Task #102306 - conmon-2.2.1-1.20260304125905825929.pr641.11.gc2bdb5b/scan-results.err
back to task #102306download
Error: GCC_ANALYZER_WARNING (CWE-775):
conmon-2.2.1/src/conmon.c: scope_hint: In function ‘disconnect_std_streams’
conmon-2.2.1/src/conmon.c:29:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(dev_null_r, 0)’
# 27| static void disconnect_std_streams(int dev_null_r, int dev_null_w)
# 28| {
# 29|-> if (dup2(dev_null_r, STDIN_FILENO) < 0)
# 30| pexit("Failed to dup over stdin");
# 31| if (dup2(dev_null_w, STDOUT_FILENO) < 0)
Error: GCC_ANALYZER_WARNING (CWE-775):
conmon-2.2.1/src/conmon.c:31:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(dev_null_w, 1)’
# 29| if (dup2(dev_null_r, STDIN_FILENO) < 0)
# 30| pexit("Failed to dup over stdin");
# 31|-> if (dup2(dev_null_w, STDOUT_FILENO) < 0)
# 32| pexit("Failed to dup over stdout");
# 33| if (dup2(dev_null_w, STDERR_FILENO) < 0)
Error: GCC_ANALYZER_WARNING (CWE-775):
conmon-2.2.1/src/conmon.c:33:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(dev_null_w, 2)’
# 31| if (dup2(dev_null_w, STDOUT_FILENO) < 0)
# 32| pexit("Failed to dup over stdout");
# 33|-> if (dup2(dev_null_w, STDERR_FILENO) < 0)
# 34| pexit("Failed to dup over stderr");
# 35| }
Error: GCC_ANALYZER_WARNING (CWE-775):
conmon-2.2.1/src/conmon.c: scope_hint: In function ‘main’
conmon-2.2.1/src/conmon.c:244:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(workerfd_stdin, 0)’
# 242| if (workerfd_stdin < 0)
# 243| workerfd_stdin = dev_null_r;
# 244|-> if (dup2(workerfd_stdin, STDIN_FILENO) < 0)
# 245| _pexit("Failed to dup over stdin");
# 246| if (workerfd_stdin != dev_null_r && fchmod(STDIN_FILENO, 0777) < 0 && errno != EINVAL)
Error: GCC_ANALYZER_WARNING (CWE-775):
conmon-2.2.1/src/conmon.c:251:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(workerfd_stdout, 1)’
# 249| if (workerfd_stdout < 0)
# 250| workerfd_stdout = dev_null_w;
# 251|-> if (dup2(workerfd_stdout, STDOUT_FILENO) < 0)
# 252| _pexit("Failed to dup over stdout");
# 253| if (workerfd_stdout != dev_null_w && fchmod(STDOUT_FILENO, 0777) < 0 && errno != EINVAL)
Error: GCC_ANALYZER_WARNING (CWE-775):
conmon-2.2.1/src/conmon.c:256:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(workerfd_stderr, 2)’
# 254| nwarn("Failed to chmod stdout");
# 255|
# 256|-> if (dup2(workerfd_stderr, STDERR_FILENO) < 0)
# 257| _pexit("Failed to dup over stderr");
# 258| if (workerfd_stderr != dev_null_w && fchmod(STDERR_FILENO, 0777) < 0 && errno != EINVAL)
Error: GCC_ANALYZER_WARNING (CWE-910):
conmon-2.2.1/src/conmon.c:285:44: warning[-Wanalyzer-fd-use-after-close]: ‘read’ on closed file descriptor ‘get_pipe_fd_from_env("_OCI_STARTPIPE")’
conmon-2.2.1/src/conmon.c:8: included_from: Included from here.
conmon-2.2.1/src/conmon.c:284:33: note: in expansion of macro ‘ndebug’
# 283| if (start_pipe_fd > 0) {
# 284| ndebug("exec with attach is waiting for start message from parent");
# 285|-> num_read = read(start_pipe_fd, buf, BUF_SIZE);
# 286| if (num_read < 0) {
# 287| _pexit("start-pipe read failed");
Error: GCC_ANALYZER_WARNING (CWE-1341):
conmon-2.2.1/src/conmon.c:290:33: warning[-Wanalyzer-fd-double-close]: double ‘close’ of file descriptor ‘get_pipe_fd_from_env("_OCI_STARTPIPE")’
conmon-2.2.1/src/conmon.c:284:33: note: in expansion of macro ‘ndebug’
conmon-2.2.1/src/conmon.c:289:33: note: in expansion of macro ‘ndebug’
# 288| }
# 289| ndebug("exec with attach got start message from parent");
# 290|-> close(start_pipe_fd);
# 291| }
# 292| }
Error: GCC_ANALYZER_WARNING (CWE-775):
conmon-2.2.1/src/conn_sock.c:215:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘*fd’
conmon-2.2.1/src/conn_sock.c: scope_hint: In function ‘setup_socket’
# 213| pexit("Failed to create socket");
# 214| bind_relative_to_dir(sfd, *fd, bname);
# 215|-> if (listen(*fd, 128) < 0)
# 216| pexit("Failed to listen on console-socket");
# 217|
Error: GCC_ANALYZER_WARNING (CWE-688):
conmon-2.2.1/src/conn_sock.c: scope_hint: In function ‘bind_unix_socket’
conmon-2.2.1/src/conn_sock.c:277:45: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘socket_parent_dir(use_full_attach_path, 108)’ where non-null expected
/usr/include/glib-2.0/glib-unix.h:34: included_from: Included from here.
conmon-2.2.1/src/utils.h:11: included_from: Included from here.
/usr/include/fcntl.h:209:12: note: argument 1 of ‘open’ must be non-null
# 275| * to actually refer to the file where the socket will be created below.
# 276| */
# 277|-> _cleanup_close_ int parent_dir_fd = open(parent_dir, O_PATH | O_CLOEXEC);
# 278| if (parent_dir_fd < 0)
# 279| pexitf("failed to open socket path parent dir %s", parent_dir);
Error: GCC_ANALYZER_WARNING (CWE-401):
conmon-2.2.1/src/conn_sock.c:320:24: warning[-Wanalyzer-malloc-leak]: leak of ‘socket_parent_dir(use_full_attach_path, 108)’
conmon-2.2.1/src/conn_sock.c:279:17: note: in expansion of macro ‘pexitf’
# 318| /* if we're to use the full path, ignore the socket path and only use the bundle_path */
# 319| if (use_full_attach_path)
# 320|-> return strdup(opt_bundle_path);
# 321|
# 322| char *base_path = g_build_filename(opt_socket_path, opt_cuuid, NULL);
Error: GCC_ANALYZER_WARNING (CWE-775):
conmon-2.2.1/src/utils.h:68:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(g_build_filename(process_cgroup_subsystem_path(pid, 0, "memory"), "cgroup.event_control", 0), 524289)’
conmon-2.2.1/src/cgroup.c:167:17: note: in expansion of macro ‘pexit’
conmon-2.2.1/src/cgroup.c: scope_hint: In function ‘setup_oom_handling_cgroup_v1’
conmon-2.2.1/src/cgroup.c:167:17: note: in expansion of macro ‘pexit’
conmon-2.2.1/src/cgroup.c:167:17: note: in expansion of macro ‘pexit’
# 66| int saved_errno = errno; \
# 67| errno = saved_errno; \
# 68|-> fprintf(stderr, "[conmon:e]: %s %m\n", s); \
# 69| if (use_syslog) { \
# 70| errno = saved_errno; \
Error: GCC_ANALYZER_WARNING (CWE-401):
conmon-2.2.1/src/conn_sock.c:6: included_from: Included from here.
conmon-2.2.1/src/conn_sock.c: scope_hint: In function ‘setup_socket’
conmon-2.2.1/src/utils.h:68:17: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(path)’
conmon-2.2.1/src/conn_sock.c:177:25: note: in expansion of macro ‘pexit’
/usr/include/glib-2.0/glib/gtestutils.h:32: included_from: Included from here.
/usr/include/glib-2.0/glib.h:89: included_from: Included from here.
conmon-2.2.1/src/conn_sock.h:4: included_from: Included from here.
conmon-2.2.1/src/conn_sock.c:3: included_from: Included from here.
conmon-2.2.1/src/conn_sock.c:177:25: note: in expansion of macro ‘pexit’
conmon-2.2.1/src/conn_sock.c:177:25: note: in expansion of macro ‘pexit’
# 66| int saved_errno = errno; \
# 67| errno = saved_errno; \
# 68|-> fprintf(stderr, "[conmon:e]: %s %m\n", s); \
# 69| if (use_syslog) { \
# 70| errno = saved_errno; \
Error: GCC_ANALYZER_WARNING (CWE-775):
conmon-2.2.1/src/cgroup.c:5: included_from: Included from here.
conmon-2.2.1/src/cgroup.c: scope_hint: In function ‘setup_oom_handling_cgroup_v1’
conmon-2.2.1/src/utils.h:80:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(g_build_filename(process_cgroup_subsystem_path(pid, 0, "memory"), "cgroup.event_control", 0), 524289)’
conmon-2.2.1/src/cgroup.c:164:17: note: in expansion of macro ‘pexitf’
/usr/include/features.h:540: included_from: Included from here.
/usr/include/bits/libc-header-start.h:33: included_from: Included from here.
/usr/include/limits.h:26: included_from: Included from here.
/usr/lib/gcc/x86_64-redhat-linux/16/include/limits.h:210: included_from: Included from here.
/usr/lib/gcc/x86_64-redhat-linux/16/include/syslimits.h:9: included_from: Included from here.
/usr/lib/gcc/x86_64-redhat-linux/16/include/limits.h:34: included_from: Included from here.
/usr/lib64/glib-2.0/include/glibconfig.h:11: included_from: Included from here.
/usr/include/glib-2.0/glib/gtypes.h:34: included_from: Included from here.
/usr/include/glib-2.0/glib/galloca.h:34: included_from: Included from here.
/usr/include/glib-2.0/glib.h:32: included_from: Included from here.
conmon-2.2.1/src/cgroup.h:4: included_from: Included from here.
conmon-2.2.1/src/cgroup.c:3: included_from: Included from here.
conmon-2.2.1/src/cgroup.c: scope_hint: In function ‘setup_oom_handling_cgroup_v1’
/usr/include/glib-2.0/glib/gtestutils.h:32: included_from: Included from here.
/usr/include/glib-2.0/glib.h:89: included_from: Included from here.
conmon-2.2.1/src/cgroup.c:164:17: note: in expansion of macro ‘pexitf’
conmon-2.2.1/src/cgroup.c:164:17: note: in expansion of macro ‘pexitf’
# 78| int saved_errno = errno; \
# 79| errno = saved_errno; \
# 80|-> fprintf(stderr, "[conmon:e]: " fmt " %m\n", ##__VA_ARGS__); \
# 81| if (use_syslog) { \
# 82| errno = saved_errno; \
Error: GCC_ANALYZER_WARNING (CWE-775):
conmon-2.2.1/src/utils.h:80:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(socket_parent_dir(use_full_attach_path, 108), 2621440)’
conmon-2.2.1/src/conn_sock.c:294:17: note: in expansion of macro ‘pexitf’
conmon-2.2.1/src/conn_sock.c:294:17: note: in expansion of macro ‘pexitf’
conmon-2.2.1/src/conn_sock.c:294:17: note: in expansion of macro ‘pexitf’
# 78| int saved_errno = errno; \
# 79| errno = saved_errno; \
# 80|-> fprintf(stderr, "[conmon:e]: " fmt " %m\n", ##__VA_ARGS__); \
# 81| if (use_syslog) { \
# 82| errno = saved_errno; \
Error: GCC_ANALYZER_WARNING (CWE-401):
conmon-2.2.1/src/utils.h:80:17: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(path)’
conmon-2.2.1/src/conn_sock.c:182:25: note: in expansion of macro ‘pexitf’
conmon-2.2.1/src/conn_sock.c:182:25: note: in expansion of macro ‘pexitf’
conmon-2.2.1/src/conn_sock.c:182:25: note: in expansion of macro ‘pexitf’
# 78| int saved_errno = errno; \
# 79| errno = saved_errno; \
# 80|-> fprintf(stderr, "[conmon:e]: " fmt " %m\n", ##__VA_ARGS__); \
# 81| if (use_syslog) { \
# 82| errno = saved_errno; \