Newly introduced findings

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-476): [#def1]
crun-HEAD/libocispec/src/ocispec/basic_test_double_array.c:399:9: warning[-Wanalyzer-null-dereference]: dereference of NULL '*ptr.intarrays + i * 8'
crun-HEAD/libocispec/src/ocispec/basic_test_double_array.c: scope_hint: In function 'free_basic_test_double_array'
crun-HEAD/libocispec/src/ocispec/basic_test_double_array.c: scope_hint: In function 'free_basic_test_double_array'
crun-HEAD/libocispec/src/ocispec/basic_test_double_array.c: scope_hint: In function 'free_basic_test_double_array'
crun-HEAD/libocispec/src/ocispec/json_common.h:41:7: note: in definition of macro 'define_cleaner_function'
crun-HEAD/libocispec/src/ocispec/json_common.h:41:7: note: in definition of macro 'define_cleaner_function'
crun-HEAD/libocispec/src/ocispec/basic_test_double_array.c: scope_hint: In function 'free_basic_test_double_array'
#  397|         for (i = 0; i < ptr->intarrays_len; i++)
#  398|           {
#  399|->         free (ptr->intarrays[i]);
#  400|           ptr->intarrays[i] = NULL;
#  401|         }

Error: CPPCHECK_WARNING (CWE-401): [#def2]
crun-HEAD/libocispec/src/ocispec/basic_test_map_string_string_array.c:185: error[memleak]: Memory leak: ret
#  183|         ret->maps = calloc (src->maps_len + 1, sizeof (*ret->maps));
#  184|         if (ret->maps == NULL)
#  185|->         return NULL;
#  186|         for (size_t i = 0; i < src->maps_len; i++)
#  187|           {

Error: CPPCHECK_WARNING (CWE-401): [#def3]
crun-HEAD/libocispec/src/ocispec/image_spec_schema_defs.c:181: error[memleak]: Memory leak: ret
#  179|         ret->keys = calloc (src->len + 1, sizeof (*ret->keys));
#  180|         if (ret->keys == NULL)
#  181|->         return NULL;
#  182|         for (i = 0; i < src->len; i++)
#  183|           {

Error: GCC_ANALYZER_WARNING (CWE-457): [#def4]
crun-HEAD/src/libcrun/error.c: scope_hint: In function 'make_json_error'
crun-HEAD/src/libcrun/error.c:413:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'level'
#  411|   
#  412|     json_gen_string (gen, "level", strlen ("level"));
#  413|->   json_gen_string (gen, level, strlen (level));
#  414|   
#  415|     json_gen_string (gen, "time", strlen ("time"));

Scan Properties

analyzer-version-clippy	1.94.1
analyzer-version-cppcheck	2.20.0
analyzer-version-gcc	16.0.1
analyzer-version-gcc-analyzer	16.0.1
analyzer-version-shellcheck	0.11.0
analyzer-version-unicontrol	0.0.2
diffbase-analyzer-version-clippy	1.94.1
diffbase-analyzer-version-cppcheck	2.20.0
diffbase-analyzer-version-gcc	16.0.1
diffbase-analyzer-version-gcc-analyzer	16.0.1
diffbase-analyzer-version-shellcheck	0.11.0
diffbase-analyzer-version-unicontrol	0.0.2
diffbase-enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code	0
diffbase-host	ip-172-16-1-251.us-west-2.compute.internal
diffbase-known-false-positives	/usr/share/csmock/known-false-positives.js
diffbase-known-false-positives-rpm	known-false-positives-0.0.0.20260320.200800.gd35503f.main-1.el9.noarch
diffbase-mock-config	fedora-rawhide-x86_64
diffbase-project-name	crun-1.27-1.20260402151752063764.main.6.g0097db1d
diffbase-store-results-to	/tmp/tmp0e81xxui/crun-1.27-1.20260402151752063764.main.6.g0097db1d.tar.xz
diffbase-time-created	2026-04-15 15:01:18
diffbase-time-finished	2026-04-15 15:05:13
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'cppcheck,gcc,shellcheck,clippy,unicontrol' '-o' '/tmp/tmp0e81xxui/crun-1.27-1.20260402151752063764.main.6.g0097db1d.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmp0e81xxui/crun-1.27-1.20260402151752063764.main.6.g0097db1d.src.rpm'
diffbase-tool-version	csmock-3.8.5-1.el9
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-251.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20260320.200800.gd35503f.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	crun-1.27-1.20260415145200241464.pr2068.7.g76b886b3
store-results-to	/tmp/tmps3home9i/crun-1.27-1.20260415145200241464.pr2068.7.g76b886b3.tar.xz
time-created	2026-04-15 15:05:29
time-finished	2026-04-15 15:08:16
title	Newly introduced findings
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'cppcheck,gcc,shellcheck,clippy,unicontrol' '-o' '/tmp/tmps3home9i/crun-1.27-1.20260415145200241464.pr2068.7.g76b886b3.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmps3home9i/crun-1.27-1.20260415145200241464.pr2068.7.g76b886b3.src.rpm'
tool-version	csmock-3.8.5-1.el9