Skip to content
cpp-linter

Bump ossf/scorecard-action from 2.3.1 to 2.3.3 #98

Sign in to view logs

Bump ossf/scorecard-action from 2.3.1 to 2.3.3

Bump ossf/scorecard-action from 2.3.1 to 2.3.3 #98

Triggered via push June 1, 2024 19:46
@dependabotdependabot[bot]
pushed 15e3fa0
dependabot/github_actions/ossf/scorecard-action-2.3.3
Status Success
Total duration 5m 29s
Artifacts

linter.yml

on: push
cpp-linter
37s
cpp-linter
Fit to window
Zoom out
Zoom in

Annotations

10 errors and 10 warnings
tools/fwinfogen.c:32:10 [clang-diagnostic-error]: tools/fwinfogen.c#L32
'config.h' file not found
tee/lib/libutee/tee_api_objects.c:8:10 [clang-diagnostic-error]: tee/lib/libutee/tee_api_objects.c#L8
'tee_api.h' file not found
tee/lib/libutee/tee_api.c:31:10 [clang-diagnostic-error]: tee/lib/libutee/tee_api.c#L31
'tee_api.h' file not found
tee/lib/libutee/tee_user_mem.c:32:10 [clang-diagnostic-error]: tee/lib/libutee/tee_user_mem.c#L32
'compiler.h' file not found
tee/lib/libutee/tee_api_arith.c:29:10 [clang-diagnostic-error]: tee/lib/libutee/tee_api_arith.c#L29
'tee_api.h' file not found
tee/lib/libutee/tee_api_panic.c:6:10 [clang-diagnostic-error]: tee/lib/libutee/tee_api_panic.c#L6
'tee_api.h' file not found
tee/lib/libutee/tee_api_operations.c:30:10 [clang-diagnostic-error]: tee/lib/libutee/tee_api_operations.c#L30
'string_ext.h' file not found
tee/lib/libutils/ext/buf_compare_ct.c:5:10 [clang-diagnostic-error]: tee/lib/libutils/ext/buf_compare_ct.c#L5
'string_ext.h' file not found
tee/lib/libutils/ext/trace.c:33:10 [clang-diagnostic-error]: tee/lib/libutils/ext/trace.c#L33
'trace.h' file not found
tee/tee/tee_obj.c:29:10 [clang-diagnostic-error]: tee/tee/tee_obj.c#L29
'tee/tee_obj.h' file not found
tools/mkconfig.c:58:3 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]: tools/mkconfig.c#L58
Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
tools/mkconfig.c:75:9 [cppcoreguidelines-init-variables]: tools/mkconfig.c#L75
variable 'filepath' is not initialized
tools/mkconfig.c:76:9 [cppcoreguidelines-init-variables]: tools/mkconfig.c#L76
variable 'stream' is not initialized
tools/ecdsa_keygen.c:62:16 [bugprone-reserved-identifier]: tools/ecdsa_keygen.c#L62
declaration uses identifier '_AES_DATA', which is a reserved identifier
tools/ecdsa_keygen.c:98:3 [clang-diagnostic-deprecated-declarations]: tools/ecdsa_keygen.c#L98
'SHA256_Init' is deprecated
tools/ecdsa_keygen.c:99:3 [clang-diagnostic-deprecated-declarations]: tools/ecdsa_keygen.c#L99
'SHA256_Update' is deprecated
tools/ecdsa_keygen.c:100:3 [clang-diagnostic-deprecated-declarations]: tools/ecdsa_keygen.c#L100
'SHA256_Final' is deprecated
tools/ecdsa_keygen.c:120:3 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]: tools/ecdsa_keygen.c#L120
Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
tools/ecdsa_keygen.c:121:3 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]: tools/ecdsa_keygen.c#L121
Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
tools/ecdsa_keygen.c:136:5 [clang-analyzer-unix.Malloc]: tools/ecdsa_keygen.c#L136
Potential leak of memory pointed to by 'encrypted_message'