Error: GCC_ANALYZER_WARNING (CWE-476): [#def1] sssd-2.13.0/src/db/sysdb_iphosts.c: scope_hint: In function 'sysdb_store_host' sssd-2.13.0/src/db/sysdb_iphosts.c:219:20: warning[-Wanalyzer-null-dereference]: dereference of NULL 'res' sssd-2.13.0/src/util/util.h:45: included_from: Included from here. sssd-2.13.0/src/db/sysdb.h:25: included_from: Included from here. sssd-2.13.0/src/db/sysdb_iphosts.c:25: included_from: Included from here. sssd-2.13.0/src/util/util.h:58: included_from: Included from here. sssd-2.13.0/src/db/sysdb_iphosts.c:133:5: note: in expansion of macro 'DEBUG' sssd-2.13.0/src/db/sysdb_iphosts.c:273:9: note: in expansion of macro 'talloc_zfree' sssd-2.13.0/src/db/sysdb_iphosts.c:273:9: note: in expansion of macro 'talloc_zfree' sssd-2.13.0/src/db/sysdb_iphosts.c:133:5: note: in expansion of macro 'DEBUG' sssd-2.13.0/src/db/sysdb_iphosts.c:273:9: note: in expansion of macro 'talloc_zfree' sssd-2.13.0/src/db/sysdb_iphosts.c:273:9: note: in expansion of macro 'talloc_zfree' # 217| goto done; # 218| } else if (ret != ENOENT) { # 219|-> if (res->count != 1) { # 220| /* Somehow the cache has multiple entries with the same # 221| * address. This is corrupted. We'll delete them all to Error: GCC_ANALYZER_WARNING (CWE-476): [#def2] sssd-2.13.0/src/db/sysdb_search.c: scope_hint: In function 'sysdb_getpwnam_with_views' sssd-2.13.0/src/db/sysdb_search.c:392:42: warning[-Wanalyzer-null-dereference]: dereference of NULL 'orig_obj' sssd-2.13.0/src/db/sysdb_search.c:22: included_from: Included from here. sssd-2.13.0/src/db/sysdb_search.c:370:9: note: in expansion of macro 'DOM_HAS_VIEWS' sssd-2.13.0/src/db/sysdb_private.h:129: included_from: Included from here. sssd-2.13.0/src/db/sysdb_search.c:23: included_from: Included from here. sssd-2.13.0/src/db/sysdb_search.c:319:15: note: in expansion of macro 'sysdb_error_to_errno' sssd-2.13.0/src/db/sysdb_search.c:392:9: note: in expansion of macro 'DOM_HAS_VIEWS' # 390| /* If there are views we have to check if override values must be added to # 391| * the original object. */ # 392|-> if (DOM_HAS_VIEWS(domain) && orig_obj->count == 1) { # 393| ret = sysdb_add_overrides_to_object(domain, orig_obj->msgs[0], # 394| override_obj == NULL ? NULL : override_obj->msgs[0], Error: GCC_ANALYZER_WARNING (CWE-476): [#def3] sssd-2.13.0/src/db/sysdb_search.c: scope_hint: In function 'mpg_convert' sssd-2.13.0/src/db/sysdb_search.c:1037:15: warning[-Wanalyzer-null-dereference]: dereference of NULL 'val' sssd-2.13.0/src/db/sysdb_search.c: scope_hint: In function 'mpg_convert' sssd-2.13.0/src/util/util.h:45: included_from: Included from here. sssd-2.13.0/src/util/util.h:58: included_from: Included from here. sssd-2.13.0/src/db/sysdb_search.c:1508:5: note: in expansion of macro 'DEBUG' sssd-2.13.0/src/db/sysdb_search.c:1539:5: note: in expansion of macro 'DEBUG' # 1035| # 1036| /* yes, convert */ # 1037|-> val->data = (uint8_t *)talloc_strdup(msg, SYSDB_GROUP_CLASS); # 1038| if (val->data == NULL) return ENOMEM; # 1039| val->length = strlen(SYSDB_GROUP_CLASS); Error: GCC_ANALYZER_WARNING (CWE-476): [#def4] sssd-2.13.0/src/db/sysdb_search.c: scope_hint: In function 'sysdb_get_user_attr_with_views' sssd-2.13.0/src/db/sysdb_search.c:2024:42: warning[-Wanalyzer-null-dereference]: dereference of NULL 'orig_obj' sssd-2.13.0/src/db/sysdb_search.c:1952:15: note: in expansion of macro 'sysdb_error_to_errno' sssd-2.13.0/src/db/sysdb_search.c:2024:9: note: in expansion of macro 'DOM_HAS_VIEWS' # 2022| /* If there are views we have to check if override values must be added to # 2023| * the original object. */ # 2024|-> if (DOM_HAS_VIEWS(domain) && orig_obj->count == 1) { # 2025| ret = sysdb_add_overrides_to_object(domain, orig_obj->msgs[0], # 2026| override_obj == NULL ? NULL : override_obj ->msgs[0], Error: GCC_ANALYZER_WARNING (CWE-476): [#def5] sssd-2.13.0/src/db/sysdb_services.c: scope_hint: In function 'sysdb_store_service' sssd-2.13.0/src/db/sysdb_services.c:242:28: warning[-Wanalyzer-null-dereference]: dereference of NULL 'res' sssd-2.13.0/src/util/util.h:45: included_from: Included from here. sssd-2.13.0/src/db/sysdb_services.c:24: included_from: Included from here. sssd-2.13.0/src/db/sysdb_services.c:232:5: note: in expansion of macro 'talloc_zfree' # 240| goto done; # 241| } else if (ret != ENOENT) { /* Found entries */ # 242|-> for (i = 0; i < res->count; i++) { # 243| /* Check whether this is the same name as we're currently # 244| * saving to the cache. Error: GCC_ANALYZER_WARNING (CWE-775): [#def6] sssd-2.13.0/src/krb5_plugin/passkey/passkey_clpreauth.c: scope_hint: In function 'sss_passkeycl_exec_child' sssd-2.13.0/src/krb5_plugin/passkey/passkey_clpreauth.c:173:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'pipe_to_child[0]' # 171| if (buf == NULL) { # 172| ret = ENOMEM; # 173|-> return ret; # 174| } # 175| Error: GCC_ANALYZER_WARNING (CWE-775): [#def7] sssd-2.13.0/src/krb5_plugin/passkey/passkey_clpreauth.c:173:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'pipe_to_child[1]' # 171| if (buf == NULL) { # 172| ret = ENOMEM; # 173|-> return ret; # 174| } # 175| Error: GCC_ANALYZER_WARNING (CWE-775): [#def8] sssd-2.13.0/src/krb5_plugin/passkey/passkey_clpreauth.c:173:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'pipe_to_parent[0]' # 171| if (buf == NULL) { # 172| ret = ENOMEM; # 173|-> return ret; # 174| } # 175| Error: COMPILER_WARNING (CWE-252): [#def9] sssd-2.13.0/src/krb5_plugin/passkey/passkey_clpreauth.c: scope_hint: In function 'sss_passkeycl_exec_child' sssd-2.13.0/src/krb5_plugin/passkey/passkey_clpreauth.c:222:9: warning[-Wunused-result]: ignoring return value of 'write' declared with attribute 'warn_unused_result' # 222 | write(pipe_to_child[1], pin, strlen(pin)); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 220| close(pipe_to_parent[1]); # 221| # 222|-> write(pipe_to_child[1], pin, strlen(pin)); # 223| close(pipe_to_child[1]); # 224| Error: GCC_ANALYZER_WARNING (CWE-416): [#def10] sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function 'sss_passkey_challenge_free.part.0' sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c:111:14: warning[-Wanalyzer-use-after-free]: use after 'free' of 'data' # 109| } # 110| # 111|-> free(data->domain); # 112| free(data->cryptographic_challenge); # 113| sss_string_array_free(data->credential_id_list); Error: GCC_ANALYZER_WARNING (CWE-416): [#def11] sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_challenge_free.part.0’ sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c:111:14: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘data’ sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_challenge_free.part.0’ sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_challenge_free.part.0’ sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_challenge_free.part.0’ # 109| } # 110| # 111|-> free(data->domain); # 112| free(data->cryptographic_challenge); # 113| sss_string_array_free(data->credential_id_list); Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c:115:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' # 113| sss_string_array_free(data->credential_id_list); # 114| # 115|-> free(data); # 116| } # 117| Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c:115:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_challenge_free.part.0’ # 113| sss_string_array_free(data->credential_id_list); # 114| # 115|-> free(data); # 116| } # 117| Error: GCC_ANALYZER_WARNING (CWE-416): [#def14] sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function 'sss_passkey_reply_free.part.0' sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c:243:14: warning[-Wanalyzer-use-after-free]: use after 'free' of 'data' # 241| } # 242| # 243|-> free(data->credential_id); # 244| free(data->cryptographic_challenge); # 245| free(data->authenticator_data); Error: GCC_ANALYZER_WARNING (CWE-416): [#def15] sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_reply_free.part.0’ sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c:243:14: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘data’ sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_reply_free.part.0’ sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_reply_free.part.0’ sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c: scope_hint: In function ‘sss_passkey_reply_free.part.0’ # 241| } # 242| # 243|-> free(data->credential_id); # 244| free(data->cryptographic_challenge); # 245| free(data->authenticator_data); Error: GCC_ANALYZER_WARNING (CWE-126): [#def16] sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c:247:14: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read sssd-2.13.0/src/krb5_plugin/passkey/passkey_utils.c:247:14: note: read of 8 bytes from after the end of the region # 245| free(data->authenticator_data); # 246| free(data->assertion_signature); # 247|-> free(data->user_id); # 248| free(data); # 249| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def17] sssd-2.13.0/src/ldb_modules/memberof.c: scope_hint: In function 'mbof_append_addop' sssd-2.13.0/src/ldb_modules/memberof.c:408:22: warning[-Wanalyzer-null-dereference]: dereference of NULL 'lastop' /usr/include/samba-4.0/ldb.h:50: included_from: Included from here. /usr/include/samba-4.0/ldb_module.h:36: included_from: Included from here. sssd-2.13.0/src/ldb_modules/memberof.c:23: included_from: Included from here. # 406| # 407| if (add_ctx->add_list) { # 408|-> lastop->next = addop; # 409| } else { # 410| add_ctx->add_list = addop; Error: COMPILER_WARNING (CWE-457): [#def18] sssd-2.13.0/src/p11_child/p11_child_openssl.c: scope_hint: In function ‘do_card’ sssd-2.13.0/src/p11_child/p11_child_openssl.c:2227:15: warning[-Wmaybe-uninitialized]: ‘module_id’ may be used uninitialized # 2227 | ret = do_slot(module, module_id, slot_id, &info, &token_info, &module_info, # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 2228 | mem_ctx, p11_ctx, mode, pin, module_name_in, token_name_in, # | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 2229 | key_id_in, label_in, uri_str, _multi); # | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ sssd-2.13.0/src/p11_child/p11_child_openssl.c:1995:12: note: ‘module_id’ was declared here # 1995 | size_t module_id; # | ^~~~~~~~~ # 2225| } # 2226| # 2227|-> ret = do_slot(module, module_id, slot_id, &info, &token_info, &module_info, # 2228| mem_ctx, p11_ctx, mode, pin, module_name_in, token_name_in, # 2229| key_id_in, label_in, uri_str, _multi); Error: GCC_ANALYZER_WARNING (CWE-476): [#def19] sssd-2.13.0/src/providers/ad/ad_subdomains.c: scope_hint: In function 'ad_get_slave_domain_send' sssd-2.13.0/src/providers/ad/ad_subdomains.c:1135:30: warning[-Wanalyzer-null-dereference]: dereference of NULL 'root_id_ctx' sssd-2.13.0/src/util/util.h:58: included_from: Included from here. sssd-2.13.0/src/providers/data_provider.h:40: included_from: Included from here. sssd-2.13.0/src/providers/backend.h:25: included_from: Included from here. sssd-2.13.0/src/providers/ldap/sdap_async.h:29: included_from: Included from here. sssd-2.13.0/src/providers/ad/ad_subdomains.c:25: included_from: Included from here. sssd-2.13.0/src/providers/ad/ad_subdomains.c:2277:9: note: in expansion of macro 'DEBUG' # 1133| state->sd_ctx = sd_ctx; # 1134| state->be_ctx = sd_ctx->be_ctx; # 1135|-> state->opts = root_id_ctx->sdap_id_ctx->opts; # 1136| state->idmap_ctx = root_id_ctx->sdap_id_ctx->opts->idmap_ctx; # 1137| state->root_attrs = root_attrs; Error: COMPILER_WARNING (CWE-252): [#def20] sssd-2.13.0/src/providers/ipa/selinux_child.c: scope_hint: In function ‘main’ sssd-2.13.0/src/providers/ipa/selinux_child.c:330:9: warning[-Wunused-result]: ignoring return value of ‘setresuid’ declared with attribute ‘warn_unused_result’ # 330 | setresuid(suid, suid, suid); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ # 328| # 329| if (getresuid(&ruid, &euid, &suid) == 0) { # 330|-> setresuid(suid, suid, suid); # 331| } # 332| if (getresgid(&rgid, &egid, &sgid) == 0) { Error: COMPILER_WARNING (CWE-252): [#def21] sssd-2.13.0/src/providers/ipa/selinux_child.c:333:9: warning[-Wunused-result]: ignoring return value of ‘setresgid’ declared with attribute ‘warn_unused_result’ # 333 | setresgid(sgid, sgid, sgid); # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ # 331| } # 332| if (getresgid(&rgid, &egid, &sgid) == 0) { # 333|-> setresgid(sgid, sgid, sgid); # 334| } # 335| Error: COMPILER_WARNING (CWE-252): [#def22] sssd-2.13.0/src/providers/krb5/krb5_ccache.c: scope_hint: In function 'switch_to_user' sssd-2.13.0/src/providers/krb5/krb5_ccache.c:68:9: warning[-Wunused-result]: ignoring return value of 'setresuid' declared with attribute 'warn_unused_result' # 68 | setresuid(-1, suid, -1); # | ^~~~~~~~~~~~~~~~~~~~~~~ # 66| ret = setresgid(-1, rgid, -1); # 67| if (ret != 0) { # 68|-> setresuid(-1, suid, -1); # 69| return errno; # 70| } Error: COMPILER_WARNING (CWE-252): [#def23] sssd-2.13.0/src/providers/krb5/krb5_ccache.c: scope_hint: In function ‘switch_to_user’ sssd-2.13.0/src/providers/krb5/krb5_ccache.c:68:9: warning[-Wunused-result]: ignoring return value of ‘setresuid’ declared with attribute ‘warn_unused_result’ # 68 | setresuid(-1, suid, -1); # | ^~~~~~~~~~~~~~~~~~~~~~~ # 66| ret = setresgid(-1, rgid, -1); # 67| if (ret != 0) { # 68|-> setresuid(-1, suid, -1); # 69| return errno; # 70| } Error: COMPILER_WARNING (CWE-252): [#def24] sssd-2.13.0/src/providers/krb5/krb5_ccache.c: scope_hint: In function 'switch_to_service' sssd-2.13.0/src/providers/krb5/krb5_ccache.c:98:9: warning[-Wunused-result]: ignoring return value of 'setresuid' declared with attribute 'warn_unused_result' # 98 | setresuid(-1, ruid, -1); # | ^~~~~~~~~~~~~~~~~~~~~~~ # 96| ret = setresgid(-1, sgid, -1); # 97| if (ret != 0) { # 98|-> setresuid(-1, ruid, -1); # 99| return errno; # 100| } Error: COMPILER_WARNING (CWE-252): [#def25] sssd-2.13.0/src/providers/krb5/krb5_ccache.c: scope_hint: In function ‘switch_to_service’ sssd-2.13.0/src/providers/krb5/krb5_ccache.c:98:9: warning[-Wunused-result]: ignoring return value of ‘setresuid’ declared with attribute ‘warn_unused_result’ # 98 | setresuid(-1, ruid, -1); # | ^~~~~~~~~~~~~~~~~~~~~~~ # 96| ret = setresgid(-1, sgid, -1); # 97| if (ret != 0) { # 98|-> setresuid(-1, ruid, -1); # 99| return errno; # 100| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def26] sssd-2.13.0/src/providers/ldap/sdap_async.c: scope_hint: In function 'sdap_get_generic_ext_send' sssd-2.13.0/src/providers/ldap/sdap_async.c:1643:44: warning[-Wanalyzer-null-dereference]: dereference of NULL 'serverctrls' sssd-2.13.0/src/util/util.h:45: included_from: Included from here. sssd-2.13.0/src/providers/ldap/sdap_async.c:24: included_from: Included from here. # 1641| # 1642| for (i=0; i < state->nserverctrls; i++) { # 1643|-> state->serverctrls[i] = serverctrls[i]; # 1644| } # 1645| state->serverctrls[i] = NULL; Error: GCC_ANALYZER_WARNING (CWE-401): [#def27] sssd-2.13.0/src/providers/proxy/proxy_child.c: scope_hint: In function ‘proxy_internal_conv’ sssd-2.13.0/src/providers/proxy/proxy_child.c:109:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ # 107| # 108| failed: # 109|-> free(reply); # 110| return PAM_CONV_ERR; # 111| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def28] sssd-2.13.0/src/responder/pam/pamsrv_p11.c: scope_hint: In function ‘pack_cert_data’ sssd-2.13.0/src/responder/pam/pamsrv_p11.c:1083:17: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected sssd-2.13.0/src/responder/pam/pamsrv_p11.c: scope_hint: In function ‘pack_cert_data’ sssd-2.13.0/src/responder/pam/pamsrv_p11.c: scope_hint: In function ‘pack_cert_data’ /usr/include/sys/un.h:38: included_from: Included from here. sssd-2.13.0/src/util/util.h:34: included_from: Included from here. sssd-2.13.0/src/responder/pam/pamsrv_p11.c:24: included_from: Included from here. /usr/include/string.h:439:15: note: argument 1 of ‘strlen’ must be non-null # 1081| # 1082| user_len = strlen(username) + 1; # 1083|-> token_len = strlen(token_name) + 1; # 1084| module_len = strlen(module_name) + 1; # 1085| key_id_len = strlen(key_id) + 1; Error: GCC_ANALYZER_WARNING (CWE-688): [#def29] sssd-2.13.0/src/sss_client/nss_mc_common.c: scope_hint: In function 'sss_nss_mc_get_record' sssd-2.13.0/src/sss_client/nss_mc_common.c:50:9: warning[-Wanalyzer-null-argument]: use of NULL 'copy_rec' where non-null expected sssd-2.13.0/src/sss_client/nss_mc_common.c:345:9: note: in expansion of macro 'MEMCPY_WITH_BARRIERS' sssd-2.13.0/src/sss_client/nss_mc.h:35: included_from: Included from here. sssd-2.13.0/src/sss_client/nss_mc_common.c:33: included_from: Included from here. sssd-2.13.0/src/util/mmap_cache.h:65:43: note: in definition of macro 'MC_SLOT_TO_PTR' sssd-2.13.0/src/sss_client/nss_mc_common.c:328:14: note: in expansion of macro 'MC_CHECK_RECORD_LENGTH' sssd-2.13.0/src/sss_client/nss_mc_common.c:345:9: note: in expansion of macro 'MEMCPY_WITH_BARRIERS' sssd-2.13.0/src/sss_client/nss_mc_common.c:345:9: note: in expansion of macro 'MEMCPY_WITH_BARRIERS' sssd-2.13.0/src/sss_client/nss_mc_common.c:345:9: note: in expansion of macro 'MEMCPY_WITH_BARRIERS' sssd-2.13.0/src/sss_client/nss_mc_common.c:345:9: note: in expansion of macro 'MEMCPY_WITH_BARRIERS' sssd-2.13.0/src/sss_client/nss_mc_common.c:31: included_from: Included from here. /usr/include/string.h:47:14: note: argument 1 of 'memcpy' must be non-null # 48| if (MC_VALID_BARRIER(_b1)) { \ # 49| __sync_synchronize(); \ # 50|-> memcpy(dest, src, len); \ # 51| __sync_synchronize(); \ # 52| if ((src)->b2 == _b1) { \ Error: GCC_ANALYZER_WARNING (CWE-688): [#def30] sssd-2.13.0/src/sss_client/pam_sss.c: scope_hint: In function 'get_pam_items' sssd-2.13.0/src/sss_client/pam_sss.c:1487:30: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'pi.json_auth_msg' where non-null expected sssd-2.13.0/src/sss_client/pam_sss.c:37: included_from: Included from here. /usr/include/gdm/gdm-pam-extensions-common.h:28: included_from: Included from here. /usr/include/gdm/gdm-choice-list-pam-extension.h:23: included_from: Included from here. /usr/include/gdm/gdm-pam-extensions.h:24: included_from: Included from here. sssd-2.13.0/src/sss_client/pam_sss.c:41: included_from: Included from here. /usr/include/string.h:439:15: note: argument 1 of 'strlen' must be non-null # 1485| pi->flags = flags; # 1486| if (pi->json_auth_msg == NULL) pi->json_auth_msg = strdup(""); # 1487|-> pi->json_auth_msg_size = strlen(pi->json_auth_msg) + 1; # 1488| if (pi->json_auth_selected == NULL) pi->json_auth_selected = ""; # 1489| pi->json_auth_selected_size = strlen(pi->json_auth_selected) + 1; Error: GCC_ANALYZER_WARNING (CWE-401): [#def31] sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function 'pc_list_add_pc' sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:291:11: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' sssd-2.13.0/src/sss_client/sss_cli.h:38: included_from: Included from here. sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:25: included_from: Included from here. sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:813:5: note: in expansion of macro 'SAFEALIGN_COPY_UINT32_CHECK' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' # 289| for (c = 0; *pc_list != NULL && (*pc_list)[c] != NULL; c++); /* just counting */ # 290| # 291|-> pcl = realloc(*pc_list, (c + 2) * sizeof(struct prompt_config *)); # 292| if (pcl == NULL) { # 293| return ENOMEM; Error: GCC_ANALYZER_WARNING (CWE-401): [#def32] sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function ‘pc_list_add_pc’ sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:291:11: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ sssd-2.13.0/src/sss_client/sss_cli.h:38: included_from: Included from here. sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:25: included_from: Included from here. sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:813:5: note: in expansion of macro ‘SAFEALIGN_COPY_UINT32_CHECK’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ # 289| for (c = 0; *pc_list != NULL && (*pc_list)[c] != NULL; c++); /* just counting */ # 290| # 291|-> pcl = realloc(*pc_list, (c + 2) * sizeof(struct prompt_config *)); # 292| if (pcl == NULL) { # 293| return ENOMEM; Error: GCC_ANALYZER_WARNING (CWE-401): [#def33] sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:295:12: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:813:5: note: in expansion of macro 'SAFEALIGN_COPY_UINT32_CHECK' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' # 293| return ENOMEM; # 294| } # 295|-> pcl[c] = pc; # 296| pcl[c + 1] = NULL; # 297| Error: GCC_ANALYZER_WARNING (CWE-401): [#def34] sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:295:12: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:813:5: note: in expansion of macro ‘SAFEALIGN_COPY_UINT32_CHECK’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ # 293| return ENOMEM; # 294| } # 295|-> pcl[c] = pc; # 296| pcl[c + 1] = NULL; # 297| Error: GCC_ANALYZER_WARNING (CWE-401): [#def35] sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:301:1: warning[-Wanalyzer-malloc-leak]: leak of 'pcl' sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:813:5: note: in expansion of macro 'SAFEALIGN_COPY_UINT32_CHECK' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' # 299| # 300| return EOK; # 301|-> } # 302| # 303| static errno_t pc_copy_string(size_t size, uint8_t *buf, size_t *off, char **out) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def36] sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:301:1: warning[-Wanalyzer-malloc-leak]: leak of ‘pcl’ sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:813:5: note: in expansion of macro ‘SAFEALIGN_COPY_UINT32_CHECK’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ # 299| # 300| return EOK; # 301|-> } # 302| # 303| static errno_t pc_copy_string(size_t size, uint8_t *buf, size_t *off, char **out) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def37] sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function 'pc_list_add_password' sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:357:8: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>' sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:813:5: note: in expansion of macro 'SAFEALIGN_COPY_UINT32_CHECK' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro 'SAFEALIGN_COPY_UINT32' # 355| # 356| ret = pc_list_add_pc(pc_list, pc); # 357|-> if (ret != EOK) { # 358| goto done; # 359| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def38] sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c: scope_hint: In function ‘pc_list_add_password’ sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:357:8: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ sssd-2.13.0/src/sss_client/pam_sss_prompt_config.c:813:5: note: in expansion of macro ‘SAFEALIGN_COPY_UINT32_CHECK’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ sssd-2.13.0/src/shared/safealign.h:78:28: note: in definition of macro ‘SAFEALIGN_COPY_UINT32’ # 355| # 356| ret = pc_list_add_pc(pc_list, pc); # 357|-> if (ret != EOK) { # 358| goto done; # 359| } Error: GCC_ANALYZER_WARNING (CWE-910): [#def39] sssd-2.13.0/src/util/debug.c: scope_hint: In function 'rotate_debug_files' sssd-2.13.0/src/util/debug.c:449:19: warning[-Wanalyzer-double-fclose]: double 'fclose' of FILE '_sss_debug_file' /usr/include/systemd/_sd-common.h:20: included_from: Included from here. /usr/include/systemd/sd-journal.h:23: included_from: Included from here. sssd-2.13.0/src/util/debug.c:34: included_from: Included from here. # 447| do { # 448| error = 0; # 449|-> ret = fclose(_sss_debug_file); # 450| if (ret != 0) { # 451| error = errno; Error: GCC_ANALYZER_WARNING (CWE-415): [#def40] sssd-2.13.0/src/util/debug.c:449:19: warning[-Wanalyzer-double-free]: double-'fclose' of '_sss_debug_file' # 447| do { # 448| error = 0; # 449|-> ret = fclose(_sss_debug_file); # 450| if (ret != 0) { # 451| error = errno;
| analyzer-version-clippy | 1.94.0 |
| analyzer-version-cppcheck | 2.20.0 |
| analyzer-version-gcc | 16.0.1 |
| analyzer-version-gcc-analyzer | 16.0.1 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-237.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20260320.200800.gd35503f.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | sssd-2.13.0-99.20260327195856396942.master.118.g2dcdca2f9 |
| store-results-to | /tmp/tmpufzav3bt/sssd-2.13.0-99.20260327195856396942.master.118.g2dcdca2f9.tar.xz |
| time-created | 2026-03-28 06:03:09 |
| time-finished | 2026-03-28 06:12:11 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'cppcheck,gcc,shellcheck,clippy,unicontrol' '-o' '/tmp/tmpufzav3bt/sssd-2.13.0-99.20260327195856396942.master.118.g2dcdca2f9.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmpufzav3bt/sssd-2.13.0-99.20260327195856396942.master.118.g2dcdca2f9.src.rpm' |
| tool-version | csmock-3.8.4.20260302.153719.g8203630-1.el9 |