| Date: | Sat Jul 1 22:02:32 2023 |
|---|---|
| PVS-Studio Version: | 7.23.69221.300 |
| Command Line: | plog-converter -a GA\:1,2,3 -t fullhtml --indicate-warnings build/f7-firmware-DC/pvsreport.log -o build/f7-firmware-DC/pvsreport |
| Total Warnings (GA): | 48 |
| Fails/Info: | 43 |
| Group | Location | Level | Code | Message |
|---|---|---|---|---|
| Fail/Info | mfkey32.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | classic_gen1.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | gen4.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_worker.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_actions.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_check.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_file_select.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_gen4_actions.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_key_input.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_magic_info.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_new_key_input.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_not_magic.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_rekey.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_rekey_fail.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_start.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_success.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_wipe.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_wipe_fail.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_write.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_write_confirm.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_write_fail.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | nfc_magic_scene_wrong_card.c:1 | V008 | Unable to start the analysis on this file. | |
| General Analysis | nfc_rfid_detector_app_i.c:14 | Medium | V1031 | The 'furi_hal_nfc_exit_sleep' function is not declared. Passing data to or from this function can be affected. |
| General Analysis | nfc_rfid_detector_app_i.c:15 | Medium | V1031 | The 'furi_hal_nfc_field_detect_start' function is not declared. Passing data to or from this function can be affected. |
| General Analysis | nfc_rfid_detector_app_i.c:25 | Medium | V1031 | The 'furi_hal_nfc_start_sleep' function is not declared. Passing data to or from this function can be affected. |
| General Analysis | nfc_rfid_detector_app_i.c:32 | Medium | V1031 | The 'furi_hal_nfc_field_is_present' function is not declared. Passing data to or from this function can be affected. |
| Fail/Info | picopass.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_worker.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_card_menu.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_delete.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_delete_success.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_device_info.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_elite_dict_attack.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_file_select.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_key_menu.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_read_card.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_read_card_success.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_read_factory_success.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_save_name.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_save_success.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_start.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_write_card.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_saved_menu.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_write_card_success.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | picopass_scene_write_key.c:1 | V008 | Unable to start the analysis on this file. | |
| Fail/Info | dict_attack.c:1 | V008 | Unable to start the analysis on this file. | |
| General Analysis | nfc_supported_cards.c:39 | Low | V576 | Incorrect format. Consider checking the fourth actual argument of the 'furi_log_print_format' function. The SIGNED argument of memsize type is expected. |
| General Analysis | nfc_scene_mf_classic_read_supported_card.c:30 | Medium | V547 | Expression 'supported' is always false. |
| General Analysis | nfc_scene_mf_ultralight_unlock_warn.c:23 | Medium | V557 | Array overrun is possible. The value of 'i' index could reach 7. |
| General Analysis | nfc_rpc.c:42 | Low | V576 | Incorrect format. Consider checking the fourth actual argument of the 'furi_log_print_format' function. The integer argument of 32-bit size is expected. |
| General Analysis | nfc_rpc.c:112 | Low | V576 | Incorrect format. Consider checking the fourth actual argument of the 'furi_log_print_format' function. The integer argument of 32-bit size is expected. |
| General Analysis | nfc_rpc_mf_ultralight.c:144 | High | V512 | A call of the 'memcpy' function will lead to overflow of the buffer 'pb_mf_ul_read_counter_resp.data.bytes'. |
| General Analysis | nfc_rpc_mf_ultralight.c:144 | High | V512 | A call of the 'memcpy' function will lead to the 'data.data' buffer becoming out of range. |
| General Analysis | nfc_rpc_mf_ultralight.c:175 | Low | V576 | Incorrect format. Consider checking the fourth actual argument of the 'furi_log_print_format' function. The SIGNED argument of memsize type is expected. |
| General Analysis | f_hal_nfc_event.c:39 | Low | V605 | Consider verifying the expression: event_flag != FuriFlagErrorTimeout. An unsigned value is compared to the number -2. |
| General Analysis | f_hal_nfc.c:88 | Medium | V519 | The 'error' variable is assigned values twice successively. Perhaps this is a mistake. Check lines: 77, 88. |
| General Analysis | f_hal_nfc_timer.c:58 | High | V1051 | Consider checking for misprints. It's possible that the 'timer' should be used inside 'LL_TIM_IsActiveFlag_UPDATE' function. |
| General Analysis | nfc_device_old.c:1144 | High | V547 | Expression '(block_unknown_bytes_mask & 0x003f) == 0' is always false. |
| General Analysis | nfc_device_old.c:1150 | High | V547 | Expression '(block_unknown_bytes_mask & 0x03c0) == 0' is always false. |
| General Analysis | nfc_device_old.c:1155 | High | V547 | Expression '(block_unknown_bytes_mask & 0xfc00) == 0' is always false. |
| General Analysis | nfc_device_old.c:1160 | High | V547 | Expression 'block_unknown_bytes_mask == 0' is always false. |
| General Analysis | crypto1.c:66 | High | V629 | Consider inspecting the expression. Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type. |
| General Analysis | bit_buffer.c:112 | Medium | V519 | The 'buf->size_bits' variable is assigned values twice successively. Perhaps this is a mistake. Check lines: 101, 112. |
| General Analysis | nfc_scanner.c:76 | Low | V576 | Incorrect format. Consider checking the fourth actual argument of the 'furi_log_print_format' function. The integer argument of 32-bit size is expected. |
| General Analysis | nfc_scanner.c:115 | Low | V576 | Incorrect format. Consider checking the fourth actual argument of the 'furi_log_print_format' function. The integer argument of 32-bit size is expected. |
| General Analysis | nfc_scanner.c:164 | Low | V576 | Incorrect format. Consider checking the fourth actual argument of the 'furi_log_print_format' function. The integer argument of 32-bit size is expected. |
| General Analysis | iso14443_3a_poller.c:102 | Medium | V768 | The expression 'event.protocol = NfcProtocolInvalid' is of enum type. It is odd that it is used as an expression of a Boolean-type. |
| General Analysis | iso14443_3a_poller.c:102 | Medium | V559 | Suspicious assignment inside the conditional expression of 'if' statement: event.protocol = NfcProtocolInvalid. |
| General Analysis | crypto1.c:79 | High | V629 | Consider inspecting the expression. Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type. |
| General Analysis | mf_classic.c:82 | Medium | V1086 | A call of the 'memcpy' function will lead to underflow of the buffer 'data->block'. |
| General Analysis | mf_classic.c:82 | Medium | V1086 | A call of the 'memcpy' function will lead to underflow of the buffer 'other->block'. |
| General Analysis | mf_classic.c:83 | Medium | V1086 | A call of the 'memcpy' function will lead to underflow of the buffer 'data->block_read_mask'. |
| General Analysis | mf_classic.c:83 | Medium | V1086 | A call of the 'memcpy' function will lead to underflow of the buffer 'other->block_read_mask'. |
| General Analysis | mf_classic.c:339 | Medium | V560 | A part of conditional expression is always true: (atqa0 = 0x44). |
| General Analysis | mf_classic.c:340 | Medium | V560 | A part of conditional expression is always true: (sak = 0x88). |
| General Analysis | mf_classic.c:358 | Medium | V768 | The expression '* type' is of enum type. It is odd that it is used as an expression of a Boolean-type. |
| General Analysis | mf_classic.c:116 | Low | V1027 | Pointer to an object of the 'MfClassicBlock' class is cast to unrelated 'MfClassicSectorTrailer' class. |
| General Analysis | mf_classic.c:398 | Low | V1027 | Pointer to an object of the 'MfClassicBlock' class is cast to unrelated 'MfClassicSectorTrailer' class. |
| General Analysis | mf_classic_poller.c:168 | Medium | V519 | The 'command' variable is assigned values twice successively. Perhaps this is a mistake. Check lines: 164, 168. |
| General Analysis | mf_classic_poller.c:217 | Medium | V519 | The 'command' variable is assigned values twice successively. Perhaps this is a mistake. Check lines: 214, 217. |
| General Analysis | mf_ultralight.c:159 | Medium | V1086 | A call of the 'memcpy' function will lead to underflow of the buffer 'data->counter'. |
| General Analysis | mf_ultralight.c:159 | Medium | V1086 | A call of the 'memcpy' function will lead to underflow of the buffer 'other->counter'. |
| General Analysis | mf_ultralight.c:161 | Medium | V1086 | A call of the 'memcpy' function will lead to underflow of the buffer 'data->page'. |
| General Analysis | mf_ultralight.c:161 | Medium | V1086 | A call of the 'memcpy' function will lead to underflow of the buffer 'other->page'. |
| General Analysis | mf_ultralight.c:334 | Medium | V619 | The array 'data->tearing_flag' is being utilized as a pointer to single object. |
| General Analysis | mf_ultralight.c:462 | Low | V1027 | Pointer to an object of the 'MfUltralightPage' class is cast to unrelated 'MfUltralightConfigPages' class. |
| General Analysis | mf_ultralight_listener.c:216 | Medium | V619 | The array 'instance->data->tearing_flag' is being utilized as a pointer to single object. |
| General Analysis | mf_ultralight_listener.c:234 | High | V512 | A call of the 'memcpy' function will lead to overflow of the buffer 'password.data'. |
| General Analysis | mf_ultralight_poller_i.c:36 | Medium | V1009 | Check the array initialization. Only the first element is initialized explicitly. The rest elements are initialized with zeros. |
| General Analysis | mf_ultralight_poller_i.c:186 | Low | V576 | Incorrect format. Consider checking the fourth actual argument of the 'furi_log_print_format' function. The integer argument of 32-bit size is expected. |