LDRA Testbed ® Code Review Report

System : Dovecot-src-pop3

Overall Result: FAIL

Report Production	Report Configuration	Analysis phases
C/C++ LDRA Testbed Version: 8.3.0 Config. File: C:\Testbed\CCPP_830_Release\C\sate_creport.dat Produced On: Mon Aug 09 2010 at 21:58:05 Penalty File: C:\Testbed\CCPP_830_Release\c\cpen.dat	Report Level: Summary Report Procedures Reported: Fails Only Programming Standards Model: SATE 2010 L1 Plus Line Numbers refer to: Original Source File Violation Details: Violations Only Reporting Scope: Full analysis scope	Static: Yes Complexity: Yes Static Data Flow: Yes Information Flow: Yes Cross Reference: Yes

Overall Quality Summary

Totals of Violations for each Standard
Table of Procedure Results
Table of Source Files in System
Table of Global Basic Information

Report on Program Components

Quality Results Global Program and Selected Procedures

Overall Quality Summary

Totals for Violated Quality Standards

Number of Violations	LDRA Code	(M) Mandatory Standards	CERT Code
81	77 S	Macro replacement list needs parentheses.	CERT PRE02-C
55	78 S	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
3	577 S	Sizeof argument is a pointer.	CERT EXP01-C
34	5 D	Procedure contains UR data flow anomalies.	CERT EXP33-C
297	45 D	Pointer not checked for null before use	CERT EXP08-C,EXP34-C
3	50 D	Memory not freed after last reference.	CERT MEM00-C
18	51 D	Attempt to read from freed memory.	CERT MEM30-C
13	57 D	Global not initialised at declaration.	CERT EXP33-C
84	69 D	Procedure contains UR data flow anomalies.	CERT EXP33-C
6	77 D	Local structure returned in function result
3	1 X	Declaration types do not match across a system.	CERT ARR31-C

Number of Violations	LDRA Code	(C) Checking (Mandatory) Standards	CERT Code
13	76 D	Procedure not called in code analysed

Number of Violations	LDRA Code	(O) Optional Standards	CERT Code
1	80 D	Potentially unused function return value.	CERT FIO04-C

Number of Mandatory Standards checked	27
Number of Checking Standards checked	1
Number of Optional Standards checked	3
Total Standards checked	31

OVERALL RESULT: FAIL

Out of 228 program components, 121 (53.07 %) pass ( of which 0 conditionally pass ) and 107 fail ( of which 0 fail only because of insufficient comments )

Procedure Results


`Quality Result`	`Procedure`	`Source File`	`Unique Violations`		`Failure Density`
					`(Viols/R.Line %)`
FAIL	Global Program
FAIL	access_lookup_input	access-lookup.c	1	-	3	-
FAIL	access_lookup_timeout	access-lookup.c	1	-	11		-
FAIL	access_lookup	access-lookup.c	1	-	6	-
FAIL	access_lookup_destroy	access-lookup.c	1	-	5	-
Pass	buffer_get_data	buffer.h analysed in client-authenticate.c	0		0
Pass	buffer_get_used_size	buffer.h analysed in client-authenticate.c	0		0
FAIL	cmd_capa	client-authenticate.c	1	-	7	-
Pass	pop3_client_auth_handle_reply	client-authenticate.c	0		0
FAIL	cmd_auth	client-authenticate.c	2	-	12		-
Pass	cmd_user	client-authenticate.c	0		0
FAIL	cmd_pass	client-authenticate.c	1	-	6	-
FAIL	cmd_apop	client-authenticate.c	2	-	6	-
FAIL	client_auth_failed	client-common-auth.c	1	-	4	-
Pass	client_auth_waiting_timeout	client-common-auth.c	0		0
Pass	client_set_auth_waiting	client-common-auth.c	0		0
FAIL	client_auth_parse_args	client-common-auth.c	1	-	1	-
Pass	proxy_free_password	client-common-auth.c	0		0
FAIL	client_proxy_finish_destroy_client	client-common-auth.c	1	-	4	-
FAIL	client_proxy_log_failure	client-common-auth.c	1	-	4	-
FAIL	client_proxy_failed	client-common-auth.c	1	-	25			-
Pass	proxy_input	client-common-auth.c	0		0
Pass	proxy_start	client-common-auth.c	0		0
FAIL	client_auth_handle_reply	client-common-auth.c	1	-	3	-
FAIL	client_auth_read_line	client-common-auth.c	1	-	5	-
FAIL	client_auth_parse_response	client-common-auth.c	1	-	46				-
Pass	client_auth_input	client-common-auth.c	0		0
Pass	client_auth_send_challenge	client-common-auth.c	0		0
FAIL	sasl_callback	client-common-auth.c	2	-	15		-
Pass	client_auth_begin	client-common-auth.c	0		0
Pass	client_check_plaintext_auth	client-common-auth.c	0		0
FAIL	clients_notify_auth_connected	client-common-auth.c	1	-	3	-
Pass	client_idle_disconnect_timeout	client-common.c	0		0
Pass	client_open_streams	client-common.c	0		0
FAIL	client_create	client-common.c	1	-	3	-
FAIL	client_destroy	client-common.c	1	-	2	-
Pass	client_destroy_success	client-common.c	0		0
Pass	client_destroy_ nternal_failure	client-common.c	0		0
Pass	client_ref	client-common.c	0		0
FAIL	client_unref	client-common.c	1	-	6	-
FAIL	client_destroy_oldest	client-common.c	1	-	3	-
FAIL	clients_destroy_all	client-common.c	1	-	13		-
FAIL	client_start_tls	client-common.c	1	-	8	-
Pass	client_output_starttls	client-common.c	0		0
Pass	client_cmd_starttls	client-common.c	0		0
Pass	clients_get_count	client-common.c	0		0
FAIL	get_var_expand_table	client-common.c	1	-	7	-
Pass	have_key	client-common.c	0		0
FAIL	client_get_log_str	client-common.c	1	-	10		-


`Quality Result`	`Procedure`	`Source File`	`Unique Violations`		`Failure Density`
					`(Viols/R.Line %)`
Pass	client_log	client-common.c	0		0
Pass	client_log_err	client-common.c	0		0
FAIL	client_is_trusted	client-common.c	2	-	8	-
Pass	client_get_extr _disconnect_reason	client-common.c	0		0
Pass	client_send_line	client-common.c	0		0
Pass	client_send_raw_data	client-common.c	0		0
Pass	client_send_raw	client-common.c	0		0
Pass	client_read	client-common.c	0		0
Pass	client_input	client-common.c	0		0
Pass	login_process_preinit	client.c	0		0
Pass	cmd_stls	client.c	0		0
Pass	cmd_quit	client.c	0		0
FAIL	client_command_execute	client.c	1	-	1	-
FAIL	pop3_client_input	client.c	2	-	38				-
Pass	pop3_client_alloc	client.c	0		0
Pass	pop3_client_create	client.c	0		0
Pass	pop3_client_destroy	client.c	0		0
FAIL	get_apop_challenge	client.c	2	-	50					-
Pass	pop3_client_send_greeting	client.c	0		0
Pass	pop3_client_starttls	client.c	0		0
FAIL	pop3_client_send_line	client.c	1	-	3	-
Pass	pop3_login_die	client.c	0		0
Pass	clients_init	client.c	0		0
Pass	clients_deinit	client.c	0		0
Pass	login_proxy_record_hash	login-proxy-state.c	0		0
Pass	login_proxy_record_cmp	login-proxy-state.c	0		0
FAIL	login_proxy_state_init	login-proxy-state.c	1	-	27			-
Pass	login_proxy_state_deinit	login-proxy-state.c	0		0
FAIL	login_proxy_state_get	login-proxy-state.c	1	-	11		-
Pass	login_proxy_state_notify_open	login-proxy-state.c	0		0
FAIL	login_proxy_state_notify	login-proxy-state.c	1	-	2	-
FAIL	server_input	login-proxy.c	1	-	8	-
FAIL	proxy_client_input	login-proxy.c	1	-	8	-
Pass	server_output	login-proxy.c	0		0
Pass	proxy_client_output	login-proxy.c	0		0
Pass	proxy_prelogin_input	login-proxy.c	0		0
Pass	proxy_plain_connected	login-proxy.c	0		0
Pass	proxy_fail_connect	login-proxy.c	0		0
Pass	proxy_wait_connect	login-proxy.c	0		0
Pass	proxy_connect_timeout	login-proxy.c	0		0
FAIL	login_proxy_connect	login-proxy.c	1	-	5	-
Pass	login_proxy_dns_done	login-proxy.c	0		0
FAIL	login_proxy_new	login-proxy.c	1	-	3	-
FAIL	login_proxy_free	login-proxy.c	2	-	5	-
Pass	login_proxy_is_ourself	login-proxy.c	0		0
Pass	login_proxy_get_istream	login-proxy.c	0		0
Pass	login_proxy_get_ostream	login-proxy.c	0		0
Pass	login_proxy_get_host	login-proxy.c	0		0
Pass	login_proxy_get_port	login-proxy.c	0		0


`Quality Result`	`Procedure`	`Source File`	`Unique Violations`		`Failure Density`
					`(Viols/R.Line %)`
Pass	login_proxy_get_ssl_flags	login-proxy.c	0		0
FAIL	login_proxy_notify	login-proxy.c	1	-	33				-
FAIL	login_proxy_detach	login-proxy.c	2	-	5	-
Pass	login_proxy_ssl_handshaked	login-proxy.c	0		0
Pass	login_proxy_starttls	login-proxy.c	0		0
Pass	proxy_kill_idle	login-proxy.c	0		0
FAIL	login_proxy_kill_idle	login-proxy.c	1	-	11		-
Pass	login_proxy_init	login-proxy.c	0		0
FAIL	login_proxy_deinit	login-proxy.c	1	-	15		-
Pass	ssl_settings_check	login-settings.c	0		0
Pass	login_settings_check	login-settings.c	0		0
FAIL	login_set_var_expand_table	login-settings.c	1	-	33				-
FAIL	login_settings_read	login-settings.c	2	-	13		-
Pass	login_settings_deinit	login-settings.c	0		0
Pass	login_refresh_proctitle	main.c	0		0
FAIL	auth_client_idle_timeout	main.c	1	-	25			-
Pass	login_client_destroyed	main.c	0		0
FAIL	login_die	main.c	1	-	17		-
FAIL	client_connected_finish	main.c	2	-	27			-
FAIL	login_access_lookup_free	main.c	1	-	3	-
FAIL	login_access_callback	main.c	1	-	5	-
Pass	login_access_lookup_next	main.c	0		0
FAIL	client_input_error	main.c	2	-	17		-
FAIL	client_connected	main.c	1	-	8	-
FAIL	auth_connect_notify	main.c	1	-	5	-
FAIL	anvil_reconnect_callback	main.c	1	-	25			-
FAIL	main_preinit	main.c	1	-	2	-
Pass	main_init	main.c	0		0
FAIL	main_deinit	main.c	1	-	5	-
FAIL	main	main.c	2	-	15		-
FAIL	pop3_refresh_proctitle	main.c	1	-	5	-
FAIL	pop3_die	main.c	1	-	50						-
FAIL	client_add_input	main.c	1	-	3	-
FAIL	client_create_from_input	main.c	2	-	14		-
FAIL	main_stdio_run	main.c	2	-	9	-
FAIL	login_client_connected	main.c	2	-	47					-
FAIL	login_client_failed	main.c	1	-	20			-
FAIL	client_connected	main.c	1	-	8	-
FAIL	main	main.c	2	-	14		-
Pass	client_commit_timeout	pop3-client.c	0		0
Pass	client_idle_timeout	pop3-client.c	0		0
FAIL	init_mailbox	pop3-client.c	2	-	16		-
Pass	parse_uidl_keymask	pop3-client.c	0		0
FAIL	client_create	pop3-client.c	3	-	9	-
Pass	client_build_ui l_change_string	pop3-client.c	0		0
FAIL	client_stats	pop3-client.c	1	-	21			-
Pass	client_get_disconnect_reason	pop3-client.c	0		0
FAIL	client_destroy	pop3-client.c	1	-	9	-
Pass	client_disconnect	pop3-client.c	0		0


`Quality Result`	`Procedure`	`Source File`	`Unique Violations`		`Failure Density`
					`(Viols/R.Line %)`
FAIL	client_send_line	pop3-client.c	1	-	2	-
FAIL	client_send_storage_error	pop3-client.c	2	-	14		-
FAIL	client_handle_input	pop3-client.c	2	-	4	-
FAIL	client_input	pop3-client.c	1	-	2	-
FAIL	client_output	pop3-client.c	1	-	2	-
FAIL	clients_destroy_all	pop3-client.c	2	-	160
Pass	array_create_from_buffer_i	array.h analysed in pop3-commands.c	0		0
FAIL	array_create_i	array.h analysed in pop3-commands.c	1	-	17		-
Pass	array_free_i	array.h analysed in pop3-commands.c	0		0
Pass	array_is_created_i	array.h analysed in pop3-commands.c	0		0
Pass	array_get_pool_i	array.h analysed in pop3-commands.c	0		0
Pass	array_clear_i	array.h analysed in pop3-commands.c	0		0
Pass	array_append_i	array.h analysed in pop3-commands.c	0		0
Pass	array_append_array_i	array.h analysed in pop3-commands.c	0		0
Pass	array_insert_i	array.h analysed in pop3-commands.c	0		0
Pass	array_delete_i	array.h analysed in pop3-commands.c	0		0
Pass	array_get_i	array.h analysed in pop3-commands.c	0		0
Pass	array_idx_i	array.h analysed in pop3-commands.c	0		0
Pass	array_get_modifiable_i	array.h analysed in pop3-commands.c	0		0
Pass	array_append_space_i	array.h analysed in pop3-commands.c	0		0
Pass	array_copy	array.h analysed in pop3-commands.c	0		0
Pass	array_count_i	array.h analysed in pop3-commands.c	0		0
Pass	get_msgnum	pop3-commands.c	0		0
Pass	get_size	pop3-commands.c	0		0
Pass	cmd_capa	pop3-commands.c	0		0
FAIL	cmd_dele	pop3-commands.c	1	-	7	-
FAIL	cmd_list_callback	pop3-commands.c	1	-	2	-
FAIL	cmd_list	pop3-commands.c	2	-	10		-
Pass	cmd_last	pop3-commands.c	0		0
Pass	cmd_noop	pop3-commands.c	0		0
FAIL	pop3_search_build	pop3-commands.c	1	-	13		-
FAIL	client_update_mails	pop3-commands.c	1	-	2	-
FAIL	cmd_quit	pop3-commands.c	1	-	4	-
FAIL	fetch_deinit	pop3-commands.c	1	-	13		-
FAIL	fetch_callback	pop3-commands.c	1	-	1	-
Pass	client_reply_msg_expunged	pop3-commands.c	0		0
FAIL	fetch	pop3-commands.c	1	-	5	-
FAIL	cmd_retr	pop3-commands.c	1	-	6	-
FAIL	cmd_rset	pop3-commands.c	1	-	6	-
Pass	cmd_stat	pop3-commands.c	0		0
FAIL	cmd_top	pop3-commands.c	1	-	10		-
FAIL	pop3_get_uid	pop3-commands.c	1	-	4	-
FAIL	list_uids_iter	pop3-commands.c	1	-	3	-
Pass	cmd_uidl_callback	pop3-commands.c	0		0
FAIL	cmd_uidl_init	pop3-commands.c	1	-	14		-
FAIL	cmd_uidl	pop3-commands.c	2	-	7	-
Pass	client_command_execute	pop3-commands.c	0		0
Pass	proxy_free_password	pop3-proxy.c	0		0
FAIL	get_plain_auth	pop3-proxy.c	1	-	9	-


`Quality Result`	`Procedure`	`Source File`	`Unique Violations`		`Failure Density`
					`(Viols/R.Line %)`
FAIL	proxy_send_login	pop3-proxy.c	1	-	10		-
FAIL	pop3_proxy_parse_line	pop3-proxy.c	1	-	5	-
Pass	pop3_proxy_reset	pop3-proxy.c	0		0
FAIL	pop3_settings_parse_workarounds	pop3-settings.c	1	-	5	-
Pass	pop3_settings_verify	pop3-settings.c	0		0
FAIL	sasl_server_get_advertised_mechs	sasl-server.c	1	-	5	-
Pass	client_get_auth_flags	sasl-server.c	0		0
Pass	call_client_callback	sasl-server.c	0		0
FAIL	master_auth_callback	sasl-server.c	1	-	4	-
FAIL	master_send_request	sasl-server.c	2	-	15		-
FAIL	anvil_lookup_callback	sasl-server.c	1	-	7	-
FAIL	anvil_check_too_many_connections	sasl-server.c	2	-	29			-
FAIL	authenticate_callback	sasl-server.c	1	-	4	-
FAIL	sasl_server_auth_begin	sasl-server.c	1	-	8	-
FAIL	sasl_server_auth_cancel	sasl-server.c	1	-	6	-
Pass	sasl_server_auth_failed	sasl-server.c	0		0
FAIL	sasl_server_auth_abort	sasl-server.c	1	-	14		-
Pass	ssl_proxy_alloc	ssl-proxy.c	0		0
Pass	ssl_proxy_client_alloc	ssl-proxy.c	0		0
Pass	ssl_proxy_start	ssl-proxy.c	0		0
Pass	ssl_proxy_set_client	ssl-proxy.c	0		0
Pass	ssl_proxy_has_v lid_client_cert	ssl-proxy.c	0		0
Pass	ssl_proxy_has_b oken_client_cert	ssl-proxy.c	0		0
Pass	ssl_proxy_get_peer_name	ssl-proxy.c	0		0
Pass	ssl_proxy_is_handshaked	ssl-proxy.c	0		0
Pass	ssl_proxy_get_last_error	ssl-proxy.c	0		0
Pass	ssl_proxy_get_security_string	ssl-proxy.c	0		0
Pass	ssl_proxy_get_compression	ssl-proxy.c	0		0
Pass	ssl_proxy_free	ssl-proxy.c	0		0
Pass	ssl_proxy_get_count	ssl-proxy.c	0		0
Pass	ssl_proxy_init	ssl-proxy.c	0		0
Pass	ssl_proxy_deinit	ssl-proxy.c	0		0

Global Information

Source Files in System

Name	Last Modification Date
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\login-common\ssl-proxy.c	Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\login-common\ssl-proxy-openssl.c	Sun Apr 04 19:00:06 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\login-common\ssl-proxy-gnutls.c	Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\login-common\sasl-server.c	Mon Jun 14 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\login-common\main.c	Mon Jun 07 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\login-common\login-settings.c	Wed Jun 09 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\login-common\login-proxy.c	Wed May 19 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\login-common\login-proxy-state.c	Wed May 19 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\login-common\client-common.c	Wed May 19 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\login-common\client-common-auth.c	Wed Jun 09 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\login-common\access-lookup.c	Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\pop3-login\pop3-proxy.c	Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\pop3-login\pop3-login-settings.c	Fri Jun 25 08:22:16 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\pop3-login\client.c	Wed Apr 14 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\pop3-login\client-authenticate.c	Fri Mar 26 07:16:36 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\pop3\pop3-settings.c	Fri Jun 25 08:22:16 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\pop3\pop3-commands.c	Wed Apr 14 19:00:04 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\pop3\pop3-client.c	Thu Jun 17 19:00:06 2010
C:\Code\SAMATE\SATE2010\dovecot-2.0.beta6.20100626\dovecot-2.0.beta6\src\pop3\main.c	Thu May 27 19:00:08 2010

Global Basic Information

Number of procedures:	227
Number of locally uncalled procedures:	3
Maximum loop depth:	2
Total Cyclomatic Complexity:	764
Number of reformatted executable lines:	7559
Number of lines of comments:	13666

Summary Report on all Program Components which FAIL

Globals / code outside procedures - FAIL

Standards Violation Summary - All files

Code	File: Src Line	Violation	Standard
M	compat.h: 214	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 215	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 216	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 217	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 218	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 219	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 220	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 221	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 222	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 223	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 224	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 225	Macro replacement list needs parentheses.	CERT PRE02-C
M	compat.h: 226	Macro replacement list needs parentheses.	CERT PRE02-C
M	macros.h: 196	Macro replacement list needs parentheses.	CERT PRE02-C
M	macros.h: 197	Macro replacement list needs parentheses.	CERT PRE02-C
M	macros.h: 204	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	macros.h: 204	Macro replacement list needs parentheses.	CERT PRE02-C
M	macros.h: 205	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	macros.h: 205	Macro replacement list needs parentheses.	CERT PRE02-C
M	macros.h: 223	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	macros.h: 223	Macro replacement list needs parentheses.	CERT PRE02-C
M	macros.h: 232	Macro replacement list needs parentheses.	CERT PRE02-C
M	data-stack.h: 49	Macro replacement list needs parentheses.	CERT PRE02-C
M	data-stack.h: 51	Macro replacement list needs parentheses.	CERT PRE02-C
M	data-stack.h: 75	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	data-stack.h: 85	Macro replacement list needs parentheses.	CERT PRE02-C
M	data-stack.h: 90	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	data-stack.h: 90	Macro replacement list needs parentheses.	CERT PRE02-C
M	data-stack.h: 97	Macro replacement list needs parentheses.	CERT PRE02-C
M	mempool.h: 84	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	mempool.h: 87	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	mempool.h: 88	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	mempool.h: 99	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	mempool.h: 99	Macro replacement list needs parentheses.	CERT PRE02-C
M	mempool.h: 102	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	mempool.h: 102	Macro replacement list needs parentheses.	CERT PRE02-C
M	imem.h: 8	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	imem.h: 8	Macro replacement list needs parentheses.	CERT PRE02-C
M	imem.h: 14	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	imem.h: 14	Macro replacement list needs parentheses.	CERT PRE02-C
M	imem.h: 15	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	imem.h: 15	Macro replacement list needs parentheses.	CERT PRE02-C
M	array-decl.h: 4	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array-decl.h: 4	Macro replacement list needs parentheses.	CERT PRE02-C
M	array-decl.h: 7	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array-decl.h: 7	Macro replacement list needs parentheses.	CERT PRE02-C
M	array-decl.h: 9	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array-decl.h: 9	Macro replacement list needs parentheses.	CERT PRE02-C
M	ioloop.h: 50	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	ioloop.h: 50	Macro replacement list needs parentheses.	CERT PRE02-C

Code	File: Src Line	Violation	Standard
M	ioloop.h: 56	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	ioloop.h: 75	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	ioloop.h: 75	Macro replacement list needs parentheses.	CERT PRE02-C
M	ioloop.h: 61	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	ioloop.h: 61	Macro replacement list needs parentheses.	CERT PRE02-C
M	istream.h: 53	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	istream.h: 53	Macro replacement list needs parentheses.	CERT PRE02-C
M	ostream.h: 61	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	ostream.h: 61	Macro replacement list needs parentheses.	CERT PRE02-C
M	llist.h: 5	Macro replacement list needs parentheses.	CERT PRE02-C
M	llist.h: 12	Macro replacement list needs parentheses.	CERT PRE02-C
M	llist.h: 25	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	llist.h: 25	Macro replacement list needs parentheses.	CERT PRE02-C
M	llist.h: 32	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	llist.h: 32	Macro replacement list needs parentheses.	CERT PRE02-C
M	llist.h: 39	Macro replacement list needs parentheses.	CERT PRE02-C
M	ssl-proxy.h: 9	Declaration types do not match across a system. : ssl_initialized	CERT ARR31-C
M	dns-lookup.h: 27	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	dns-lookup.h: 27	Macro replacement list needs parentheses.	CERT PRE02-C
M	login-proxy.c: 50	Global not initialised at declaration. : proxy_state	CERT EXP33-C
M	settings-parser.h: 46	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	settings-parser.h: 46	Macro replacement list needs parentheses.	CERT PRE02-C
M	settings-parser.h: 50	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	settings-parser.h: 50	Macro replacement list needs parentheses.	CERT PRE02-C
M	settings-parser.h: 54	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	settings-parser.h: 54	Macro replacement list needs parentheses.	CERT PRE02-C
M	settings-parser.h: 58	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	settings-parser.h: 58	Macro replacement list needs parentheses.	CERT PRE02-C
M	settings-parser.h: 62	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	settings-parser.h: 62	Macro replacement list needs parentheses.	CERT PRE02-C
M	login-settings.c: 18	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	login-settings.c: 18	Macro replacement list needs parentheses.	CERT PRE02-C
M	login-settings.c: 99	Global not initialised at declaration. : set_cache	CERT EXP33-C
M	main.c: 34	Global not initialised at declaration. : auth_client	CERT EXP33-C
M	main.c: 35	Global not initialised at declaration. : master_auth	CERT EXP33-C
M	main.c: 36	Global not initialised at declaration. : closing_down	CERT EXP33-C
M	main.c: 37	Global not initialised at declaration. : anvil	CERT EXP33-C
M	main.c: 39	Global not initialised at declaration. : global_login_settings	CERT EXP33-C
M	main.c: 40	Global not initialised at declaration. : global_other_settings	CERT EXP33-C
M	main.c: 42	Global not initialised at declaration. : auth_client_to	CERT EXP33-C
M	login-common.h: 31	Procedure contains UR data flow anomalies. : anvil	CERT EXP33-C
	372 (main.c)
M	main.c: 42	Procedure contains UR data flow anomalies. : auth_client_to	CERT EXP33-C
	372
M	ioloop.h: 41	Procedure contains UR data flow anomalies. : current_ioloop	CERT EXP33-C
	368 (main.c)
M	login-common.h: 27	Procedure contains UR data flow anomalies. : login_binary.protocol	CERT EXP33-C
	27
C	pop3-client.c: 190	Procedure not called in code analysed : client_create
M	mail-error.h: 19	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C

Code	File: Src Line	Violation	Standard
M	mail-error.h: 19	Macro replacement list needs parentheses.	CERT PRE02-C
M	mail-storage.h: 414	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	mail-search.h: 115	Macro replacement list needs parentheses.	CERT PRE02-C
M	mail-search.h: 156	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	pop3-common.h: 16	Global not initialised at declaration. : hook_client_created	CERT EXP33-C
M	pop3-client.c: 39	Global not initialised at declaration. : pop3_clients	CERT EXP33-C
M	pop3-client.c: 40	Global not initialised at declaration. : pop3_client_count	CERT EXP33-C
M	pop3-client.h: 66	Procedure contains UR data flow anomalies. : pop3_clients.anvil_sent	CERT EXP33-C
M	main.c: 28	Global not initialised at declaration. : storage_service	CERT EXP33-C
M	main.c: 259	Memory not freed after last reference. : pop3_clients	CERT MEM00-C
M	ioloop.h: 38	Procedure contains UR data flow anomalies. : ioloop_time	CERT EXP33-C
	18 (pop3-common.h)
M	pop3-client.h: 67	Procedure contains UR data flow anomalies. : pop3_client_count	CERT EXP33-C
	67
M	pop3-login-settings.c: 21	Sizeof argument is a pointer.	CERT EXP01-C
M	pop3-login-settings.c: 71	Declaration types do not match across a system. : pop3_login_setting_roots	CERT ARR31-C
	4 (pop3-login-settings.h)
M	pop3-settings.c: 24	Sizeof argument is a pointer.	CERT EXP01-C
M	pop3-settings.c: 57	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	pop3-settings.c: 57	Macro replacement list needs parentheses.	CERT PRE02-C
M	pop3-settings.c: 59	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	pop3-settings.c: 59	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 35	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 35	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 37	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 37	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 39	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 39	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 53	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 58	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 58	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 62	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 62	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 90	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 90	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 102	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 102	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 110	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 118	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 126	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 134	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 143	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 143	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 153	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 164	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 164	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 174	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 174	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 183	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 183	Macro replacement list needs parentheses.	CERT PRE02-C

Code	File: Src Line	Violation	Standard
M	array.h: 192	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 192	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 201	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 201	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 206	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 206	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 211	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 211	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 216	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 216	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 228	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 232	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 232	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 252	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 257	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 261	Macro replacement list needs parentheses.	CERT PRE02-C
M	array.h: 266	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 279	Macro parameter not in brackets.	CERT PRE01-C,PRE02-C
M	array.h: 279	Macro replacement list needs parentheses.	CERT PRE02-C
M	ssl-proxy.c: 6	Declaration types do not match across a system. : ssl_initialized	CERT ARR31-C

[	Top of Report	\|	Procedure Table	\|	Contents	]

access_lookup_input (26 to 50 access-lookup.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	49	Pointer not checked for null before use : lookup	CERT EXP08-C,EXP34-C
	48
M	49	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	48

[	Top of Report	\|	Procedure Table	\|	Contents	]

access_lookup_timeout (52 to 61 access-lookup.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	60	Pointer not checked for null before use : lookup	CERT EXP08-C,EXP34-C
	59
M	60	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	59

[	Top of Report	\|	Procedure Table	\|	Contents	]

access_lookup (63 to 99 access-lookup.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	98	Local structure returned in function result : lookup
M	79	Pointer not checked for null before use : cmd	CERT EXP08-C,EXP34-C
	78
M	90	Pointer not checked for null before use : lookup	CERT EXP08-C,EXP34-C
	89

[	Top of Report	\|	Procedure Table	\|	Contents	]

access_lookup_destroy (101 to 119 access-lookup.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	118	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	117
M	118	Pointer not checked for null before use : (lookup)->path	CERT EXP08-C,EXP34-C
	117

[	Top of Report	\|	Procedure Table	\|	Contents	]

cmd_capa (24 to 50 client-authenticate.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	31	Pointer not checked for null before use : str	CERT EXP08-C,EXP34-C
	30
M	32	Pointer not checked for null before use : capability_string	CERT EXP08-C,EXP34-C
	22
M	44	Pointer not checked for null before use : mech	CERT EXP08-C,EXP34-C
	41

[	Top of Report	\|	Procedure Table	\|	Contents	]

cmd_auth (74 to 106 client-authenticate.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	104	Pointer not checked for null before use : args	CERT EXP08-C,EXP34-C
	101
M	87	Pointer not checked for null before use : mech	CERT EXP08-C,EXP34-C
	85
M	104	Pointer not checked for null before use : mech_name	CERT EXP08-C,EXP34-C
	100
M	98	Procedure contains UR data flow anomalies. : args	CERT EXP33-C

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
client-authenticate.c	98	client-authenticate.c	104	args

[	Top of Report	\|	Procedure Table	\|	Contents	]

cmd_pass (120 to 151 client-authenticate.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	138	Pointer not checked for null before use : plain_login	CERT EXP08-C,EXP34-C
	137
M	147	Pointer not checked for null before use : base64	CERT EXP08-C,EXP34-C
	145

[	Top of Report	\|	Procedure Table	\|	Contents	]

cmd_apop (153 to 212 client-authenticate.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	180	Pointer not checked for null before use : apop_data	CERT EXP08-C,EXP34-C
	179
M	197	Pointer not checked for null before use : base64	CERT EXP08-C,EXP34-C
	195
M	158	Procedure contains UR data flow anomalies. : connect_uid	CERT EXP33-C
	199
M	158	Procedure contains UR data flow anomalies. : server_pid	CERT EXP33-C
	199

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
client-authenticate.c	158	client-authenticate.c	199	connect_uid
client-authenticate.c	158	client-authenticate.c	199	server_pid

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_auth_failed (23 to 35 client-common-auth.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	25	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	Ref. Line -1104 (Module 764)

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_auth_parse_args (53 to 115 client-common-auth.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	110	Pointer not checked for null before use : reply_r	CERT EXP08-C,EXP34-C
	59
M	70	Pointer not checked for null before use : key	CERT EXP08-C,EXP34-C
	67
M	79	Pointer not checked for null before use : value	CERT EXP08-C,EXP34-C
	68

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_proxy_finish_destroy_client (126 to 144 client-common-auth.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	130	Pointer not checked for null before use : str	CERT EXP08-C,EXP34-C
	128

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_proxy_log_failure (146 to 164 client-common-auth.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	150	Pointer not checked for null before use : str	CERT EXP08-C,EXP34-C
	148

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_proxy_failed (166 to 180 client-common-auth.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	174	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	173
M	175	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	174
M	176	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	175
M	176	Attempt to read from freed memory. : default_pool	CERT MEM30-C
M	179	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	176
M	179	Attempt to read from freed memory. : default_pool	CERT MEM30-C

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_auth_handle_reply (285 to 302 client-common-auth.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	298	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	297

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_auth_read_line (304 to 333 client-common-auth.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	306	Procedure contains UR data flow anomalies. : data	CERT EXP33-C
	310
M	307	Procedure contains UR data flow anomalies. : size	CERT EXP33-C
	310

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
client-common-auth.c	306	client-common-auth.c	310	data
client-common-auth.c	307	client-common-auth.c	310	size

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_auth_parse_response (335 to 347 client-common-auth.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	342	Pointer not checked for null before use : client	CERT EXP08-C,EXP34-C
	339
M	343	Pointer not checked for null before use : client.set	CERT EXP08-C,EXP34-C
	339
M	343	Pointer not checked for null before use : client.virtual_user	CERT EXP08-C,EXP34-C
	339
M	343	Pointer not checked for null before use : client.local_ip	CERT EXP08-C,EXP34-C
	339
M	343	Pointer not checked for null before use : client.ip	CERT EXP08-C,EXP34-C
	339
M	343	Pointer not checked for null before use : client.auth_mech_name	CERT EXP08-C,EXP34-C
	339
M	343	Pointer not checked for null before use : client.local_port	CERT EXP08-C,EXP34-C
	339
M	343	Pointer not checked for null before use : client.remote_port	CERT EXP08-C,EXP34-C
	339
M	343	Pointer not checked for null before use : client.tls	CERT EXP08-C,EXP34-C
	339
M	343	Pointer not checked for null before use : client.secured	CERT EXP08-C,EXP34-C
	339
M	343	Pointer not checked for null before use : client.mail_pid	CERT EXP08-C,EXP34-C
	339

[	Top of Report	\|	Procedure Table	\|	Contents	]

sasl_callback (377 to 458 client-common-auth.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	393	Pointer not checked for null before use : reply.password	CERT EXP08-C,EXP34-C
	392
M	393	Pointer not checked for null before use : reply.destuser	CERT EXP08-C,EXP34-C
	392
M	393	Pointer not checked for null before use : reply.host	CERT EXP08-C,EXP34-C
	392
M	393	Pointer not checked for null before use : reply.master_user	CERT EXP08-C,EXP34-C
	392
M	405	Pointer not checked for null before use : reply.password	CERT EXP08-C,EXP34-C
	403
M	405	Pointer not checked for null before use : reply.destuser	CERT EXP08-C,EXP34-C
	403
M	405	Pointer not checked for null before use : reply.host	CERT EXP08-C,EXP34-C
	403
M	405	Pointer not checked for null before use : reply.master_user	CERT EXP08-C,EXP34-C
	403
M	457	Pointer not checked for null before use : client	CERT EXP08-C,EXP34-C
	396
M	457	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	396
M	396	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	393
M	422	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	405
M	396	Pointer not checked for null before use : client.proxy_password	CERT EXP08-C,EXP34-C
	393
M	422	Pointer not checked for null before use : client.master_data_prefix	CERT EXP08-C,EXP34-C
	405
M	381	Procedure contains UR data flow anomalies. : reply.destuser	CERT EXP33-C
	403
M	381	Procedure contains UR data flow anomalies. : reply.host	CERT EXP33-C
	405
M	381	Procedure contains UR data flow anomalies. : reply.master_user	CERT EXP33-C
	405
M	381	Procedure contains UR data flow anomalies. : reply.password	CERT EXP33-C
	405
M	381	Procedure contains UR data flow anomalies. : reply.port	CERT EXP33-C
	403
M	381	Procedure contains UR data flow anomalies. : reply.proxy	CERT EXP33-C
	405
M	381	Procedure contains UR data flow anomalies. : reply.proxy_refresh_secs	CERT EXP33-C
	405
M	381	Procedure contains UR data flow anomalies. : reply.proxy_timeout_msecs	CERT EXP33-C
	405
M	381	Procedure contains UR data flow anomalies. : reply.ssl_flags	CERT EXP33-C
	403

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
client-common-auth.c	381	client-common-auth.c	403	reply.destuser
client-common-auth.c	381	client-common-auth.c	405	reply.host
client-common-auth.c	381	client-common-auth.c	405	reply.master_user
client-common-auth.c	381	client-common-auth.c	405	reply.password
client-common-auth.c	381	client-common-auth.c	403	reply.port
client-common-auth.c	381	client-common-auth.c	405	reply.proxy
client-common-auth.c	381	client-common-auth.c	405	reply.proxy_refresh_secs
client-common-auth.c	381	client-common-auth.c	405	reply.proxy_timeout_msecs
client-common-auth.c	381	client-common-auth.c	403	reply.ssl_flags

[	Top of Report	\|	Procedure Table	\|	Contents	]

clients_notify_auth_connected (515 to 529 client-common-auth.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	519	Pointer not checked for null before use : clients	CERT EXP08-C,EXP34-C
	Ref. Line -3250 (Module 764)

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_create (41 to 89 client-common.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	88	Local structure returned in function result : client
M	51	Pointer not checked for null before use : client	CERT EXP08-C,EXP34-C
	50
M	87	Pointer not checked for null before use : clients	CERT EXP08-C,EXP34-C
	72

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_destroy (91 to 161 client-common.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	152	Pointer not checked for null before use : clients	CERT EXP08-C,EXP34-C
	106
M	148	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	144
M	152	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	148
M	148	Attempt to read from freed memory. : default_pool	CERT MEM30-C
M	152	Attempt to read from freed memory. : default_pool	CERT MEM30-C

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_unref (182 to 213 client-common.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	202	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	201
M	202	Attempt to read from freed memory. : default_pool	CERT MEM30-C
M	203	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	202
M	203	Attempt to read from freed memory. : default_pool	CERT MEM30-C
M	204	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	203
M	204	Attempt to read from freed memory. : default_pool	CERT MEM30-C

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_destroy_oldest (215 to 235 client-common.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	234	Pointer not checked for null before use : client	CERT EXP08-C,EXP34-C
	232

[	Top of Report	\|	Procedure Table	\|	Contents	]

clients_destroy_all (237 to 245 client-common.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	241	Pointer not checked for null before use : clients	CERT EXP08-C,EXP34-C
	Ref. Line -3250 (Module 765)
M	241	Pointer not checked for null before use : next	CERT EXP08-C,EXP34-C
	242

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_start_tls (247 to 279 client-common.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	252	Pointer not checked for null before use : client	CERT EXP08-C,EXP34-C
	252
M	255	Pointer not checked for null before use : client	CERT EXP08-C,EXP34-C
	252
M	260	Pointer not checked for null before use : client.refcount	CERT EXP08-C,EXP34-C
	251
M	260	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	252

[	Top of Report	\|	Procedure Table	\|	Contents	]

get_var_expand_table (337 to 398 client-common.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	361	Pointer not checked for null before use : tab	CERT EXP08-C,EXP34-C
	360
M	391	Pointer not checked for null before use : ssl_error	CERT EXP08-C,EXP34-C
	388
M	364	Pointer not checked for null before use : tab	CERT EXP08-C,EXP34-C
	361
M	372	Pointer not checked for null before use : tab	CERT EXP08-C,EXP34-C
	361
M	391	Pointer not checked for null before use : ssl_state	CERT EXP08-C,EXP34-C
	385

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_get_log_str (415 to 456 client-common.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	432	Pointer not checked for null before use : tab	CERT EXP08-C,EXP34-C
	431
M	441	Pointer not checked for null before use : p	CERT EXP08-C,EXP34-C
	440
M	450	Pointer not checked for null before use : tab	CERT EXP08-C,EXP34-C
	432
M	436	Pointer not checked for null before use : p	CERT EXP08-C,EXP34-C
	436
M	435	Pointer not checked for null before use : e	CERT EXP08-C,EXP34-C
	435
M	450	Pointer not checked for null before use : str	CERT EXP08-C,EXP34-C
	434

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_is_trusted (472 to 493 client-common.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	482	Pointer not checked for null before use : net	CERT EXP08-C,EXP34-C
	481
M	476	Procedure contains UR data flow anomalies. : bits	CERT EXP33-C
	483

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
client-common.c	476	client-common.c	483	bits

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_command_execute (50 to 72 client.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	54	Pointer not checked for null before use : cmd	CERT EXP08-C,EXP34-C
	53

[	Top of Report	\|	Procedure Table	\|	Contents	]

pop3_client_input (74 to 112 client.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	97	Pointer not checked for null before use : args	CERT EXP08-C,EXP34-C
	96
M	84	Pointer not checked for null before use : client	CERT EXP08-C,EXP34-C
	81
M	111	Pointer not checked for null before use : client	CERT EXP08-C,EXP34-C
	110
M	89	Pointer not checked for null before use : client	CERT EXP08-C,EXP34-C
	102
M	96	Pointer not checked for null before use : last_client	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : last_client	CERT EXP08-C,EXP34-C
	96
M	102	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	96
M	96	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	81
M	110	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.set	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.(set)->ssl_require_client_cert	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.auth_attempts	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.auth_tried_disabled_plaintext	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.auth_tried_unsupported_mech	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.auth_try_aborted	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.(set)->log_format_elements_split	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.(set)->login_log_format	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.virtual_user	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.local_ip	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.ip	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.auth_mech_name	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.local_port	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.remote_port	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.tls	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.secured	CERT EXP08-C,EXP34-C
	81

Code	Line	Violation	Standard
M	102	Pointer not checked for null before use : client.mail_pid	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.(set)->verbose_auth	CERT EXP08-C,EXP34-C
	81
M	102	Pointer not checked for null before use : client.sasl_callback	CERT EXP08-C,EXP34-C
	81
M	77	Procedure contains UR data flow anomalies. : line	CERT EXP33-C
	92

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
client.c	77	client.c	92	line

[	Top of Report	\|	Procedure Table	\|	Contents	]

get_apop_challenge (135 to 154 client.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	149	Pointer not checked for null before use : my_hostname	CERT EXP08-C,EXP34-C
	Ref. Line -1684 (Module 848)
M	137	Procedure contains UR data flow anomalies. : buffer	CERT EXP33-C
	144
M	138	Procedure contains UR data flow anomalies. : buffer_base64	CERT EXP33-C
	145

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
client.c	137	client.c	144	buffer
client.c	138	client.c	145	buffer_base64

[	Top of Report	\|	Procedure Table	\|	Contents	]

pop3_client_send_line (178 to 215 client.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	207	Pointer not checked for null before use : line	CERT EXP08-C,EXP34-C
	205

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_proxy_state_init (39 to 51 login-proxy-state.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	50	Local structure returned in function result : state
M	44	Pointer not checked for null before use : state	CERT EXP08-C,EXP34-C
	43
M	45	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	Ref. Line -1104 (Module 766)

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_proxy_state_get (68 to 86 login-proxy-state.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	85	Local structure returned in function result : rec
M	81	Pointer not checked for null before use : rec	CERT EXP08-C,EXP34-C
	80

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_proxy_state_notify (102 to 129 login-proxy-state.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	117	Pointer not checked for null before use : cmd	CERT EXP08-C,EXP34-C
	116

[	Top of Report	\|	Procedure Table	\|	Contents	]

server_input (53 to 70 login-proxy.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	55	Procedure contains UR data flow anomalies. : buf	CERT EXP33-C
	67

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
login-proxy.c	55	login-proxy.c	67	buf

[	Top of Report	\|	Procedure Table	\|	Contents	]

proxy_client_input (72 to 89 login-proxy.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	74	Procedure contains UR data flow anomalies. : buf	CERT EXP33-C
	86

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
login-proxy.c	74	login-proxy.c	86	buf

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_proxy_connect (197 to 226 login-proxy.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	202	Pointer not checked for null before use : rec	CERT EXP08-C,EXP34-C
	201
M	201	Pointer not checked for null before use : proxy_state	CERT EXP08-C,EXP34-C
	50

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_proxy_new (248 to 290 login-proxy.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	263	Pointer not checked for null before use : proxy	CERT EXP08-C,EXP34-C
	262
M	287	Pointer not checked for null before use : proxy	CERT EXP08-C,EXP34-C
	283

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_proxy_free (292 to 353 login-proxy.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	326	Pointer not checked for null before use : ipstr	CERT EXP08-C,EXP34-C
	325
M	349	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	348
M	349	Attempt to read from freed memory. : default_pool	CERT MEM30-C
M	349	Pointer not checked for null before use : (proxy)->host	CERT EXP08-C,EXP34-C
	348
M	352	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	349
M	352	Attempt to read from freed memory. : default_pool	CERT MEM30-C
M	323	Procedure contains UR data flow anomalies. : proxy.next	CERT EXP33-C
M	323	Procedure contains UR data flow anomalies. : proxy.prev	CERT EXP33-C

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
login-proxy.c	323	login-proxy.c	349	proxy.next
login-proxy.c	323	login-proxy.c	349	proxy.prev

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_proxy_notify (397 to 400 login-proxy.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	399	Pointer not checked for null before use : proxy_state	CERT EXP08-C,EXP34-C
	50

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_proxy_detach (402 to 444 login-proxy.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	421	Pointer not checked for null before use : data	CERT EXP08-C,EXP34-C
	419
M	406	Procedure contains UR data flow anomalies. : size	CERT EXP33-C
	419

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
login-proxy.c	406	login-proxy.c	419	size

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_proxy_kill_idle (500 to 519 login-proxy.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	507	Pointer not checked for null before use : login_proxies	CERT EXP08-C,EXP34-C
	51
M	507	Pointer not checked for null before use : next	CERT EXP08-C,EXP34-C
	508
M	515	Pointer not checked for null before use : next	CERT EXP08-C,EXP34-C
	508
M	508	Pointer not checked for null before use : login_proxies	CERT EXP08-C,EXP34-C
	511

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_proxy_deinit (526 to 535 login-proxy.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	532	Pointer not checked for null before use : proxy	CERT EXP08-C,EXP34-C
	531
M	534	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	532

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_set_var_expand_table (157 to 177 login-settings.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	170	Pointer not checked for null before use : tab	CERT EXP08-C,EXP34-C
	169
M	172	Pointer not checked for null before use : tab	CERT EXP08-C,EXP34-C
	170
M	174	Pointer not checked for null before use : my_pid	CERT EXP08-C,EXP34-C
	Ref. Line -1687 (Module 768)

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_settings_read (179 to 232 login-settings.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	220	Pointer not checked for null before use : sets	CERT EXP08-C,EXP34-C
	219
M	194	Pointer not checked for null before use : login_set_roots	CERT EXP08-C,EXP34-C
	Ref. Line -1609 (Module 768)
M	195	Pointer not checked for null before use : login_binary.process_name	CERT EXP08-C,EXP34-C
	27 (login-common.h)
M	196	Pointer not checked for null before use : login_binary.protocol	CERT EXP08-C,EXP34-C
	27 (login-common.h)
M	205	Pointer not checked for null before use : input.service	CERT EXP08-C,EXP34-C
	196
M	205	Pointer not checked for null before use : input.module	CERT EXP08-C,EXP34-C
	195
M	227	Pointer not checked for null before use : sets	CERT EXP08-C,EXP34-C
	217
M	210	Pointer not checked for null before use : set_cache	CERT EXP08-C,EXP34-C
	205
M	187	Procedure contains UR data flow anomalies. : error	CERT EXP33-C
	210
M	188	Procedure contains UR data flow anomalies. : parser	CERT EXP33-C
	210

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
login-settings.c	187	login-settings.c	210	error
login-settings.c	188	login-settings.c	210	parser
login-settings.c	188	login-settings.c	214	parser

[	Top of Report	\|	Procedure Table	\|	Contents	]

auth_client_idle_timeout (69 to 73 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
C	69	Procedure not called in code analysed : auth_client_idle_timeout

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_die (84 to 93 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	91	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	87
C	84	Procedure not called in code analysed : login_die

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_connected_finish (95 to 141 main.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	113	Pointer not checked for null before use : pool	CERT EXP08-C,EXP34-C
	112
M	113	Pointer not checked for null before use : NULL	CERT EXP08-C,EXP34-C
M	131	Pointer not checked for null before use : client	CERT EXP08-C,EXP34-C
	129
M	136	Pointer not checked for null before use : client	CERT EXP08-C,EXP34-C
	117
M	117	Pointer not checked for null before use : set	CERT EXP08-C,EXP34-C
	113
M	129	Pointer not checked for null before use : set	CERT EXP08-C,EXP34-C
	113
M	117	Pointer not checked for null before use : other_sets	CERT EXP08-C,EXP34-C
	113
M	129	Pointer not checked for null before use : other_sets	CERT EXP08-C,EXP34-C
	113
M	100	Procedure contains UR data flow anomalies. : local_ip.family	CERT EXP33-C
	113
M	100	Procedure contains UR data flow anomalies. : local_ip.u.ip4	CERT EXP33-C
	113
M	100	Procedure contains UR data flow anomalies. : local_ip.u.ip6	CERT EXP33-C
	113
M	102	Procedure contains UR data flow anomalies. : local_port	CERT EXP33-C
	107
M	99	Procedure contains UR data flow anomalies. : proxy	CERT EXP33-C
	120

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
main.c	100	main.c	113	local_ip.family
main.c	100	main.c	113	local_ip.u.ip4
main.c	100	main.c	113	local_ip.u.ip6
main.c	102	main.c	107	local_port
main.c	99	main.c	120	proxy

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_access_lookup_free (143 to 157 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	155	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	148

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_access_callback (159 to 172 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
C	159	Procedure not called in code analysed : login_access_callback

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_input_error (192 to 207 main.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	194	Procedure contains UR data flow anomalies. : c	CERT EXP33-C
	197
C	192	Procedure not called in code analysed : client_input_error

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
main.c	194	main.c	197	c

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_connected (209 to 233 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	227	Pointer not checked for null before use : lookup	CERT EXP08-C,EXP34-C
	226
C	209	Procedure not called in code analysed : client_connected

[	Top of Report	\|	Procedure Table	\|	Contents	]

auth_connect_notify (235 to 242 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
C	235	Procedure not called in code analysed : auth_connect_notify

[	Top of Report	\|	Procedure Table	\|	Contents	]

anvil_reconnect_callback (244 to 248 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
C	244	Procedure not called in code analysed : anvil_reconnect_callback

[	Top of Report	\|	Procedure Table	\|	Contents	]

main_preinit (250 to 287 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	280	Pointer not checked for null before use : anvil	CERT EXP08-C,EXP34-C
	279

[	Top of Report	\|	Procedure Table	\|	Contents	]

main_deinit (312 to 326 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	317	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	315

[	Top of Report	\|	Procedure Table	\|	Contents	]

main (328 to 376 main.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	361	Pointer not checked for null before use : set_pool	CERT EXP08-C,EXP34-C
	360
M	361	Pointer not checked for null before use : NULL	CERT EXP08-C,EXP34-C
M	368	Pointer not checked for null before use : global_login_settings	CERT EXP08-C,EXP34-C
	361
M	369	Attempt to read from freed memory. : default_pool	CERT MEM30-C
M	361	Pointer not checked for null before use : login_setting_parser_info.module_name	CERT EXP08-C,EXP34-C
	Ref. Line 1 (main.c)
M	369	Pointer not checked for null before use : login_socket	CERT EXP08-C,EXP34-C
	356
M	361	Procedure contains UR data flow anomalies. : my_pid	CERT EXP33-C
	8 (ioloop.h)

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
login-common.h	31	main.c	372	anvil
main.c	42	main.c	372	auth_client_to
ioloop.h	41	main.c	368	current_ioloop
login-common.h	27	main.c	361	login_binary.protocol
[external declaration]		main.c	361	my_pid

[	Top of Report	\|	Procedure Table	\|	Contents	]

pop3_refresh_proctitle (33 to 60 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	48	Pointer not checked for null before use : client	CERT EXP08-C,EXP34-C
	47
M	41	Pointer not checked for null before use : title	CERT EXP08-C,EXP34-C
	36

[	Top of Report	\|	Procedure Table	\|	Contents	]

pop3_die (62 to 65 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
C	62	Procedure not called in code analysed : pop3_die

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_add_input (67 to 84 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	77	Pointer not checked for null before use : output	CERT EXP08-C,EXP34-C
	76

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_create_from_input (86 to 110 main.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	102	Pointer not checked for null before use : set	CERT EXP08-C,EXP34-C
	101
M	110	Memory not freed after last reference. : client	CERT MEM00-C
M	92	Procedure contains UR data flow anomalies. : mail_user	CERT EXP33-C
	96
M	91	Procedure contains UR data flow anomalies. : user	CERT EXP33-C
	96

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
main.c	92	main.c	96	mail_user
main.c	91	main.c	96	user

[	Top of Report	\|	Procedure Table	\|	Contents	]

main_stdio_run (112 to 137 main.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	131	Pointer not checked for null before use : input_base64	CERT EXP08-C,EXP34-C
	130
M	134	Pointer not checked for null before use : input.userdb_fields	CERT EXP08-C,EXP34-C
	118
M	134	Pointer not checked for null before use : input.module	CERT EXP08-C,EXP34-C
	119
M	116	Procedure contains UR data flow anomalies. : error	CERT EXP33-C
	134

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
main.c	116	main.c	134	error

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_client_connected (139 to 162 main.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	156	Pointer not checked for null before use : input.userdb_fields	CERT EXP08-C,EXP34-C
	152
M	156	Pointer not checked for null before use : input.username	CERT EXP08-C,EXP34-C
	151
M	156	Pointer not checked for null before use : input.module	CERT EXP08-C,EXP34-C
	148
M	144	Procedure contains UR data flow anomalies. : error	CERT EXP33-C
	156
M	145	Procedure contains UR data flow anomalies. : input_buf.data	CERT EXP33-C
	154
M	145	Procedure contains UR data flow anomalies. : input_buf.priv	CERT EXP33-C
	154
M	145	Procedure contains UR data flow anomalies. : input_buf.used	CERT EXP33-C
	154
C	139	Procedure not called in code analysed : login_client_connected

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
main.c	144	main.c	156	error
main.c	145	main.c	154	input_buf.data
main.c	145	main.c	154	input_buf.priv
main.c	145	main.c	154	input_buf.used

[	Top of Report	\|	Procedure Table	\|	Contents	]

login_client_failed (164 to 173 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	170	Pointer not checked for null before use : msg	CERT EXP08-C,EXP34-C
	169
C	164	Procedure not called in code analysed : login_client_failed

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_connected (175 to 183 main.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
C	175	Procedure not called in code analysed : client_connected

[	Top of Report	\|	Procedure Table	\|	Contents	]

main (185 to 259 main.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	252	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	240
M	240	Attempt to read from freed memory. : default_pool	CERT MEM30-C
M	252	Pointer not checked for null before use : last_client	CERT EXP08-C,EXP34-C
	240
M	240	Pointer not checked for null before use : storage_service	CERT EXP08-C,EXP34-C
	230
M	256	Pointer not checked for null before use : storage_service	CERT EXP08-C,EXP34-C
	230
M	243	Pointer not checked for null before use : postlogin_socket_path	CERT EXP08-C,EXP34-C
	225
M	240	Pointer not checked for null before use : username	CERT EXP08-C,EXP34-C
	219
M	240	Procedure contains UR data flow anomalies. : (default_pool)->v	CERT EXP33-C
M	252	Procedure contains UR data flow anomalies. : (default_pool)->v	CERT EXP33-C
M	240	Procedure contains UR data flow anomalies. : global_login_settings	CERT EXP33-C
	33 (login-common.h)
M	252	Procedure contains UR data flow anomalies. : global_login_settings	CERT EXP33-C
	33 (login-common.h)
M	240	Procedure contains UR data flow anomalies. : my_pid	CERT EXP33-C
	85 (pop3-client.h)
M	252	Procedure contains UR data flow anomalies. : my_pid	CERT EXP33-C
	85 (pop3-client.h)

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
[external declaration]		main.c	240	(default_pool)->v
[external declaration]		main.c	252	(default_pool)->v
ioloop.h	41	main.c	236	current_ioloop
[external declaration]		main.c	240	global_login_settings
[external declaration]		main.c	252	global_login_settings
ioloop.h	38	main.c	240	ioloop_time
[external declaration]		main.c	240	my_pid
[external declaration]		main.c	252	my_pid
pop3-client.h	67	main.c	240	pop3_client_count

[	Top of Report	\|	Procedure Table	\|	Contents	]

init_mailbox (67 to 160 pop3-client.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	83	Pointer not checked for null before use : search_args	CERT EXP08-C,EXP34-C
	82
M	96	Pointer not checked for null before use : t	CERT EXP08-C,EXP34-C
	95
M	156	Pointer not checked for null before use : storage	CERT EXP08-C,EXP34-C
	155
M	80	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	Ref. Line -1104 (Module 852)
M	100	Pointer not checked for null before use : message_sizes_buf	CERT EXP08-C,EXP34-C
	80
M	153	Procedure contains UR data flow anomalies. : error	CERT EXP33-C
	156
M	76	Procedure contains UR data flow anomalies. : size	CERT EXP33-C
	105
M	72	Procedure contains UR data flow anomalies. : status.cache_fields	CERT EXP33-C
	92
M	72	Procedure contains UR data flow anomalies. : status.first_unseen_seq	CERT EXP33-C
	92
M	72	Procedure contains UR data flow anomalies. : status.highest_modseq	CERT EXP33-C
	92
M	72	Procedure contains UR data flow anomalies. : status.keywords	CERT EXP33-C
	92
M	72	Procedure contains UR data flow anomalies. : status.messages	CERT EXP33-C
	92
M	72	Procedure contains UR data flow anomalies. : status.nonpermanent_modseqs	CERT EXP33-C
	92
M	72	Procedure contains UR data flow anomalies. : status.recent	CERT EXP33-C
	92
M	72	Procedure contains UR data flow anomalies. : status.uidnext	CERT EXP33-C
	92
M	72	Procedure contains UR data flow anomalies. : status.uidvalidity	CERT EXP33-C
	92
M	72	Procedure contains UR data flow anomalies. : status.unseen	CERT EXP33-C
	92
M	72	Procedure contains UR data flow anomalies. : status.virtual_size	CERT EXP33-C
	92

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
pop3-client.c	153	pop3-client.c	156	error
pop3-client.c	76	pop3-client.c	105	size
pop3-client.c	72	pop3-client.c	92	status.cache_fields
pop3-client.c	72	pop3-client.c	92	status.first_unseen_seq
pop3-client.c	72	pop3-client.c	92	status.highest_modseq
pop3-client.c	72	pop3-client.c	92	status.keywords
pop3-client.c	72	pop3-client.c	92	status.messages
pop3-client.c	72	pop3-client.c	92	status.nonpermanent_modseqs
pop3-client.c	72	pop3-client.c	92	status.recent
pop3-client.c	72	pop3-client.c	92	status.uidnext
pop3-client.c	72	pop3-client.c	92	status.uidvalidity
pop3-client.c	72	pop3-client.c	92	status.unseen
pop3-client.c	72	pop3-client.c	92	status.virtual_size

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_create (190 to 286 pop3-client.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	285	Local structure returned in function result : client
M	209	Pointer not checked for null before use : client	CERT EXP08-C,EXP34-C
	208
M	248	Pointer not checked for null before use : errmsg	CERT EXP08-C,EXP34-C
	245
M	208	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	Ref. Line -1104 (Module 852)
M	246	Pointer not checked for null before use : storage	CERT EXP08-C,EXP34-C
	243
M	253	Pointer not checked for null before use : storage	CERT EXP08-C,EXP34-C
	243
M	256	Pointer not checked for null before use : errmsg	CERT EXP08-C,EXP34-C
	255
M	284	Pointer not checked for null before use : pop3_clients	CERT EXP08-C,EXP34-C
	280
M	257	Pointer not checked for null before use : client.trans	CERT EXP08-C,EXP34-C
	255
M	257	Pointer not checked for null before use : client.message_sizes	CERT EXP08-C,EXP34-C
	255
M	257	Pointer not checked for null before use : client.total_size	CERT EXP08-C,EXP34-C
	255
M	199	Procedure contains UR data flow anomalies. : errmsg	CERT EXP33-C
	256
M	200	Procedure contains UR data flow anomalies. : error	CERT EXP33-C
	246
C	190	Procedure not called in code analysed : client_create

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
pop3-client.c	199	pop3-client.c	256	errmsg
pop3-client.c	200	pop3-client.c	246	error

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_stats (331 to 366 pop3-client.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	350	Pointer not checked for null before use : tab	CERT EXP08-C,EXP34-C
	349
M	352	Pointer not checked for null before use : tab	CERT EXP08-C,EXP34-C
	350
M	364	Pointer not checked for null before use : str	CERT EXP08-C,EXP34-C
	363

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_destroy (377 to 436 pop3-client.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	415	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	414
M	415	Attempt to read from freed memory. : default_pool	CERT MEM30-C
M	416	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	415
M	416	Attempt to read from freed memory. : default_pool	CERT MEM30-C
M	417	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	416
M	417	Attempt to read from freed memory. : default_pool	CERT MEM30-C
M	385	Pointer not checked for null before use : reason	CERT EXP08-C,EXP34-C
	384
M	432	Pointer not checked for null before use : (client)->deleted_bitmask	CERT EXP08-C,EXP34-C
	416
M	435	Pointer not checked for null before use : pop3_clients	CERT EXP08-C,EXP34-C
	396
M	432	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	417
M	432	Attempt to read from freed memory. : default_pool	CERT MEM30-C
M	432	Pointer not checked for null before use : (client)->message_sizes	CERT EXP08-C,EXP34-C
	414
M	432	Pointer not checked for null before use : (client)->seen_bitmask	CERT EXP08-C,EXP34-C
	417

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_send_line (452 to 496 pop3-client.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	466	Pointer not checked for null before use : str	CERT EXP08-C,EXP34-C
	465

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_send_storage_error (498 to 513 pop3-client.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	512	Pointer not checked for null before use : storage	CERT EXP08-C,EXP34-C
	510
M	501	Procedure contains UR data flow anomalies. : error	CERT EXP33-C
	512

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
pop3-client.c	501	pop3-client.c	512	error

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_handle_input (515 to 551 pop3-client.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	547	Pointer not checked for null before use : NULL	CERT EXP08-C,EXP34-C
M	517	Procedure contains UR data flow anomalies. : line	CERT EXP33-C
	523

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
pop3-client.c	517	pop3-client.c	523	line

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_input (553 to 582 pop3-client.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	572	Pointer not checked for null before use : NULL	CERT EXP08-C,EXP34-C

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_output (584 to 614 pop3-client.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	587	Pointer not checked for null before use : NULL	CERT EXP08-C,EXP34-C

[	Top of Report	\|	Procedure Table	\|	Contents	]

clients_destroy_all (616 to 625 pop3-client.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	623	Pointer not checked for null before use : pop3_clients.output	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.io	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.input	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.next	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.trans	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.mailbox	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.user	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.message_sizes	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.message_uidl_hashes	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.deleted_bitmask	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.seen_bitmask	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.to_idle	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.fd_in	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.service_user	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.(input)->stream_errno	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.top_bytes	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.top_count	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.retr_bytes	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.retr_count	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.expunged_count	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.messages_count	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.total_size	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.(input)->v_offset	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.(output)->offset	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.set	CERT EXP08-C,EXP34-C
	623

Code	Line	Violation	Standard
M	623	Pointer not checked for null before use : pop3_clients.(set)->pop3_logout_format	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.message_uidl_hashes_save	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.lowest_retr	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.deleted	CERT EXP08-C,EXP34-C
	623
M	623	Pointer not checked for null before use : pop3_clients.deleted_count	CERT EXP08-C,EXP34-C
	623
M	623	Attempt to read from freed memory. : pop3_clients	CERT MEM30-C

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
pop3-client.h	66	pop3-client.c	623	pop3_clients.anvil_sent
pop3-client.h	66	pop3-client.c	623	pop3_clients.deleted_bitmask
pop3-client.h	66	pop3-client.c	623	pop3_clients.disconnected
pop3-client.h	66	pop3-client.c	623	pop3_clients.fd_in
pop3-client.h	66	pop3-client.c	623	pop3_clients.fd_out
pop3-client.h	66	pop3-client.c	623	pop3_clients.input
pop3-client.h	66	pop3-client.c	623	pop3_clients.io
pop3-client.h	66	pop3-client.c	623	pop3_clients.mailbox
pop3-client.h	66	pop3-client.c	623	pop3_clients.message_sizes
pop3-client.h	66	pop3-client.c	623	pop3_clients.message_uidl_hashes
pop3-client.h	66	pop3-client.c	623	pop3_clients.next
pop3-client.h	66	pop3-client.c	623	pop3_clients.output
pop3-client.h	66	pop3-client.c	623	pop3_clients.prev
pop3-client.h	66	pop3-client.c	623	pop3_clients.seen_bitmask
pop3-client.h	66	pop3-client.c	623	pop3_clients.seen_change_count
pop3-client.h	66	pop3-client.c	623	pop3_clients.service_user
pop3-client.h	66	pop3-client.c	623	pop3_clients.to_commit
pop3-client.h	66	pop3-client.c	623	pop3_clients.to_idle
pop3-client.h	66	pop3-client.c	623	pop3_clients.trans
pop3-client.h	66	pop3-client.c	623	pop3_clients.user

[	Top of Report	\|	Procedure Table	\|	Contents	]

array_create_i (93 to 101 array.h analysed in pop3-commands.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	100	Pointer not checked for null before use : buffer	CERT EXP08-C,EXP34-C
	99

[	Top of Report	\|	Procedure Table	\|	Contents	]

cmd_dele (96 to 113 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	98	Procedure contains UR data flow anomalies. : msgnum	CERT EXP33-C
	108

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
pop3-commands.c	98	pop3-commands.c	108	msgnum

[	Top of Report	\|	Procedure Table	\|	Contents	]

cmd_list_callback (119 to 146 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	146	Memory not freed after last reference. : ctx	CERT MEM00-C

[	Top of Report	\|	Procedure Table	\|	Contents	]

cmd_list (148 to 171 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	158	Pointer not checked for null before use : ctx	CERT EXP08-C,EXP34-C
	153
M	161	Procedure contains UR data flow anomalies. : msgnum	CERT EXP33-C
	166

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
pop3-commands.c	161	pop3-commands.c	166	msgnum

[	Top of Report	\|	Procedure Table	\|	Contents	]

pop3_search_build (185 to 198 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	192	Pointer not checked for null before use : search_args	CERT EXP08-C,EXP34-C
	190
M	195	Pointer not checked for null before use : search_args	CERT EXP08-C,EXP34-C
	190

[	Top of Report	\|	Procedure Table	\|	Contents	]

client_update_mails (200 to 233 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	213	Pointer not checked for null before use : search_args	CERT EXP08-C,EXP34-C
	212

[	Top of Report	\|	Procedure Table	\|	Contents	]

cmd_quit (235 to 260 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	239	Pointer not checked for null before use : client.expunged_count	CERT EXP08-C,EXP34-C
	238
M	248	Pointer not checked for null before use : client.expunged_count	CERT EXP08-C,EXP34-C
	238

[	Top of Report	\|	Procedure Table	\|	Contents	]

fetch_deinit (272 to 277 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	276	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	Ref. Line -1104 (Module 853)

[	Top of Report	\|	Procedure Table	\|	Contents	]

fetch_callback (279 to 375 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	282	Procedure contains UR data flow anomalies. : data	CERT EXP33-C
	288
M	284	Procedure contains UR data flow anomalies. : size	CERT EXP33-C
	288

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
pop3-commands.c	282	pop3-commands.c	288	data
pop3-commands.c	284	pop3-commands.c	288	size

[	Top of Report	\|	Procedure Table	\|	Contents	]

fetch (390 to 433 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	399	Pointer not checked for null before use : ctx	CERT EXP08-C,EXP34-C
	398
M	399	Pointer not checked for null before use : search_args	CERT EXP08-C,EXP34-C
	396
M	398	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	Ref. Line -1104 (Module 853)

[	Top of Report	\|	Procedure Table	\|	Contents	]

cmd_retr (435 to 452 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	437	Procedure contains UR data flow anomalies. : msgnum	CERT EXP33-C
	442

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
pop3-commands.c	437	pop3-commands.c	442	msgnum
pop3-commands.c	437	pop3-commands.c	443	msgnum

[	Top of Report	\|	Procedure Table	\|	Contents	]

cmd_rset (454 to 492 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	476	Pointer not checked for null before use : search_args	CERT EXP08-C,EXP34-C
	475
M	481	Pointer not checked for null before use : search_ctx	CERT EXP08-C,EXP34-C
	476
M	481	Pointer not checked for null before use : mail	CERT EXP08-C,EXP34-C
	480

[	Top of Report	\|	Procedure Table	\|	Contents	]

cmd_top (502 to 518 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	505	Procedure contains UR data flow anomalies. : max_lines	CERT EXP33-C
	517
M	504	Procedure contains UR data flow anomalies. : msgnum	CERT EXP33-C
	517

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
pop3-commands.c	505	pop3-commands.c	517	max_lines
pop3-commands.c	504	pop3-commands.c	517	msgnum

[	Top of Report	\|	Procedure Table	\|	Contents	]

pop3_get_uid (526 to 576 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	529	Procedure contains UR data flow anomalies. : uid_str	CERT EXP33-C
	545
M	530	Procedure contains UR data flow anomalies. : uidl	CERT EXP33-C
	532

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
pop3-commands.c	529	pop3-commands.c	545	uid_str
pop3-commands.c	530	pop3-commands.c	532	uidl

[	Top of Report	\|	Procedure Table	\|	Contents	]

list_uids_iter (578 to 650 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	595	Pointer not checked for null before use : tab	CERT EXP08-C,EXP34-C
	594
M	596	Pointer not checked for null before use : tab	CERT EXP08-C,EXP34-C
	595
M	615	Pointer not checked for null before use : str	CERT EXP08-C,EXP34-C
	604

[	Top of Report	\|	Procedure Table	\|	Contents	]

cmd_uidl_init (659 to 684 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	683	Local structure returned in function result : ctx
M	669	Pointer not checked for null before use : ctx	CERT EXP08-C,EXP34-C
	668
M	668	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	Ref. Line -1104 (Module 853)
M	675	Pointer not checked for null before use : search_args	CERT EXP08-C,EXP34-C
	666

[	Top of Report	\|	Procedure Table	\|	Contents	]

cmd_uidl (686 to 706 pop3-commands.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	693	Pointer not checked for null before use : ctx	CERT EXP08-C,EXP34-C
	692
M	695	Procedure contains UR data flow anomalies. : msgnum	CERT EXP33-C
	700

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
pop3-commands.c	695	pop3-commands.c	700	msgnum

[	Top of Report	\|	Procedure Table	\|	Contents	]

get_plain_auth (23 to 34 pop3-proxy.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	28	Pointer not checked for null before use : str	CERT EXP08-C,EXP34-C
	27

[	Top of Report	\|	Procedure Table	\|	Contents	]

proxy_send_login (36 to 52 pop3-proxy.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	43	Pointer not checked for null before use : str	CERT EXP08-C,EXP34-C
	40
M	48	Pointer not checked for null before use : str	CERT EXP08-C,EXP34-C
	40

[	Top of Report	\|	Procedure Table	\|	Contents	]

pop3_proxy_parse_line (54 to 161 pop3-proxy.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	97	Pointer not checked for null before use : output	CERT EXP08-C,EXP34-C
	96
M	126	Pointer not checked for null before use : line	CERT EXP08-C,EXP34-C
	125
M	157	Pointer not checked for null before use : line	CERT EXP08-C,EXP34-C
	156
M	128	Pointer not checked for null before use : output	CERT EXP08-C,EXP34-C
	63
M	77	Pointer not checked for null before use : output	CERT EXP08-C,EXP34-C
	63
M	116	Pointer not checked for null before use : output	CERT EXP08-C,EXP34-C
	63
M	106	Pointer not checked for null before use : str	CERT EXP08-C,EXP34-C
	100
M	113	Pointer not checked for null before use : str	CERT EXP08-C,EXP34-C
	100

[	Top of Report	\|	Procedure Table	\|	Contents	]

pop3_settings_parse_workarounds (121 to 146 pop3-settings.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	132	Pointer not checked for null before use : list	CERT EXP08-C,EXP34-C
	131
M	130	Pointer not checked for null before use : str	CERT EXP08-C,EXP34-C
	129

[	Top of Report	\|	Procedure Table	\|	Contents	]

sasl_server_get_advertised_mechs (32 to 58 sasl-server.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	37	Procedure contains UR data flow anomalies. : count	CERT EXP33-C
	39

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
sasl-server.c	37	sasl-server.c	39	count

[	Top of Report	\|	Procedure Table	\|	Contents	]

master_auth_callback (88 to 109 sasl-server.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	108	Pointer not checked for null before use : NULL	CERT EXP08-C,EXP34-C

[	Top of Report	\|	Procedure Table	\|	Contents	]

master_send_request (111 to 140 sasl-server.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	131	Pointer not checked for null before use : buf	CERT EXP08-C,EXP34-C
	130
M	135	Pointer not checked for null before use : data	CERT EXP08-C,EXP34-C
	134
M	116	Procedure contains UR data flow anomalies. : size	CERT EXP33-C
	134

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
sasl-server.c	116	sasl-server.c	134	size

[	Top of Report	\|	Procedure Table	\|	Contents	]

anvil_lookup_callback (142 to 161 sasl-server.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	157	Pointer not checked for null before use : errmsg	CERT EXP08-C,EXP34-C
	155
M	157	Pointer not checked for null before use : NULL	CERT EXP08-C,EXP34-C

[	Top of Report	\|	Procedure Table	\|	Contents	]

anvil_check_too_many_connections (163 to 191 sasl-server.c) - FAIL

Standards Violation Summary

Code	Violation	Standard
M	Procedure contains UR data flow anomalies.	CERT EXP33-C

Code	Line	Violation	Standard
M	176	Sizeof argument is a pointer.	CERT EXP01-C
M	172	Pointer not checked for null before use : req	CERT EXP08-C,EXP34-C
	171
M	178	Pointer not checked for null before use : cookie	CERT EXP08-C,EXP34-C
	177
M	183	Pointer not checked for null before use : NULL	CERT EXP08-C,EXP34-C
M	190	Pointer not checked for null before use : query	CERT EXP08-C,EXP34-C
	187
M	171	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	Ref. Line -1104 (Module 770)
M	169	Procedure contains UR data flow anomalies. : buf.data	CERT EXP33-C
	179
M	169	Procedure contains UR data flow anomalies. : buf.priv	CERT EXP33-C
	176
M	169	Procedure contains UR data flow anomalies. : buf.used	CERT EXP33-C
	179

Possible UR Anomalies

The following variables may be referenced before being given a value

File	Undefine	File	Reference	Variable
sasl-server.c	169	sasl-server.c	179	buf.data
sasl-server.c	169	sasl-server.c	176	buf.priv
sasl-server.c	169	sasl-server.c	179	buf.used

[	Top of Report	\|	Procedure Table	\|	Contents	]

authenticate_callback (193 to 258 sasl-server.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	233	Pointer not checked for null before use : NULL	CERT EXP08-C,EXP34-C
M	254	Pointer not checked for null before use : NULL	CERT EXP08-C,EXP34-C
M	236	Pointer not checked for null before use : default_pool	CERT EXP08-C,EXP34-C
	221
M	246	Attempt to read from freed memory. : default_pool	CERT MEM30-C
M	236	Attempt to read from freed memory. : default_pool	CERT MEM30-C

[	Top of Report	\|	Procedure Table	\|	Contents	]

sasl_server_auth_begin (260 to 307 sasl-server.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	304	Pointer not checked for null before use : info.initial_resp_base64	CERT EXP08-C,EXP34-C
	302
M	304	Pointer not checked for null before use : info.cert_username	CERT EXP08-C,EXP34-C
	295
M	304	Pointer not checked for null before use : info.service	CERT EXP08-C,EXP34-C
	294
M	304	Pointer not checked for null before use : info.mech	CERT EXP08-C,EXP34-C
	293
M	279	Pointer not checked for null before use : (client)->auth_mech_name	CERT EXP08-C,EXP34-C
	273
M	287	Pointer not checked for null before use : (client)->auth_mech_name	CERT EXP08-C,EXP34-C
	273

[	Top of Report	\|	Procedure Table	\|	Contents	]

sasl_server_auth_cancel (309 to 326 sasl-server.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	317	Pointer not checked for null before use : auth_name	CERT EXP08-C,EXP34-C
	315
M	325	Pointer not checked for null before use : NULL	CERT EXP08-C,EXP34-C

[	Top of Report	\|	Procedure Table	\|	Contents	]

sasl_server_auth_abort (333 to 337 sasl-server.c) - FAIL

Standards Violation Summary

Code	Line	Violation	Standard
M	336	Pointer not checked for null before use : NULL	CERT EXP08-C,EXP34-C

[	Top of Report	\|	Procedure Table	\|	Contents	]