01-C
M auth-settings.c: 102 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M auth-settings.c: 102 Macro replacement list needs parentheses. CERT PRE02-C
M auth-settings.c: 137 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M auth-settings.c: 137 Macro replacement list needs parentheses. CERT PRE02-C
M auth-settings.c: 169 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M auth-settings.c: 169 Macro replacement list needs parentheses. CERT PRE02-C
M auth-settings.c: 171 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M auth-settings.c: 171 Macro replacement list needs parentheses. CERT PRE02-C
M auth-settings.c: 173 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M auth-settings.c: 173 Macro replacement list needs parentheses. CERT PRE02-C
M auth-settings.c: 315 Global not initialised at declaration. : global_auth_settings CERT EXP33-C
M auth-worker-client.c: 40 Global not initialised at declaration. : auth_worker_client CERT EXP33-C
M auth-worker-server.c: 47 Global not initialised at declaration. : idle_count CERT EXP33-C
M auth-worker-server.c: 48 Global not initialised at declaration. : worker_request_array CERT EXP33-C
M auth-worker-server.c: 49 Global not initialised at declaration. : worker_request_queue CERT EXP33-C
M auth-worker-server.c: 50 Global not initialised at declaration. : auth_worker_last_warn CERT EXP33-C
M auth-worker-server.c: 52 Global not initialised at declaration. : worker_socket_path CERT EXP33-C
M auth.c: 17 Global not initialised at declaration. : auths CERT EXP33-C
M child-wait.h: 18 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M child-wait.h: 26 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M child-wait.h: 26 Macro replacement list needs parentheses. CERT PRE02-C
M db-passwd-file.c: 22 Global not initialised at declaration. : passwd_files CERT EXP33-C

Code File: Src Line Violation Standard
M sql-api.h: 27 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M sql-api.h: 27 Macro replacement list needs parentheses. CERT PRE02-C
M sql-api.h: 32 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M sql-api.h: 32 Macro replacement list needs parentheses. CERT PRE02-C
M sql-api.h: 34 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M sql-api.h: 34 Macro replacement list needs parentheses. CERT PRE02-C
M sql-api.h: 36 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M sql-api.h: 36 Macro replacement list needs parentheses. CERT PRE02-C
M sql-api.h: 38 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M sql-api.h: 38 Macro replacement list needs parentheses. CERT PRE02-C
M sql-api.h: 82 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M sql-api.h: 135 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M main.c: 42 Global not initialised at declaration. : process_start_time CERT EXP33-C
M main.c: 43 Global not initialised at declaration. : auth_penalty CERT EXP33-C
M main.c: 45 Global not initialised at declaration. : auth_set_pool CERT EXP33-C
M main.c: 47 Global not initialised at declaration. : mech_reg CERT EXP33-C
M main.c: 48 Global not initialised at declaration. : listen_fd_types CERT EXP33-C
M main.c: 0 Procedure contains UR data flow anomalies. : (global_auth_settings)->worker_max_count CERT EXP33-C
M main.c: 0 Procedure contains UR data flow anomalies. : auth_client_connections.arr.buffer.used CERT EXP33-C
M main.c: 0 Procedure contains UR data flow anomalies. : auth_master_connections.arr.buffer.used CERT EXP33-C
M auth-master-connection.h: 23 Procedure contains UR data flow anomalies. : auth_master_connections.arr.element_size CERT EXP33-C
  23    
M auth-request.h: 116 Procedure contains UR data flow anomalies. : auth_request_state_count CERT EXP33-C
  2 (network.h)    
M auth-worker-client.h: 8 Procedure contains UR data flow anomalies. : auth_worker_client CERT EXP33-C
  8    
M ioloop.h: 38 Procedure contains UR data flow anomalies. : ioloop_time CERT EXP33-C
  45 (auth-settings.h)    
M main.c: 48 Procedure contains UR data flow anomalies. : listen_fd_types.arr.buffer CERT EXP33-C
  281    
M main.c: 48 Procedure contains UR data flow anomalies. : listen_fd_types.arr.element_size CERT EXP33-C
  281    
M main.c: 48 Procedure contains UR data flow anomalies. : listen_fd_types.v CERT EXP33-C
  281    
M main.c: 0 Procedure contains UR data flow anomalies. : passdb_interfaces.arr.buffer.used CERT EXP33-C
M main.c: 0 Procedure contains UR data flow anomalies. : password_schemes.arr.buffer.used CERT EXP33-C
M password-scheme.h: 26 Procedure contains UR data flow anomalies. : password_schemes.arr.element_size CERT EXP33-C
  26    
M main.c: 0 Procedure contains UR data flow anomalies. : userdb_interfaces.arr.buffer.used CERT EXP33-C
M passdb.c: 11 Global not initialised at declaration. : passdb_interfaces CERT EXP33-C
M passdb.c: 12 Global not initialised at declaration. : passdb_modules CERT EXP33-C
M userdb.c: 12 Global not initialised at declaration. : userdb_interfaces CERT EXP33-C
M userdb.c: 13 Global not initialised at declaration. : userdb_modules CERT EXP33-C
M mech-otp-skey-common.c: 16 Global not initialised at declaration. : otp_lock_table CERT EXP33-C
M mech.c: 11 Global not initialised at declaration. : mech_modules CERT EXP33-C
M ntlm-byteorder.h: 77 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M ntlm-byteorder.h: 77 Macro replacement list needs parentheses. CERT PRE02-C
M ntlm.h: 12 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M ntlm.h: 12 Macro replacement list needs parentheses. CERT PRE02-C
M ntlm.h: 21 Macro parameter not in brackets. CERT PRE01-C,PRE02-C

Code File: Src Line Violation Standard
M ntlm.h: 21 Macro replacement list needs parentheses. CERT PRE02-C
M ntlm.h: 30 Macro parameter not in brackets. CERT PRE01-C,PRE02-C
M ntlm.h: 30 Macro replacement list needs parentheses. CERT PRE02-C
M password-scheme.c: 22 Global not initialised at declaration. : password_schemes CERT EXP33-C

[ Top of Report | Procedure Table | Contents ]





auth_cache_parse_key
(26 to 51 auth-cache.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 38 Pointer not checked for null before use : query CERT EXP08-C,EXP34-C
  37    
M 50 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  34    


[ Top of Report | Procedure Table | Contents ]





auth_cache_node_destroy
(85 to 93 auth-cache.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 92 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 191)    


[ Top of Report | Procedure Table | Contents ]





auth_cache_new
(124 to 140 auth-cache.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 139 Local structure returned in function result : cache  
M 131 Pointer not checked for null before use : cache CERT EXP08-C,EXP34-C
  130    
M 131 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 191)    


[ Top of Report | Procedure Table | Contents ]





auth_cache_free
(142 to 153 auth-cache.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 152 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  150    
M 150 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 191)    


[ Top of Report | Procedure Table | Contents ]





auth_cache_lookup
(162 to 210 auth-cache.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 178 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  177    
M 180 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 190 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  189    


[ Top of Report | Procedure Table | Contents ]





auth_cache_insert
(212 to 274 auth-cache.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 242 Sizeof argument is a pointer. CERT EXP01-C
M 234 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  233    
M 236 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 256 Pointer not checked for null before use : node CERT EXP08-C,EXP34-C
  255    
M 238 Pointer not checked for null before use : current_username CERT EXP08-C,EXP34-C
  227    
M 251 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  246    
M 262 Pointer not checked for null before use : cache.head CERT EXP08-C,EXP34-C
  251    
M 274 Memory not freed after last reference. : node CERT MEM00-C


[ Top of Report | Procedure Table | Contents ]





auth_cache_remove
(276 to 292 auth-cache.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 284 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  283    
M 285 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





array_create_i
(93 to 101 array.h analysed in auth-client-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 100 Pointer not checked for null before use : buffer CERT EXP08-C,EXP34-C
  99    


[ Top of Report | Procedure Table | Contents ]





reply_line_hide_pass
(32 to 45 auth-client-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 42 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  40    
M 43 Pointer not checked for null before use : p2 CERT EXP08-C,EXP34-C
  42    


[ Top of Report | Procedure Table | Contents ]





auth_client_input_cpid
(84 to 126 auth-client-connection.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 117 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 117 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 117 Pointer not checked for null before use : conn CERT EXP08-C,EXP34-C
  117    
M 117 Pointer not checked for null before use : conn CERT EXP08-C,EXP34-C
  117    
M 117 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  117    
M 117 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  117    
M 117 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  103    
M 88 Procedure contains UR data flow anomalies. : pid CERT EXP33-C
  92    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-client-connection.c 88 auth-client-connection.c 92 pid

[ Top of Report | Procedure Table | Contents ]





auth_line_hide_pass
(143 to 155 auth-client-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 152 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  150    
M 153 Pointer not checked for null before use : p2 CERT EXP08-C,EXP34-C
  152    


[ Top of Report | Procedure Table | Contents ]





auth_client_cancel
(168 to 180 auth-client-connection.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 171 Procedure contains UR data flow anomalies. : client_id CERT EXP33-C
  173    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-client-connection.c 171 auth-client-connection.c 173 client_id

[ Top of Report | Procedure Table | Contents ]





auth_client_input
(214 to 283 auth-client-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 257 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  256    
M 282 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  278    


[ Top of Report | Procedure Table | Contents ]





auth_client_connection_create
(285 to 320 auth-client-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 297 Sizeof argument is a pointer. CERT EXP01-C
M 313 Sizeof argument is a pointer. CERT EXP01-C
M 319 Local structure returned in function result : conn  
M 293 Pointer not checked for null before use : conn CERT EXP08-C,EXP34-C
  292    
M 309 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  308    
M 292 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 192)    
M 312 Pointer not checked for null before use : my_pid CERT EXP08-C,EXP34-C
  Ref. Line -3074 (Module 192)    


[ Top of Report | Procedure Table | Contents ]





auth_client_connection_unref
(367 to 378 auth-client-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 378 Memory not freed after last reference. : conn CERT MEM00-C


[ Top of Report | Procedure Table | Contents ]





auth_client_connection_lookup
(380 to 393 auth-client-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 389 Local structure returned in function result : client  
M 385 Pointer not checked for null before use : auth_client_connections.v CERT EXP08-C,EXP34-C
  27    


[ Top of Report | Procedure Table | Contents ]





auth_client_connections_init
(395 to 398 auth-client-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 397 Pointer not checked for null before use : auth_client_connections.arr.buffer CERT EXP08-C,EXP34-C
  27    
M 397 Pointer not checked for null before use : auth_client_connections.v_modifiable CERT EXP08-C,EXP34-C
  27    
M 397 Pointer not checked for null before use : auth_client_connections.v CERT EXP08-C,EXP34-C
  27    
M 397 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 192)    


[ Top of Report | Procedure Table | Contents ]





auth_client_connections_deinit
(400 to 409 auth-client-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 407 Pointer not checked for null before use : clients CERT EXP08-C,EXP34-C
  405    


[ Top of Report | Procedure Table | Contents ]





auth_server_send_new_request
(25 to 62 auth-client-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 32 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  31    


[ Top of Report | Procedure Table | Contents ]





auth_client_request_new
(64 to 94 auth-client-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 93 Local structure returned in function result : request  
M 73 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  72    
M 74 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  73    


[ Top of Report | Procedure Table | Contents ]





auth_client_request_continue
(96 to 113 auth-client-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 104 Pointer not checked for null before use : prefix CERT EXP08-C,EXP34-C
  102    


[ Top of Report | Procedure Table | Contents ]





auth_client_request_abort
(115 to 128 auth-client-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 122 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  118    


[ Top of Report | Procedure Table | Contents ]





auth_client_request_server_input
(151 to 182 auth-client-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 179 Pointer not checked for null before use : args CERT EXP08-C,EXP34-C
  173    
M 179 Pointer not checked for null before use : base64_data CERT EXP08-C,EXP34-C
  172    


[ Top of Report | Procedure Table | Contents ]





auth_client_send_cancel
(184 to 190 auth-client-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 188 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  186    


[ Top of Report | Procedure Table | Contents ]





auth_client_init
(8 to 21 auth-client.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 20 Local structure returned in function result : client  
M 15 Pointer not checked for null before use : client CERT EXP08-C,EXP34-C
  14    
M 14 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 380)    


[ Top of Report | Procedure Table | Contents ]





auth_client_deinit
(23 to 32 auth-client.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 31 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  30    
M 31 Attempt to read from freed memory. : default_pool CERT MEM30-C
M 31 Pointer not checked for null before use : (client)->auth_socket_path CERT EXP08-C,EXP34-C
  30    
M 30 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 380)    


[ Top of Report | Procedure Table | Contents ]





auth_client_find_mech
(72 to 82 auth-client.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 79 Local structure returned in function result : mech  


[ Top of Report | Procedure Table | Contents ]





auth_master_request_callback
(47 to 65 auth-master-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 59 Pointer not checked for null before use : reply_str CERT EXP08-C,EXP34-C
  54    
M 57 Pointer not checked for null before use : reply_str CERT EXP08-C,EXP34-C
  54    


[ Top of Report | Procedure Table | Contents ]





master_input_request
(67 to 111 auth-master-connection.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 78 Pointer not checked for null before use : list CERT EXP08-C,EXP34-C
  77    
M 74 Procedure contains UR data flow anomalies. : buf.data CERT EXP33-C
  86    
M 74 Procedure contains UR data flow anomalies. : buf.priv CERT EXP33-C
  86    
M 74 Procedure contains UR data flow anomalies. : buf.used CERT EXP33-C
  86    
M 72 Procedure contains UR data flow anomalies. : client_id CERT EXP33-C
  81    
M 72 Procedure contains UR data flow anomalies. : client_pid CERT EXP33-C
  80    
M 73 Procedure contains UR data flow anomalies. : cookie CERT EXP33-C
  86    
M 72 Procedure contains UR data flow anomalies. : id CERT EXP33-C
  79    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-master-connection.c 74 auth-master-connection.c 86 buf.data
auth-master-connection.c 74 auth-master-connection.c 86 buf.priv
auth-master-connection.c 74 auth-master-connection.c 86 buf.used
auth-master-connection.c 72 auth-master-connection.c 81 client_id
auth-master-connection.c 72 auth-master-connection.c 103 client_id
auth-master-connection.c 72 auth-master-connection.c 80 client_pid
auth-master-connection.c 72 auth-master-connection.c 92 client_pid
auth-master-connection.c 73 auth-master-connection.c 86 cookie
auth-master-connection.c 72 auth-master-connection.c 79 id

[ Top of Report | Procedure Table | Contents ]





master_input_auth_request
(113 to 163 auth-master-connection.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 131 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  130    
M 140 Pointer not checked for null before use : list CERT EXP08-C,EXP34-C
  140    
M 150 Pointer not checked for null before use : name CERT EXP08-C,EXP34-C
  146    
M 150 Pointer not checked for null before use : arg CERT EXP08-C,EXP34-C
  147    
M 120 Procedure contains UR data flow anomalies. : id CERT EXP33-C
  125    
M 119 Declaration types do not match across a system. : name CERT ARR31-C


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-master-connection.c 120 auth-master-connection.c 125 id
auth-master-connection.c 120 auth-master-connection.c 131 id

[ Top of Report | Procedure Table | Contents ]





user_callback
(165 to 204 auth-master-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 180 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  177    
M 188 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  177    
M 191 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  177    
M 199 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  177    


[ Top of Report | Procedure Table | Contents ]





master_input_user
(206 to 225 auth-master-connection.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 222 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  213    
M 219 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  213    
M 209 Procedure contains UR data flow anomalies. : auth_request CERT EXP33-C
  213    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-master-connection.c 209 auth-master-connection.c 213 auth_request

[ Top of Report | Procedure Table | Contents ]





pass_callback
(227 to 264 auth-master-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 240 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  237    
M 247 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  237    
M 252 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  237    
M 259 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  237    


[ Top of Report | Procedure Table | Contents ]





master_input_pass
(266 to 288 auth-master-connection.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 284 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  273    
M 279 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  273    
M 269 Procedure contains UR data flow anomalies. : auth_request CERT EXP33-C
  273    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-master-connection.c 269 auth-master-connection.c 273 auth_request

[ Top of Report | Procedure Table | Contents ]





master_input_list_callback
(313 to 358 auth-master-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 349 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  347    
M 332 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  330    


[ Top of Report | Procedure Table | Contents ]





master_input_list
(360 to 393 auth-master-connection.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 379 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  378    
M 384 Pointer not checked for null before use : ctx CERT EXP08-C,EXP34-C
  383    
M 366 Procedure contains UR data flow anomalies. : id CERT EXP33-C
  369    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-master-connection.c 366 auth-master-connection.c 369 id

[ Top of Report | Procedure Table | Contents ]





master_input
(424 to 470 auth-master-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 466 Pointer not checked for null before use : conn CERT EXP08-C,EXP34-C
  463    
M 461 Pointer not checked for null before use : conn CERT EXP08-C,EXP34-C
  463    
M 466 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  463    


[ Top of Report | Procedure Table | Contents ]





auth_master_connection_create
(487 to 511 auth-master-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 510 Local structure returned in function result : conn  
M 494 Pointer not checked for null before use : conn CERT EXP08-C,EXP34-C
  493    
M 507 Pointer not checked for null before use : line CERT EXP08-C,EXP34-C
  503    
M 493 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 193)    
M 503 Pointer not checked for null before use : my_pid CERT EXP08-C,EXP34-C
  Ref. Line -3074 (Module 193)    
M 509 Pointer not checked for null before use : auth_master_connections.arr.buffer CERT EXP08-C,EXP34-C
  23 (master-interface.h)    
M 509 Pointer not checked for null before use : auth_master_connections.v_modifiable CERT EXP08-C,EXP34-C
  23 (master-interface.h)    
M 509 Pointer not checked for null before use : auth_master_connections.v CERT EXP08-C,EXP34-C
  23 (master-interface.h)    


[ Top of Report | Procedure Table | Contents ]





auth_master_connection_unref
(556 to 572 auth-master-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 572 Memory not freed after last reference. : conn CERT MEM00-C


[ Top of Report | Procedure Table | Contents ]





auth_master_connections_init
(574 to 577 auth-master-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 576 Pointer not checked for null before use : auth_master_connections.arr.buffer CERT EXP08-C,EXP34-C
  23 (master-interface.h)    
M 576 Pointer not checked for null before use : auth_master_connections.v_modifiable CERT EXP08-C,EXP34-C
  23 (master-interface.h)    
M 576 Pointer not checked for null before use : auth_master_connections.v CERT EXP08-C,EXP34-C
  23 (master-interface.h)    
M 576 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 193)    


[ Top of Report | Procedure Table | Contents ]





auth_master_connections_deinit
(579 to 588 auth-master-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 584 Pointer not checked for null before use : auth_master_connections.v CERT EXP08-C,EXP34-C
  23 (master-interface.h)    
M 586 Pointer not checked for null before use : masters CERT EXP08-C,EXP34-C
  584    


[ Top of Report | Procedure Table | Contents ]





auth_master_init
(72 to 83 auth-master.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 82 Local structure returned in function result : conn  
M 78 Pointer not checked for null before use : conn CERT EXP08-C,EXP34-C
  77    
M 77 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 381)    


[ Top of Report | Procedure Table | Contents ]





auth_master_deinit
(99 to 107 auth-master.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 106 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  105    
M 106 Attempt to read from freed memory. : default_pool CERT MEM30-C
M 106 Pointer not checked for null before use : (conn)->auth_socket_path CERT EXP08-C,EXP34-C
  105    
M 105 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 381)    


[ Top of Report | Procedure Table | Contents ]





auth_input_handshake
(115 to 137 auth-master.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 121 Pointer not checked for null before use : tmp CERT EXP08-C,EXP34-C
  120    


[ Top of Report | Procedure Table | Contents ]





auth_lookup_reply_callback
(160 to 191 auth-master.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 165 Attempt to use already freed object. CERT MEM31-C


[ Top of Report | Procedure Table | Contents ]





auth_handle_line
(193 to 220 auth-master.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 199 Pointer not checked for null before use : args CERT EXP08-C,EXP34-C
  198    
M 200 Pointer not checked for null before use : args CERT EXP08-C,EXP34-C
  199    
M 208 Pointer not checked for null before use : wanted_id CERT EXP08-C,EXP34-C
  207    
M 208 Pointer not checked for null before use : id CERT EXP08-C,EXP34-C
  203    


[ Top of Report | Procedure Table | Contents ]





auth_master_run_cmd
(341 to 380 auth-master.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 359 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  357    
M 373 Pointer not checked for null before use : prev_ioloop CERT EXP08-C,EXP34-C
  352    
M 376 Pointer not checked for null before use : conn.to CERT EXP08-C,EXP34-C
  373    
M 373 Pointer not checked for null before use : conn.to CERT EXP08-C,EXP34-C
  353    
M 373 Pointer not checked for null before use : conn.input CERT EXP08-C,EXP34-C
  353    
M 373 Pointer not checked for null before use : conn.io CERT EXP08-C,EXP34-C
  353    


[ Top of Report | Procedure Table | Contents ]





auth_master_user_lookup
(408 to 456 auth-master.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 455 Local structure returned in function result : ctx  
M 434 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  433    
M 445 Pointer not checked for null before use : ctx.fields CERT EXP08-C,EXP34-C
  423    


[ Top of Report | Procedure Table | Contents ]





auth_user_fields_parse
(458 to 482 auth-master.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 462 Pointer not checked for null before use : reply_r CERT EXP08-C,EXP34-C
  461    
M 479 Pointer not checked for null before use : field CERT EXP08-C,EXP34-C
  478    
M 479 Pointer not checked for null before use : (arr)->buffer CERT EXP08-C,EXP34-C
  464    
M 479 Pointer not checked for null before use : (arr)->element_size CERT EXP08-C,EXP34-C
  464    


[ Top of Report | Procedure Table | Contents ]





auth_master_pass_lookup
(484 to 520 auth-master.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 519 Local structure returned in function result : ctx  
M 508 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  507    
M 517 Pointer not checked for null before use : ctx.fields CERT EXP08-C,EXP34-C
  497    


[ Top of Report | Procedure Table | Contents ]





auth_user_list_reply_callback
(522 to 547 auth-master.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 543 Pointer not checked for null before use : user CERT EXP08-C,EXP34-C
  542    
M 527 Declaration types do not match across a system. : user CERT ARR31-C


[ Top of Report | Procedure Table | Contents ]





auth_master_user_list_init
(549 to 572 auth-master.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 571 Local structure returned in function result : ctx  
M 557 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  556    
M 558 Pointer not checked for null before use : ctx CERT EXP08-C,EXP34-C
  557    
M 567 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  565    
M 560 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 381)    


[ Top of Report | Procedure Table | Contents ]





auth_penalty_init
(28 to 42 auth-penalty.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 41 Local structure returned in function result : penalty  
M 33 Pointer not checked for null before use : penalty CERT EXP08-C,EXP34-C
  32    
M 32 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 194)    


[ Top of Report | Procedure Table | Contents ]





auth_penalty_deinit
(44 to 51 auth-penalty.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 50 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 194)    


[ Top of Report | Procedure Table | Contents ]





auth_penalty_lookup
(110 to 132 auth-penalty.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 124 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  123    
M 129 Pointer not checked for null before use : ident CERT EXP08-C,EXP34-C
  117    


[ Top of Report | Procedure Table | Contents ]





auth_penalty_update
(142 to 165 auth-penalty.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 163 Pointer not checked for null before use : cmd CERT EXP08-C,EXP34-C
  161    
M 161 Pointer not checked for null before use : ident CERT EXP08-C,EXP34-C
  147    


[ Top of Report | Procedure Table | Contents ]





auth_request_handler_create
(41 to 58 auth-request-handler.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 57 Local structure returned in function result : handler  
M 50 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  48    
M 51 Pointer not checked for null before use : handler CERT EXP08-C,EXP34-C
  50    
M 53 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 195)    


[ Top of Report | Procedure Table | Contents ]





auth_request_handler_abort_requests
(60 to 73 auth-request-handler.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 63 Procedure contains UR data flow anomalies. : key CERT EXP33-C
  66    
M 63 Procedure contains UR data flow anomalies. : value CERT EXP33-C
  66    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request-handler.c 63 auth-request-handler.c 66 key
auth-request-handler.c 63 auth-request-handler.c 66 value

[ Top of Report | Procedure Table | Contents ]





get_client_extra_fields
(115 to 158 auth-request-handler.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 129 Pointer not checked for null before use : extra_fields CERT EXP08-C,EXP34-C
  125    
M 135 Pointer not checked for null before use : extra_fields CERT EXP08-C,EXP34-C
  125    


[ Top of Report | Procedure Table | Contents ]





auth_request_handle_failure
(160 to 200 auth-request-handler.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 176 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  174    


[ Top of Report | Procedure Table | Contents ]





auth_request_handler_reply
(202 to 272 auth-request-handler.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 213 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 214 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 217 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  216    
M 218 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 231 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 232 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 236 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  235    
M 250 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 251 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 256 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 260 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 263 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 213 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  210    
M 250 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  210    
M 231 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  210    


[ Top of Report | Procedure Table | Contents ]





auth_request_handler_auth_fail
(281 to 296 auth-request-handler.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 290 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  289    
M 290 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 291 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





auth_request_handler_auth_begin
(340 to 452 auth-request-handler.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 369 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  368    
M 441 Pointer not checked for null before use : initial_resp_data CERT EXP08-C,EXP34-C
  440    
M 376 Pointer not checked for null before use : list CERT EXP08-C,EXP34-C
  376    
M 396 Pointer not checked for null before use : list CERT EXP08-C,EXP34-C
  391    
M 386 Pointer not checked for null before use : name CERT EXP08-C,EXP34-C
  382    
M 386 Pointer not checked for null before use : arg CERT EXP08-C,EXP34-C
  383    
M 345 Procedure contains UR data flow anomalies. : arg CERT EXP33-C
  428    
M 347 Procedure contains UR data flow anomalies. : id CERT EXP33-C
  353    
M 375 Procedure contains UR data flow anomalies. : initial_resp CERT EXP33-C
  345    
M 345 Declaration types do not match across a system. : name CERT ARR31-C


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request-handler.c 345 auth-request-handler.c 428 arg
auth-request-handler.c 347 auth-request-handler.c 353 id
auth-request-handler.c 347 auth-request-handler.c 372 id
auth-request-handler.c 375 auth-request-handler.c 428 initial_resp

[ Top of Report | Procedure Table | Contents ]





auth_request_handler_auth_continue
(454 to 505 auth-request-handler.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 475 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  474    
M 475 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 476 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 491 Pointer not checked for null before use : data CERT EXP08-C,EXP34-C
  468    
M 461 Procedure contains UR data flow anomalies. : id CERT EXP33-C
  464    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request-handler.c 461 auth-request-handler.c 464 id
auth-request-handler.c 461 auth-request-handler.c 470 id

[ Top of Report | Procedure Table | Contents ]





userdb_callback
(507 to 554 auth-request-handler.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 524 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 525 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 534 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 535 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 538 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 539 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 549 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  521    
M 524 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  521    
M 534 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  521    
M 538 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  521    


[ Top of Report | Procedure Table | Contents ]





auth_request_handler_master_request
(556 to 604 auth-request-handler.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 570 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 571 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 581 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  579    
M 585 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 586 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 570 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  564    
M 585 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  564    


[ Top of Report | Procedure Table | Contents ]





auth_request_handler_flush_failures
(616 to 646 auth-request-handler.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 634 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  631    
M 642 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 622 Pointer not checked for null before use : auth_failures CERT EXP08-C,EXP34-C
  35    
M 631 Pointer not checked for null before use : auth_requests CERT EXP08-C,EXP34-C
  629    


[ Top of Report | Procedure Table | Contents ]





auth_request_handler_init
(653 to 657 auth-request-handler.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 655 Pointer not checked for null before use : auth_failures_arr.v_modifiable CERT EXP08-C,EXP34-C
  34    
M 655 Pointer not checked for null before use : auth_failures_arr.v CERT EXP08-C,EXP34-C
  34    
M 656 Pointer not checked for null before use : auth_failures_arr.arr.buffer CERT EXP08-C,EXP34-C
  34    
M 655 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 195)    


[ Top of Report | Procedure Table | Contents ]





auth_request_handler_deinit
(659 to 667 auth-request-handler.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 663 Pointer not checked for null before use : auth_failures CERT EXP08-C,EXP34-C
  35    


[ Top of Report | Procedure Table | Contents ]





auth_request_new
(36 to 53 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 52 Local structure returned in function result : request  
M 43 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  41    
M 49 Pointer not checked for null before use : global_auth_settings CERT EXP08-C,EXP34-C
  Ref. Line -1651 (Module 196)    


[ Top of Report | Procedure Table | Contents ]





auth_request_new_dummy
(55 to 71 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 70 Local structure returned in function result : request  
M 61 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  60    
M 62 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  61    
M 69 Pointer not checked for null before use : global_auth_settings CERT EXP08-C,EXP34-C
  Ref. Line -1651 (Module 196)    


[ Top of Report | Procedure Table | Contents ]





auth_request_init
(87 to 95 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 92 Pointer not checked for null before use : auth CERT EXP08-C,EXP34-C
  91    


[ Top of Report | Procedure Table | Contents ]





auth_request_fail
(120 to 128 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 126 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





auth_request_save_cache
(264 to 354 auth-request.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 347 Pointer not checked for null before use : extra_fields CERT EXP08-C,EXP34-C
  345    
M 320 Pointer not checked for null before use : encoded_password CERT EXP08-C,EXP34-C
  314    
M 329 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  325    
M 341 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  325    
M 268 Procedure contains UR data flow anomalies. : encoded_password CERT EXP33-C
  320    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request.c 268 auth-request.c 320 encoded_password

[ Top of Report | Procedure Table | Contents ]





auth_request_verify_plain_callback_finish
(450 to 465 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 456 Pointer not checked for null before use : request.passdb CERT EXP08-C,EXP34-C
  454    
M 456 Pointer not checked for null before use : request.requested_login_user CERT EXP08-C,EXP34-C
  454    


[ Top of Report | Procedure Table | Contents ]





auth_request_verify_plain_callback
(467 to 491 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 490 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  475    


[ Top of Report | Procedure Table | Contents ]





auth_request_verify_plain
(510 to 566 auth-request.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 545 Pointer not checked for null before use : passdb CERT EXP08-C,EXP34-C
  538    
M 546 Pointer not checked for null before use : cache_key CERT EXP08-C,EXP34-C
  545    
M 515 Procedure contains UR data flow anomalies. : result CERT EXP33-C
  548    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request.c 515 auth-request.c 548 result

[ Top of Report | Procedure Table | Contents ]





auth_request_lookup_credentials_finish
(568 to 589 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 576 Pointer not checked for null before use : request.passdb CERT EXP08-C,EXP34-C
  574    
M 582 Pointer not checked for null before use : request.requested_login_user CERT EXP08-C,EXP34-C
  574    
M 582 Pointer not checked for null before use : request.user CERT EXP08-C,EXP34-C
  574    


[ Top of Report | Procedure Table | Contents ]





auth_request_lookup_credentials_callback
(591 to 625 auth-request.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 623 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  603    
M 596 Procedure contains UR data flow anomalies. : cache_cred CERT EXP33-C
  615    
M 596 Procedure contains UR data flow anomalies. : cache_scheme CERT EXP33-C
  615    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request.c 596 auth-request.c 615 cache_cred
auth-request.c 596 auth-request.c 615 cache_scheme

[ Top of Report | Procedure Table | Contents ]





auth_request_lookup_credentials
(627 to 667 auth-request.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 660 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 632 Procedure contains UR data flow anomalies. : cache_cred CERT EXP33-C
  645    
M 632 Procedure contains UR data flow anomalies. : cache_scheme CERT EXP33-C
  645    
M 633 Procedure contains UR data flow anomalies. : result CERT EXP33-C
  645    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request.c 632 auth-request.c 645 cache_cred
auth-request.c 632 auth-request.c 645 cache_scheme
auth-request.c 633 auth-request.c 645 result

[ Top of Report | Procedure Table | Contents ]





auth_request_set_credentials
(669 to 692 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 676 Pointer not checked for null before use : passdb_cache CERT EXP08-C,EXP34-C
  Ref. Line -4015 (Module 196)    
M 684 Pointer not checked for null before use : new_credentials CERT EXP08-C,EXP34-C
  682    
M 686 Pointer not checked for null before use : new_credentials CERT EXP08-C,EXP34-C
  682    
M 684 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  678    


[ Top of Report | Procedure Table | Contents ]





auth_request_userdb_save_cache
(694 to 707 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 706 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  703    


[ Top of Report | Procedure Table | Contents ]





auth_request_lookup_user_cache
(709 to 735 auth-request.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 733 Pointer not checked for null before use : reply_r CERT EXP08-C,EXP34-C
  732    
M 719 Pointer not checked for null before use : passdb_cache CERT EXP08-C,EXP34-C
  Ref. Line -4015 (Module 196)    
M 716 Procedure contains UR data flow anomalies. : node CERT EXP33-C
  719    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request.c 716 auth-request.c 719 node

[ Top of Report | Procedure Table | Contents ]





auth_request_userdb_callback
(737 to 791 auth-request.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 784 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  782    
M 780 Procedure contains UR data flow anomalies. : reply CERT EXP33-C
  782    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request.c 780 auth-request.c 782 reply

[ Top of Report | Procedure Table | Contents ]





auth_request_lookup_user
(793 to 824 auth-request.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 810 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  808    
M 803 Pointer not checked for null before use : passdb_cache CERT EXP08-C,EXP34-C
  Ref. Line -4015 (Module 196)    
M 805 Procedure contains UR data flow anomalies. : reply CERT EXP33-C
  808    
M 806 Procedure contains UR data flow anomalies. : result CERT EXP33-C
  811    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request.c 805 auth-request.c 808 reply
auth-request.c 806 auth-request.c 811 result

[ Top of Report | Procedure Table | Contents ]





auth_request_fix_username
(826 to 873 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 865 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 866 Pointer not checked for null before use : dest CERT EXP08-C,EXP34-C
  864    
M 866 Pointer not checked for null before use : table CERT EXP08-C,EXP34-C
  865    
M 869 Pointer not checked for null before use : old_username CERT EXP08-C,EXP34-C
  861    
M 842 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  842    
M 842 Pointer not checked for null before use : user CERT EXP08-C,EXP34-C
  839    
M 832 Declaration types do not match across a system. : user CERT ARR31-C


[ Top of Report | Procedure Table | Contents ]





auth_request_set_username
(875 to 934 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 888 Pointer not checked for null before use : login_username CERT EXP08-C,EXP34-C
  886    
M 901 Pointer not checked for null before use : username CERT EXP08-C,EXP34-C
  894    


[ Top of Report | Procedure Table | Contents ]





auth_request_validate_networks
(956 to 992 auth-request.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 972 Pointer not checked for null before use : net CERT EXP08-C,EXP34-C
  972    
M 961 Procedure contains UR data flow anomalies. : bits CERT EXP33-C
  976    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request.c 961 auth-request.c 976 bits

[ Top of Report | Procedure Table | Contents ]





auth_request_set_reply_field
(1019 to 1043 auth-request.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 1042 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  1026    
M 1026 Procedure contains UR data flow anomalies. : value CERT EXP33-C
M 1031 Procedure contains UR data flow anomalies. : value CERT EXP33-C
M 1037 Procedure contains UR data flow anomalies. : value CERT EXP33-C


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request.c 1026 auth-request.c 1042 value
auth-request.c 1031 auth-request.c 1042 value
auth-request.c 1037 auth-request.c 1042 value

[ Top of Report | Procedure Table | Contents ]





auth_request_set_field
(1045 to 1142 auth-request.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 1086 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  1072    
M 1140 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  1098    
M 1098 Pointer not checked for null before use : orig_value CERT EXP08-C,EXP34-C
  1067    
M 1082 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  1081    
M 1108 Pointer not checked for null before use : password CERT EXP08-C,EXP34-C
  1107    
M 1049 Procedure contains UR data flow anomalies. : p CERT EXP33-C
  1072    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request.c 1049 auth-request.c 1072 p
auth-request.c 1026 auth-request.c 1140 value

[ Top of Report | Procedure Table | Contents ]





auth_request_init_userdb_reply
(1166 to 1170 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 1169 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





auth_request_userdb_reply_update_user
(1172 to 1184 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 1179 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 1181 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  1176    


[ Top of Report | Procedure Table | Contents ]





auth_request_change_userdb_user
(1186 to 1207 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 1198 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 1201 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 1204 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  1195    


[ Top of Report | Procedure Table | Contents ]





auth_request_set_uidgid_file
(1209 to 1227 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 1216 Pointer not checked for null before use : path CERT EXP08-C,EXP34-C
  1215    
M 1217 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 1223 User input not checked before use. : st CERT FIO30-C
  1218    


[ Top of Report | Procedure Table | Contents ]





auth_request_set_userdb_field
(1229 to 1267 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 1266 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  1241    


[ Top of Report | Procedure Table | Contents ]





auth_request_set_userdb_field_values
(1269 to 1302 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 1297 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  1284    


[ Top of Report | Procedure Table | Contents ]





auth_request_proxy_is_self
(1304 to 1330 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 1310 Pointer not checked for null before use : tmp CERT EXP08-C,EXP34-C
  1309    


[ Top of Report | Procedure Table | Contents ]





auth_request_proxy_finish
(1332 to 1358 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 1346 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





log_password_failure
(1360 to 1385 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 1370 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  1367    


[ Top of Report | Procedure Table | Contents ]





auth_request_log_password_mismatch
(1387 to 1417 auth-request.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 1399 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  1398    
M 1406 Procedure contains UR data flow anomalies. : sha1 CERT EXP33-C
  1409    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request.c 1406 auth-request.c 1409 sha1

[ Top of Report | Procedure Table | Contents ]





auth_request_password_verify
(1419 to 1474 auth-request.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 1461 Pointer not checked for null before use : scheme CERT EXP08-C,EXP34-C
  1444    
M 1467 Pointer not checked for null before use : scheme CERT EXP08-C,EXP34-C
  1461    
M 1461 Pointer not checked for null before use : raw_password CERT EXP08-C,EXP34-C
  1444    
M 1424 Procedure contains UR data flow anomalies. : raw_password CERT EXP33-C
  1461    
M 1425 Procedure contains UR data flow anomalies. : raw_password_size CERT EXP33-C
  1444    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-request.c 1424 auth-request.c 1461 raw_password
auth-request.c 1425 auth-request.c 1444 raw_password_size

[ Top of Report | Procedure Table | Contents ]





auth_request_get_var_expand_table
(1490 to 1567 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 1521 Pointer not checked for null before use : tab CERT EXP08-C,EXP34-C
  1520    
M 1523 Pointer not checked for null before use : tab CERT EXP08-C,EXP34-C
  1521    


[ Top of Report | Procedure Table | Contents ]





get_log_str
(1595 to 1605 auth-request.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 1602 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  1601    


[ Top of Report | Procedure Table | Contents ]





auth_server_input_mech
(25 to 64 auth-server-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 43 Pointer not checked for null before use : mech_desc.name CERT EXP08-C,EXP34-C
  41    


[ Top of Report | Procedure Table | Contents ]





auth_server_lookup_request
(132 to 155 auth-server-connection.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 138 Procedure contains UR data flow anomalies. : id CERT EXP33-C
  140    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-server-connection.c 138 auth-server-connection.c 140 id
auth-server-connection.c 138 auth-server-connection.c 145 id

[ Top of Report | Procedure Table | Contents ]





auth_server_input_ok
(157 to 168 auth-server-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 165 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  163    


[ Top of Report | Procedure Table | Contents ]





auth_server_input_cont
(170 to 185 auth-server-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 182 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  180    


[ Top of Report | Procedure Table | Contents ]





auth_server_input_fail
(187 to 197 auth-server-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 194 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  192    


[ Top of Report | Procedure Table | Contents ]





auth_server_connection_input
(235 to 286 auth-server-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 274 Pointer not checked for null before use : input CERT EXP08-C,EXP34-C
  273    


[ Top of Report | Procedure Table | Contents ]





auth_server_connection_init
(288 to 303 auth-server-connection.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C

Code Line Violation Standard
M 302 Local structure returned in function result : conn  
M 295 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  294    
M 296 Pointer not checked for null before use : conn CERT EXP08-C,EXP34-C
  295    


[ Top of Report | Procedure Table | Contents ]





auth_server_connection_remove_requests
(305 to 322 auth-server-connection.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 310 Procedure contains UR data flow anomalies. : key CERT EXP33-C
  313    
M 310 Procedure contains UR data flow anomalies. : value CERT EXP33-C
  313    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-server-connection.c 310 auth-server-connection.c 313 key
auth-server-connection.c 310 auth-server-connection.c 313 value

[ Top of Report | Procedure Table | Contents ]





auth_server_connection_connect
(393 to 437 auth-server-connection.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 428 Pointer not checked for null before use : handshake CERT EXP08-C,EXP34-C
  424    


[ Top of Report | Procedure Table | Contents ]





auth_settings_check
(258 to 286 auth-settings.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 271 Sizeof argument is a pointer. CERT EXP01-C
M 274 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  274    
M 280 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  279    


[ Top of Report | Procedure Table | Contents ]





auth_settings_read
(317 to 342 auth-settings.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 338 Pointer not checked for null before use : set_parser CERT EXP08-C,EXP34-C
  337    
M 327 Procedure contains UR data flow anomalies. : error CERT EXP33-C
  333    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-settings.c 327 auth-settings.c 333 error

[ Top of Report | Procedure Table | Contents ]





auth_stream_reply_init
(14 to 21 auth-stream.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 20 Local structure returned in function result : reply  
M 19 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  18    


[ Top of Report | Procedure Table | Contents ]





auth_stream_reply_remove
(72 to 89 auth-stream.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 74 Procedure contains UR data flow anomalies. : idx CERT EXP33-C
  79    
M 74 Procedure contains UR data flow anomalies. : len CERT EXP33-C
  79    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-stream.c 74 auth-stream.c 79 idx
auth-stream.c 74 auth-stream.c 79 len

[ Top of Report | Procedure Table | Contents ]





auth_stream_reply_find
(91 to 109 auth-stream.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 94 Procedure contains UR data flow anomalies. : idx CERT EXP33-C
  105    
M 94 Procedure contains UR data flow anomalies. : len CERT EXP33-C
  100    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-stream.c 94 auth-stream.c 105 idx
auth-stream.c 94 auth-stream.c 100 len

[ Top of Report | Procedure Table | Contents ]





worker_auth_request_new
(57 to 80 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 79 Local structure returned in function result : auth_request  
M 67 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  64    
M 74 Pointer not checked for null before use : key CERT EXP08-C,EXP34-C
  73    
M 74 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  73    


[ Top of Report | Procedure Table | Contents ]





verify_plain_callback
(90 to 133 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 101 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  100    
M 101 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 104 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 106 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 107 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 111 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 112 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 118 Pointer not checked for null before use : fields CERT EXP08-C,EXP34-C
  116    
M 123 Pointer not checked for null before use : fields CERT EXP08-C,EXP34-C
  121    
M 127 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  126    


[ Top of Report | Procedure Table | Contents ]





auth_worker_handle_passv
(135 to 183 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 153 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  152    
M 153 Pointer not checked for null before use : password CERT EXP08-C,EXP34-C
  150    
M 143 Procedure contains UR data flow anomalies. : passdb_id CERT EXP33-C
  146    
M 150 Global array bound exceeded at use : args CERT ARR30-C
M 146 Global array bound exceeded at use : args CERT ARR30-C


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-worker-client.c 143 auth-worker-client.c 146 passdb_id

[ Top of Report | Procedure Table | Contents ]





lookup_credentials_callback
(185 to 231 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 198 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  197    
M 198 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 201 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 202 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 205 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 206 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 209 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  208    
M 211 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 216 Pointer not checked for null before use : fields CERT EXP08-C,EXP34-C
  214    
M 221 Pointer not checked for null before use : fields CERT EXP08-C,EXP34-C
  219    
M 225 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  224    


[ Top of Report | Procedure Table | Contents ]





auth_worker_handle_passl
(233 to 277 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 250 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  249    
M 250 Pointer not checked for null before use : scheme CERT EXP08-C,EXP34-C
  247    
M 240 Procedure contains UR data flow anomalies. : passdb_id CERT EXP33-C
  243    
M 247 Global array bound exceeded at use : args CERT ARR30-C
M 243 Global array bound exceeded at use : args CERT ARR30-C


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-worker-client.c 240 auth-worker-client.c 243 passdb_id

[ Top of Report | Procedure Table | Contents ]





set_credentials_callback
(279 to 293 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 287 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  286    


[ Top of Report | Procedure Table | Contents ]





auth_worker_handle_setcred
(295 to 329 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 311 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  310    
M 326 Pointer not checked for null before use : creds CERT EXP08-C,EXP34-C
  308    
M 300 Procedure contains UR data flow anomalies. : passdb_id CERT EXP33-C
  304    
M 308 Global array bound exceeded at use : args CERT ARR30-C
M 304 Global array bound exceeded at use : args CERT ARR30-C


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-worker-client.c 300 auth-worker-client.c 304 passdb_id

[ Top of Report | Procedure Table | Contents ]





lookup_user_callback
(331 to 362 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 340 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  339    


[ Top of Report | Procedure Table | Contents ]





auth_worker_handle_user
(376 to 408 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 391 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  390    
M 382 Procedure contains UR data flow anomalies. : userdb_id CERT EXP33-C
  385    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-worker-client.c 382 auth-worker-client.c 385 userdb_id

[ Top of Report | Procedure Table | Contents ]





list_iter_deinit
(410 to 428 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 427 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  426    
M 419 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  417    
M 421 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  417    


[ Top of Report | Procedure Table | Contents ]





list_iter_callback
(430 to 464 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 445 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  444    


[ Top of Report | Procedure Table | Contents ]





auth_worker_handle_list
(479 to 511 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 499 Pointer not checked for null before use : ctx CERT EXP08-C,EXP34-C
  498    
M 485 Procedure contains UR data flow anomalies. : userdb_id CERT EXP33-C
  487    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-worker-client.c 485 auth-worker-client.c 487 userdb_id

[ Top of Report | Procedure Table | Contents ]





auth_worker_handle_line
(513 to 542 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 517 Procedure contains UR data flow anomalies. : id CERT EXP33-C
  522    
M 538 Global array bound exceeded at use : args CERT ARR30-C
M 535 Global array bound exceeded at use : args CERT ARR30-C
M 533 Global array bound exceeded at use : args CERT ARR30-C
M 531 Global array bound exceeded at use : args CERT ARR30-C
M 529 Global array bound exceeded at use : args CERT ARR30-C
M 527 Global array bound exceeded at use : args CERT ARR30-C
M 521 Global array bound exceeded at use : args CERT ARR30-C
M 521 Global array bound exceeded at use : args CERT ARR30-C


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-worker-client.c 517 auth-worker-client.c 522 id
auth-worker-client.c 517 auth-worker-client.c 528 id

[ Top of Report | Procedure Table | Contents ]





auth_worker_verify_db_hash
(544 to 560 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 554 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  553    
M 547 Procedure contains UR data flow anomalies. : passdb_md5 CERT EXP33-C
  550    
M 548 Procedure contains UR data flow anomalies. : userdb_md5 CERT EXP33-C
  551    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-worker-client.c 547 auth-worker-client.c 550 passdb_md5
auth-worker-client.c 548 auth-worker-client.c 551 userdb_md5

[ Top of Report | Procedure Table | Contents ]





auth_worker_input
(562 to 624 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 623 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  619    


[ Top of Report | Procedure Table | Contents ]





auth_worker_client_create
(642 to 660 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 659 Local structure returned in function result : client  
M 648 Pointer not checked for null before use : client CERT EXP08-C,EXP34-C
  647    
M 647 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 199)    


[ Top of Report | Procedure Table | Contents ]





auth_worker_client_unref
(684 to 696 auth-worker-client.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 696 Memory not freed after last reference. : client CERT MEM00-C


[ Top of Report | Procedure Table | Contents ]





auth_worker_idle_timeout
(58 to 66 auth-worker-server.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 63 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





auth_worker_request_send
(75 to 108 auth-worker-server.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 93 Pointer not checked for null before use : iov.iov_base CERT EXP08-C,EXP34-C
  92    


[ Top of Report | Procedure Table | Contents ]





auth_worker_request_send_next
(110 to 122 auth-worker-server.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 119 Pointer not checked for null before use : requestp CERT EXP08-C,EXP34-C
  117    
M 121 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  119    


[ Top of Report | Procedure Table | Contents ]





auth_worker_send_handshake
(124 to 144 auth-worker-server.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 131 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  130    
M 127 Procedure contains UR data flow anomalies. : passdb_md5 CERT EXP33-C
  135    
M 128 Procedure contains UR data flow anomalies. : userdb_md5 CERT EXP33-C
  136    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-worker-server.c 127 auth-worker-server.c 135 passdb_md5
auth-worker-server.c 128 auth-worker-server.c 136 userdb_md5

[ Top of Report | Procedure Table | Contents ]





auth_worker_create
(146 to 173 auth-worker-server.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 172 Local structure returned in function result : conn  
M 161 Pointer not checked for null before use : conn CERT EXP08-C,EXP34-C
  160    


[ Top of Report | Procedure Table | Contents ]





auth_worker_destroy
(175 to 215 auth-worker-server.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 213 Pointer not checked for null before use : conn CERT EXP08-C,EXP34-C
  212    
M 184 Pointer not checked for null before use : connections.v CERT EXP08-C,EXP34-C
  46    
M 212 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  209    
M 212 Attempt to read from freed memory. : default_pool CERT MEM30-C


[ Top of Report | Procedure Table | Contents ]





auth_worker_find_free
(217 to 232 auth-worker-server.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 228 Local structure returned in function result : conn  


[ Top of Report | Procedure Table | Contents ]





worker_input
(252 to 306 auth-worker-server.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 281 Pointer not checked for null before use : id_str CERT EXP08-C,EXP34-C
  278    
M 305 Pointer not checked for null before use : conn.to CERT EXP08-C,EXP34-C
  285    
M 255 Procedure contains UR data flow anomalies. : id CERT EXP33-C
  281    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth-worker-server.c 255 auth-worker-server.c 281 id

[ Top of Report | Procedure Table | Contents ]





auth_worker_call
(308 to 339 auth-worker-server.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 316 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  315    
M 333 Pointer not checked for null before use : conn CERT EXP08-C,EXP34-C
  324    


[ Top of Report | Procedure Table | Contents ]





auth_worker_server_init
(347 to 355 auth-worker-server.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 351 Pointer not checked for null before use : worker_request_array.v_modifiable CERT EXP08-C,EXP34-C
  48    
M 351 Pointer not checked for null before use : worker_request_array.v CERT EXP08-C,EXP34-C
  48    
M 352 Pointer not checked for null before use : worker_request_array.arr.buffer CERT EXP08-C,EXP34-C
  48    
M 351 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 200)    
M 354 Pointer not checked for null before use : connections.arr.buffer CERT EXP08-C,EXP34-C
  46    
M 354 Pointer not checked for null before use : connections.v_modifiable CERT EXP08-C,EXP34-C
  46    
M 354 Pointer not checked for null before use : connections.v CERT EXP08-C,EXP34-C
  46    


[ Top of Report | Procedure Table | Contents ]





auth_worker_server_deinit
(357 to 370 auth-worker-server.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 363 Pointer not checked for null before use : connp CERT EXP08-C,EXP34-C
  362    
M 364 Pointer not checked for null before use : conn CERT EXP08-C,EXP34-C
  363    


[ Top of Report | Procedure Table | Contents ]





auth_passdb_preinit
(19 to 33 auth.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 26 Pointer not checked for null before use : auth_passdb CERT EXP08-C,EXP34-C
  25    
M 28 Pointer not checked for null before use : dest CERT EXP08-C,EXP34-C
  28    


[ Top of Report | Procedure Table | Contents ]





auth_userdb_preinit
(35 to 48 auth.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 41 Pointer not checked for null before use : auth_userdb CERT EXP08-C,EXP34-C
  40    
M 46 Pointer not checked for null before use : auth CERT EXP08-C,EXP34-C
  44    
M 43 Pointer not checked for null before use : dest CERT EXP08-C,EXP34-C
  43    


[ Top of Report | Procedure Table | Contents ]





auth_preinit
(50 to 108 auth.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 107 Local structure returned in function result : auth  
M 60 Pointer not checked for null before use : auth CERT EXP08-C,EXP34-C
  59    
M 74 Pointer not checked for null before use : passdbs CERT EXP08-C,EXP34-C
  68    
M 100 Pointer not checked for null before use : userdbs CERT EXP08-C,EXP34-C
  98    
M 57 Procedure contains UR data flow anomalies. : db_count CERT EXP33-C
  73    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth.c 57 auth.c 73 db_count

[ Top of Report | Procedure Table | Contents ]





auth_find_service
(216 to 235 auth.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 224 Pointer not checked for null before use : a CERT EXP08-C,EXP34-C
  221    


[ Top of Report | Procedure Table | Contents ]





auths_preinit
(237 to 266 auth.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 249 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 250 Pointer not checked for null before use : (arr)->buffer CERT EXP08-C,EXP34-C
  247    
M 250 Pointer not checked for null before use : (arr)->element_size CERT EXP08-C,EXP34-C
  247    
M 250 Pointer not checked for null before use : auth CERT EXP08-C,EXP34-C
  249    
M 263 Pointer not checked for null before use : service_set CERT EXP08-C,EXP34-C
  261    
M 264 Pointer not checked for null before use : auth CERT EXP08-C,EXP34-C
  263    
M 250 Pointer not checked for null before use : auths.arr.buffer CERT EXP08-C,EXP34-C
  17    
M 250 Pointer not checked for null before use : auths.v_modifiable CERT EXP08-C,EXP34-C
  17    
M 250 Pointer not checked for null before use : auths.v CERT EXP08-C,EXP34-C
  17    
M 247 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 201)    
M 241 Procedure contains UR data flow anomalies. : set_output.service_uses_local CERT EXP33-C
  261    
M 241 Procedure contains UR data flow anomalies. : set_output.service_uses_remote CERT EXP33-C
  261    
M 241 Procedure contains UR data flow anomalies. : set_output.specific_services CERT EXP33-C
  261    
M 241 Procedure contains UR data flow anomalies. : set_output.used_local CERT EXP33-C
  261    
M 241 Procedure contains UR data flow anomalies. : set_output.used_remote CERT EXP33-C
  261    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
auth.c 241 auth.c 261 set_output.service_uses_local
auth.c 241 auth.c 261 set_output.service_uses_remote
auth.c 241 auth.c 261 set_output.specific_services
auth.c 241 auth.c 261 set_output.used_local
auth.c 241 auth.c 261 set_output.used_remote

[ Top of Report | Procedure Table | Contents ]





auths_free
(284 to 295 auth.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 291 Pointer not checked for null before use : auths.arr.buffer CERT EXP08-C,EXP34-C
  17    
M 291 Pointer not checked for null before use : auths.v_modifiable CERT EXP08-C,EXP34-C
  17    
M 291 Pointer not checked for null before use : auths.v CERT EXP08-C,EXP34-C
  17    
M 293 Pointer not checked for null before use : auth CERT EXP08-C,EXP34-C
  291    


[ Top of Report | Procedure Table | Contents ]





main
(10 to 63 checkpassword-reply.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 44 Pointer not checked for null before use : key CERT EXP08-C,EXP34-C
  43    
M 26 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  18    
M 35 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  18    
M 40 Pointer not checked for null before use : tmp CERT EXP08-C,EXP34-C
  40    
M 13 Declaration types do not match across a system. : user CERT ARR31-C


[ Top of Report | Procedure Table | Contents ]





env_put_extra_fields
(10 to 23 db-checkpassword.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 15 Pointer not checked for null before use : tmp CERT EXP08-C,EXP34-C
  15    
M 19 Pointer not checked for null before use : key CERT EXP08-C,EXP34-C
  16    
M 21 Pointer not checked for null before use : key CERT EXP08-C,EXP34-C
  16    


[ Top of Report | Procedure Table | Contents ]





checkpassword_request_free
(43 to 54 db-checkpassword.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 53 Pointer not checked for null before use : (request)->password CERT EXP08-C,EXP34-C
  51    
M 53 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  51    
M 53 Attempt to read from freed memory. : default_pool CERT MEM30-C


[ Top of Report | Procedure Table | Contents ]





checkpassword_setup_env
(89 to 131 db-checkpassword.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 129 Pointer not checked for null before use : fields CERT EXP08-C,EXP34-C
  126    


[ Top of Report | Procedure Table | Contents ]





checkpassword_get_cmd
(133 to 143 db-checkpassword.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 140 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  139    
M 141 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





checkpassword_child_input
(145 to 169 db-checkpassword.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 164 User input not checked before use. : buf CERT FIO30-C
  150    


[ Top of Report | Procedure Table | Contents ]





checkpassword_child_output
(171 to 221 db-checkpassword.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 184 Pointer not checked for null before use : buf CERT EXP08-C,EXP34-C
  183    
M 200 Pointer not checked for null before use : data CERT EXP08-C,EXP34-C
  190    
M 180 Procedure contains UR data flow anomalies. : size CERT EXP33-C
  190    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
db-checkpassword.c 180 db-checkpassword.c 190 size

[ Top of Report | Procedure Table | Contents ]





passwd_file_add
(24 to 141 db-passwd-file.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 79 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 96 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 52 Pointer not checked for null before use : pass CERT EXP08-C,EXP34-C
  50    
M 64 Pointer not checked for null before use : pass CERT EXP08-C,EXP34-C
  50    
M 68 Pointer not checked for null before use : pu CERT EXP08-C,EXP34-C
  39    
M 52 Pointer not checked for null before use : pu CERT EXP08-C,EXP34-C
  39    
M 140 Pointer not checked for null before use : user CERT EXP08-C,EXP34-C
  40    
M 30 Declaration types do not match across a system. : user CERT ARR31-C


[ Top of Report | Procedure Table | Contents ]





passwd_file_new
(143 to 156 db-passwd-file.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 155 Local structure returned in function result : pw  
M 149 Pointer not checked for null before use : pw CERT EXP08-C,EXP34-C
  148    
M 148 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 205)    


[ Top of Report | Procedure Table | Contents ]





passwd_file_open
(158 to 216 db-passwd-file.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 193 Pointer not checked for null before use : input CERT EXP08-C,EXP34-C
  192    
M 205 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 185 User input not checked before use. : st CERT FIO30-C
  178    
M 202 Global array bound exceeded at use : args CERT ARR30-C
M 200 Global array bound exceeded at use : args CERT ARR30-C


[ Top of Report | Procedure Table | Contents ]





passwd_file_free
(232 to 240 db-passwd-file.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 239 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  238    
M 239 Attempt to read from freed memory. : default_pool CERT MEM30-C
M 239 Pointer not checked for null before use : (pw)->path CERT EXP08-C,EXP34-C
  238    


[ Top of Report | Procedure Table | Contents ]





db_passwd_file_find
(268 to 278 db-passwd-file.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 272 Pointer not checked for null before use : passwd_files CERT EXP08-C,EXP34-C
  22    


[ Top of Report | Procedure Table | Contents ]





db_passwd_file_init
(280 to 331 db-passwd-file.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 291 Local structure returned in function result : db  
M 330 Local structure returned in function result : db  
M 295 Pointer not checked for null before use : db CERT EXP08-C,EXP34-C
  294    
M 315 Pointer not checked for null before use : dest CERT EXP08-C,EXP34-C
  314    
M 287 Pointer not checked for null before use : passwd_files CERT EXP08-C,EXP34-C
  22    
M 319 Pointer not checked for null before use : path CERT EXP08-C,EXP34-C
  316    
M 310 Procedure contains UR data flow anomalies. : empty_table.long_key CERT EXP33-C
  315    
M 310 Procedure contains UR data flow anomalies. : empty_table.value CERT EXP33-C
  315    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
db-passwd-file.c 310 db-passwd-file.c 315 empty_table.long_key
db-passwd-file.c 310 db-passwd-file.c 315 empty_table.value

[ Top of Report | Procedure Table | Contents ]





db_passwd_file_unref
(342 to 375 db-passwd-file.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 374 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  373    
M 374 Attempt to read from freed memory. : default_pool CERT MEM30-C
M 374 Pointer not checked for null before use : (db)->path CERT EXP08-C,EXP34-C
  373    
M 354 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  354    
M 365 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  368    
M 373 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  362    
M 368 Attempt to read from freed memory. : value CERT MEM30-C
M 347 Procedure contains UR data flow anomalies. : key CERT EXP33-C
  365    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
db-passwd-file.c 347 db-passwd-file.c 365 key

[ Top of Report | Procedure Table | Contents ]





db_passwd_file_lookup
(392 to 437 db-passwd-file.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 407 Pointer not checked for null before use : dest CERT EXP08-C,EXP34-C
  406    
M 407 Pointer not checked for null before use : table CERT EXP08-C,EXP34-C
  405    
M 427 Pointer not checked for null before use : username CERT EXP08-C,EXP34-C
  424    
M 427 Pointer not checked for null before use : table CERT EXP08-C,EXP34-C
  425    
M 416 Pointer not checked for null before use : pw CERT EXP08-C,EXP34-C
  403    
M 431 Pointer not checked for null before use : pw CERT EXP08-C,EXP34-C
  417    


[ Top of Report | Procedure Table | Contents ]





read_global_settings
(64 to 83 main.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 71 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 71 Pointer not checked for null before use : auth_set_pool CERT EXP08-C,EXP34-C
  70    
M 66 Procedure contains UR data flow anomalies. : set_output.service_uses_local CERT EXP33-C
  71    
M 66 Procedure contains UR data flow anomalies. : set_output.service_uses_remote CERT EXP33-C
  71    
M 66 Procedure contains UR data flow anomalies. : set_output.specific_services CERT EXP33-C
  71    
M 66 Procedure contains UR data flow anomalies. : set_output.used_local CERT EXP33-C
  71    
M 66 Procedure contains UR data flow anomalies. : set_output.used_remote CERT EXP33-C
  71    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
main.c 66 main.c 71 set_output.service_uses_local
main.c 66 main.c 71 set_output.service_uses_remote
main.c 66 main.c 71 set_output.specific_services
main.c 66 main.c 71 set_output.used_local
main.c 66 main.c 71 set_output.used_remote

[ Top of Report | Procedure Table | Contents ]





main_preinit
(85 to 123 main.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 109 Pointer not checked for null before use : global_auth_settings CERT EXP08-C,EXP34-C
  104    
M 111 Pointer not checked for null before use : mod_set.version CERT EXP08-C,EXP34-C
  107    
M 112 Pointer not checked for null before use : modules CERT EXP08-C,EXP34-C
  111    
M 118 Pointer not checked for null before use : mech_reg CERT EXP08-C,EXP34-C
  116    


[ Top of Report | Procedure Table | Contents ]





main_deinit
(153 to 188 main.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 158 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  156    
M 166 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  158    
M 167 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  166    
M 181 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  173    
M 173 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  170    
M 170 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  167    


[ Top of Report | Procedure Table | Contents ]





worker_connected
(190 to 199 main.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 198 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
C 190 Procedure not called in code analysed : worker_connected  


[ Top of Report | Procedure Table | Contents ]





client_connected
(201 to 254 main.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 208 Pointer not checked for null before use : type CERT EXP08-C,EXP34-C
  207    
M 236 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 220 Pointer not checked for null before use : name CERT EXP08-C,EXP34-C
  218    
M 226 Pointer not checked for null before use : suffix CERT EXP08-C,EXP34-C
  224    
M 239 Pointer not checked for null before use : auth CERT EXP08-C,EXP34-C
  236    
M 242 Pointer not checked for null before use : auth CERT EXP08-C,EXP34-C
  236    
M 245 Pointer not checked for null before use : auth CERT EXP08-C,EXP34-C
  236    
M 248 Pointer not checked for null before use : auth CERT EXP08-C,EXP34-C
  236    
M 204 Procedure contains UR data flow anomalies. : path CERT EXP33-C
  211    
C 201 Procedure not called in code analysed : client_connected  
M 204 Declaration types do not match across a system. : name CERT ARR31-C


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
main.c 204 main.c 211 path

[ Top of Report | Procedure Table | Contents ]





auth_die
(256 to 259 main.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
C 256 Procedure not called in code analysed : auth_die  


[ Top of Report | Procedure Table | Contents ]





main
(261 to 287 main.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 284 Pointer not checked for null before use : auth_penalty CERT EXP08-C,EXP34-C
  278    
M 284 Pointer not checked for null before use : passdb_cache CERT EXP08-C,EXP34-C
  281    
M 278 Pointer not checked for null before use : passdb_bsdauth.name CERT EXP08-C,EXP34-C
  Ref. Line 1 (main.c)    
M 278 Pointer not checked for null before use : passdb_ldap.name CERT EXP08-C,EXP34-C
  Ref. Line 1 (main.c)    
M 278 Pointer not checked for null before use : passdb_sia.name CERT EXP08-C,EXP34-C
  Ref. Line 1 (main.c)    
M 278 Pointer not checked for null before use : passdb_sql.name CERT EXP08-C,EXP34-C
  Ref. Line 1 (main.c)    
M 278 Pointer not checked for null before use : passdb_vpopmail.name CERT EXP08-C,EXP34-C
  Ref. Line 1 (main.c)    
M 278 Pointer not checked for null before use : userdb_ldap.name CERT EXP08-C,EXP34-C
  Ref. Line 1 (main.c)    
M 278 Pointer not checked for null before use : userdb_sql.name CERT EXP08-C,EXP34-C
  Ref. Line 1 (main.c)    
M 278 Pointer not checked for null before use : userdb_vpopmail.name CERT EXP08-C,EXP34-C
  Ref. Line 1 (main.c)    
M 278 Attempt to read from freed memory. : default_pool CERT MEM30-C
M 278 Pointer not checked for null before use : master_service CERT EXP08-C,EXP34-C
  265    
M 278 Pointer not checked for null before use : userdb_dummy_set.driver CERT EXP08-C,EXP34-C
  Ref. Line 1 (main.c)    
M 278 Procedure contains UR data flow anomalies. : (default_pool)->v CERT EXP33-C
M 278 Procedure contains UR data flow anomalies. : (master_service)->set_parser CERT EXP33-C
M 281 Procedure contains UR data flow anomalies. : auth_client_connections.arr.element_size CERT EXP33-C
  27 (auth-client-connection.c)    
M 281 Procedure contains UR data flow anomalies. : auth_client_connections.v CERT EXP33-C
  27 (auth-client-connection.c)    
M 281 Procedure contains UR data flow anomalies. : auth_client_connections.v_modifiable CERT EXP33-C
  27 (auth-client-connection.c)    
M 281 Procedure contains UR data flow anomalies. : auth_failures_arr.arr.buffer CERT EXP33-C
  34 (auth-request-handler.c)    
M 281 Procedure contains UR data flow anomalies. : auth_failures_arr.arr.element_size CERT EXP33-C
  34 (auth-request-handler.c)    
M 281 Procedure contains UR data flow anomalies. : auth_failures_arr.v CERT EXP33-C
  34 (auth-request-handler.c)    
M 281 Procedure contains UR data flow anomalies. : auth_failures_arr.v_modifiable CERT EXP33-C
  34 (auth-request-handler.c)    
M 278 Procedure contains UR data flow anomalies. : auths.arr.buffer.used CERT EXP33-C
M 278 Procedure contains UR data flow anomalies. : auths.arr.element_size CERT EXP33-C
  17 (auth.c)    
M 278 Procedure contains UR data flow anomalies. : auths.v CERT EXP33-C
  17 (auth.c)    
M 278 Procedure contains UR data flow anomalies. : auths.v_modifiable CERT EXP33-C
  17 (auth.c)    
M 278 Procedure contains UR data flow anomalies. : passdb_interfaces.arr.element_size CERT EXP33-C
  11 (passdb.c)    

Code Line Violation Standard
M 278 Procedure contains UR data flow anomalies. : passdb_interfaces.v CERT EXP33-C
  11 (passdb.c)    
M 278 Procedure contains UR data flow anomalies. : passdb_interfaces.v_modifiable CERT EXP33-C
  11 (passdb.c)    
M 278 Procedure contains UR data flow anomalies. : passdb_modules.arr.buffer CERT EXP33-C
  12 (passdb.c)    
M 278 Procedure contains UR data flow anomalies. : passdb_modules.arr.element_size CERT EXP33-C
  12 (passdb.c)    
M 278 Procedure contains UR data flow anomalies. : passdb_modules.v CERT EXP33-C
  12 (passdb.c)    
M 278 Procedure contains UR data flow anomalies. : passdb_modules.v_modifiable CERT EXP33-C
  12 (passdb.c)    
M 278 Procedure contains UR data flow anomalies. : userdb_interfaces.arr.element_size CERT EXP33-C
  12 (userdb.c)    
M 278 Procedure contains UR data flow anomalies. : userdb_interfaces.v CERT EXP33-C
  12 (userdb.c)    
M 278 Procedure contains UR data flow anomalies. : userdb_interfaces.v_modifiable CERT EXP33-C
  12 (userdb.c)    
M 278 Procedure contains UR data flow anomalies. : userdb_modules.arr.buffer CERT EXP33-C
  13 (userdb.c)    
M 278 Procedure contains UR data flow anomalies. : userdb_modules.arr.element_size CERT EXP33-C
  13 (userdb.c)    
M 278 Procedure contains UR data flow anomalies. : userdb_modules.v CERT EXP33-C
  13 (userdb.c)    
M 278 Procedure contains UR data flow anomalies. : userdb_modules.v_modifiable CERT EXP33-C
  13 (userdb.c)    
M 281 Procedure contains UR data flow anomalies. : worker_request_array.arr.buffer CERT EXP33-C
  48 (auth-worker-server.c)    
M 281 Procedure contains UR data flow anomalies. : worker_request_array.arr.element_size CERT EXP33-C
  48 (auth-worker-server.c)    
M 281 Procedure contains UR data flow anomalies. : worker_request_array.v CERT EXP33-C
  48 (auth-worker-server.c)    
M 281 Procedure contains UR data flow anomalies. : worker_request_array.v_modifiable CERT EXP33-C
  48 (auth-worker-server.c)    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
[external declaration]   main.c 278 (default_pool)->v
[external declaration]   main.c 284 (global_auth_settings)->worker_max_count
[external declaration]   main.c 278 (master_service)->set_parser
[external declaration]   main.c 281 auth_client_connections.arr.buffer.used
[external declaration]   main.c 281 auth_client_connections.arr.element_size
[external declaration]   main.c 281 auth_client_connections.v
[external declaration]   main.c 281 auth_client_connections.v_modifiable
[external declaration]   main.c 281 auth_failures_arr.arr.buffer
[external declaration]   main.c 281 auth_failures_arr.arr.element_size
[external declaration]   main.c 281 auth_failures_arr.v
[external declaration]   main.c 281 auth_failures_arr.v_modifiable
[external declaration]   main.c 281 auth_master_connections.arr.buffer.used
auth-master-connection.h 23 main.c 281 auth_master_connections.arr.element_size
auth-master-connection.h 23 main.c 281 auth_master_connections.v
auth-master-connection.h 23 main.c 281 auth_master_connections.v_modifiable
auth-request.h 116 main.c 281 auth_request_state_count
auth-worker-client.h 8 main.c 284 auth_worker_client
[external declaration]   main.c 278 auths.arr.buffer.used
[external declaration]   main.c 278 auths.arr.element_size
[external declaration]   main.c 278 auths.v
[external declaration]   main.c 278 auths.v_modifiable
ioloop.h 38 main.c 281 ioloop_time
main.c 48 main.c 281 listen_fd_types.arr.buffer
main.c 48 main.c 281 listen_fd_types.arr.element_size
main.c 48 main.c 281 listen_fd_types.v
[external declaration]   main.c 278 passdb_interfaces.arr.buffer.used
[external declaration]   main.c 278 passdb_interfaces.arr.element_size
[external declaration]   main.c 278 passdb_interfaces.v
[external declaration]   main.c 278 passdb_interfaces.v_modifiable
[external declaration]   main.c 278 passdb_modules.arr.buffer
[external declaration]   main.c 278 passdb_modules.arr.element_size
[external declaration]   main.c 278 passdb_modules.v
[external declaration]   main.c 278 passdb_modules.v_modifiable
[external declaration]   main.c 278 password_schemes.arr.buffer.used
password-scheme.h 26 main.c 278 password_schemes.arr.element_size
password-scheme.h 26 main.c 278 password_schemes.v
password-scheme.h 26 main.c 278 password_schemes.v_modifiable
[external declaration]   main.c 278 userdb_interfaces.arr.buffer.used
[external declaration]   main.c 278 userdb_interfaces.arr.element_size
[external declaration]   main.c 278 userdb_interfaces.v
[external declaration]   main.c 278 userdb_interfaces.v_modifiable
[external declaration]   main.c 278 userdb_modules.arr.buffer
[external declaration]   main.c 278 userdb_modules.arr.element_size
[external declaration]   main.c 278 userdb_modules.v
[external declaration]   main.c 278 userdb_modules.v_modifiable
[external declaration]   main.c 281 worker_request_array.arr.buffer
[external declaration]   main.c 281 worker_request_array.arr.element_size
[external declaration]   main.c 281 worker_request_array.v
[external declaration]   main.c 281 worker_request_array.v_modifiable

File Undefine File Reference Variable

[ Top of Report | Procedure Table | Contents ]





mech_anonymous_auth_continue
(6 to 24 mech-anonymous.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 23 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





mech_anonymous_auth_new
(26 to 35 mech-anonymous.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 34 Local structure returned in function result : request  
M 32 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  31    
M 33 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  32    


[ Top of Report | Procedure Table | Contents ]





verify_credentials
(32 to 44 mech-apop.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 36 Procedure contains UR data flow anomalies. : ctx.a CERT EXP33-C
  38    
M 36 Procedure contains UR data flow anomalies. : ctx.b CERT EXP33-C
  38    
M 36 Procedure contains UR data flow anomalies. : ctx.block CERT EXP33-C
  38    
M 36 Procedure contains UR data flow anomalies. : ctx.buffer CERT EXP33-C
  38    
M 36 Procedure contains UR data flow anomalies. : ctx.c CERT EXP33-C
  38    
M 36 Procedure contains UR data flow anomalies. : ctx.d CERT EXP33-C
  38    
M 36 Procedure contains UR data flow anomalies. : ctx.hi CERT EXP33-C
  38    
M 36 Procedure contains UR data flow anomalies. : ctx.lo CERT EXP33-C
  38    
M 35 Procedure contains UR data flow anomalies. : digest CERT EXP33-C
  41    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-apop.c 36 mech-apop.c 38 ctx.a
mech-apop.c 36 mech-apop.c 38 ctx.b
mech-apop.c 36 mech-apop.c 38 ctx.block
mech-apop.c 36 mech-apop.c 38 ctx.buffer
mech-apop.c 36 mech-apop.c 38 ctx.c
mech-apop.c 36 mech-apop.c 38 ctx.d
mech-apop.c 36 mech-apop.c 38 ctx.hi
mech-apop.c 36 mech-apop.c 38 ctx.lo
mech-apop.c 35 mech-apop.c 41 digest

[ Top of Report | Procedure Table | Contents ]





apop_credentials_callback
(46 to 68 mech-apop.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 57 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





mech_apop_auth_initial
(70 to 140 mech-apop.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 112 Sizeof argument is a pointer. CERT EXP01-C
M 131 Pointer not checked for null before use : username CERT EXP08-C,EXP34-C
  101    


[ Top of Report | Procedure Table | Contents ]





mech_apop_auth_new
(142 to 153 mech-apop.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 148 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  147    
M 149 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  148    


[ Top of Report | Procedure Table | Contents ]





get_cram_challenge
(33 to 46 mech-cram-md5.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 35 Procedure contains UR data flow anomalies. : buf CERT EXP33-C
  38    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-cram-md5.c 35 mech-cram-md5.c 38 buf

[ Top of Report | Procedure Table | Contents ]





verify_credentials
(48 to 75 mech-cram-md5.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 68 Pointer not checked for null before use : response_hex CERT EXP08-C,EXP34-C
  66    
M 53 Procedure contains UR data flow anomalies. : ctx.ctx.a CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctx.b CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctx.block CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctx.buffer CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctx.c CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctx.d CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctx.hi CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctx.lo CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctxo.a CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctxo.b CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctxo.block CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctxo.buffer CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctxo.c CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctxo.d CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctxo.hi CERT EXP33-C
  62    
M 53 Procedure contains UR data flow anomalies. : ctx.ctxo.lo CERT EXP33-C
  62    
M 52 Procedure contains UR data flow anomalies. : digest CERT EXP33-C
  64    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctx.a
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctx.b
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctx.block
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctx.buffer
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctx.c
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctx.d
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctx.hi
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctx.lo
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctxo.a
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctxo.b
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctxo.block
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctxo.buffer
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctxo.c
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctxo.d
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctxo.hi
mech-cram-md5.c 53 mech-cram-md5.c 62 ctx.ctxo.lo
mech-cram-md5.c 52 mech-cram-md5.c 64 digest

[ Top of Report | Procedure Table | Contents ]





credentials_callback
(108 to 129 mech-cram-md5.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 118 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





mech_cram_md5_auth_new
(168 to 179 mech-cram-md5.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 174 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  173    
M 175 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  174    


[ Top of Report | Procedure Table | Contents ]





get_digest_challenge
(57 to 113 mech-digest-md5.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 100 Negative (or potentially negative) shift. CERT INT34-C
M 90 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  86    
M 93 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  86    
M 92 Pointer not checked for null before use : tmp CERT EXP08-C,EXP34-C
  92    
M 60 Procedure contains UR data flow anomalies. : buf.data CERT EXP33-C
  81    
M 60 Procedure contains UR data flow anomalies. : buf.priv CERT EXP33-C
  81    
M 60 Procedure contains UR data flow anomalies. : buf.used CERT EXP33-C
  81    
M 63 Procedure contains UR data flow anomalies. : nonce CERT EXP33-C
  79    
M 64 Procedure contains UR data flow anomalies. : nonce_base64 CERT EXP33-C
  81    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-digest-md5.c 60 mech-digest-md5.c 81 buf.data
mech-digest-md5.c 60 mech-digest-md5.c 81 buf.priv
mech-digest-md5.c 60 mech-digest-md5.c 81 buf.used
mech-digest-md5.c 63 mech-digest-md5.c 79 nonce
mech-digest-md5.c 64 mech-digest-md5.c 81 nonce_base64

[ Top of Report | Procedure Table | Contents ]





verify_credentials
(115 to 217 mech-digest-md5.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 197 Pointer not checked for null before use : a2_hex CERT EXP08-C,EXP34-C
  181    
M 185 Pointer not checked for null before use : a1_hex CERT EXP08-C,EXP34-C
  159    
M 203 Pointer not checked for null before use : response_hex CERT EXP08-C,EXP34-C
  199    
M 210 Pointer not checked for null before use : response_hex CERT EXP08-C,EXP34-C
  199    
M 118 Procedure contains UR data flow anomalies. : ctx.a CERT EXP33-C
  152    
M 118 Procedure contains UR data flow anomalies. : ctx.b CERT EXP33-C
  152    
M 118 Procedure contains UR data flow anomalies. : ctx.block CERT EXP33-C
  152    
M 118 Procedure contains UR data flow anomalies. : ctx.buffer CERT EXP33-C
  152    
M 118 Procedure contains UR data flow anomalies. : ctx.c CERT EXP33-C
  152    
M 118 Procedure contains UR data flow anomalies. : ctx.d CERT EXP33-C
  152    
M 118 Procedure contains UR data flow anomalies. : ctx.hi CERT EXP33-C
  152    
M 118 Procedure contains UR data flow anomalies. : ctx.lo CERT EXP33-C
  152    
M 119 Procedure contains UR data flow anomalies. : digest CERT EXP33-C
  158    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-digest-md5.c 118 mech-digest-md5.c 152 ctx.a
mech-digest-md5.c 118 mech-digest-md5.c 152 ctx.b
mech-digest-md5.c 118 mech-digest-md5.c 152 ctx.block
mech-digest-md5.c 118 mech-digest-md5.c 152 ctx.buffer
mech-digest-md5.c 118 mech-digest-md5.c 152 ctx.c
mech-digest-md5.c 118 mech-digest-md5.c 152 ctx.d
mech-digest-md5.c 118 mech-digest-md5.c 152 ctx.hi
mech-digest-md5.c 118 mech-digest-md5.c 152 ctx.lo
mech-digest-md5.c 119 mech-digest-md5.c 158 digest

[ Top of Report | Procedure Table | Contents ]





parse_next
(219 to 270 mech-digest-md5.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 240 Array Bound exceeded. CERT ARR30-C
M 240 Array Bound exceeded. CERT ARR30-C
M 253 Array Bound exceeded. CERT ARR30-C
M 253 Array Bound exceeded. CERT ARR30-C
M 245 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  237    
M 225 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  224    
M 229 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  230    
M 246 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  245    
M 249 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  250    
M 259 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  258    
M 262 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  261    
M 262 Pointer not checked for null before use : dest CERT EXP08-C,EXP34-C
  258    


[ Top of Report | Procedure Table | Contents ]





parse_digest_response
(428 to 492 mech-digest-md5.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 461 Pointer not checked for null before use : copy CERT EXP08-C,EXP34-C
  460    
M 469 Pointer not checked for null before use : copy CERT EXP08-C,EXP34-C
  462    
M 463 Pointer not checked for null before use : key CERT EXP08-C,EXP34-C
  462    
M 463 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  462    
M 432 Procedure contains UR data flow anomalies. : value CERT EXP33-C
  463    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-digest-md5.c 432 mech-digest-md5.c 463 value

[ Top of Report | Procedure Table | Contents ]





mech_digest_md5_auth_continue
(522 to 558 mech-digest-md5.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 533 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 547 Pointer not checked for null before use : username CERT EXP08-C,EXP34-C
  544    


[ Top of Report | Procedure Table | Contents ]





mech_digest_md5_auth_initial
(560 to 574 mech-digest-md5.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 572 Pointer not checked for null before use : challenge CERT EXP08-C,EXP34-C
  571    


[ Top of Report | Procedure Table | Contents ]





mech_digest_md5_auth_new
(576 to 588 mech-digest-md5.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 582 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  581    
M 583 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  582    


[ Top of Report | Procedure Table | Contents ]





mech_external_auth_continue
(8 to 29 mech-external.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 19 Pointer not checked for null before use : authzid CERT EXP08-C,EXP34-C
  14    


[ Top of Report | Procedure Table | Contents ]





mech_external_auth_new
(31 to 40 mech-external.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 39 Local structure returned in function result : request  
M 37 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  36    
M 38 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  37    


[ Top of Report | Procedure Table | Contents ]





mech_login_auth_continue
(16 to 39 mech-login.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 26 Pointer not checked for null before use : username CERT EXP08-C,EXP34-C
  24    
M 36 Pointer not checked for null before use : pass CERT EXP08-C,EXP34-C
  35    
M 37 Pointer not checked for null before use : pass CERT EXP08-C,EXP34-C
  35    


[ Top of Report | Procedure Table | Contents ]





mech_login_auth_new
(55 to 64 mech-login.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 63 Local structure returned in function result : request  
M 61 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  60    
M 62 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  61    


[ Top of Report | Procedure Table | Contents ]





lm_verify_credentials
(33 to 58 mech-ntlm.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 57 Pointer not checked for null before use : client_response CERT EXP08-C,EXP34-C
  48    
M 37 Procedure contains UR data flow anomalies. : lm_response CERT EXP33-C
  56    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-ntlm.c 37 mech-ntlm.c 56 lm_response

[ Top of Report | Procedure Table | Contents ]





lm_credentials_callback
(60 to 82 mech-ntlm.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 71 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





ntlm_verify_credentials
(84 to 139 mech-ntlm.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 109 Pointer not checked for null before use : client_response CERT EXP08-C,EXP34-C
  94    
M 129 Pointer not checked for null before use : client_lm_response CERT EXP08-C,EXP34-C
  125    
M 124 Procedure contains UR data flow anomalies. : ntlm_response CERT EXP33-C
  129    
M 108 Procedure contains UR data flow anomalies. : ntlm_v2_response CERT EXP33-C
  116    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-ntlm.c 124 mech-ntlm.c 129 ntlm_response
mech-ntlm.c 108 mech-ntlm.c 116 ntlm_v2_response

[ Top of Report | Procedure Table | Contents ]





ntlm_credentials_callback
(141 to 173 mech-ntlm.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 154 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





mech_ntlm_auth_continue
(175 to 234 mech-ntlm.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 199 Pointer not checked for null before use : message CERT EXP08-C,EXP34-C
  197    
M 224 Pointer not checked for null before use : username CERT EXP08-C,EXP34-C
  221    
M 181 Procedure contains UR data flow anomalies. : error CERT EXP33-C
  190    
M 187 Procedure contains UR data flow anomalies. : message_size CERT EXP33-C
  197    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-ntlm.c 181 mech-ntlm.c 190 error
mech-ntlm.c 187 mech-ntlm.c 197 message_size

[ Top of Report | Procedure Table | Contents ]





mech_ntlm_auth_new
(236 to 247 mech-ntlm.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 242 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  241    
M 243 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  242    


[ Top of Report | Procedure Table | Contents ]





otp_set_credentials_callback
(50 to 61 mech-otp-skey-common.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 54 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 57 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  56    
M 60 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  54    


[ Top of Report | Procedure Table | Contents ]





otp_send_challenge
(18 to 55 mech-otp.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 53 Pointer not checked for null before use : answer CERT EXP08-C,EXP34-C
  49    
M 54 Pointer not checked for null before use : answer CERT EXP08-C,EXP34-C
  49    


[ Top of Report | Procedure Table | Contents ]





mech_otp_auth_phase1
(95 to 131 mech-otp.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 123 Pointer not checked for null before use : authenid CERT EXP08-C,EXP34-C
  106    
M 106 Procedure contains UR data flow anomalies. : authenid CERT EXP33-C
  101    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-otp.c 106 mech-otp.c 123 authenid

[ Top of Report | Procedure Table | Contents ]





mech_otp_verify
(133 to 165 mech-otp.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 160 Sizeof argument is a pointer. CERT EXP01-C
M 147 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  146    
M 156 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  155    
M 139 Procedure contains UR data flow anomalies. : cur_hash CERT EXP33-C
  151    
M 139 Procedure contains UR data flow anomalies. : hash CERT EXP33-C
  142    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-otp.c 139 mech-otp.c 151 cur_hash
mech-otp.c 139 mech-otp.c 142 hash

[ Top of Report | Procedure Table | Contents ]





mech_otp_verify_init
(167 to 198 mech-otp.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 182 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  181    
M 191 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  190    
M 173 Procedure contains UR data flow anomalies. : cur_hash CERT EXP33-C
  177    
M 174 Procedure contains UR data flow anomalies. : error CERT EXP33-C
  177    
M 173 Procedure contains UR data flow anomalies. : hash CERT EXP33-C
  186    
M 172 Procedure contains UR data flow anomalies. : new_state.algo CERT EXP33-C
  177    
M 172 Procedure contains UR data flow anomalies. : new_state.hash CERT EXP33-C
  177    
M 172 Procedure contains UR data flow anomalies. : new_state.seed CERT EXP33-C
  177    
M 172 Procedure contains UR data flow anomalies. : new_state.seq CERT EXP33-C
  177    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-otp.c 173 mech-otp.c 177 cur_hash
mech-otp.c 174 mech-otp.c 177 error
mech-otp.c 173 mech-otp.c 186 hash
mech-otp.c 172 mech-otp.c 177 new_state.algo
mech-otp.c 172 mech-otp.c 177 new_state.hash
mech-otp.c 172 mech-otp.c 177 new_state.seed
mech-otp.c 172 mech-otp.c 177 new_state.seq

[ Top of Report | Procedure Table | Contents ]





mech_otp_auth_phase2
(200 to 220 mech-otp.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 206 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  204    
M 218 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  217    


[ Top of Report | Procedure Table | Contents ]





mech_otp_auth_new
(233 to 248 mech-otp.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 241 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  240    
M 242 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  241    


[ Top of Report | Procedure Table | Contents ]





plain_verify_callback
(6 to 20 mech-plain-common.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 11 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





mech_plain_auth_continue
(9 to 64 mech-plain.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 37 Pointer not checked for null before use : authid CERT EXP08-C,EXP34-C
  19    
M 20 Procedure contains UR data flow anomalies. : authenid CERT EXP33-C
  13    
M 20 Procedure contains UR data flow anomalies. : pass CERT EXP33-C
  14    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-plain.c 20 mech-plain.c 37 authenid
mech-plain.c 20 mech-plain.c 62 pass

[ Top of Report | Procedure Table | Contents ]





mech_plain_auth_new
(66 to 75 mech-plain.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 74 Local structure returned in function result : request  
M 72 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  71    
M 73 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  72    


[ Top of Report | Procedure Table | Contents ]





rpa_user_response
(64 to 83 mech-rpa.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 73 Sizeof argument is a pointer. CERT EXP01-C
M 81 Sizeof argument is a pointer. CERT EXP01-C
M 67 Procedure contains UR data flow anomalies. : ctx.a CERT EXP33-C
  72    
M 67 Procedure contains UR data flow anomalies. : ctx.b CERT EXP33-C
  72    
M 67 Procedure contains UR data flow anomalies. : ctx.block CERT EXP33-C
  72    
M 67 Procedure contains UR data flow anomalies. : ctx.buffer CERT EXP33-C
  72    
M 67 Procedure contains UR data flow anomalies. : ctx.c CERT EXP33-C
  72    
M 67 Procedure contains UR data flow anomalies. : ctx.d CERT EXP33-C
  72    
M 67 Procedure contains UR data flow anomalies. : ctx.hi CERT EXP33-C
  72    
M 67 Procedure contains UR data flow anomalies. : ctx.lo CERT EXP33-C
  72    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-rpa.c 67 mech-rpa.c 72 ctx.a
mech-rpa.c 67 mech-rpa.c 72 ctx.b
mech-rpa.c 67 mech-rpa.c 72 ctx.block
mech-rpa.c 67 mech-rpa.c 72 ctx.buffer
mech-rpa.c 67 mech-rpa.c 72 ctx.c
mech-rpa.c 67 mech-rpa.c 72 ctx.d
mech-rpa.c 67 mech-rpa.c 72 ctx.hi
mech-rpa.c 67 mech-rpa.c 72 ctx.lo

[ Top of Report | Procedure Table | Contents ]





rpa_server_response
(88 to 126 mech-rpa.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 99 Sizeof argument is a pointer. CERT EXP01-C
M 107 Sizeof argument is a pointer. CERT EXP01-C
M 114 Sizeof argument is a pointer. CERT EXP01-C
M 119 Sizeof argument is a pointer. CERT EXP01-C
M 124 Sizeof argument is a pointer. CERT EXP01-C
M 91 Procedure contains UR data flow anomalies. : ctx.a CERT EXP33-C
  98    
M 91 Procedure contains UR data flow anomalies. : ctx.b CERT EXP33-C
  98    
M 91 Procedure contains UR data flow anomalies. : ctx.block CERT EXP33-C
  98    
M 91 Procedure contains UR data flow anomalies. : ctx.buffer CERT EXP33-C
  98    
M 91 Procedure contains UR data flow anomalies. : ctx.c CERT EXP33-C
  98    
M 91 Procedure contains UR data flow anomalies. : ctx.d CERT EXP33-C
  98    
M 91 Procedure contains UR data flow anomalies. : ctx.hi CERT EXP33-C
  98    
M 91 Procedure contains UR data flow anomalies. : ctx.lo CERT EXP33-C
  98    
M 92 Procedure contains UR data flow anomalies. : tmp CERT EXP33-C
  108    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-rpa.c 91 mech-rpa.c 98 ctx.a
mech-rpa.c 91 mech-rpa.c 98 ctx.b
mech-rpa.c 91 mech-rpa.c 98 ctx.block
mech-rpa.c 91 mech-rpa.c 98 ctx.buffer
mech-rpa.c 91 mech-rpa.c 98 ctx.c
mech-rpa.c 91 mech-rpa.c 98 ctx.d
mech-rpa.c 91 mech-rpa.c 98 ctx.hi
mech-rpa.c 91 mech-rpa.c 98 ctx.lo
mech-rpa.c 92 mech-rpa.c 108 tmp

[ Top of Report | Procedure Table | Contents ]





rpa_check_message
(128 to 175 mech-rpa.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 157 Pointer not checked for null before use : data CERT EXP08-C,EXP34-C
  140    


[ Top of Report | Procedure Table | Contents ]





rpa_parse_token3
(238 to 303 mech-rpa.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 265 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  263    
M 266 Pointer not checked for null before use : user CERT EXP08-C,EXP34-C
  265    
M 274 Pointer not checked for null before use : user CERT EXP08-C,EXP34-C
  271    
M 283 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  272    
M 291 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  283    
M 280 Pointer not checked for null before use : realm CERT EXP08-C,EXP34-C
  271    
M 246 Declaration types do not match across a system. : user CERT ARR31-C


[ Top of Report | Procedure Table | Contents ]





mech_rpa_build_token2
(329 to 386 mech-rpa.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 356 Pointer not checked for null before use : buf CERT EXP08-C,EXP34-C
  354    
M 341 Pointer not checked for null before use : realms CERT EXP08-C,EXP34-C
  339    
M 340 Pointer not checked for null before use : tmp CERT EXP08-C,EXP34-C
  340    
M 336 Procedure contains UR data flow anomalies. : timestamp CERT EXP33-C
  372    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-rpa.c 336 mech-rpa.c 372 timestamp

[ Top of Report | Procedure Table | Contents ]





mech_rpa_build_token4
(388 to 419 mech-rpa.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 393 Sizeof argument is a pointer. CERT EXP01-C
M 404 Sizeof argument is a pointer. CERT EXP01-C
M 411 Sizeof argument is a pointer. CERT EXP01-C
M 412 Sizeof argument is a pointer. CERT EXP01-C
M 399 Pointer not checked for null before use : buf CERT EXP08-C,EXP34-C
  397    
M 392 Procedure contains UR data flow anomalies. : server_response CERT EXP33-C
  407    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-rpa.c 392 mech-rpa.c 407 server_response

[ Top of Report | Procedure Table | Contents ]





verify_credentials
(421 to 435 mech-rpa.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 426 Sizeof argument is a pointer. CERT EXP01-C
M 432 Sizeof argument is a pointer. CERT EXP01-C
M 424 Procedure contains UR data flow anomalies. : response CERT EXP33-C
  433    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-rpa.c 424 mech-rpa.c 433 response

[ Top of Report | Procedure Table | Contents ]





rpa_credentials_callback
(437 to 466 mech-rpa.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 453 Pointer not checked for null before use : token4 CERT EXP08-C,EXP34-C
  452    


[ Top of Report | Procedure Table | Contents ]





mech_rpa_auth_phase1
(468 to 494 mech-rpa.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 489 Pointer not checked for null before use : service CERT EXP08-C,EXP34-C
  485    
M 492 Pointer not checked for null before use : token2 CERT EXP08-C,EXP34-C
  487    


[ Top of Report | Procedure Table | Contents ]





mech_rpa_auth_phase3
(515 to 529 mech-rpa.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 527 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





mech_rpa_auth_free
(554 to 564 mech-rpa.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 561 Sizeof argument is a pointer. CERT EXP01-C


[ Top of Report | Procedure Table | Contents ]





mech_rpa_auth_new
(566 to 578 mech-rpa.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 572 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  571    
M 573 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  572    


[ Top of Report | Procedure Table | Contents ]





skey_send_challenge
(18 to 61 mech-skey.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 59 Pointer not checked for null before use : answer CERT EXP08-C,EXP34-C
  56    
M 60 Pointer not checked for null before use : answer CERT EXP08-C,EXP34-C
  56    


[ Top of Report | Procedure Table | Contents ]





mech_skey_auth_phase1
(101 to 117 mech-skey.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 109 Pointer not checked for null before use : username CERT EXP08-C,EXP34-C
  107    


[ Top of Report | Procedure Table | Contents ]





mech_skey_auth_phase2
(119 to 158 mech-skey.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 153 Sizeof argument is a pointer. CERT EXP01-C
M 134 Pointer not checked for null before use : words CERT EXP08-C,EXP34-C
  132    
M 139 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  138    
M 149 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  148    
M 144 Pointer not checked for null before use : hash CERT EXP08-C,EXP34-C
  130    
M 126 Procedure contains UR data flow anomalies. : hash CERT EXP33-C
  134    
M 126 Procedure contains UR data flow anomalies. : cur_hash CERT EXP33-C
  144    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-skey.c 126 mech-skey.c 134 hash
mech-skey.c 126 mech-skey.c 144 cur_hash

[ Top of Report | Procedure Table | Contents ]





mech_skey_auth_new
(171 to 186 mech-skey.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 179 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  178    
M 180 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  179    


[ Top of Report | Procedure Table | Contents ]





winbind_wait_pid
(64 to 90 mech-winbind.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 66 Procedure contains UR data flow anomalies. : status CERT EXP33-C
  72    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-winbind.c 66 mech-winbind.c 72 status

[ Top of Report | Procedure Table | Contents ]





winbind_helper_connect
(99 to 157 mech-winbind.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 140 Pointer not checked for null before use : args CERT EXP08-C,EXP34-C
  139    
M 103 Procedure contains UR data flow anomalies. : infd CERT EXP33-C
  109    
M 103 Procedure contains UR data flow anomalies. : outfd CERT EXP33-C
  113    
M 139 Global array bound exceeded at use : args CERT ARR30-C
M 138 Global array bound exceeded at use : args CERT ARR30-C


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
mech-winbind.c 103 mech-winbind.c 109 infd
mech-winbind.c 103 mech-winbind.c 113 outfd

[ Top of Report | Procedure Table | Contents ]





do_auth_continue
(159 to 279 mech-winbind.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 175 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  174    
M 229 Pointer not checked for null before use : buf CERT EXP08-C,EXP34-C
  228    
M 250 Pointer not checked for null before use : user CERT EXP08-C,EXP34-C
  249    
M 263 Pointer not checked for null before use : buf CERT EXP08-C,EXP34-C
  262    
M 266 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 240 Declaration types do not match across a system. : user CERT ARR31-C


[ Top of Report | Procedure Table | Contents ]





mech_winbind_auth_continue
(292 to 306 mech-winbind.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 304 Pointer not checked for null before use : auth_request CERT EXP08-C,EXP34-C
  300    


[ Top of Report | Procedure Table | Contents ]





do_auth_new
(308 to 319 mech-winbind.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 314 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  313    
M 315 Pointer not checked for null before use : request CERT EXP08-C,EXP34-C
  314    


[ Top of Report | Procedure Table | Contents ]





mech_winbind_ntlm_auth_new
(321 to 324 mech-winbind.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 323 Pointer not checked for null before use : winbind_ntlm_context.out_pipe CERT EXP08-C,EXP34-C
  47    
M 323 Pointer not checked for null before use : winbind_ntlm_context.in_pipe CERT EXP08-C,EXP34-C
  47    
M 323 Pointer not checked for null before use : winbind_ntlm_context.param CERT EXP08-C,EXP34-C
  47    


[ Top of Report | Procedure Table | Contents ]





mech_winbind_spnego_auth_new
(326 to 329 mech-winbind.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 328 Pointer not checked for null before use : winbind_spnego_context.out_pipe CERT EXP08-C,EXP34-C
  50    
M 328 Pointer not checked for null before use : winbind_spnego_context.in_pipe CERT EXP08-C,EXP34-C
  50    
M 328 Pointer not checked for null before use : winbind_spnego_context.param CERT EXP08-C,EXP34-C
  50    


[ Top of Report | Procedure Table | Contents ]





mech_register_module
(13 to 22 mech.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 18 Pointer not checked for null before use : list CERT EXP08-C,EXP34-C
  17    
M 17 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 223)    
M 20 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  11    


[ Top of Report | Procedure Table | Contents ]





mech_unregister_module
(24 to 36 mech.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 32 Pointer not checked for null before use : list CERT EXP08-C,EXP34-C
  30    
M 28 Pointer not checked for null before use : pos CERT EXP08-C,EXP34-C
  28    


[ Top of Report | Procedure Table | Contents ]





mech_module_find
(38 to 47 mech.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 42 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  11    


[ Top of Report | Procedure Table | Contents ]





mech_generic_auth_initial
(49 to 58 mech.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 53 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





mech_register_add
(85 to 112 mech.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 91 Pointer not checked for null before use : list CERT EXP08-C,EXP34-C
  90    


[ Top of Report | Procedure Table | Contents ]





mech_register_init
(114 to 147 mech.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 146 Local structure returned in function result : reg  
M 123 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  122    
M 124 Pointer not checked for null before use : reg CERT EXP08-C,EXP34-C
  123    
M 129 Pointer not checked for null before use : mechanisms CERT EXP08-C,EXP34-C
  128    


[ Top of Report | Procedure Table | Contents ]





mech_init
(157 to 181 mech.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 160 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  159    
M 161 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  160    
M 162 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  161    
M 163 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  162    
M 164 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  163    
M 167 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  166    
M 175 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  174    
M 176 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  175    
M 177 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  176    
M 159 Pointer not checked for null before use : mech_plain.mech_name CERT EXP08-C,EXP34-C
  73 (mech.h)    
M 160 Pointer not checked for null before use : mech_login.mech_name CERT EXP08-C,EXP34-C
  51 (mech.h)    
M 161 Pointer not checked for null before use : mech_apop.mech_name CERT EXP08-C,EXP34-C
  177    
M 162 Pointer not checked for null before use : mech_cram_md5.mech_name CERT EXP08-C,EXP34-C
  Ref. Line 3559 (mech.c)    
M 163 Pointer not checked for null before use : mech_digest_md5.mech_name CERT EXP08-C,EXP34-C
  Ref. Line 4244 (mech.c)    
M 164 Pointer not checked for null before use : mech_external.mech_name CERT EXP08-C,EXP34-C
  58 (auth-request-handler.h)    
M 174 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  169    
M 166 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  164    
M 169 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  164    


[ Top of Report | Procedure Table | Contents ]





mech_deinit
(183 to 207 mech.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 186 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  185    
M 186 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  185    
M 187 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  186    
M 187 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  186    
M 188 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  187    
M 188 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  187    
M 189 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  188    
M 189 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  188    
M 190 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  189    
M 190 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  189    
M 193 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  192    
M 193 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  192    
M 201 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  200    
M 201 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  200    
M 202 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  201    
M 202 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  201    
M 203 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  202    
M 203 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  202    
M 185 Pointer not checked for null before use : mech_plain.mech_name CERT EXP08-C,EXP34-C
  73 (mech.h)    
M 186 Pointer not checked for null before use : mech_login.mech_name CERT EXP08-C,EXP34-C
  51 (mech.h)    
M 187 Pointer not checked for null before use : mech_apop.mech_name CERT EXP08-C,EXP34-C
  177    
M 188 Pointer not checked for null before use : mech_cram_md5.mech_name CERT EXP08-C,EXP34-C
  Ref. Line 3559 (mech.c)    
M 189 Pointer not checked for null before use : mech_digest_md5.mech_name CERT EXP08-C,EXP34-C
  Ref. Line 4244 (mech.c)    
M 190 Pointer not checked for null before use : mech_external.mech_name CERT EXP08-C,EXP34-C
  58 (auth-request-handler.h)    
M 200 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  195    

Code Line Violation Standard
M 192 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  190    
M 195 Pointer not checked for null before use : mech_modules CERT EXP08-C,EXP34-C
  190    
M 200 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  195    
M 192 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  190    
M 195 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  190    


[ Top of Report | Procedure Table | Contents ]





auth_worker_reply_parse_args
(12 to 25 passdb-blocking.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 23 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





auth_worker_reply_parse
(27 to 63 passdb-blocking.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 35 Pointer not checked for null before use : args CERT EXP08-C,EXP34-C
  33    
M 37 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 52 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 52 Global array bound exceeded at use : args CERT ARR30-C
M 51 Global array bound exceeded at use : args CERT ARR30-C
M 50 Global array bound exceeded at use : args CERT ARR30-C
M 47 Global array bound exceeded at use : args CERT ARR30-C
M 44 Global array bound exceeded at use : args CERT ARR30-C
M 42 Global array bound exceeded at use : args CERT ARR30-C
M 37 Global array bound exceeded at use : args CERT ARR30-C
M 35 Global array bound exceeded at use : args CERT ARR30-C
M 35 Global array bound exceeded at use : args CERT ARR30-C


[ Top of Report | Procedure Table | Contents ]





verify_plain_callback
(65 to 75 passdb-blocking.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 72 Pointer not checked for null before use : context.passdb_password CERT EXP08-C,EXP34-C
  71    
M 73 Pointer not checked for null before use : context CERT EXP08-C,EXP34-C
  72    


[ Top of Report | Procedure Table | Contents ]





passdb_blocking_verify_plain
(77 to 92 passdb-blocking.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 85 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  84    
M 85 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 86 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 87 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





passdb_blocking_lookup_credentials
(119 to 135 passdb-blocking.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 127 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  126    
M 127 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 128 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 129 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





passdb_blocking_set_credentials
(149 to 163 passdb-blocking.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 155 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  154    
M 155 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 156 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 157 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





passdb_cache_log_hit
(12 to 24 passdb-cache.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 21 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  20    


[ Top of Report | Procedure Table | Contents ]





passdb_cache_verify_plain
(26 to 87 passdb-cache.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 48 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  46    
M 57 Pointer not checked for null before use : list CERT EXP08-C,EXP34-C
  55    
M 58 Pointer not checked for null before use : cached_pw CERT EXP08-C,EXP34-C
  57    
M 82 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 66 Pointer not checked for null before use : cached_pw CERT EXP08-C,EXP34-C
  63    
M 78 Pointer not checked for null before use : node CERT EXP08-C,EXP34-C
  39    


[ Top of Report | Procedure Table | Contents ]





passdb_cache_lookup_credentials
(89 to 127 passdb-cache.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 111 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  109    
M 120 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 96 Procedure contains UR data flow anomalies. : node CERT EXP33-C
  102    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
passdb-cache.c 96 passdb-cache.c 102 node

[ Top of Report | Procedure Table | Contents ]





checkpassword_request_finish
(20 to 48 passdb-checkpassword.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 39 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





sigchld_handler
(106 to 125 passdb-checkpassword.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 125 Memory not freed after last reference. : request CERT MEM00-C


[ Top of Report | Procedure Table | Contents ]





checkpassword_verify_plain_child
(127 to 149 passdb-checkpassword.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 145 Pointer not checked for null before use : cmd CERT EXP08-C,EXP34-C
  139    
M 146 Pointer not checked for null before use : args CERT EXP08-C,EXP34-C
  145    


[ Top of Report | Procedure Table | Contents ]





checkpassword_verify_plain
(151 to 234 passdb-checkpassword.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 205 Pointer not checked for null before use : chkpw_auth_request CERT EXP08-C,EXP34-C
  204    
M 232 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  232    
M 159 Procedure contains UR data flow anomalies. : fd_out CERT EXP33-C
  163    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
passdb-checkpassword.c 159 passdb-checkpassword.c 163 fd_out

[ Top of Report | Procedure Table | Contents ]





checkpassword_preinit
(236 to 250 passdb-checkpassword.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 242 Pointer not checked for null before use : module CERT EXP08-C,EXP34-C
  241    
M 246 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 228)    


[ Top of Report | Procedure Table | Contents ]





checkpassword_deinit
(252 to 269 passdb-checkpassword.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 260 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  261    
M 269 Memory not freed after last reference. : value CERT MEM00-C
M 257 Procedure contains UR data flow anomalies. : key CERT EXP33-C
  260    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
passdb-checkpassword.c 257 passdb-checkpassword.c 260 key

[ Top of Report | Procedure Table | Contents ]





pam_userpass_conv
(58 to 120 passdb-pam.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 110 Attempt to use already freed object. CERT MEM31-C
M 115 Pointer not checked for null before use : string CERT EXP08-C,EXP34-C
  99    
M 120 Memory not freed after last reference. : resp CERT MEM00-C
M 118 Pointer not checked for null before use : resp.resp CERT EXP08-C,EXP34-C
  115    
M 110 Pointer not checked for null before use : resp.resp CERT EXP08-C,EXP34-C
  106    
M 99 Procedure contains UR data flow anomalies. : string CERT EXP33-C
  67    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
passdb-pam.c 99 passdb-pam.c 115 string

[ Top of Report | Procedure Table | Contents ]





pam_get_missing_service_file_path
(122 to 149 passdb-pam.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 140 Pointer not checked for null before use : path CERT EXP08-C,EXP34-C
  139    


[ Top of Report | Procedure Table | Contents ]





try_pam_auth
(151 to 233 passdb-pam.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 231 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 178 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  176    
M 173 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  167    
M 176 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  167    
M 157 Procedure contains UR data flow anomalies. : item CERT EXP33-C
  224    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
passdb-pam.c 157 passdb-pam.c 224 item

[ Top of Report | Procedure Table | Contents ]





pam_verify_plain_call
(248 to 301 passdb-pam.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 297 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 252 Procedure contains UR data flow anomalies. : pamh CERT EXP33-C
  265    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
passdb-pam.c 252 passdb-pam.c 265 pamh

[ Top of Report | Procedure Table | Contents ]





pam_verify_plain
(303 to 327 passdb-pam.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 319 Pointer not checked for null before use : expanded_service CERT EXP08-C,EXP34-C
  318    
M 320 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 325 Pointer not checked for null before use : service CERT EXP08-C,EXP34-C
  321    


[ Top of Report | Procedure Table | Contents ]





pam_preinit
(329 to 375 passdb-pam.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 337 Pointer not checked for null before use : module CERT EXP08-C,EXP34-C
  336    


[ Top of Report | Procedure Table | Contents ]





passwd_file_save_results
(21 to 60 passdb-passwd-file.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 44 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 57 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 38 Pointer not checked for null before use : scheme_r CERT EXP08-C,EXP34-C
  34    
M 51 Pointer not checked for null before use : table CERT EXP08-C,EXP34-C
  44    
M 50 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  43    
M 46 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  46    


[ Top of Report | Procedure Table | Contents ]





passwd_file_verify_plain
(62 to 87 passdb-passwd-file.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 82 Pointer not checked for null before use : crypted_pass CERT EXP08-C,EXP34-C
  80    
M 82 Pointer not checked for null before use : scheme CERT EXP08-C,EXP34-C
  80    


[ Top of Report | Procedure Table | Contents ]





passwd_file_lookup_credentials
(89 to 110 passdb-passwd-file.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 108 Pointer not checked for null before use : scheme CERT EXP08-C,EXP34-C
  106    


[ Top of Report | Procedure Table | Contents ]





passwd_file_preinit
(112 to 165 passdb-passwd-file.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 125 Pointer not checked for null before use : key CERT EXP08-C,EXP34-C
  124    
M 152 Pointer not checked for null before use : module CERT EXP08-C,EXP34-C
  151    
M 163 Pointer not checked for null before use : scheme CERT EXP08-C,EXP34-C
  141    
M 154 Pointer not checked for null before use : format CERT EXP08-C,EXP34-C
  143    
M 140 Pointer not checked for null before use : key CERT EXP08-C,EXP34-C
  130    
M 141 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  133    
M 143 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  133    


[ Top of Report | Procedure Table | Contents ]





passwd_verify_plain
(15 to 58 passdb-passwd.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 55 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





shadow_verify_plain
(15 to 58 passdb-shadow.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 55 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





static_verify_plain
(16 to 60 passdb-static.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 30 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 40 Pointer not checked for null before use : table CERT EXP08-C,EXP34-C
  30    
M 35 Pointer not checked for null before use : args CERT EXP08-C,EXP34-C
  32    
M 52 Pointer not checked for null before use : static_password CERT EXP08-C,EXP34-C
  45    
M 39 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  25    


[ Top of Report | Procedure Table | Contents ]





static_preinit
(62 to 89 passdb-static.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 68 Pointer not checked for null before use : module CERT EXP08-C,EXP34-C
  67    
M 84 Pointer not checked for null before use : key CERT EXP08-C,EXP34-C
  82    
M 85 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  83    
M 84 Pointer not checked for null before use : (arr)->buffer CERT EXP08-C,EXP34-C
  68    
M 84 Pointer not checked for null before use : (arr)->element_size CERT EXP08-C,EXP34-C
  68    
M 73 Pointer not checked for null before use : tmp CERT EXP08-C,EXP34-C
  72    
M 82 Pointer not checked for null before use : key CERT EXP08-C,EXP34-C
  80    
M 83 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  80    


[ Top of Report | Procedure Table | Contents ]





passdb_interface_find
(18 to 29 passdb.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 26 Local structure returned in function result : iface  
M 22 Pointer not checked for null before use : passdb_interfaces.v CERT EXP08-C,EXP34-C
  11    


[ Top of Report | Procedure Table | Contents ]





passdb_unregister_module
(46 to 59 passdb.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 51 Pointer not checked for null before use : passdb_interfaces.v CERT EXP08-C,EXP34-C
  11    


[ Top of Report | Procedure Table | Contents ]





passdb_get_credentials
(61 to 134 passdb.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 92 Pointer not checked for null before use : input_scheme CERT EXP08-C,EXP34-C
  76    
M 112 Pointer not checked for null before use : credentials_r CERT EXP08-C,EXP34-C
  76    
M 125 Pointer not checked for null before use : plaintext CERT EXP08-C,EXP34-C
  112    
M 115 Pointer not checked for null before use : username CERT EXP08-C,EXP34-C
  113    
M 117 Pointer not checked for null before use : username CERT EXP08-C,EXP34-C
  113    
M 125 Pointer not checked for null before use : username CERT EXP08-C,EXP34-C
  117    
M 103 Pointer not checked for null before use : error CERT EXP08-C,EXP34-C
  99    


[ Top of Report | Procedure Table | Contents ]





passdb_handle_credentials
(136 to 160 passdb.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 159 Pointer not checked for null before use : credentials CERT EXP08-C,EXP34-C
  154    


[ Top of Report | Procedure Table | Contents ]





passdb_find
(162 to 177 passdb.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 168 Pointer not checked for null before use : passdb_modules.arr.buffer CERT EXP08-C,EXP34-C
  12    
M 170 Pointer not checked for null before use : passdbs CERT EXP08-C,EXP34-C
  168    


[ Top of Report | Procedure Table | Contents ]





passdb_preinit
(179 to 210 passdb.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 209 Local structure returned in function result : passdb  
M 205 Pointer not checked for null before use : passdb CERT EXP08-C,EXP34-C
  204    


[ Top of Report | Procedure Table | Contents ]





passdb_deinit
(222 to 240 passdb.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 224 Procedure contains UR data flow anomalies. : idx CERT EXP33-C
  233    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
passdb.c 224 passdb.c 233 idx

[ Top of Report | Procedure Table | Contents ]





passdbs_generate_md5
(242 to 257 passdb.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 251 Sizeof argument is a pointer. CERT EXP01-C
M 249 Pointer not checked for null before use : passdb_modules.arr.buffer CERT EXP08-C,EXP34-C
  12    
M 251 Pointer not checked for null before use : passdbs CERT EXP08-C,EXP34-C
  249    
M 244 Procedure contains UR data flow anomalies. : ctx.a CERT EXP33-C
  248    
M 244 Procedure contains UR data flow anomalies. : ctx.b CERT EXP33-C
  248    
M 244 Procedure contains UR data flow anomalies. : ctx.block CERT EXP33-C
  248    
M 244 Procedure contains UR data flow anomalies. : ctx.buffer CERT EXP33-C
  248    
M 244 Procedure contains UR data flow anomalies. : ctx.c CERT EXP33-C
  248    
M 244 Procedure contains UR data flow anomalies. : ctx.d CERT EXP33-C
  248    
M 244 Procedure contains UR data flow anomalies. : ctx.hi CERT EXP33-C
  248    
M 244 Procedure contains UR data flow anomalies. : ctx.lo CERT EXP33-C
  248    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
passdb.c 244 passdb.c 248 ctx.a
passdb.c 244 passdb.c 248 ctx.b
passdb.c 244 passdb.c 248 ctx.block
passdb.c 244 passdb.c 248 ctx.buffer
passdb.c 244 passdb.c 248 ctx.c
passdb.c 244 passdb.c 248 ctx.d
passdb.c 244 passdb.c 248 ctx.hi
passdb.c 244 passdb.c 248 ctx.lo

[ Top of Report | Procedure Table | Contents ]





passdbs_init
(271 to 286 passdb.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 273 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 238)    
M 274 Pointer not checked for null before use : passdb_modules.arr.buffer CERT EXP08-C,EXP34-C
  12    
M 274 Pointer not checked for null before use : passdb_modules.v_modifiable CERT EXP08-C,EXP34-C
  12    
M 274 Pointer not checked for null before use : passdb_modules.v CERT EXP08-C,EXP34-C
  12    
M 275 Pointer not checked for null before use : passdb_passwd.name CERT EXP08-C,EXP34-C
  16 (mech.h)    
M 276 Pointer not checked for null before use : passdb_bsdauth.name CERT EXP08-C,EXP34-C
  17 (auth-client-interface.h)    
M 277 Pointer not checked for null before use : passdb_passwd_file.name CERT EXP08-C,EXP34-C
  29    
M 278 Pointer not checked for null before use : passdb_pam.name CERT EXP08-C,EXP34-C
  127    
M 279 Pointer not checked for null before use : passdb_checkpassword.name CERT EXP08-C,EXP34-C
  264    
M 280 Pointer not checked for null before use : passdb_shadow.name CERT EXP08-C,EXP34-C
  16 (mech.h)    
M 281 Pointer not checked for null before use : passdb_vpopmail.name CERT EXP08-C,EXP34-C
  18 (auth-client-interface.h)    
M 282 Pointer not checked for null before use : passdb_ldap.name CERT EXP08-C,EXP34-C
  17 (auth-client-interface.h)    
M 283 Pointer not checked for null before use : passdb_sql.name CERT EXP08-C,EXP34-C
  17 (auth-client-interface.h)    
M 284 Pointer not checked for null before use : passdb_sia.name CERT EXP08-C,EXP34-C
  18 (auth-client-interface.h)    
M 285 Pointer not checked for null before use : passdb_static.name CERT EXP08-C,EXP34-C
  61    


[ Top of Report | Procedure Table | Contents ]





passdbs_deinit
(288 to 292 passdb.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 290 Pointer not checked for null before use : passdb_modules.arr.buffer CERT EXP08-C,EXP34-C
  12    
M 290 Pointer not checked for null before use : passdb_modules.v_modifiable CERT EXP08-C,EXP34-C
  12    
M 290 Pointer not checked for null before use : passdb_modules.v CERT EXP08-C,EXP34-C
  12    
M 291 Pointer not checked for null before use : passdb_interfaces.arr.buffer CERT EXP08-C,EXP34-C
  11    
M 291 Pointer not checked for null before use : passdb_interfaces.v CERT EXP08-C,EXP34-C
  11    
M 291 Pointer not checked for null before use : passdb_interfaces.v_modifiable CERT EXP08-C,EXP34-C
  11    


[ Top of Report | Procedure Table | Contents ]





crypt_generate_blowfisch
(26 to 45 password-scheme-crypt.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 41 Pointer not checked for null before use : salt CERT EXP08-C,EXP34-C
  40    
M 42 Pointer not checked for null before use : magic_salt CERT EXP08-C,EXP34-C
  41    
M 43 Pointer not checked for null before use : password CERT EXP08-C,EXP34-C
  42    


[ Top of Report | Procedure Table | Contents ]





crypt_generate_sha256
(47 to 69 password-scheme-crypt.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 67 Pointer not checked for null before use : password CERT EXP08-C,EXP34-C
  66    
M 63 Pointer not checked for null before use : salt CERT EXP08-C,EXP34-C
  61    
M 65 Pointer not checked for null before use : salt CERT EXP08-C,EXP34-C
  61    
M 66 Pointer not checked for null before use : magic_salt CERT EXP08-C,EXP34-C
  65    


[ Top of Report | Procedure Table | Contents ]





crypt_generate_sha512
(71 to 93 password-scheme-crypt.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 91 Pointer not checked for null before use : password CERT EXP08-C,EXP34-C
  90    
M 87 Pointer not checked for null before use : salt CERT EXP08-C,EXP34-C
  85    
M 89 Pointer not checked for null before use : salt CERT EXP08-C,EXP34-C
  85    
M 90 Pointer not checked for null before use : magic_salt CERT EXP08-C,EXP34-C
  89    


[ Top of Report | Procedure Table | Contents ]





password_generate_md5_crypt
(49 to 147 password-scheme-md5crypt.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 63 Pointer not checked for null before use : sp CERT EXP08-C,EXP34-C
  60    
M 105 Pointer not checked for null before use : passwd CERT EXP08-C,EXP34-C
  104    
M 67 Pointer not checked for null before use : sp CERT EXP08-C,EXP34-C
  64    
M 54 Procedure contains UR data flow anomalies. : ctx.a CERT EXP33-C
  73    
M 54 Procedure contains UR data flow anomalies. : ctx.b CERT EXP33-C
  73    
M 54 Procedure contains UR data flow anomalies. : ctx.block CERT EXP33-C
  73    
M 54 Procedure contains UR data flow anomalies. : ctx.buffer CERT EXP33-C
  73    
M 54 Procedure contains UR data flow anomalies. : ctx.c CERT EXP33-C
  73    
M 54 Procedure contains UR data flow anomalies. : ctx.d CERT EXP33-C
  73    
M 54 Procedure contains UR data flow anomalies. : ctx.hi CERT EXP33-C
  73    
M 54 Procedure contains UR data flow anomalies. : ctx.lo CERT EXP33-C
  73    
M 54 Procedure contains UR data flow anomalies. : ctx1.a CERT EXP33-C
  85    
M 54 Procedure contains UR data flow anomalies. : ctx1.b CERT EXP33-C
  85    
M 54 Procedure contains UR data flow anomalies. : ctx1.block CERT EXP33-C
  85    
M 54 Procedure contains UR data flow anomalies. : ctx1.buffer CERT EXP33-C
  85    
M 54 Procedure contains UR data flow anomalies. : ctx1.c CERT EXP33-C
  85    
M 54 Procedure contains UR data flow anomalies. : ctx1.d CERT EXP33-C
  85    
M 54 Procedure contains UR data flow anomalies. : ctx1.hi CERT EXP33-C
  85    
M 54 Procedure contains UR data flow anomalies. : ctx1.lo CERT EXP33-C
  85    
M 52 Procedure contains UR data flow anomalies. : final CERT EXP33-C
  89    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 73 ctx.a
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 73 ctx.b
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 73 ctx.block
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 73 ctx.buffer
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 73 ctx.c
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 73 ctx.d
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 73 ctx.hi
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 73 ctx.lo
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 85 ctx1.a
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 85 ctx1.b
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 85 ctx1.block
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 85 ctx1.buffer
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 85 ctx1.c
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 85 ctx1.d
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 85 ctx1.hi
password-scheme-md5crypt.c 54 password-scheme-md5crypt.c 85 ctx1.lo
password-scheme-md5crypt.c 52 password-scheme-md5crypt.c 89 final

[ Top of Report | Procedure Table | Contents ]





password_generate_otp
(15 to 40 password-scheme-otp.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 27 Procedure contains UR data flow anomalies. : random_data CERT EXP33-C
  29    
M 18 Procedure contains UR data flow anomalies. : state.algo CERT EXP33-C
  37    
M 18 Procedure contains UR data flow anomalies. : state.hash CERT EXP33-C
  37    
M 18 Procedure contains UR data flow anomalies. : state.seed CERT EXP33-C
  30    
M 18 Procedure contains UR data flow anomalies. : state.seq CERT EXP33-C
  37    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme-otp.c 27 password-scheme-otp.c 29 random_data
password-scheme-otp.c 18 password-scheme-otp.c 37 state.algo
password-scheme-otp.c 18 password-scheme-otp.c 37 state.hash
password-scheme-otp.c 18 password-scheme-otp.c 30 state.seed
password-scheme-otp.c 18 password-scheme-otp.c 37 state.seq

[ Top of Report | Procedure Table | Contents ]





ucs2be_str
(14 to 25 password-scheme-rpa.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 23 Pointer not checked for null before use : buf CERT EXP08-C,EXP34-C
  16    
M 19 Pointer not checked for null before use : buf CERT EXP08-C,EXP34-C
  16    


[ Top of Report | Procedure Table | Contents ]





password_generate_rpa
(27 to 35 password-scheme-rpa.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 33 Pointer not checked for null before use : ucs2be_pw CERT EXP08-C,EXP34-C
  32    
M 32 Pointer not checked for null before use : unsafe_data_stack_pool CERT EXP08-C,EXP34-C
  Ref. Line -1035 (Module 242)    


[ Top of Report | Procedure Table | Contents ]





password_scheme_lookup_name
(24 to 36 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 33 Local structure returned in function result : scheme  


[ Top of Report | Procedure Table | Contents ]





password_scheme_lookup
(41 to 74 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 73 Local structure returned in function result : scheme  
M 58 Pointer not checked for null before use : name CERT EXP08-C,EXP34-C
  53    


[ Top of Report | Procedure Table | Contents ]





password_verify
(76 to 96 password-scheme.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 81 Procedure contains UR data flow anomalies. : generated CERT EXP33-C
  93    
M 82 Procedure contains UR data flow anomalies. : generated_size CERT EXP33-C
  93    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme.c 81 password-scheme.c 93 generated
password-scheme.c 82 password-scheme.c 93 generated_size

[ Top of Report | Procedure Table | Contents ]





password_decode
(129 to 183 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 143 Pointer not checked for null before use : scheme CERT EXP08-C,EXP34-C
  137    


[ Top of Report | Procedure Table | Contents ]





password_generate_encoded
(200 to 228 password-scheme.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 220 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  219    
M 204 Procedure contains UR data flow anomalies. : raw_password CERT EXP33-C
  213    
M 207 Procedure contains UR data flow anomalies. : size CERT EXP33-C
  213    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme.c 204 password-scheme.c 213 raw_password
password-scheme.c 207 password-scheme.c 213 size

[ Top of Report | Procedure Table | Contents ]





password_generate_salt
(230 to 241 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 236 Pointer not checked for null before use : salt CERT EXP08-C,EXP34-C
  235    


[ Top of Report | Procedure Table | Contents ]





password_scheme_is_alias
(243 to 265 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 250 Pointer not checked for null before use : scheme1 CERT EXP08-C,EXP34-C
  247    
M 250 Pointer not checked for null before use : scheme2 CERT EXP08-C,EXP34-C
  248    


[ Top of Report | Procedure Table | Contents ]





password_scheme_detect
(267 to 287 password-scheme.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 278 Pointer not checked for null before use : schemes CERT EXP08-C,EXP34-C
  276    
M 282 Pointer not checked for null before use : raw_password CERT EXP08-C,EXP34-C
  278    
M 273 Procedure contains UR data flow anomalies. : raw_password CERT EXP33-C
  282    
M 274 Procedure contains UR data flow anomalies. : raw_password_size CERT EXP33-C
  278    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme.c 273 password-scheme.c 282 raw_password
password-scheme.c 274 password-scheme.c 278 raw_password_size

[ Top of Report | Procedure Table | Contents ]





crypt_verify
(289 to 308 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 300 Pointer not checked for null before use : password CERT EXP08-C,EXP34-C
  299    


[ Top of Report | Procedure Table | Contents ]





crypt_generate
(310 to 321 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 318 Pointer not checked for null before use : salt CERT EXP08-C,EXP34-C
  317    
M 319 Pointer not checked for null before use : password CERT EXP08-C,EXP34-C
  318    


[ Top of Report | Procedure Table | Contents ]





md5_verify
(323 to 345 password-scheme.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 342 Pointer not checked for null before use : md5_password CERT EXP08-C,EXP34-C
  336    
M 332 Pointer not checked for null before use : password CERT EXP08-C,EXP34-C
  331    
M 335 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  334    
M 328 Procedure contains UR data flow anomalies. : md5_password CERT EXP33-C
  342    
M 329 Procedure contains UR data flow anomalies. : md5_size CERT EXP33-C
  336    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme.c 328 password-scheme.c 342 md5_password
password-scheme.c 329 password-scheme.c 336 md5_size

[ Top of Report | Procedure Table | Contents ]





md5_crypt_verify
(347 to 356 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 354 Pointer not checked for null before use : password CERT EXP08-C,EXP34-C
  353    
M 355 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  354    


[ Top of Report | Procedure Table | Contents ]





md5_crypt_generate
(358 to 374 password-scheme.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 372 Pointer not checked for null before use : password CERT EXP08-C,EXP34-C
  371    
M 363 Procedure contains UR data flow anomalies. : salt CERT EXP33-C
  366    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme.c 363 password-scheme.c 366 salt

[ Top of Report | Procedure Table | Contents ]





sha1_generate
(376 to 387 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 383 Pointer not checked for null before use : digest CERT EXP08-C,EXP34-C
  382    


[ Top of Report | Procedure Table | Contents ]





sha256_generate
(389 to 400 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 396 Pointer not checked for null before use : digest CERT EXP08-C,EXP34-C
  395    


[ Top of Report | Procedure Table | Contents ]





sha512_generate
(402 to 413 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 409 Pointer not checked for null before use : digest CERT EXP08-C,EXP34-C
  408    


[ Top of Report | Procedure Table | Contents ]





ssha_generate
(415 to 434 password-scheme.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 424 Pointer not checked for null before use : digest CERT EXP08-C,EXP34-C
  423    
M 425 Pointer not checked for null before use : salt CERT EXP08-C,EXP34-C
  424    
M 421 Procedure contains UR data flow anomalies. : ctx.c.b64 CERT EXP33-C
  427    
M 421 Procedure contains UR data flow anomalies. : ctx.c.b8 CERT EXP33-C
  427    
M 421 Procedure contains UR data flow anomalies. : ctx.count CERT EXP33-C
  427    
M 421 Procedure contains UR data flow anomalies. : ctx.h.b32 CERT EXP33-C
  427    
M 421 Procedure contains UR data flow anomalies. : ctx.h.b8 CERT EXP33-C
  427    
M 421 Procedure contains UR data flow anomalies. : ctx.m.b32 CERT EXP33-C
  427    
M 421 Procedure contains UR data flow anomalies. : ctx.m.b8 CERT EXP33-C
  427    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme.c 421 password-scheme.c 427 ctx.c.b64
password-scheme.c 421 password-scheme.c 427 ctx.c.b8
password-scheme.c 421 password-scheme.c 427 ctx.count
password-scheme.c 421 password-scheme.c 427 ctx.h.b32
password-scheme.c 421 password-scheme.c 427 ctx.h.b8
password-scheme.c 421 password-scheme.c 427 ctx.m.b32
password-scheme.c 421 password-scheme.c 427 ctx.m.b8

[ Top of Report | Procedure Table | Contents ]





ssha_verify
(436 to 453 password-scheme.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 440 Procedure contains UR data flow anomalies. : ctx.c.b64 CERT EXP33-C
  448    
M 440 Procedure contains UR data flow anomalies. : ctx.c.b8 CERT EXP33-C
  448    
M 440 Procedure contains UR data flow anomalies. : ctx.count CERT EXP33-C
  448    
M 440 Procedure contains UR data flow anomalies. : ctx.h.b32 CERT EXP33-C
  448    
M 440 Procedure contains UR data flow anomalies. : ctx.h.b8 CERT EXP33-C
  448    
M 440 Procedure contains UR data flow anomalies. : ctx.m.b32 CERT EXP33-C
  448    
M 440 Procedure contains UR data flow anomalies. : ctx.m.b8 CERT EXP33-C
  448    
M 439 Procedure contains UR data flow anomalies. : sha1_digest CERT EXP33-C
  451    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme.c 440 password-scheme.c 448 ctx.c.b64
password-scheme.c 440 password-scheme.c 448 ctx.c.b8
password-scheme.c 440 password-scheme.c 448 ctx.count
password-scheme.c 440 password-scheme.c 448 ctx.h.b32
password-scheme.c 440 password-scheme.c 448 ctx.h.b8
password-scheme.c 440 password-scheme.c 448 ctx.m.b32
password-scheme.c 440 password-scheme.c 448 ctx.m.b8
password-scheme.c 439 password-scheme.c 451 sha1_digest

[ Top of Report | Procedure Table | Contents ]





ssha256_generate
(455 to 474 password-scheme.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 464 Pointer not checked for null before use : digest CERT EXP08-C,EXP34-C
  463    
M 465 Pointer not checked for null before use : salt CERT EXP08-C,EXP34-C
  464    
M 461 Procedure contains UR data flow anomalies. : ctx.block CERT EXP33-C
  467    
M 461 Procedure contains UR data flow anomalies. : ctx.h CERT EXP33-C
  467    
M 461 Procedure contains UR data flow anomalies. : ctx.len CERT EXP33-C
  467    
M 461 Procedure contains UR data flow anomalies. : ctx.tot_len CERT EXP33-C
  467    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme.c 461 password-scheme.c 467 ctx.block
password-scheme.c 461 password-scheme.c 467 ctx.h
password-scheme.c 461 password-scheme.c 467 ctx.len
password-scheme.c 461 password-scheme.c 467 ctx.tot_len

[ Top of Report | Procedure Table | Contents ]





ssha256_verify
(476 to 494 password-scheme.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 480 Procedure contains UR data flow anomalies. : ctx.block CERT EXP33-C
  488    
M 480 Procedure contains UR data flow anomalies. : ctx.h CERT EXP33-C
  488    
M 480 Procedure contains UR data flow anomalies. : ctx.len CERT EXP33-C
  488    
M 480 Procedure contains UR data flow anomalies. : ctx.tot_len CERT EXP33-C
  488    
M 479 Procedure contains UR data flow anomalies. : sha256_digest CERT EXP33-C
  492    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme.c 480 password-scheme.c 488 ctx.block
password-scheme.c 480 password-scheme.c 488 ctx.h
password-scheme.c 480 password-scheme.c 488 ctx.len
password-scheme.c 480 password-scheme.c 488 ctx.tot_len
password-scheme.c 479 password-scheme.c 492 sha256_digest

[ Top of Report | Procedure Table | Contents ]





ssha512_generate
(496 to 515 password-scheme.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 505 Pointer not checked for null before use : digest CERT EXP08-C,EXP34-C
  504    
M 506 Pointer not checked for null before use : salt CERT EXP08-C,EXP34-C
  505    
M 502 Procedure contains UR data flow anomalies. : ctx.block CERT EXP33-C
  508    
M 502 Procedure contains UR data flow anomalies. : ctx.h CERT EXP33-C
  508    
M 502 Procedure contains UR data flow anomalies. : ctx.len CERT EXP33-C
  508    
M 502 Procedure contains UR data flow anomalies. : ctx.tot_len CERT EXP33-C
  508    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme.c 502 password-scheme.c 508 ctx.block
password-scheme.c 502 password-scheme.c 508 ctx.h
password-scheme.c 502 password-scheme.c 508 ctx.len
password-scheme.c 502 password-scheme.c 508 ctx.tot_len

[ Top of Report | Procedure Table | Contents ]





ssha512_verify
(517 to 535 password-scheme.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 521 Procedure contains UR data flow anomalies. : ctx.block CERT EXP33-C
  529    
M 521 Procedure contains UR data flow anomalies. : ctx.h CERT EXP33-C
  529    
M 521 Procedure contains UR data flow anomalies. : ctx.len CERT EXP33-C
  529    
M 521 Procedure contains UR data flow anomalies. : ctx.tot_len CERT EXP33-C
  529    
M 520 Procedure contains UR data flow anomalies. : sha512_digest CERT EXP33-C
  533    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme.c 521 password-scheme.c 529 ctx.block
password-scheme.c 521 password-scheme.c 529 ctx.h
password-scheme.c 521 password-scheme.c 529 ctx.len
password-scheme.c 521 password-scheme.c 529 ctx.tot_len
password-scheme.c 520 password-scheme.c 533 sha512_digest

[ Top of Report | Procedure Table | Contents ]





smd5_generate
(537 to 556 password-scheme.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 546 Pointer not checked for null before use : digest CERT EXP08-C,EXP34-C
  545    
M 547 Pointer not checked for null before use : salt CERT EXP08-C,EXP34-C
  546    
M 543 Procedure contains UR data flow anomalies. : ctx.a CERT EXP33-C
  549    
M 543 Procedure contains UR data flow anomalies. : ctx.b CERT EXP33-C
  549    
M 543 Procedure contains UR data flow anomalies. : ctx.block CERT EXP33-C
  549    
M 543 Procedure contains UR data flow anomalies. : ctx.buffer CERT EXP33-C
  549    
M 543 Procedure contains UR data flow anomalies. : ctx.c CERT EXP33-C
  549    
M 543 Procedure contains UR data flow anomalies. : ctx.d CERT EXP33-C
  549    
M 543 Procedure contains UR data flow anomalies. : ctx.hi CERT EXP33-C
  549    
M 543 Procedure contains UR data flow anomalies. : ctx.lo CERT EXP33-C
  549    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme.c 543 password-scheme.c 549 ctx.a
password-scheme.c 543 password-scheme.c 549 ctx.b
password-scheme.c 543 password-scheme.c 549 ctx.block
password-scheme.c 543 password-scheme.c 549 ctx.buffer
password-scheme.c 543 password-scheme.c 549 ctx.c
password-scheme.c 543 password-scheme.c 549 ctx.d
password-scheme.c 543 password-scheme.c 549 ctx.hi
password-scheme.c 543 password-scheme.c 549 ctx.lo

[ Top of Report | Procedure Table | Contents ]





smd5_verify
(558 to 575 password-scheme.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 562 Procedure contains UR data flow anomalies. : ctx.a CERT EXP33-C
  570    
M 562 Procedure contains UR data flow anomalies. : ctx.b CERT EXP33-C
  570    
M 562 Procedure contains UR data flow anomalies. : ctx.block CERT EXP33-C
  570    
M 562 Procedure contains UR data flow anomalies. : ctx.buffer CERT EXP33-C
  570    
M 562 Procedure contains UR data flow anomalies. : ctx.c CERT EXP33-C
  570    
M 562 Procedure contains UR data flow anomalies. : ctx.d CERT EXP33-C
  570    
M 562 Procedure contains UR data flow anomalies. : ctx.hi CERT EXP33-C
  570    
M 562 Procedure contains UR data flow anomalies. : ctx.lo CERT EXP33-C
  570    
M 561 Procedure contains UR data flow anomalies. : md5_digest CERT EXP33-C
  573    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme.c 562 password-scheme.c 570 ctx.a
password-scheme.c 562 password-scheme.c 570 ctx.b
password-scheme.c 562 password-scheme.c 570 ctx.block
password-scheme.c 562 password-scheme.c 570 ctx.buffer
password-scheme.c 562 password-scheme.c 570 ctx.c
password-scheme.c 562 password-scheme.c 570 ctx.d
password-scheme.c 562 password-scheme.c 570 ctx.hi
password-scheme.c 562 password-scheme.c 570 ctx.lo
password-scheme.c 561 password-scheme.c 573 md5_digest

[ Top of Report | Procedure Table | Contents ]





cram_md5_generate
(585 to 599 password-scheme.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 595 Pointer not checked for null before use : context_digest CERT EXP08-C,EXP34-C
  592    
M 589 Procedure contains UR data flow anomalies. : ctx.ctx.a CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctx.b CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctx.block CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctx.buffer CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctx.c CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctx.d CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctx.hi CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctx.lo CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctxo.a CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctxo.b CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctxo.block CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctxo.buffer CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctxo.c CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctxo.d CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctxo.hi CERT EXP33-C
  593    
M 589 Procedure contains UR data flow anomalies. : ctx.ctxo.lo CERT EXP33-C
  593    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
password-scheme.c 589 password-scheme.c 593 ctx.ctx.a
password-scheme.c 589 password-scheme.c 593 ctx.ctx.b
password-scheme.c 589 password-scheme.c 593 ctx.ctx.block
password-scheme.c 589 password-scheme.c 593 ctx.ctx.buffer
password-scheme.c 589 password-scheme.c 593 ctx.ctx.c
password-scheme.c 589 password-scheme.c 593 ctx.ctx.d
password-scheme.c 589 password-scheme.c 593 ctx.ctx.hi
password-scheme.c 589 password-scheme.c 593 ctx.ctx.lo
password-scheme.c 589 password-scheme.c 593 ctx.ctxo.a
password-scheme.c 589 password-scheme.c 593 ctx.ctxo.b
password-scheme.c 589 password-scheme.c 593 ctx.ctxo.block
password-scheme.c 589 password-scheme.c 593 ctx.ctxo.buffer
password-scheme.c 589 password-scheme.c 593 ctx.ctxo.c
password-scheme.c 589 password-scheme.c 593 ctx.ctxo.d
password-scheme.c 589 password-scheme.c 593 ctx.ctxo.hi
password-scheme.c 589 password-scheme.c 593 ctx.ctxo.lo

[ Top of Report | Procedure Table | Contents ]





digest_md5_generate
(601 to 629 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 625 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  624    
M 625 Pointer not checked for null before use : digest CERT EXP08-C,EXP34-C
  623    
M 624 Pointer not checked for null before use : user CERT EXP08-C,EXP34-C
  616    
M 624 Pointer not checked for null before use : realm CERT EXP08-C,EXP34-C
  617    


[ Top of Report | Procedure Table | Contents ]





plain_md4_generate
(631 to 642 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 638 Pointer not checked for null before use : digest CERT EXP08-C,EXP34-C
  637    


[ Top of Report | Procedure Table | Contents ]





plain_md5_generate
(644 to 655 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 651 Pointer not checked for null before use : digest CERT EXP08-C,EXP34-C
  650    


[ Top of Report | Procedure Table | Contents ]





lm_generate
(657 to 668 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 664 Pointer not checked for null before use : digest CERT EXP08-C,EXP34-C
  663    


[ Top of Report | Procedure Table | Contents ]





ntlm_generate
(670 to 681 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 677 Pointer not checked for null before use : digest CERT EXP08-C,EXP34-C
  676    


[ Top of Report | Procedure Table | Contents ]





otp_verify
(683 to 691 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 689 Pointer not checked for null before use : password CERT EXP08-C,EXP34-C
  688    


[ Top of Report | Procedure Table | Contents ]





otp_generate
(693 to 702 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 699 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 700 Pointer not checked for null before use : password CERT EXP08-C,EXP34-C
  699    


[ Top of Report | Procedure Table | Contents ]





skey_generate
(704 to 713 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 710 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 711 Pointer not checked for null before use : password CERT EXP08-C,EXP34-C
  710    


[ Top of Report | Procedure Table | Contents ]





rpa_generate
(715 to 726 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 722 Pointer not checked for null before use : digest CERT EXP08-C,EXP34-C
  721    


[ Top of Report | Procedure Table | Contents ]





password_scheme_unregister
(773 to 786 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 778 Pointer not checked for null before use : password_schemes.v CERT EXP08-C,EXP34-C
  95 (buffer.h)    
M 778 Pointer not checked for null before use : password_schemes.arr.buffer CERT EXP08-C,EXP34-C
  95 (buffer.h)    


[ Top of Report | Procedure Table | Contents ]





password_schemes_init
(788 to 796 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 792 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 243)    


[ Top of Report | Procedure Table | Contents ]





password_schemes_deinit
(798 to 801 password-scheme.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 800 Pointer not checked for null before use : password_schemes.v_modifiable CERT EXP08-C,EXP34-C
  95 (buffer.h)    
M 800 Pointer not checked for null before use : password_schemes.v CERT EXP08-C,EXP34-C
  95 (buffer.h)    
M 800 Pointer not checked for null before use : password_schemes.arr.buffer CERT EXP08-C,EXP34-C
  95 (buffer.h)    


[ Top of Report | Procedure Table | Contents ]





userdb_blocking_lookup
(52 to 63 userdb-blocking.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 57 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  56    
M 57 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 58 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





userdb_blocking_iter_init
(83 to 104 userdb-blocking.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 92 Pointer not checked for null before use : reply CERT EXP08-C,EXP34-C
  91    
M 92 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 93 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 96 Pointer not checked for null before use : pool CERT EXP08-C,EXP34-C
  95    
M 97 Pointer not checked for null before use : ctx CERT EXP08-C,EXP34-C
  96    


[ Top of Report | Procedure Table | Contents ]





checkpassword_request_finish
(20 to 49 userdb-checkpassword.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 40 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





sigchld_handler
(84 to 103 userdb-checkpassword.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 103 Memory not freed after last reference. : request CERT MEM00-C


[ Top of Report | Procedure Table | Contents ]





checkpassword_lookup_child
(105 to 134 userdb-checkpassword.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 130 Pointer not checked for null before use : cmd CERT EXP08-C,EXP34-C
  124    
M 131 Pointer not checked for null before use : args CERT EXP08-C,EXP34-C
  130    


[ Top of Report | Procedure Table | Contents ]





checkpassword_lookup
(136 to 217 userdb-checkpassword.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 189 Pointer not checked for null before use : chkpw_auth_request CERT EXP08-C,EXP34-C
  188    
M 215 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  215    
M 143 Procedure contains UR data flow anomalies. : fd_out CERT EXP33-C
  147    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
userdb-checkpassword.c 143 userdb-checkpassword.c 147 fd_out

[ Top of Report | Procedure Table | Contents ]





checkpassword_preinit
(219 to 233 userdb-checkpassword.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 225 Pointer not checked for null before use : module CERT EXP08-C,EXP34-C
  224    
M 229 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 245)    


[ Top of Report | Procedure Table | Contents ]





checkpassword_deinit
(235 to 252 userdb-checkpassword.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 243 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  244    
M 252 Memory not freed after last reference. : value CERT MEM00-C
M 240 Procedure contains UR data flow anomalies. : key CERT EXP33-C
  243    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
userdb-checkpassword.c 240 userdb-checkpassword.c 243 key

[ Top of Report | Procedure Table | Contents ]





userdb_nss_lookup
(30 to 82 userdb-nss.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 72 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 39 Procedure contains UR data flow anomalies. : err CERT EXP33-C
  43    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
userdb-nss.c 39 userdb-nss.c 43 err

[ Top of Report | Procedure Table | Contents ]





userdb_nss_load_module
(84 to 101 userdb-nss.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 91 Pointer not checked for null before use : path CERT EXP08-C,EXP34-C
  90    
M 87 Declaration types do not match across a system. : name CERT ARR31-C


[ Top of Report | Procedure Table | Contents ]





userdb_nss_preinit
(103 to 129 userdb-nss.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 110 Pointer not checked for null before use : module CERT EXP08-C,EXP34-C
  109    
M 114 Pointer not checked for null before use : tmp CERT EXP08-C,EXP34-C
  114    


[ Top of Report | Procedure Table | Contents ]





userdb_nss_deinit
(131 to 141 userdb-nss.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 138 Pointer not checked for null before use : symbol CERT EXP08-C,EXP34-C
  137    


[ Top of Report | Procedure Table | Contents ]





passwd_file_lookup
(32 to 85 userdb-passwd-file.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 66 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 73 Pointer not checked for null before use : key CERT EXP08-C,EXP34-C
  72    
M 77 Pointer not checked for null before use : table CERT EXP08-C,EXP34-C
  66    
M 76 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  65    
M 80 Pointer not checked for null before use : key CERT EXP08-C,EXP34-C
  75    
M 80 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  78    
M 68 Pointer not checked for null before use : p CERT EXP08-C,EXP34-C
  68    


[ Top of Report | Procedure Table | Contents ]





passwd_file_iterate_init
(87 to 117 userdb-passwd-file.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 97 Pointer not checked for null before use : ctx CERT EXP08-C,EXP34-C
  96    
M 96 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 248)    


[ Top of Report | Procedure Table | Contents ]





passwd_file_iterate_next
(119 to 143 userdb-passwd-file.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 126 Procedure contains UR data flow anomalies. : line CERT EXP33-C
  123    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
userdb-passwd-file.c 126 userdb-passwd-file.c 138 line

[ Top of Report | Procedure Table | Contents ]





passwd_file_iterate_deinit
(145 to 156 userdb-passwd-file.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 154 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  153    
M 154 Attempt to read from freed memory. : default_pool CERT MEM30-C
M 154 Pointer not checked for null before use : (ctx)->path CERT EXP08-C,EXP34-C
  153    


[ Top of Report | Procedure Table | Contents ]





passwd_file_preinit
(158 to 195 userdb-passwd-file.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 167 Pointer not checked for null before use : args CERT EXP08-C,EXP34-C
  166    
M 181 Pointer not checked for null before use : module CERT EXP08-C,EXP34-C
  180    
M 183 Pointer not checked for null before use : format CERT EXP08-C,EXP34-C
  172    


[ Top of Report | Procedure Table | Contents ]





passwd_lookup
(28 to 69 userdb-passwd.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 45 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C


[ Top of Report | Procedure Table | Contents ]





passwd_iterate_init
(71 to 86 userdb-passwd.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 78 Pointer not checked for null before use : ctx CERT EXP08-C,EXP34-C
  77    
M 77 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 249)    


[ Top of Report | Procedure Table | Contents ]





passwd_iterate_next_timeout
(115 to 119 userdb-passwd.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 117 Pointer not checked for null before use : cur_userdb_iter_to CERT EXP08-C,EXP34-C
  26    
M 118 Pointer not checked for null before use : cur_userdb_iter CERT EXP08-C,EXP34-C
  25    


[ Top of Report | Procedure Table | Contents ]





passwd_passwd_preinit
(137 to 153 userdb-passwd.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 144 Pointer not checked for null before use : module CERT EXP08-C,EXP34-C
  143    
M 141 Procedure contains UR data flow anomalies. : value CERT EXP33-C
  149    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
userdb-passwd.c 141 userdb-passwd.c 149 value

[ Top of Report | Procedure Table | Contents ]





userdb_static_template_build
(17 to 65 userdb-static.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 64 Local structure returned in function result : tmpl  
M 29 Pointer not checked for null before use : tmpl CERT EXP08-C,EXP34-C
  26    
M 29 Pointer not checked for null before use : tmp CERT EXP08-C,EXP34-C
  28    
M 41 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 48 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 61 Pointer not checked for null before use : key CERT EXP08-C,EXP34-C
  58    
M 62 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  59    
M 31 Pointer not checked for null before use : tmp CERT EXP08-C,EXP34-C
  31    
M 40 Pointer not checked for null before use : key CERT EXP08-C,EXP34-C
  36    
M 59 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  46    
M 61 Pointer not checked for null before use : (arr)->buffer CERT EXP08-C,EXP34-C
  29    
M 61 Pointer not checked for null before use : (arr)->element_size CERT EXP08-C,EXP34-C
  29    


[ Top of Report | Procedure Table | Contents ]





userdb_static_template_isset
(67 to 80 userdb-static.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 76 Pointer not checked for null before use : args CERT EXP08-C,EXP34-C
  73    


[ Top of Report | Procedure Table | Contents ]





userdb_static_template_remove
(82 to 98 userdb-static.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 91 Pointer not checked for null before use : args CERT EXP08-C,EXP34-C
  88    


[ Top of Report | Procedure Table | Contents ]





userdb_static_template_export
(100 to 123 userdb-static.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 109 Pointer not checked for null before use : NULL CERT EXP08-C,EXP34-C
M 118 Pointer not checked for null before use : table CERT EXP08-C,EXP34-C
  109    
M 117 Pointer not checked for null before use : str CERT EXP08-C,EXP34-C
  108    
M 121 Pointer not checked for null before use : value CERT EXP08-C,EXP34-C
  119    
M 115 Procedure contains UR data flow anomalies. : value CERT EXP33-C
  105    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
userdb-static.c 115 userdb-static.c 121 value

[ Top of Report | Procedure Table | Contents ]





static_lookup
(183 to 211 userdb-static.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 197 Pointer not checked for null before use : ctx CERT EXP08-C,EXP34-C
  196    


[ Top of Report | Procedure Table | Contents ]





static_preinit
(213 to 228 userdb-static.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 220 Pointer not checked for null before use : module CERT EXP08-C,EXP34-C
  219    
M 217 Procedure contains UR data flow anomalies. : value CERT EXP33-C
  224    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
userdb-static.c 217 userdb-static.c 224 value

[ Top of Report | Procedure Table | Contents ]





userdb_interface_find
(19 to 30 userdb.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 27 Local structure returned in function result : iface  
M 23 Pointer not checked for null before use : userdb_interfaces.v CERT EXP08-C,EXP34-C
  12    


[ Top of Report | Procedure Table | Contents ]





userdb_unregister_module
(47 to 60 userdb.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 52 Pointer not checked for null before use : userdb_interfaces.v CERT EXP08-C,EXP34-C
  12    


[ Top of Report | Procedure Table | Contents ]





userdb_parse_uid
(62 to 82 userdb.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 65 Procedure contains UR data flow anomalies. : uid CERT EXP33-C
  70    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
userdb.c 65 userdb.c 70 uid

[ Top of Report | Procedure Table | Contents ]





userdb_parse_gid
(84 to 104 userdb.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 87 Procedure contains UR data flow anomalies. : gid CERT EXP33-C
  92    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
userdb.c 87 userdb.c 92 gid

[ Top of Report | Procedure Table | Contents ]





userdb_find
(106 to 121 userdb.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 112 Pointer not checked for null before use : userdb_modules.arr.buffer CERT EXP08-C,EXP34-C
  13    
M 114 Pointer not checked for null before use : userdbs CERT EXP08-C,EXP34-C
  112    


[ Top of Report | Procedure Table | Contents ]





userdb_preinit
(123 to 154 userdb.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 153 Local structure returned in function result : userdb  
M 149 Pointer not checked for null before use : userdb CERT EXP08-C,EXP34-C
  148    


[ Top of Report | Procedure Table | Contents ]





userdb_deinit
(163 to 181 userdb.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 165 Procedure contains UR data flow anomalies. : idx CERT EXP33-C
  174    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
userdb.c 165 userdb.c 174 idx

[ Top of Report | Procedure Table | Contents ]





userdbs_generate_md5
(183 to 198 userdb.c) - FAIL

Standards Violation Summary

Code Violation Standard
M Procedure contains UR data flow anomalies. CERT EXP33-C

Code Line Violation Standard
M 192 Sizeof argument is a pointer. CERT EXP01-C
M 190 Pointer not checked for null before use : userdb_modules.arr.buffer CERT EXP08-C,EXP34-C
  13    
M 192 Pointer not checked for null before use : userdbs CERT EXP08-C,EXP34-C
  190    
M 185 Procedure contains UR data flow anomalies. : ctx.a CERT EXP33-C
  189    
M 185 Procedure contains UR data flow anomalies. : ctx.b CERT EXP33-C
  189    
M 185 Procedure contains UR data flow anomalies. : ctx.block CERT EXP33-C
  189    
M 185 Procedure contains UR data flow anomalies. : ctx.buffer CERT EXP33-C
  189    
M 185 Procedure contains UR data flow anomalies. : ctx.c CERT EXP33-C
  189    
M 185 Procedure contains UR data flow anomalies. : ctx.d CERT EXP33-C
  189    
M 185 Procedure contains UR data flow anomalies. : ctx.hi CERT EXP33-C
  189    
M 185 Procedure contains UR data flow anomalies. : ctx.lo CERT EXP33-C
  189    


Possible UR Anomalies

The following variables may be referenced before being given a value

File Undefine File Reference Variable
userdb.c 185 userdb.c 189 ctx.a
userdb.c 185 userdb.c 189 ctx.b
userdb.c 185 userdb.c 189 ctx.block
userdb.c 185 userdb.c 189 ctx.buffer
userdb.c 185 userdb.c 189 ctx.c
userdb.c 185 userdb.c 189 ctx.d
userdb.c 185 userdb.c 189 ctx.hi
userdb.c 185 userdb.c 189 ctx.lo

[ Top of Report | Procedure Table | Contents ]





userdbs_init
(210 to 223 userdb.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 212 Pointer not checked for null before use : default_pool CERT EXP08-C,EXP34-C
  Ref. Line -1104 (Module 254)    
M 213 Pointer not checked for null before use : userdb_modules.arr.buffer CERT EXP08-C,EXP34-C
  13    
M 213 Pointer not checked for null before use : userdb_modules.v_modifiable CERT EXP08-C,EXP34-C
  13    
M 213 Pointer not checked for null before use : userdb_modules.v CERT EXP08-C,EXP34-C
  13    
M 214 Pointer not checked for null before use : userdb_passwd.name CERT EXP08-C,EXP34-C
  160 (auth-request.h)    
M 215 Pointer not checked for null before use : userdb_passwd_file.name CERT EXP08-C,EXP34-C
  167    
M 216 Pointer not checked for null before use : userdb_prefetch.name CERT EXP08-C,EXP34-C
  100 (passdb.h)    
M 217 Pointer not checked for null before use : userdb_static.name CERT EXP08-C,EXP34-C
  Ref. Line 3901 (userdb.c)    
M 218 Pointer not checked for null before use : userdb_vpopmail.name CERT EXP08-C,EXP34-C
  57 (auth-request-handler.h)    
M 219 Pointer not checked for null before use : userdb_ldap.name CERT EXP08-C,EXP34-C
  57 (auth-request-handler.h)    
M 220 Pointer not checked for null before use : userdb_sql.name CERT EXP08-C,EXP34-C
  57 (auth-request-handler.h)    
M 221 Pointer not checked for null before use : userdb_nss.name CERT EXP08-C,EXP34-C
  64 (auth-request.h)    
M 222 Pointer not checked for null before use : userdb_checkpassword.name CERT EXP08-C,EXP34-C
  208    


[ Top of Report | Procedure Table | Contents ]





userdbs_deinit
(225 to 229 userdb.c) - FAIL

Standards Violation Summary

Code Line Violation Standard
M 227 Pointer not checked for null before use : userdb_modules.arr.buffer CERT EXP08-C,EXP34-C
  13    
M 227 Pointer not checked for null before use : userdb_modules.v_modifiable CERT EXP08-C,EXP34-C
  13    
M 227 Pointer not checked for null before use : userdb_modules.v CERT EXP08-C,EXP34-C
  13    
M 228 Pointer not checked for null before use : userdb_interfaces.arr.buffer CERT EXP08-C,EXP34-C
  12    
M 228 Pointer not checked for null before use : userdb_interfaces.v CERT EXP08-C,EXP34-C
  12    
M 228 Pointer not checked for null before use : userdb_interfaces.v_modifiable CERT EXP08-C,EXP34-C
  12    


[ Top of Report | Procedure Table | Contents ]


End of Code Review Report

Copyright © 2010 Liverpool Data Research Associates