-*- mode: compilation; default-directory: "/home/eslerm/audits/s390-tools/s390-tools/mantic/s390-tools-2.28.0"; -*-
genprotimg/src/utils/curl.c:100:8:
  Type: Incorrect sizeof expression (BAD_SIZEOF)

genprotimg/src/utils/curl.c:100:8:
  bad_sizeof: Taking the size of "&userdata", which is the address of an object, is suspicious.
genprotimg/src/utils/curl.c:100:8:
  remediation: Did you intend the size of "userdata" itself?

libpv/curl.c:97:7:
  Type: Incorrect sizeof expression (BAD_SIZEOF)

libpv/curl.c:97:7:
  bad_sizeof: Taking the size of "&userdata", which is the address of an object, is suspicious.
libpv/curl.c:97:7:
  remediation: Did you intend the size of "userdata" itself?

pvattest/src/common.c:30:3:
  Type: Unchecked return value from library (CHECKED_RETURN)

pvattest/src/common.c:29:2: Unchecked call to function
  1. path: Condition "rc", taking true branch.
pvattest/src/common.c:29:2:
  2. path: Condition "mode != 438", taking true branch.
pvattest/src/common.c:30:3:
  3. check_return: Calling "chmod(filename, mode)" without checking return value. This library function may fail and return an error code.

genprotimg/src/pv/pv_args.c:84:4:
  Type: Explicit null dereferenced (FORWARD_NULL)

genprotimg/src/pv/pv_args.c:68:2:
  1. path: Condition "args->pcf", taking true branch.
genprotimg/src/pv/pv_args.c:68:2:
  2. path: Condition "args->allow_pckmo == PV_NOT_SET", taking true branch.
genprotimg/src/pv/pv_args.c:68:2:
  3. path: Condition "args->allow_dump == PV_NOT_SET", taking true branch.
genprotimg/src/pv/pv_args.c:78:2:
  4. path: Condition "args->unused_values->len > 0", taking true branch.
genprotimg/src/pv/pv_args.c:79:14:
  5. assign_zero: Assigning: "unused" = "NULL".
genprotimg/src/pv/pv_args.c:81:3:
  6. path: Condition "i > 0", taking true branch.
genprotimg/src/pv/pv_args.c:82:15:
  7. alias_transfer: Assigning: "tmp" = "unused".
genprotimg/src/pv/pv_args.c:84:4:
  8. var_deref_model: Passing null pointer "tmp" to "g_strjoin", which dereferences it.

genprotimg/src/pv/pv_stage3.c:54:3:
  Type: Resource leak (RESOURCE_LEAK)

genprotimg/src/pv/pv_stage3.c:36:2:
  1. path: Condition "loader_size", taking true branch.
genprotimg/src/pv/pv_stage3.c:36:2:
  2. path: Falling through to end of if statement.
genprotimg/src/pv/pv_stage3.c:36:2:
  3. path: Condition "({...; _g_boolean_var_8;})", taking true branch.
genprotimg/src/pv/pv_stage3.c:36:2:
  4. path: Falling through to end of if statement.
genprotimg/src/pv/pv_stage3.c:39:2:
  5. path: Condition "!mapped_file", taking false branch.
genprotimg/src/pv/pv_stage3.c:42:2:
  6. alloc_fn: Storage is returned from allocation function "g_mapped_file_get_contents".
genprotimg/src/pv/pv_stage3.c:42:2:
  7. var_assign: Assigning: "loader_data" = storage returned from "g_mapped_file_get_contents(mapped_file)".
genprotimg/src/pv/pv_stage3.c:43:2:
  8. path: Condition "!loader_data", taking false branch.
genprotimg/src/pv/pv_stage3.c:50:2:
  9. path: Condition "tmp_loader_size < args_size", taking true branch.
genprotimg/src/pv/pv_stage3.c:54:3:
  10. leaked_storage: Variable "loader_data" going out of scope leaks the storage it points to.

genprotimg/src/pv/pv_stage3.c:71:2:
  Type: Resource leak (RESOURCE_LEAK)

genprotimg/src/pv/pv_stage3.c:36:2:
  1. path: Condition "loader_size", taking true branch.
genprotimg/src/pv/pv_stage3.c:36:2:
  2. path: Falling through to end of if statement.
genprotimg/src/pv/pv_stage3.c:36:2:
  3. path: Condition "({...; _g_boolean_var_8;})", taking true branch.
genprotimg/src/pv/pv_stage3.c:36:2:
  4. path: Falling through to end of if statement.
genprotimg/src/pv/pv_stage3.c:39:2:
  5. path: Condition "!mapped_file", taking false branch.
genprotimg/src/pv/pv_stage3.c:42:2:
  6. alloc_fn: Storage is returned from allocation function "g_mapped_file_get_contents".
genprotimg/src/pv/pv_stage3.c:42:2:
  7. var_assign: Assigning: "loader_data" = storage returned from "g_mapped_file_get_contents(mapped_file)".
genprotimg/src/pv/pv_stage3.c:43:2:
  8. path: Condition "!loader_data", taking false branch.
genprotimg/src/pv/pv_stage3.c:50:2:
  9. path: Condition "tmp_loader_size < args_size", taking false branch.
genprotimg/src/pv/pv_stage3.c:60:2:
  10. path: Condition "data_aligned", taking true branch.
genprotimg/src/pv/pv_stage3.c:66:2:
  11. noescape: Resource "loader_data" is not freed or pointed-to in "memcpy". [Note: The source code implementation of the function has been overridden by a builtin model.]
genprotimg/src/pv/pv_stage3.c:71:2:
  12. leaked_storage: Variable "loader_data" going out of scope leaks the storage it points to.

pvattest/src/log.c:68:7:
  Type: Dereference before null check (REVERSE_INULL)

pvattest/src/log.c:65:29:
  deref_ptr_in_call: Dereferencing pointer "prefix".
pvattest/src/log.c:68:7:
  check_after_deref: Null-checking "prefix" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.

netboot/Dockerfile:5:
  Type: Container running as root (SIGMA.container_running_as_root)

netboot/Dockerfile:5:
  1. Sigma main event: The Docker container is configured to run as the root user.
netboot/Dockerfile:5:
  2. remediation: Explicitly set the last `USER` value to a non-root user to prevent the container from running in a privileged context.