parser-cov: update explicitly defined key events

kdudka · kdudka · commit 5f3f91571e45 · 2024-02-21T16:47:53.000+01:00
... to match the assignment used by Coverity's JSON v7 format Related: https://issues.redhat.com/browse/OSH-552
diff --git a/src/lib/parser-cov.cc b/src/lib/parser-cov.cc
@@ -233,13 +233,18 @@ KeyEventDigger::KeyEventDigger():
     d->hMap["BAD_LOCK_OBJECT"]           .insert("single_thread_lock");
     d->hMap["CALL_SUPER"]                .insert("missing_super_call");
     d->hMap["CHECKED_RETURN"]            .insert("check_return");
+    d->hMap["CHROOT"]                    .insert("chroot_call");
     d->hMap["CONSTANT_EXPRESSION_RESULT"].insert("extra_high_bits");
     d->hMap["CONSTANT_EXPRESSION_RESULT"].insert("logical_vs_bitwise");
     d->hMap["CONSTANT_EXPRESSION_RESULT"].insert("missing_parentheses");
     d->hMap["CONSTANT_EXPRESSION_RESULT"].insert("operator_confusion");
     d->hMap["CONSTANT_EXPRESSION_RESULT"].insert("pointless_expression");
     d->hMap["CONSTANT_EXPRESSION_RESULT"].insert("result_independent_of_operands");
     d->hMap["CONSTANT_EXPRESSION_RESULT"].insert("same_on_both_sides");
+    d->hMap["CTOR_DTOR_LEAK"]            .insert("alloc_fn");
+    d->hMap["CTOR_DTOR_LEAK"]            .insert("alloc_new");
+    d->hMap["DEADCODE"]                  .insert("dead_error_begin");
+    d->hMap["DEADCODE"]                  .insert("dead_error_line");
     d->hMap["EXPLICIT_THIS_EXPECTED"]    .insert("implicit_this_used");
     d->hMap["FORWARD_NULL"]              .insert("deref_parm");
     d->hMap["FORWARD_NULL"]              .insert("dereference");
@@ -250,15 +255,22 @@ KeyEventDigger::KeyEventDigger():
     d->hMap["LOCK_EVASION"]              .insert("thread1_overwrites_value_in_field");
     d->hMap["LOCK_EVASION"]              .insert("thread2_checks_field_early");
     d->hMap["MISSING_BREAK"]             .insert("unterminated_case");
-    d->hMap["NESTING_INDENT_MISMATCH"]   .insert("dangling_else");
+    d->hMap["MISSING_RESTORE"]           .insert("end_of_path");
+    d->hMap["MISSING_RESTORE"]           .insert("end_of_scope");
+    d->hMap["NESTING_INDENT_MISMATCH"]   .insert("actual_if");
     d->hMap["NESTING_INDENT_MISMATCH"]   .insert("multi_stmt_macro");
     d->hMap["NESTING_INDENT_MISMATCH"]   .insert("on_same_line");
     d->hMap["NESTING_INDENT_MISMATCH"]   .insert("uncle");
-    d->hMap["ORDER_REVERSAL"]            .insert("lock_acquire");
+    d->hMap["ORDER_REVERSAL"]            .insert("lock_order");
+    d->hMap["OVERLAPPING_COPY"]          .insert("overlapping_assignment");
     d->hMap["OVERRUN_STATIC"]            .insert("index_parm");
     d->hMap["OVERRUN_STATIC"]            .insert("overrun-buffer-arg");
     d->hMap["OVERRUN_STATIC"]            .insert("overrun-local");
-    d->hMap["STREAM_FORMAT_STATE"]       .insert("format_changed");
+    d->hMap["REVERSE_INULL"]             .insert("check_after_deref");
+    d->hMap["STREAM_FORMAT_STATE"]       .insert("end_of_path");
+    d->hMap["STRING_OVERFLOW"]           .insert("fixed_size_dest");
+    d->hMap["TOCTOU"]                    .insert("fs_check_call");
+    d->hMap["UNEXPECTED_CONTROL_FLOW"]   .insert("continue_in_do_while_false");
     d->hMap["UNINIT"]                    .insert("uninit_use");
     d->hMap["UNINIT"]                    .insert("uninit_use_in_call");
     d->hMap["UNINIT_CTOR"]               .insert("uninit_member");
diff --git a/tests/csgrep/0044-csparser-new-key-evts-stdout.txt b/tests/csgrep/0044-csparser-new-key-evts-stdout.txt
@@ -32,7 +32,7 @@ Error: LOCK_INVERSION:
 ldapjdk-4.19/java-sdk/ldapjdk/netscape/ldap/LDAPConnThread.java:254:9: getlock: Acquiring lock named "LDAPConnThread.m_sendRequestLock".
 
 Error: NESTING_INDENT_MISMATCH:
-qtbase-everywhere-src-5.11.1/qmake/library/qmakeevaluator.cpp:810: dangling_else: The indentation of this "else" clause to column 9 suggests that it was intended to go with the "if" statement indicated by the "intended_if" event, but it actually goes with the "if" indicated by the "actual_if" event because that "if" does not have any other "else" clause.
+qtbase-everywhere-src-5.11.1/qmake/library/qmakeevaluator.cpp:810: actual_if: The "else" clause indicated by the "dangling_else" event actually goes with this "if" statement, contrary to what its indentation suggests.
 
 Error: NESTING_INDENT_MISMATCH:
 mutt-1.9.3/sort.c:207: multi_stmt_macro: The macro on this line expands into multiple statements, only the first of which is nested within the preceding parent while the rest are not.
@@ -44,7 +44,7 @@ Error: NESTING_INDENT_MISMATCH:
 qt-everywhere-opensource-src-4.8.7/tools/qdoc3/doc.cpp:2482: uncle: This  statement is indented to column 13, as if it were nested within the preceding parent statement, but it is not.
 
 Error: STREAM_FORMAT_STATE:
-nss-3.36.1/nss/cpputil/databuffer.h:92: format_changed: "setfill" changes the format state of "stream" for category fill.
+nss-3.36.1/nss/cpputil/databuffer.h:95: format_restored: "dec" changes the format state of "stream" for category basefield.
 
 Error: UNINTENDED_INTEGER_DIVISION:
 xfig-3.2.6a/src/e_scale.c:315: integer_division: Dividing integer expressions "fix_y + y" and "2", and then converting the integer quotient to type "double". Any remainder, or fractional part of the quotient, is ignored.
diff --git a/tests/csgrep/0081-sarif-writer-stdout.txt b/tests/csgrep/0081-sarif-writer-stdout.txt
@@ -93,20 +93,6 @@
                                 "text": "https://cwe.mitre.org/data/definitions/561.html"
                             }
                         },
-                        {
-                            "id": "DEADCODE: effectively_constant",
-                            "properties": {
-                                "tags": [
-                                    "coverity"
-                                ],
-                                "cwe": [
-                                    "CWE-561"
-                                ]
-                            },
-                            "help": {
-                                "text": "https://cwe.mitre.org/data/definitions/561.html"
-                            }
-                        },
                         {
                             "id": "FORWARD_NULL: var_deref_model",
                             "properties": {
@@ -248,7 +234,7 @@
                             }
                         },
                         {
-                            "id": "TOCTOU: toctou",
+                            "id": "TOCTOU: fs_check_call",
                             "properties": {
                                 "tags": [
                                     "coverity"
@@ -490,13 +476,13 @@
                     ]
                 },
                 {
-                    "ruleId": "DEADCODE: effectively_constant",
+                    "ruleId": "DEADCODE: dead_error_line",
                     "properties": {
                         "cwe": "CWE-561"
                     },
                     "locations": [
                         {
-                            "id": 4,
+                            "id": 3,
                             "physicalLocation": {
                                 "artifactLocation": {
                                     "uri": "/builddir/build/BUILD/curl-7.66.0/lib/base64.c"
@@ -508,7 +494,7 @@
                         }
                     ],
                     "message": {
-                        "text": "Local variable \"convbuf\" is assigned only once, to a constant value, making it effectively constant throughout its scope. If this is not the intent, examine the logic to see if there is a missing assignment that would make \"convbuf\" not remain constant."
+                        "text": "Execution cannot reach this statement: \"indata = (char *)convbuf;\"."
                     },
                     "codeFlows": [
                         {
@@ -590,7 +576,7 @@
                                                     "text": "Execution cannot reach this statement: \"indata = (char *)convbuf;\"."
                                                 }
                                             },
-                                            "nestingLevel": 1,
+                                            "nestingLevel": 0,
                                             "kinds": [
                                                 "dead_error_line"
                                             ]
@@ -610,7 +596,7 @@
                                                     "text": "Local variable \"convbuf\" is assigned only once, to a constant value, making it effectively constant throughout its scope. If this is not the intent, examine the logic to see if there is a missing assignment that would make \"convbuf\" not remain constant."
                                                 }
                                             },
-                                            "nestingLevel": 0,
+                                            "nestingLevel": 1,
                                             "kinds": [
                                                 "effectively_constant"
                                             ]
@@ -3262,25 +3248,25 @@
                     ]
                 },
                 {
-                    "ruleId": "TOCTOU: toctou",
+                    "ruleId": "TOCTOU: fs_check_call",
                     "properties": {
                         "cwe": "CWE-367"
                     },
                     "locations": [
                         {
-                            "id": 18,
+                            "id": 10,
                             "physicalLocation": {
                                 "artifactLocation": {
                                     "uri": "/builddir/build/BUILD/curl-7.66.0/lib/curl_ntlm_wb.c"
                                 },
                                 "region": {
-                                    "startLine": 230
+                                    "startLine": 183
                                 }
                             }
                         }
                     ],
                     "message": {
-                        "text": "Calling function \"execl\" that uses \"ntlm_auth\" after a check function. This can cause a time-of-check, time-of-use race condition."
+                        "text": "Calling function \"access\" to perform check on \"ntlm_auth\"."
                     },
                     "codeFlows": [
                         {
@@ -3502,7 +3488,7 @@
                                                     "text": "Calling function \"access\" to perform check on \"ntlm_auth\"."
                                                 }
                                             },
-                                            "nestingLevel": 1,
+                                            "nestingLevel": 0,
                                             "kinds": [
                                                 "fs_check_call"
                                             ]
@@ -3662,7 +3648,7 @@
                                                     "text": "Calling function \"execl\" that uses \"ntlm_auth\" after a check function. This can cause a time-of-check, time-of-use race condition."
                                                 }
                                             },
-                                            "nestingLevel": 0,
+                                            "nestingLevel": 1,
                                             "kinds": [
                                                 "toctou"
                                             ]
@@ -3674,25 +3660,25 @@
                     ]
                 },
                 {
-                    "ruleId": "TOCTOU: toctou",
+                    "ruleId": "TOCTOU: fs_check_call",
                     "properties": {
                         "cwe": "CWE-367"
                     },
                     "locations": [
                         {
-                            "id": 19,
+                            "id": 11,
                             "physicalLocation": {
                                 "artifactLocation": {
                                     "uri": "/builddir/build/BUILD/curl-7.66.0/lib/curl_ntlm_wb.c"
                                 },
                                 "region": {
-                                    "startLine": 223
+                                    "startLine": 183
                                 }
                             }
                         }
                     ],
                     "message": {
-                        "text": "Calling function \"execl\" that uses \"ntlm_auth\" after a check function. This can cause a time-of-check, time-of-use race condition."
+                        "text": "Calling function \"access\" to perform check on \"ntlm_auth\"."
                     },
                     "codeFlows": [
                         {
@@ -3934,7 +3920,7 @@
                                                     "text": "Calling function \"access\" to perform check on \"ntlm_auth\"."
                                                 }
                                             },
-                                            "nestingLevel": 1,
+                                            "nestingLevel": 0,
                                             "kinds": [
                                                 "fs_check_call"
                                             ]
@@ -4094,7 +4080,7 @@
                                                     "text": "Calling function \"execl\" that uses \"ntlm_auth\" after a check function. This can cause a time-of-check, time-of-use race condition."
                                                 }
                                             },
-                                            "nestingLevel": 0,
+                                            "nestingLevel": 1,
                                             "kinds": [
                                                 "toctou"
                                             ]
diff --git a/tests/cssort/cssort-5.8/02-by-checker.err b/tests/cssort/cssort-5.8/02-by-checker.err
@@ -1262,12 +1262,28 @@ Error: STRING_OVERFLOW:
 Error: STRING_OVERFLOW:
 /builddir/build/BUILD/ATLAS/tune/blas/gemm/emit_mm.c:3169: fixed_size_dest: You might overrun the 512 byte fixed-size string "cp->CCFLAGS" by copying "MMFLAGS" without checking the length.
 
+Error: STRING_OVERFLOW:
+/builddir/build/BUILD/ATLAS/tune/blas/gemm/emit_mm.c:3224: fixed_size_dest: You might overrun the 128 byte fixed-size string "znam" by copying "nam" without checking the length.
+/builddir/build/BUILD/ATLAS/tune/blas/gemm/emit_mm.c:3224: parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function.
+
+Error: STRING_OVERFLOW:
+/builddir/build/BUILD/ATLAS/tune/blas/gemm/emit_mm.c:3238: fixed_size_dest: You might overrun the 128 byte fixed-size string "bnam" by copying "nam" without checking the length.
+/builddir/build/BUILD/ATLAS/tune/blas/gemm/emit_mm.c:3238: parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function.
+
 Error: STRING_OVERFLOW:
 /builddir/build/BUILD/ATLAS/tune/blas/gemm/emit_mm.c:3949: fixed_size_dest: You might overrun the 256 byte fixed-size string "cp->CC" by copying "MCC" without checking the length.
 
 Error: STRING_OVERFLOW:
 /builddir/build/BUILD/ATLAS/tune/blas/gemm/emit_mm.c:3951: fixed_size_dest: You might overrun the 512 byte fixed-size string "cp->CCFLAGS" by copying "MMFLAGS" without checking the length.
 
+Error: STRING_OVERFLOW:
+/builddir/build/BUILD/ATLAS/tune/blas/gemm/fc.c:477: fixed_size_dest: You might overrun the 80 byte fixed-size string "fnam" by copying "fnam0" without checking the length.
+/builddir/build/BUILD/ATLAS/tune/blas/gemm/fc.c:477: parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function.
+
+Error: STRING_OVERFLOW:
+/builddir/build/BUILD/ATLAS/tune/blas/gemm/mmsearch.c:472: fixed_size_dest: You might overrun the 128 byte fixed-size string "fnam" by copying "nam" without checking the length.
+/builddir/build/BUILD/ATLAS/tune/blas/gemm/mmsearch.c:472: parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function.
+
 Error: STRING_OVERFLOW:
 /builddir/build/BUILD/ATLAS/tune/blas/gemv/mvsearch.c:749: fixed_size_dest: You might overrun the 256 byte fixed-size string "Nauth" by copying "authN[Nbest]" without checking the length.
 
@@ -1304,22 +1320,6 @@ Error: STRING_OVERFLOW:
 Error: STRING_OVERFLOW:
 /builddir/build/BUILD/ATLAS/tune/blas/gemv/mvsearch.c:760: fixed_size_dest: You might overrun the 512 byte fixed-size string "Sccflags" by copying "ccflagsN[Sbest]" without checking the length.
 
-Error: STRING_OVERFLOW:
-/builddir/build/BUILD/ATLAS/tune/blas/gemm/emit_mm.c:3224: fixed_size_dest: You might overrun the 128 byte fixed-size string "znam" by copying "nam" without checking the length.
-/builddir/build/BUILD/ATLAS/tune/blas/gemm/emit_mm.c:3224: parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function.
-
-Error: STRING_OVERFLOW:
-/builddir/build/BUILD/ATLAS/tune/blas/gemm/emit_mm.c:3238: fixed_size_dest: You might overrun the 128 byte fixed-size string "bnam" by copying "nam" without checking the length.
-/builddir/build/BUILD/ATLAS/tune/blas/gemm/emit_mm.c:3238: parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function.
-
-Error: STRING_OVERFLOW:
-/builddir/build/BUILD/ATLAS/tune/blas/gemm/fc.c:477: fixed_size_dest: You might overrun the 80 byte fixed-size string "fnam" by copying "fnam0" without checking the length.
-/builddir/build/BUILD/ATLAS/tune/blas/gemm/fc.c:477: parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function.
-
-Error: STRING_OVERFLOW:
-/builddir/build/BUILD/ATLAS/tune/blas/gemm/mmsearch.c:472: fixed_size_dest: You might overrun the 128 byte fixed-size string "fnam" by copying "nam" without checking the length.
-/builddir/build/BUILD/ATLAS/tune/blas/gemm/mmsearch.c:472: parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function.
-
 Error: STRING_SIZE:
 /builddir/build/BUILD/ATLAS/tune/blas/gemm/fc.c:630: var_assign_var: Assigning: "fnam" = "args[1]". Both are now tainted.
 /builddir/build/BUILD/ATLAS/tune/blas/gemm/fc.c:632: string_size: Passing string "fnam" of unknown size to a function that expects a string of a particular size.

Original file line number	Diff line number	Diff line change
`@@ -93,20 +93,6 @@`
`93`	`93`	`"text": "https://cwe.mitre.org/data/definitions/561.html"`
`94`	`94`	`}`
`95`	`95`	`},`
`96`		`- {`
`97`		`- "id": "DEADCODE: effectively_constant",`
`98`		`- "properties": {`
`99`		`- "tags": [`
`100`		`- "coverity"`
`101`		`- ],`
`102`		`- "cwe": [`
`103`		`- "CWE-561"`
`104`		`- ]`
`105`		`- },`
`106`		`- "help": {`
`107`		`- "text": "https://cwe.mitre.org/data/definitions/561.html"`
`108`		`- }`
`109`		`- },`
`110`	`96`	`{`
`111`	`97`	`"id": "FORWARD_NULL: var_deref_model",`
`112`	`98`	`"properties": {`
`@@ -248,7 +234,7 @@`
`248`	`234`	`}`
`249`	`235`	`},`
`250`	`236`	`{`
`251`		`- "id": "TOCTOU: toctou",`
	`237`	`+ "id": "TOCTOU: fs_check_call",`
`252`	`238`	`"properties": {`
`253`	`239`	`"tags": [`
`254`	`240`	`"coverity"`
`@@ -490,13 +476,13 @@`
`490`	`476`	`]`
`491`	`477`	`},`
`492`	`478`	`{`
`493`		`- "ruleId": "DEADCODE: effectively_constant",`
	`479`	`+ "ruleId": "DEADCODE: dead_error_line",`
`494`	`480`	`"properties": {`
`495`	`481`	`"cwe": "CWE-561"`
`496`	`482`	`},`
`497`	`483`	`"locations": [`
`498`	`484`	`{`
`499`		`- "id": 4,`
	`485`	`+ "id": 3,`
`500`	`486`	`"physicalLocation": {`
`501`	`487`	`"artifactLocation": {`
`502`	`488`	`"uri": "/builddir/build/BUILD/curl-7.66.0/lib/base64.c"`
`@@ -508,7 +494,7 @@`
`508`	`494`	`}`
`509`	`495`	`],`
`510`	`496`	`"message": {`
`511`		`- "text": "Local variable \"convbuf\" is assigned only once, to a constant value, making it effectively constant throughout its scope. If this is not the intent, examine the logic to see if there is a missing assignment that would make \"convbuf\" not remain constant."`
	`497`	`+ "text": "Execution cannot reach this statement: \"indata = (char *)convbuf;\"."`
`512`	`498`	`},`
`513`	`499`	`"codeFlows": [`
`514`	`500`	`{`
`@@ -590,7 +576,7 @@`
`590`	`576`	`"text": "Execution cannot reach this statement: \"indata = (char *)convbuf;\"."`
`591`	`577`	`}`
`592`	`578`	`},`
`593`		`- "nestingLevel": 1,`
	`579`	`+ "nestingLevel": 0,`
`594`	`580`	`"kinds": [`
`595`	`581`	`"dead_error_line"`
`596`	`582`	`]`
`@@ -610,7 +596,7 @@`
`610`	`596`	`"text": "Local variable \"convbuf\" is assigned only once, to a constant value, making it effectively constant throughout its scope. If this is not the intent, examine the logic to see if there is a missing assignment that would make \"convbuf\" not remain constant."`
`611`	`597`	`}`
`612`	`598`	`},`
`613`		`- "nestingLevel": 0,`
	`599`	`+ "nestingLevel": 1,`
`614`	`600`	`"kinds": [`
`615`	`601`	`"effectively_constant"`
`616`	`602`	`]`
`@@ -3262,25 +3248,25 @@`
`3262`	`3248`	`]`
`3263`	`3249`	`},`
`3264`	`3250`	`{`
`3265`		`- "ruleId": "TOCTOU: toctou",`
	`3251`	`+ "ruleId": "TOCTOU: fs_check_call",`
`3266`	`3252`	`"properties": {`
`3267`	`3253`	`"cwe": "CWE-367"`
`3268`	`3254`	`},`
`3269`	`3255`	`"locations": [`
`3270`	`3256`	`{`
`3271`		`- "id": 18,`
	`3257`	`+ "id": 10,`
`3272`	`3258`	`"physicalLocation": {`
`3273`	`3259`	`"artifactLocation": {`
`3274`	`3260`	`"uri": "/builddir/build/BUILD/curl-7.66.0/lib/curl_ntlm_wb.c"`
`3275`	`3261`	`},`
`3276`	`3262`	`"region": {`
`3277`		`- "startLine": 230`
	`3263`	`+ "startLine": 183`
`3278`	`3264`	`}`
`3279`	`3265`	`}`
`3280`	`3266`	`}`
`3281`	`3267`	`],`
`3282`	`3268`	`"message": {`
`3283`		`- "text": "Calling function \"execl\" that uses \"ntlm_auth\" after a check function. This can cause a time-of-check, time-of-use race condition."`
	`3269`	`+ "text": "Calling function \"access\" to perform check on \"ntlm_auth\"."`
`3284`	`3270`	`},`
`3285`	`3271`	`"codeFlows": [`
`3286`	`3272`	`{`
`@@ -3502,7 +3488,7 @@`
`3502`	`3488`	`"text": "Calling function \"access\" to perform check on \"ntlm_auth\"."`
`3503`	`3489`	`}`
`3504`	`3490`	`},`
`3505`		`- "nestingLevel": 1,`
	`3491`	`+ "nestingLevel": 0,`
`3506`	`3492`	`"kinds": [`
`3507`	`3493`	`"fs_check_call"`
`3508`	`3494`	`]`
`@@ -3662,7 +3648,7 @@`
`3662`	`3648`	`"text": "Calling function \"execl\" that uses \"ntlm_auth\" after a check function. This can cause a time-of-check, time-of-use race condition."`
`3663`	`3649`	`}`
`3664`	`3650`	`},`
`3665`		`- "nestingLevel": 0,`
	`3651`	`+ "nestingLevel": 1,`
`3666`	`3652`	`"kinds": [`
`3667`	`3653`	`"toctou"`
`3668`	`3654`	`]`
`@@ -3674,25 +3660,25 @@`
`3674`	`3660`	`]`
`3675`	`3661`	`},`
`3676`	`3662`	`{`
`3677`		`- "ruleId": "TOCTOU: toctou",`
	`3663`	`+ "ruleId": "TOCTOU: fs_check_call",`
`3678`	`3664`	`"properties": {`
`3679`	`3665`	`"cwe": "CWE-367"`
`3680`	`3666`	`},`
`3681`	`3667`	`"locations": [`
`3682`	`3668`	`{`
`3683`		`- "id": 19,`
	`3669`	`+ "id": 11,`
`3684`	`3670`	`"physicalLocation": {`
`3685`	`3671`	`"artifactLocation": {`
`3686`	`3672`	`"uri": "/builddir/build/BUILD/curl-7.66.0/lib/curl_ntlm_wb.c"`
`3687`	`3673`	`},`
`3688`	`3674`	`"region": {`
`3689`		`- "startLine": 223`
	`3675`	`+ "startLine": 183`
`3690`	`3676`	`}`
`3691`	`3677`	`}`
`3692`	`3678`	`}`
`3693`	`3679`	`],`
`3694`	`3680`	`"message": {`
`3695`		`- "text": "Calling function \"execl\" that uses \"ntlm_auth\" after a check function. This can cause a time-of-check, time-of-use race condition."`
	`3681`	`+ "text": "Calling function \"access\" to perform check on \"ntlm_auth\"."`
`3696`	`3682`	`},`
`3697`	`3683`	`"codeFlows": [`
`3698`	`3684`	`{`
`@@ -3934,7 +3920,7 @@`
`3934`	`3920`	`"text": "Calling function \"access\" to perform check on \"ntlm_auth\"."`
`3935`	`3921`	`}`
`3936`	`3922`	`},`
`3937`		`- "nestingLevel": 1,`
	`3923`	`+ "nestingLevel": 0,`
`3938`	`3924`	`"kinds": [`
`3939`	`3925`	`"fs_check_call"`
`3940`	`3926`	`]`
`@@ -4094,7 +4080,7 @@`
`4094`	`4080`	`"text": "Calling function \"execl\" that uses \"ntlm_auth\" after a check function. This can cause a time-of-check, time-of-use race condition."`
`4095`	`4081`	`}`
`4096`	`4082`	`},`
`4097`		`- "nestingLevel": 0,`
	`4083`	`+ "nestingLevel": 1,`
`4098`	`4084`	`"kinds": [`
`4099`	`4085`	`"toctou"`
`4100`	`4086`	`]`