Task #119488 - fixed.err
back to task #119488download
Error: COMPILER_WARNING:
systemd-259.5/src/basic/cgroup-util.c:88:29: error[error]: ‘FILEID_KERNFS’ undeclared (first use in this function)
# 86| }
# 87|
# 88|-> cg_file_handle fh = CG_FILE_HANDLE_INIT;
# 89| unaligned_write_ne64(fh.file_handle.f_handle, id);
# 90|
Error: COMPILER_WARNING:
systemd-259.5/src/basic/cgroup-util.c:116:29: error[error]: ‘FILEID_KERNFS’ undeclared (first use in this function)
# 114|
# 115| int cg_get_cgroupid_at(int dfd, const char *path, uint64_t *ret) {
# 116|-> cg_file_handle fh = CG_FILE_HANDLE_INIT;
# 117| int mnt_id;
# 118|
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/basic/chase.c:601:1: warning[-Wanalyzer-malloc-leak]: leak of ‘done’
systemd-259.5/src/basic/chase.c:1190:5: enter_function: entry to ‘chase_and_open_parent_at’
systemd-259.5/src/basic/chase.c:1193:9: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/chase.c:1195:35: branch_false: ...to here
systemd-259.5/src/basic/chase.c:1195:13: call_function: calling ‘chaseat’ from ‘chase_and_open_parent_at’
# 599|
# 600| return 0;
# 601|-> }
# 602|
# 603| int chase(const char *path, const char *root, ChaseFlags flags, char **ret_path, int *ret_fd) {
Error: CPPCHECK_WARNING (CWE-401):
systemd-259.5/src/basic/compress.c:882: error[memleak]: Memory leak: out_buff
# 880| in_buff = malloc(LZ4_BUFSIZE);
# 881| if (!in_buff)
# 882|-> return -ENOMEM;
# 883|
# 884| n = offset = total_out = sym_LZ4F_compressBegin(ctx, out_buff, out_allocsize, &preferences);
Error: CPPCHECK_WARNING (CWE-401):
systemd-259.5/src/basic/compress.c:886: error[memleak]: Memory leak: in_buff
# 884| n = offset = total_out = sym_LZ4F_compressBegin(ctx, out_buff, out_allocsize, &preferences);
# 885| if (sym_LZ4F_isError(n))
# 886|-> return -EINVAL;
# 887|
# 888| log_debug("Buffer size is %zu bytes, header size %zu bytes.", out_allocsize, n);
Error: CPPCHECK_WARNING (CWE-401):
systemd-259.5/src/basic/compress.c:1055: error[memleak]: Memory leak: buf
# 1053| src = mmap(NULL, st.st_size, PROT_READ, MAP_PRIVATE, fdf, 0);
# 1054| if (src == MAP_FAILED)
# 1055|-> return -errno;
# 1056|
# 1057| while (total_in < (size_t) st.st_size) {
Error: GCC_ANALYZER_WARNING (CWE-688):
systemd-259.5/src/basic/escape.h:40:16: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
systemd-259.5/src/bootctl/bootctl.c:373:12: enter_function: entry to ‘parse_argv’
systemd-259.5/src/bootctl/bootctl.c:441:9: branch_false: following ‘false’ branch...
systemd-259.5/src/bootctl/bootctl.c:442:9: branch_false: ...to here
systemd-259.5/src/bootctl/bootctl.c:442:9: branch_false: following ‘false’ branch...
systemd-259.5/src/bootctl/bootctl.c:442:9: branch_false: ...to here
systemd-259.5/src/bootctl/bootctl.c:444:16: branch_true: following ‘true’ branch (when ‘c >= 0’)...
systemd-259.5/src/bootctl/bootctl.c:445:17: branch_true: ...to here
systemd-259.5/src/bootctl/bootctl.c:574:29: call_function: inlined call to ‘isempty’ from ‘parse_argv’
systemd-259.5/src/bootctl/bootctl.c:577:43: call_function: inlined call to ‘cescape’ from ‘parse_argv’
# 38| char* cescape_length(const char *s, size_t n) _nonnull_if_nonzero_(1, 2);
# 39| static inline char* cescape(const char *s) {
# 40|-> return cescape_length(s, SIZE_MAX);
# 41| }
# 42|
Error: GCC_ANALYZER_WARNING (CWE-688):
systemd-259.5/src/basic/escape.h:40:16: warning[-Wanalyzer-null-argument]: use of NULL ‘mounted_dir’ where non-null expected
systemd-259.5/src/bootctl/bootctl.c:738:12: enter_function: entry to ‘run’
systemd-259.5/src/bootctl/bootctl.c:740:43: release_memory: ‘mounted_dir’ is NULL
systemd-259.5/src/bootctl/bootctl.c:745:13: call_function: calling ‘parse_argv’ from ‘run’
# 38| char* cescape_length(const char *s, size_t n) _nonnull_if_nonzero_(1, 2);
# 39| static inline char* cescape(const char *s) {
# 40|-> return cescape_length(s, SIZE_MAX);
# 41| }
# 42|
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/basic/hashmap.c:375:16: warning[-Wanalyzer-malloc-leak]: leak of ‘new_storage’
systemd-259.5/src/basic/hashmap.c:1283:5: enter_function: entry to ‘set_ensure_put’
systemd-259.5/src/basic/hashmap.c:1290:16: call_function: calling ‘set_put’ from ‘set_ensure_put’
# 373|
# 374| static struct hashmap_base_entry* bucket_at(HashmapBase *h, unsigned idx) {
# 375|-> return CAST_ALIGN_PTR(
# 376| struct hashmap_base_entry,
# 377| (uint8_t *) storage_ptr(h) + idx * hashmap_type_info[h->type].entry_size);
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/basic/mountpoint-util.c:587:21: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘mount_id’
systemd-259.5/src/basic/mountpoint-util.c:559:5: enter_function: entry to ‘dev_is_devtmpfs’
systemd-259.5/src/basic/mountpoint-util.c:564:13: call_function: inlined call to ‘path_get_mnt_id’ from ‘dev_is_devtmpfs’
systemd-259.5/src/basic/mountpoint-util.c:564:13: call_function: inlined call to ‘path_get_mnt_id’ from ‘dev_is_devtmpfs’
systemd-259.5/src/basic/mountpoint-util.c:565:12: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/mountpoint-util.c:568:13: branch_false: ...to here
systemd-259.5/src/basic/mountpoint-util.c:569:12: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/mountpoint-util.c:571:12: branch_false: ...to here
systemd-259.5/src/basic/mountpoint-util.c:571:12: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/mountpoint-util.c:571:12: branch_false: ...to here
systemd-259.5/src/basic/mountpoint-util.c:579:20: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/mountpoint-util.c:581:20: branch_false: ...to here
systemd-259.5/src/basic/mountpoint-util.c:581:20: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/mountpoint-util.c:584:21: branch_false: ...to here
systemd-259.5/src/basic/mountpoint-util.c:587:21: danger: use of uninitialized value ‘mount_id’ here
# 585| continue;
# 586|
# 587|-> if (mid != mount_id)
# 588| continue;
# 589|
Error: COMPILER_WARNING:
systemd-259.5/src/basic/pidfd-util.c:245:52: error[error]: ‘FILEID_KERNFS’ undeclared (first use in this function)
# 243| } fh = {
# 244| .file_handle.handle_bytes = sizeof(uint64_t),
# 245|-> .file_handle.handle_type = FILEID_KERNFS,
# 246| };
# 247| int mnt_id;
Error: COMPILER_WARNING:
systemd-259.5/src/basic/socket-util.c:993:27: error[error]: ‘SCM_MAX_FD’ undeclared (first use in this function)
# 991|
# 992| /* The kernel will reject sending more than SCM_MAX_FD FDs at once */
# 993|-> if (n_fds_array > SCM_MAX_FD)
# 994| return -E2BIG;
# 995|
Error: COMPILER_WARNING:
systemd-259.5/src/basic/socket-util.c:1081:9: error[error]: ‘SCM_MAX_FD’ undeclared (first use in this function)
# 1079| int flags) {
# 1080|
# 1081|-> CMSG_BUFFER_TYPE(CMSG_SPACE(sizeof(int) * SCM_MAX_FD)) control;
# 1082| struct msghdr mh = {
# 1083| .msg_control = &control,
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/basic/strv.c:595:24: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(key)’
systemd-259.5/src/basic/strv.c:1121:12: enter_function: entry to ‘string_strv_hashmap_put_internal’
systemd-259.5/src/basic/strv.c:1125:9: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/strv.c:1126:9: branch_false: ...to here
systemd-259.5/src/basic/strv.c:1126:9: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/strv.c:1127:9: branch_false: ...to here
systemd-259.5/src/basic/strv.c:1127:9: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/strv.c:1129:13: call_function: inlined call to ‘hashmap_get’ from ‘string_strv_hashmap_put_internal’
systemd-259.5/src/basic/strv.c:1130:12: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/strv.c:1142:44: branch_false: ...to here
systemd-259.5/src/basic/strv.c:1145:21: acquire_memory: allocated here
systemd-259.5/src/basic/strv.c:1146:20: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/strv.c:1149:21: call_function: inlined call to ‘strv_extend’ from ‘string_strv_hashmap_put_internal’
systemd-259.5/src/basic/strv.c:1149:21: call_function: inlined call to ‘strv_extend’ from ‘string_strv_hashmap_put_internal’
systemd-259.5/src/basic/strv.c:1150:20: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/strv.c:1153:21: branch_false: ...to here
systemd-259.5/src/basic/strv.c:595:24: danger: ‘strdup(key)’ leaks here; was allocated at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
# 593| size_t size = n ? *n : SIZE_MAX;
# 594| if (size == SIZE_MAX)
# 595|-> size = strv_length(*l);
# 596|
# 597| /* Check for overflow */
Error: GCC_ANALYZER_WARNING (CWE-476):
systemd-259.5/src/basic/terminal-util.c:2691:34: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘name’
systemd-259.5/src/basic/terminal-util.c:2703:5: enter_function: entry to ‘query_term_for_tty’
systemd-259.5/src/basic/terminal-util.c:2704:30: release_memory: ‘dcs_term’ is NULL
systemd-259.5/src/basic/terminal-util.c:2707:9: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/terminal-util.c:2708:9: branch_false: ...to here
systemd-259.5/src/basic/terminal-util.c:2708:9: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/terminal-util.c:2710:13: branch_false: ...to here
systemd-259.5/src/basic/terminal-util.c:2710:13: call_function: calling ‘tty_is_vc_resolve’ from ‘query_term_for_tty’
systemd-259.5/src/basic/terminal-util.c:2710:13: return_function: returning to ‘query_term_for_tty’ from ‘tty_is_vc_resolve’
systemd-259.5/src/basic/terminal-util.c:2710:12: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/terminal-util.c:2716:38: branch_false: ...to here
systemd-259.5/src/basic/terminal-util.c:2716:38: call_function: calling ‘open_terminal’ from ‘query_term_for_tty’
systemd-259.5/src/basic/terminal-util.c:2716:38: return_function: returning to ‘query_term_for_tty’ from ‘open_terminal’
systemd-259.5/src/basic/terminal-util.c:2717:12: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/terminal-util.c:2720:13: branch_false: ...to here
systemd-259.5/src/basic/terminal-util.c:2720:13: call_function: calling ‘terminal_get_terminfo_by_dcs’ from ‘query_term_for_tty’
systemd-259.5/src/basic/terminal-util.c:2720:13: return_function: returning to ‘query_term_for_tty’ from ‘terminal_get_terminfo_by_dcs’
systemd-259.5/src/basic/terminal-util.c:2721:12: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/terminal-util.c:2724:13: branch_false: ...to here
systemd-259.5/src/basic/terminal-util.c:2724:13: release_memory: ‘dcs_term’ is NULL
systemd-259.5/src/basic/terminal-util.c:2724:13: call_function: calling ‘have_terminfo_file’ from ‘query_term_for_tty’
# 2689| assert(filename_is_valid(name));
# 2690|
# 2691|-> _cleanup_free_ char *p = path_join("/usr/share/terminfo", CHAR_TO_STR(name[0]), name);
# 2692| if (!p)
# 2693| return log_oom_debug();
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/basic/user-util.c:528:16: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘gid’
systemd-259.5/src/basic/user-util.c:520:5: enter_function: entry to ‘in_group’
systemd-259.5/src/basic/user-util.c:524:13: call_function: calling ‘get_group_creds’ from ‘in_group’
systemd-259.5/src/basic/user-util.c:524:13: return_function: returning to ‘in_group’ from ‘get_group_creds’
systemd-259.5/src/basic/user-util.c:525:12: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/user-util.c:528:16: branch_false: ...to here
systemd-259.5/src/basic/user-util.c:528:16: danger: use of uninitialized value ‘gid’ here
# 526| return r;
# 527|
# 528|-> return in_gid(gid);
# 529| }
# 530|
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/basic/user-util.c:1079:16: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘uid’
systemd-259.5/src/basic/user-util.c:1069:5: enter_function: entry to ‘is_this_me’
systemd-259.5/src/basic/user-util.c:1075:13: call_function: calling ‘get_user_creds’ from ‘is_this_me’
systemd-259.5/src/basic/user-util.c:1075:13: return_function: returning to ‘is_this_me’ from ‘get_user_creds’
systemd-259.5/src/basic/user-util.c:1076:12: branch_false: following ‘false’ branch...
systemd-259.5/src/basic/user-util.c:1079:23: branch_false: ...to here
systemd-259.5/src/basic/user-util.c:1079:16: danger: use of uninitialized value ‘uid’ here
# 1077| return r;
# 1078|
# 1079|-> return uid == getuid();
# 1080| }
# 1081|
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/bootctl/bootctl-status.c:665:77: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(fn)’
systemd-259.5/src/bootctl/bootctl-status.c:774:12: enter_function: entry to ‘unlink_entry’
systemd-259.5/src/bootctl/bootctl-status.c:779:9: branch_false: following ‘false’ branch...
systemd-259.5/src/bootctl/bootctl-status.c:781:13: branch_false: ...to here
systemd-259.5/src/bootctl/bootctl-status.c:781:13: call_function: calling ‘count_known_files’ from ‘unlink_entry’
# 663| if (!t)
# 664| return -ENOMEM;
# 665|-> r = hashmap_ensure_put(known_files, &path_hash_ops_free, t, INT_TO_PTR(n));
# 666| if (r < 0)
# 667| return r;
Error: CPPCHECK_WARNING (CWE-457):
systemd-259.5/src/coredump/coredumpctl.c:829: error[uninitvar]: Uninitialized variable: module_name
# 827|
# 828| /* We only print the build-id for the 'main' ELF module */
# 829|-> if (!path_equal_filename(module_name, exe))
# 830| continue;
# 831|
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/coredump/coredumpctl.c:850:1: warning[-Wanalyzer-malloc-leak]: leak of ‘mid’
systemd-259.5/src/coredump/coredumpctl.c:866:12: enter_function: entry to ‘print_entry’
systemd-259.5/src/coredump/coredumpctl.c:875:17: branch_false: following ‘false’ branch...
systemd-259.5/src/coredump/coredumpctl.c:878:24: branch_false: ...to here
systemd-259.5/src/coredump/coredumpctl.c:878:24: call_function: calling ‘print_info’ from ‘print_entry’
# 848|
# 849| return 0;
# 850|-> }
# 851|
# 852| static int focus(sd_journal *j) {
Error: GCC_ANALYZER_WARNING (CWE-476):
systemd-259.5/src/home/pam_systemd_home.c:1013:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘ur’
/usr/include/security/pam_modules.h:40:5: enter_function: entry to ‘pam_sm_acct_mgmt’
systemd-259.5/src/home/pam_systemd_home.c:974:51: release_memory: ‘ur’ is NULL
systemd-259.5/src/home/pam_systemd_home.c:981:12: branch_false: following ‘false’ branch...
systemd-259.5/src/home/pam_systemd_home.c:984:9: branch_false: ...to here
systemd-259.5/src/home/pam_systemd_home.c:989:13: call_function: calling ‘parse_argv’ from ‘pam_sm_acct_mgmt’
systemd-259.5/src/home/pam_systemd_home.c:989:13: return_function: returning to ‘pam_sm_acct_mgmt’ from ‘parse_argv’
systemd-259.5/src/home/pam_systemd_home.c:997:13: call_function: calling ‘fallback_shell_can_work’ from ‘pam_sm_acct_mgmt’
systemd-259.5/src/home/pam_systemd_home.c:997:13: return_function: returning to ‘pam_sm_acct_mgmt’ from ‘fallback_shell_can_work’
systemd-259.5/src/home/pam_systemd_home.c:998:12: branch_false: following ‘false’ branch...
systemd-259.5/src/home/pam_systemd_home.c:1001:13: branch_false: ...to here
systemd-259.5/src/home/pam_systemd_home.c:1001:13: call_function: calling ‘acquire_home’ from ‘pam_sm_acct_mgmt’
systemd-259.5/src/home/pam_systemd_home.c:1001:13: return_function: returning to ‘pam_sm_acct_mgmt’ from ‘acquire_home’
systemd-259.5/src/home/pam_systemd_home.c:1002:12: branch_false: following ‘false’ branch...
systemd-259.5/src/home/pam_systemd_home.c:1005:13: branch_false: ...to here
systemd-259.5/src/home/pam_systemd_home.c:1005:13: call_function: calling ‘acquire_user_record’ from ‘pam_sm_acct_mgmt’
systemd-259.5/src/home/pam_systemd_home.c:1005:13: return_function: returning to ‘pam_sm_acct_mgmt’ from ‘acquire_user_record’
systemd-259.5/src/home/pam_systemd_home.c:1006:12: branch_false: following ‘false’ branch...
systemd-259.5/src/home/pam_systemd_home.c:1009:13: branch_false: ...to here
systemd-259.5/src/home/pam_systemd_home.c:1009:13: release_memory: ‘ur’ is NULL
systemd-259.5/src/home/pam_systemd_home.c:1013:17: danger: dereference of NULL ‘ur’
# 1011|
# 1012| case -ESTALE:
# 1013|-> pam_syslog(handle, LOG_WARNING, "User record for '%s' is newer than current system time, assuming incorrect system clock, allowing access.", ur->user_name);
# 1014| break;
# 1015|
Error: COMPILER_WARNING:
systemd-259.5/src/libc/xattr.c:8:95: warning[warning]: ‘struct xattr_args’ declared inside parameter list will not be visible outside of this definition or declaration
# 6|
# 7| #if !HAVE_SETXATTRAT
# 8|-> int missing_setxattrat(int fd, const char *path, int at_flags, const char *name, const struct xattr_args *args, size_t size) {
# 9| return syscall(__NR_setxattrat, fd, path, at_flags, name, args, size);
# 10| }
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:255:13: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*client.ifindex’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:48:5: enter_function: entry to ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:58:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:60:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:62:13: call_function: calling ‘sd_dhcp_client_new’ from ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:62:13: return_function: returning to ‘LLVMFuzzerTestOneInput’ from ‘sd_dhcp_client_new’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:63:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:64:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:64:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:66:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:66:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:68:13: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:68:13: call_function: calling ‘sd_dhcp_client_attach_event’ from ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:68:13: return_function: returning to ‘LLVMFuzzerTestOneInput’ from ‘sd_dhcp_client_attach_event’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:69:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:71:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:71:9: call_function: calling ‘sd_dhcp_client_set_ifindex’ from ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:71:9: return_function: returning to ‘LLVMFuzzerTestOneInput’ from ‘sd_dhcp_client_set_ifindex’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:71:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:72:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:72:9: call_function: calling ‘sd_dhcp_client_set_mac’ from ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:72:9: return_function: returning to ‘LLVMFuzzerTestOneInput’ from ‘sd_dhcp_client_set_mac’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:72:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:74:15: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:74:15: call_function: calling ‘sd_dhcp_client_start’ from ‘LLVMFuzzerTestOneInput’
# 253| assert_return(client, -EINVAL);
# 254|
# 255|-> r = get_ifname(client->ifindex, &client->ifname);
# 256| if (r < 0)
# 257| return r;
Error: GCC_ANALYZER_WARNING (CWE-416):
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:1426:9: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘client’
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2388:5: enter_function: entry to ‘sd_dhcp_client_send_decline’
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2393:14: call_function: inlined call to ‘sd_dhcp_client_is_running’ from ‘sd_dhcp_client_send_decline’
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2393:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2396:13: call_function: calling ‘client_message_init’ from ‘sd_dhcp_client_send_decline’
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2396:13: return_function: returning to ‘sd_dhcp_client_send_decline’ from ‘client_message_init’
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2397:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2400:32: branch_false: ...to here
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2405:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2408:13: branch_false: ...to here
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2413:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2416:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2420:13: call_function: calling ‘client_restart’ from ‘sd_dhcp_client_send_decline’
# 1424|
# 1425| assert(client);
# 1426|-> assert(client->event);
# 1427|
# 1428| (void) event_source_disable(client->timeout_ipv6_only_mode);
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:1426:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*client.event’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:48:5: enter_function: entry to ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:58:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:60:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:62:13: call_function: calling ‘sd_dhcp_client_new’ from ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:62:13: return_function: returning to ‘LLVMFuzzerTestOneInput’ from ‘sd_dhcp_client_new’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:63:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:64:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:64:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:66:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:66:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:68:13: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:68:13: call_function: calling ‘sd_dhcp_client_attach_event’ from ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:68:13: return_function: returning to ‘LLVMFuzzerTestOneInput’ from ‘sd_dhcp_client_attach_event’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:69:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:71:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:71:9: call_function: calling ‘sd_dhcp_client_set_ifindex’ from ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:71:9: return_function: returning to ‘LLVMFuzzerTestOneInput’ from ‘sd_dhcp_client_set_ifindex’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:71:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:72:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:72:9: call_function: calling ‘sd_dhcp_client_set_mac’ from ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:72:9: return_function: returning to ‘LLVMFuzzerTestOneInput’ from ‘sd_dhcp_client_set_mac’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:72:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:74:15: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:74:15: call_function: calling ‘sd_dhcp_client_start’ from ‘LLVMFuzzerTestOneInput’
# 1424|
# 1425| assert(client);
# 1426|-> assert(client->event);
# 1427|
# 1428| (void) event_source_disable(client->timeout_ipv6_only_mode);
Error: GCC_ANALYZER_WARNING (CWE-416):
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2056:31: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘client’
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2388:5: enter_function: entry to ‘sd_dhcp_client_send_decline’
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2393:14: call_function: inlined call to ‘sd_dhcp_client_is_running’ from ‘sd_dhcp_client_send_decline’
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2393:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2396:13: call_function: calling ‘client_message_init’ from ‘sd_dhcp_client_send_decline’
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2396:13: return_function: returning to ‘sd_dhcp_client_send_decline’ from ‘client_message_init’
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2397:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2400:32: branch_false: ...to here
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2405:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2408:13: branch_false: ...to here
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2413:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2416:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2420:13: call_function: calling ‘client_restart’ from ‘sd_dhcp_client_send_decline’
# 2054| log_dhcp_client(client, "REBOOT in %s", FORMAT_TIMESPAN(client->start_delay, USEC_PER_SEC));
# 2055|
# 2056|-> client->start_delay = CLAMP(client->start_delay * 2,
# 2057| RESTART_AFTER_NAK_MIN_USEC, RESTART_AFTER_NAK_MAX_USEC);
# 2058| return 0;
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/libsystemd-network/sd-dhcp-client.c:2533:1: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*p.n_ref’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:48:5: enter_function: entry to ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:58:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:60:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:62:13: call_function: calling ‘sd_dhcp_client_new’ from ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:62:13: return_function: returning to ‘LLVMFuzzerTestOneInput’ from ‘sd_dhcp_client_new’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:63:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:64:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:64:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:66:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:66:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:68:13: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:68:13: call_function: calling ‘sd_dhcp_client_attach_event’ from ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:68:13: return_function: returning to ‘LLVMFuzzerTestOneInput’ from ‘sd_dhcp_client_attach_event’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:69:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:71:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:71:9: call_function: calling ‘sd_dhcp_client_set_ifindex’ from ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:71:9: return_function: returning to ‘LLVMFuzzerTestOneInput’ from ‘sd_dhcp_client_set_ifindex’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:71:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:72:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:72:9: call_function: calling ‘sd_dhcp_client_set_mac’ from ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:72:9: return_function: returning to ‘LLVMFuzzerTestOneInput’ from ‘sd_dhcp_client_set_mac’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:72:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:74:15: branch_false: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:74:15: call_function: calling ‘sd_dhcp_client_start’ from ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:74:15: return_function: returning to ‘LLVMFuzzerTestOneInput’ from ‘sd_dhcp_client_start’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:79:13: call_function: calling ‘client_handle_offer_or_rapid_ack’ from ‘LLVMFuzzerTestOneInput’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:79:13: return_function: returning to ‘LLVMFuzzerTestOneInput’ from ‘client_handle_offer_or_rapid_ack’
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:79:12: branch_true: following ‘true’ branch...
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:80:17: branch_true: ...to here
systemd-259.5/src/libsystemd-network/fuzz-dhcp-client.c:92:9: call_function: calling ‘sd_dhcp_client_stop’ from ‘LLVMFuzzerTestOneInput’
# 2531| }
# 2532|
# 2533|-> DEFINE_TRIVIAL_REF_UNREF_FUNC(sd_dhcp_client, sd_dhcp_client, dhcp_client_free);
# 2534|
# 2535| int sd_dhcp_client_new(sd_dhcp_client **ret, int anonymize) {
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:125:1: warning[-Wanalyzer-malloc-leak]: leak of ‘lease’
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:68:5: enter_function: entry to ‘dhcp_server_set_lease’
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:72:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:73:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:73:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:74:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:74:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:75:9: branch_false: ...to here
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:75:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:78:64: branch_false: ...to here
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:79:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:97:17: call_function: inlined call to ‘malloc_multiply’ from ‘dhcp_server_set_lease’
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:98:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:104:30: branch_false: ...to here
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:113:12: branch_true: following ‘true’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:114:35: branch_true: ...to here
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:115:20: branch_true: following ‘true’ branch...
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:69:70: call_function: inlined call to ‘sd_dhcp_server_lease_unrefp’ from ‘dhcp_server_set_lease’
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:69:70: call_function: inlined call to ‘sd_dhcp_server_lease_unrefp’ from ‘dhcp_server_set_lease’
systemd-259.5/src/libsystemd-network/sd-dhcp-server-lease.c:125:1: danger: ‘lease’ leaks here; was allocated at [(13)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/12)
# 123| TAKE_PTR(lease);
# 124| return 0;
# 125|-> }
# 126|
# 127| int dhcp_server_cleanup_expired_leases(sd_dhcp_server *server) {
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/libsystemd/sd-json/json-util.c:129:13: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘n’
systemd-259.5/src/libsystemd/sd-json/json-util.c:120:5: enter_function: entry to ‘json_dispatch_user_group_name’
systemd-259.5/src/libsystemd/sd-json/json-util.c:121:20: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:122:21: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:125:13: call_function: calling ‘json_dispatch_const_user_group_name’ from ‘json_dispatch_user_group_name’
systemd-259.5/src/libsystemd/sd-json/json-util.c:125:13: return_function: returning to ‘json_dispatch_user_group_name’ from ‘json_dispatch_const_user_group_name’
systemd-259.5/src/libsystemd/sd-json/json-util.c:126:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:129:13: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:129:13: danger: use of uninitialized value ‘n’ here
# 127| return r;
# 128|
# 129|-> r = free_and_strdup(s, n);
# 130| if (r < 0)
# 131| return json_log(variant, flags, r, "Failed to allocate string: %m");
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/libsystemd/sd-json/json-util.c:237:13: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘path’
systemd-259.5/src/libsystemd/sd-json/json-util.c:226:5: enter_function: entry to ‘json_dispatch_path’
systemd-259.5/src/libsystemd/sd-json/json-util.c:227:20: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:228:21: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:231:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:233:13: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:233:13: call_function: calling ‘json_dispatch_const_path’ from ‘json_dispatch_path’
systemd-259.5/src/libsystemd/sd-json/json-util.c:233:13: return_function: returning to ‘json_dispatch_path’ from ‘json_dispatch_const_path’
systemd-259.5/src/libsystemd/sd-json/json-util.c:234:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:237:13: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:237:13: danger: use of uninitialized value ‘path’ here
# 235| return r;
# 236|
# 237|-> if (free_and_strdup(p, path) < 0)
# 238| return json_log_oom(variant, flags);
# 239|
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/libsystemd/sd-json/json-util.c:265:21: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘a’
systemd-259.5/src/libsystemd/sd-json/json-util.c:243:5: enter_function: entry to ‘json_dispatch_strv_path’
systemd-259.5/src/libsystemd/sd-json/json-util.c:245:21: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:248:9: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:248:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:250:13: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:250:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:255:14: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:255:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:255:12: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:259:9: branch_true: following ‘true’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:261:21: call_function: calling ‘json_dispatch_const_path’ from ‘json_dispatch_strv_path’
systemd-259.5/src/libsystemd/sd-json/json-util.c:261:21: return_function: returning to ‘json_dispatch_strv_path’ from ‘json_dispatch_const_path’
systemd-259.5/src/libsystemd/sd-json/json-util.c:262:20: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:265:21: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:265:21: danger: use of uninitialized value ‘a’ here
# 263| return r;
# 264|
# 265|-> r = strv_extend(&n, a);
# 266| if (r < 0)
# 267| return json_log_oom(variant, flags);
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/libsystemd/sd-json/json-util.c:303:13: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘filename’
systemd-259.5/src/libsystemd/sd-json/json-util.c:292:5: enter_function: entry to ‘json_dispatch_filename’
systemd-259.5/src/libsystemd/sd-json/json-util.c:293:20: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:294:21: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:297:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:299:13: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:299:13: call_function: calling ‘json_dispatch_const_filename’ from ‘json_dispatch_filename’
systemd-259.5/src/libsystemd/sd-json/json-util.c:299:13: return_function: returning to ‘json_dispatch_filename’ from ‘json_dispatch_const_filename’
systemd-259.5/src/libsystemd/sd-json/json-util.c:300:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:303:13: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:303:13: danger: use of uninitialized value ‘filename’ here
# 301| return r;
# 302|
# 303|-> if (free_and_strdup(n, filename) < 0)
# 304| return json_log_oom(variant, flags);
# 305|
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/libsystemd/sd-json/json-util.c:341:13: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘version’
systemd-259.5/src/libsystemd/sd-json/json-util.c:330:5: enter_function: entry to ‘json_dispatch_version’
systemd-259.5/src/libsystemd/sd-json/json-util.c:331:20: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:332:21: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:335:9: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:337:13: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:337:13: call_function: calling ‘json_dispatch_const_version’ from ‘json_dispatch_version’
systemd-259.5/src/libsystemd/sd-json/json-util.c:337:13: return_function: returning to ‘json_dispatch_version’ from ‘json_dispatch_const_version’
systemd-259.5/src/libsystemd/sd-json/json-util.c:338:12: branch_false: following ‘false’ branch...
systemd-259.5/src/libsystemd/sd-json/json-util.c:341:13: branch_false: ...to here
systemd-259.5/src/libsystemd/sd-json/json-util.c:341:13: danger: use of uninitialized value ‘version’ here
# 339| return r;
# 340|
# 341|-> if (free_and_strdup(n, version) < 0)
# 342| return json_log_oom(variant, flags);
# 343|
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/login/logind-varlink.c:324:13: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘peer_session’
systemd-259.5/src/login/logind-varlink.c:297:12: enter_function: entry to ‘vl_method_release_session’
systemd-259.5/src/login/logind-varlink.c:298:22: branch_false: following ‘false’ branch...
systemd-259.5/src/login/logind-varlink.c:303:11: branch_false: ...to here
systemd-259.5/src/login/logind-varlink.c:311:12: branch_false: following ‘false’ branch...
systemd-259.5/src/login/logind-varlink.c:314:18: branch_false: ...to here
systemd-259.5/src/login/logind-varlink.c:315:13: call_function: calling ‘manager_varlink_get_session_by_name’ from ‘vl_method_release_session’
systemd-259.5/src/login/logind-varlink.c:315:13: return_function: returning to ‘vl_method_release_session’ from ‘manager_varlink_get_session_by_name’
systemd-259.5/src/login/logind-varlink.c:316:12: branch_false: following ‘false’ branch...
systemd-259.5/src/login/logind-varlink.c:319:18: branch_false: ...to here
systemd-259.5/src/login/logind-varlink.c:320:13: call_function: calling ‘manager_varlink_get_session_by_peer’ from ‘vl_method_release_session’
systemd-259.5/src/login/logind-varlink.c:320:13: return_function: returning to ‘vl_method_release_session’ from ‘manager_varlink_get_session_by_peer’
systemd-259.5/src/login/logind-varlink.c:321:12: branch_false: following ‘false’ branch...
systemd-259.5/src/login/logind-varlink.c:324:13: branch_false: ...to here
systemd-259.5/src/login/logind-varlink.c:324:13: danger: use of uninitialized value ‘peer_session’ here
# 322| return r;
# 323|
# 324|-> if (session != peer_session)
# 325| return sd_varlink_error(link, SD_VARLINK_ERROR_PERMISSION_DENIED, /* parameters= */ NULL);
# 326|
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/machine/machine-varlink.c:565:28: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘machine’
systemd-259.5/src/machine/machine-varlink.c:503:5: enter_function: entry to ‘vl_method_open’
systemd-259.5/src/machine/machine-varlink.c:515:28: branch_false: following ‘false’ branch...
systemd-259.5/src/machine/machine-varlink.c:517:71: branch_false: ...to here
systemd-259.5/src/machine/machine-varlink.c:528:9: branch_false: following ‘false’ branch...
systemd-259.5/src/machine/machine-varlink.c:529:9: branch_false: ...to here
systemd-259.5/src/machine/machine-varlink.c:529:9: branch_false: following ‘false’ branch...
systemd-259.5/src/machine/machine-varlink.c:531:13: branch_false: ...to here
systemd-259.5/src/machine/machine-varlink.c:532:12: branch_false: following ‘false’ branch...
systemd-259.5/src/machine/machine-varlink.c:535:13: branch_false: ...to here
systemd-259.5/src/machine/machine-varlink.c:535:12: branch_false: following ‘false’ branch...
systemd-259.5/src/machine/machine-varlink.c:551:13: branch_false: ...to here
systemd-259.5/src/machine/machine-varlink.c:551:13: call_function: calling ‘lookup_machine_by_name_or_pidref’ from ‘vl_method_open’
systemd-259.5/src/machine/machine-varlink.c:551:13: return_function: returning to ‘vl_method_open’ from ‘lookup_machine_by_name_or_pidref’
systemd-259.5/src/machine/machine-varlink.c:552:12: branch_false: following ‘false’ branch...
systemd-259.5/src/machine/machine-varlink.c:554:12: branch_false: ...to here
systemd-259.5/src/machine/machine-varlink.c:554:12: branch_false: following ‘false’ branch...
systemd-259.5/src/machine/machine-varlink.c:557:13: branch_false: ...to here
systemd-259.5/src/machine/machine-varlink.c:557:12: branch_true: following ‘true’ branch...
systemd-259.5/src/machine/machine-varlink.c:565:28: branch_true: ...to here
systemd-259.5/src/machine/machine-varlink.c:565:28: danger: use of uninitialized value ‘machine’ here
# 563| * and the caller's do not match, authorization will be required. It's only the case where the
# 564| * caller owns the machine that will be shortcut and needs to be checked here. */
# 565|-> if (machine->uid != 0 && machine->class != MACHINE_HOST) {
# 566| r = pidref_in_same_namespace(&PIDREF_MAKE_FROM_PID(1), &machine->leader, NAMESPACE_USER);
# 567| if (r < 0)
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/nsresourced/userns-registry.c:113:29: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*cg’
systemd-259.5/src/nsresourced/userns-registry.c:87:12: enter_function: entry to ‘dispatch_cgroups_array’
systemd-259.5/src/nsresourced/userns-registry.c:88:35: branch_false: following ‘false’ branch...
systemd-259.5/src/nsresourced/userns-registry.c:92:13: branch_false: ...to here
systemd-259.5/src/nsresourced/userns-registry.c:92:12: branch_false: following ‘false’ branch...
systemd-259.5/src/nsresourced/userns-registry.c:98:14: branch_false: ...to here
systemd-259.5/src/nsresourced/userns-registry.c:98:12: branch_false: following ‘false’ branch...
systemd-259.5/src/nsresourced/userns-registry.c:101:19: branch_false: ...to here
systemd-259.5/src/nsresourced/userns-registry.c:101:19: call_function: calling ‘malloc_multiply’ from ‘dispatch_cgroups_array’
systemd-259.5/src/nsresourced/userns-registry.c:101:19: return_function: returning to ‘dispatch_cgroups_array’ from ‘malloc_multiply’
systemd-259.5/src/nsresourced/userns-registry.c:102:12: branch_false: following ‘false’ branch...
systemd-259.5/src/nsresourced/userns-registry.c:102:12: branch_false: ...to here
systemd-259.5/src/nsresourced/userns-registry.c:106:9: branch_true: following ‘true’ branch...
systemd-259.5/src/nsresourced/userns-registry.c:109:20: branch_false: following ‘false’ branch...
systemd-259.5/src/nsresourced/userns-registry.c:112:17: branch_false: ...to here
systemd-259.5/src/nsresourced/userns-registry.c:112:17: branch_false: following ‘false’ branch (when ‘n_cgroups == 0’)...
systemd-259.5/src/nsresourced/userns-registry.c:112:17: branch_false: ...to here
systemd-259.5/src/nsresourced/userns-registry.c:112:17: branch_true: following ‘true’ branch...
systemd-259.5/src/nsresourced/userns-registry.c:113:29: branch_true: ...to here
systemd-259.5/src/nsresourced/userns-registry.c:113:29: danger: use of uninitialized value ‘*cg’ here
# 111|
# 112| FOREACH_ARRAY(cg, cgroups, n_cgroups)
# 113|-> if (*cg == sd_json_variant_unsigned(e)) {
# 114| found = true;
# 115| break;
Error: GCC_ANALYZER_WARNING (CWE-1335):
systemd-259.5/src/pcrextend/pcrextend.c:247:45: warning[-Wanalyzer-shift-count-overflow]: shift by count (‘4294967295’) >= precision of type (‘32’)
systemd-259.5/src/pcrextend/pcrextend.c:553:1: enter_function: entry to ‘main’
systemd-259.5/src/pcrextend/pcrextend.c:553:1: call_function: calling ‘run’ from ‘main’
# 245| return 0;
# 246|
# 247|-> r = tpm2_get_good_pcr_banks_strv(c, UINT32_C(1) << target_pcr_nr, &l);
# 248| if (r < 0)
# 249| return log_error_errno(r, "Could not verify pcr banks: %m");
Error: GCC_ANALYZER_WARNING (CWE-476):
systemd-259.5/src/portable/portable.c:683:21: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘os_release’
systemd-259.5/src/portable/portable.c:1632:5: enter_function: entry to ‘portable_attach’
systemd-259.5/src/portable/portable.c:1646:63: release_memory: ‘os_release’ is NULL
systemd-259.5/src/portable/portable.c:1654:9: branch_false: following ‘false’ branch...
systemd-259.5/src/portable/portable.c:1662:62: branch_false: ...to here
systemd-259.5/src/portable/portable.c:1656:13: call_function: calling ‘extract_image_and_extensions’ from ‘portable_attach’
# 681| _cleanup_free_ char *prefixes = NULL;
# 682|
# 683|-> r = parse_env_file_fd(os_release->fd, os_release->name,
# 684| "ID", &id,
# 685| "ID_LIKE", &id_like,
Error: GCC_ANALYZER_WARNING (CWE-121):
systemd-259.5/src/portable/portable.c:1798:39: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
systemd-259.5/src/portable/portable.c:1756:13: enter_function: entry to ‘marker_matches_images’
systemd-259.5/src/portable/portable.c:1760:9: branch_false: following ‘false’ branch...
systemd-259.5/src/portable/portable.c:1761:9: branch_false: ...to here
systemd-259.5/src/portable/portable.c:1761:9: branch_false: following ‘false’ branch...
systemd-259.5/src/portable/portable.c:1771:31: branch_false: ...to here
systemd-259.5/src/portable/portable.c:1772:12: branch_false: following ‘false’ branch...
systemd-259.5/src/portable/portable.c:1775:13: branch_false: ...to here
systemd-259.5/src/portable/portable.c:1776:12: branch_false: following ‘false’ branch...
systemd-259.5/src/portable/portable.c:1776:12: branch_false: ...to here
systemd-259.5/src/portable/portable.c:1786:28: branch_false: following ‘false’ branch...
systemd-259.5/src/portable/portable.c:1788:28: branch_false: ...to here
systemd-259.5/src/portable/portable.c:1788:28: branch_false: following ‘false’ branch...
systemd-259.5/src/portable/portable.c:1791:29: branch_false: ...to here
systemd-259.5/src/portable/portable.c:1792:28: branch_false: following ‘false’ branch...
systemd-259.5/src/portable/portable.c:1798:39: branch_false: ...to here
systemd-259.5/src/portable/portable.c:1798:39: branch_true: following ‘true’ branch...
systemd-259.5/src/portable/portable.c:1798:39: danger: out-of-bounds write from byte 84 till byte 87 but ‘<U2000>’ ends at byte 80
# 1796| /* toplevel_fd= */ AT_FDCWD,
# 1797| *image_name_or_path,
# 1798|-> pick_filter_image_any,
# 1799| ELEMENTSOF(pick_filter_image_any),
# 1800| PICK_ARCHITECTURE|PICK_TRIES|PICK_RESOLVE,
Error: CPPCHECK_WARNING (CWE-457):
systemd-259.5/src/resolve/resolvectl.c:1648: error[uninitvar]: Uninitialized variable: &pos1
# 1646|
# 1647| if (ifname)
# 1648|-> printf("%s%nLink %i (%s)%n%s:", ansi_highlight(), &pos1, ifindex, ifname, &pos2, ansi_normal());
# 1649| else if (delegate_id)
# 1650| printf("%s%nDelegate %s%n%s:", ansi_highlight(), &pos1, delegate_id, &pos2, ansi_normal());
Error: CPPCHECK_WARNING (CWE-457):
systemd-259.5/src/resolve/resolvectl.c:1648: error[uninitvar]: Uninitialized variable: &pos2
# 1646|
# 1647| if (ifname)
# 1648|-> printf("%s%nLink %i (%s)%n%s:", ansi_highlight(), &pos1, ifindex, ifname, &pos2, ansi_normal());
# 1649| else if (delegate_id)
# 1650| printf("%s%nDelegate %s%n%s:", ansi_highlight(), &pos1, delegate_id, &pos2, ansi_normal());
Error: CPPCHECK_WARNING (CWE-476):
systemd-259.5/src/resolve/resolvectl.c:4579: error[ctunullpointer]: Null pointer dereference: args
# 4577| if (single_arg)
# 4578| *p++ = (char *) single_arg;
# 4579|-> FOREACH_ARRAY(arg, args, num_args)
# 4580| *p++ = *arg;
# 4581|
Error: CPPCHECK_WARNING (CWE-401):
systemd-259.5/src/resolve/resolved-dnssd.c:353: error[memleak]: Memory leak: i
# 351| *ret_item = TAKE_PTR(i);
# 352|
# 353|-> return 0;
# 354| }
# 355|
Error: CPPCHECK_WARNING (CWE-401):
systemd-259.5/src/resolve/resolved-dnssd.c:378: error[memleak]: Memory leak: i
# 376| *ret_item = TAKE_PTR(i);
# 377|
# 378|-> return 0;
# 379| }
# 380|
Error: GCC_ANALYZER_WARNING (CWE-688):
systemd-259.5/src/resolve/resolved-dnstls.c:337:17: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
systemd-259.5/src/resolve/resolved-dnstls.c:319:9: enter_function: entry to ‘dnstls_stream_writev’
systemd-259.5/src/resolve/resolved-dnstls.c:323:9: branch_false: following ‘false’ branch...
systemd-259.5/src/resolve/resolved-dnstls.c:324:9: branch_false: ...to here
systemd-259.5/src/resolve/resolved-dnstls.c:324:9: branch_false: following ‘false’ branch...
systemd-259.5/src/resolve/resolved-dnstls.c:325:9: branch_false: ...to here
systemd-259.5/src/resolve/resolved-dnstls.c:325:9: branch_false: following ‘false’ branch...
systemd-259.5/src/resolve/resolved-dnstls.c:326:9: branch_false: ...to here
systemd-259.5/src/resolve/resolved-dnstls.c:326:9: branch_false: following ‘false’ branch...
systemd-259.5/src/resolve/resolved-dnstls.c:327:9: branch_false: ...to here
systemd-259.5/src/resolve/resolved-dnstls.c:327:9: branch_false: following ‘false’ branch...
systemd-259.5/src/resolve/resolved-dnstls.c:329:12: branch_false: ...to here
systemd-259.5/src/resolve/resolved-dnstls.c:329:12: branch_false: following ‘false’ branch (when ‘iovcnt != 1’)...
systemd-259.5/src/resolve/resolved-dnstls.c:334:17: branch_false: ...to here
systemd-259.5/src/resolve/resolved-dnstls.c:335:15: call_function: calling ‘malloc_multiply’ from ‘dnstls_stream_writev’
systemd-259.5/src/resolve/resolved-dnstls.c:335:15: return_function: returning to ‘dnstls_stream_writev’ from ‘malloc_multiply’
systemd-259.5/src/resolve/resolved-dnstls.c:336:37: branch_true: following ‘true’ branch (when ‘i < iovcnt’)...
systemd-259.5/src/resolve/resolved-dnstls.c:337:55: branch_true: ...to here
systemd-259.5/src/resolve/resolved-dnstls.c:337:24: release_memory: using NULL here
systemd-259.5/src/resolve/resolved-dnstls.c:337:17: danger: argument 1 (‘malloc_multiply(iovec_total_size(iov, iovcnt), 1) + pos’) NULL where non-null expected
# 335| buf = new(char, count);
# 336| for (size_t i = 0, pos = 0; i < iovcnt; pos += iov[i].iov_len, i++)
# 337|-> memcpy(buf + pos, iov[i].iov_base, iov[i].iov_len);
# 338|
# 339| return dnstls_stream_write(stream, buf, count);
Error: GCC_ANALYZER_WARNING (CWE-688):
systemd-259.5/src/resolve/resolved-dnstls.c:337:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘malloc_multiply(iovec_total_size(iov, iovcnt), 1)’ where non-null expected
systemd-259.5/src/resolve/resolved-dnstls.c:319:9: enter_function: entry to ‘dnstls_stream_writev’
systemd-259.5/src/resolve/resolved-dnstls.c:323:9: branch_false: following ‘false’ branch...
systemd-259.5/src/resolve/resolved-dnstls.c:324:9: branch_false: ...to here
systemd-259.5/src/resolve/resolved-dnstls.c:324:9: branch_false: following ‘false’ branch...
systemd-259.5/src/resolve/resolved-dnstls.c:325:9: branch_false: ...to here
systemd-259.5/src/resolve/resolved-dnstls.c:325:9: branch_false: following ‘false’ branch...
systemd-259.5/src/resolve/resolved-dnstls.c:326:9: branch_false: ...to here
systemd-259.5/src/resolve/resolved-dnstls.c:326:9: branch_false: following ‘false’ branch...
systemd-259.5/src/resolve/resolved-dnstls.c:327:9: branch_false: ...to here
systemd-259.5/src/resolve/resolved-dnstls.c:327:9: branch_false: following ‘false’ branch...
systemd-259.5/src/resolve/resolved-dnstls.c:329:12: branch_false: ...to here
systemd-259.5/src/resolve/resolved-dnstls.c:329:12: branch_false: following ‘false’ branch (when ‘iovcnt != 1’)...
systemd-259.5/src/resolve/resolved-dnstls.c:334:17: branch_false: ...to here
systemd-259.5/src/resolve/resolved-dnstls.c:335:15: call_function: calling ‘malloc_multiply’ from ‘dnstls_stream_writev’
systemd-259.5/src/resolve/resolved-dnstls.c:335:15: return_function: returning to ‘dnstls_stream_writev’ from ‘malloc_multiply’
systemd-259.5/src/resolve/resolved-dnstls.c:336:37: branch_true: following ‘true’ branch (when ‘i < iovcnt’)...
systemd-259.5/src/resolve/resolved-dnstls.c:337:55: branch_true: ...to here
systemd-259.5/src/resolve/resolved-dnstls.c:337:17: danger: argument 1 (‘malloc_multiply(iovec_total_size(iov, iovcnt), 1) + pos’) from [(16)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/15) could be NULL where non-null expected
# 335| buf = new(char, count);
# 336| for (size_t i = 0, pos = 0; i < iovcnt; pos += iov[i].iov_len, i++)
# 337|-> memcpy(buf + pos, iov[i].iov_base, iov[i].iov_len);
# 338|
# 339| return dnstls_stream_write(stream, buf, count);
Error: GCC_ANALYZER_WARNING (CWE-476):
systemd-259.5/src/sbsign/sbsign.c:597:34: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘si’
systemd-259.5/src/sbsign/sbsign.c:441:12: enter_function: entry to ‘verb_sign’
systemd-259.5/src/sbsign/sbsign.c:449:12: branch_false: following ‘false’ branch (when ‘argc > 1’)...
systemd-259.5/src/sbsign/sbsign.c:452:13: branch_false: ...to here
systemd-259.5/src/sbsign/sbsign.c:452:12: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:456:13: branch_false: ...to here
systemd-259.5/src/sbsign/sbsign.c:460:12: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:463:13: branch_false: ...to here
systemd-259.5/src/sbsign/sbsign.c:474:12: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:477:13: branch_false: ...to here
systemd-259.5/src/sbsign/sbsign.c:477:12: branch_true: following ‘true’ branch...
systemd-259.5/src/sbsign/sbsign.c:478:21: branch_true: ...to here
systemd-259.5/src/sbsign/sbsign.c:498:20: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:738:1: branch_false: ...to here
systemd-259.5/src/sbsign/sbsign.c:502:12: branch_true: following ‘true’ branch...
systemd-259.5/src/sbsign/sbsign.c:503:38: branch_true: ...to here
systemd-259.5/src/sbsign/sbsign.c:507:20: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:510:32: branch_false: ...to here
systemd-259.5/src/sbsign/sbsign.c:511:20: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:503:38: call_function: inlined call to ‘freep’ from ‘verb_sign’
systemd-259.5/src/sbsign/sbsign.c:516:12: branch_true: following ‘true’ branch...
systemd-259.5/src/sbsign/sbsign.c:517:38: branch_true: ...to here
systemd-259.5/src/sbsign/sbsign.c:521:20: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:524:47: branch_false: ...to here
systemd-259.5/src/sbsign/sbsign.c:528:12: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:531:21: branch_false: ...to here
systemd-259.5/src/sbsign/sbsign.c:532:12: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:535:13: branch_false: ...to here
systemd-259.5/src/sbsign/sbsign.c:536:12: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:539:43: branch_false: ...to here
systemd-259.5/src/sbsign/sbsign.c:541:12: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:544:13: branch_false: ...to here
systemd-259.5/src/sbsign/sbsign.c:551:12: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:554:33: branch_false: ...to here
systemd-259.5/src/sbsign/sbsign.c:556:13: call_function: calling ‘spc_indirect_data_content_new’ from ‘verb_sign’
systemd-259.5/src/sbsign/sbsign.c:556:13: return_function: returning to ‘verb_sign’ from ‘spc_indirect_data_content_new’
systemd-259.5/src/sbsign/sbsign.c:557:12: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:560:39: branch_false: ...to here
systemd-259.5/src/sbsign/sbsign.c:561:28: release_memory: ‘si’ is NULL
systemd-259.5/src/sbsign/sbsign.c:562:13: call_function: calling ‘pkcs7_new_with_attributes’ from ‘verb_sign’
systemd-259.5/src/sbsign/sbsign.c:562:13: return_function: returning to ‘verb_sign’ from ‘pkcs7_new_with_attributes’
systemd-259.5/src/sbsign/sbsign.c:563:12: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:566:9: branch_false: ...to here
systemd-259.5/src/sbsign/sbsign.c:568:12: branch_false: following ‘false’ branch...
systemd-259.5/src/sbsign/sbsign.c:596:13: call_function: inlined call to ‘iovec_is_set’ from ‘verb_sign’
systemd-259.5/src/sbsign/sbsign.c:597:36: release_memory: ‘si’ is NULL
systemd-259.5/src/sbsign/sbsign.c:597:34: danger: dereference of NULL ‘si’
# 595|
# 596| if (iovec_is_set(&signed_attributes_signature))
# 597|-> ASN1_STRING_set0(si->enc_digest, TAKE_PTR(signed_attributes_signature.iov_base), signed_attributes_signature.iov_len);
# 598| else {
# 599| _cleanup_(BIO_free_allp) BIO *bio = NULL;
Error: GCC_ANALYZER_WARNING (CWE-688):
systemd-259.5/src/shared/bootspec.c:347:22: warning[-Wanalyzer-null-argument]: use of NULL ‘esp_where’ where non-null expected
systemd-259.5/src/shared/bootspec.c:1535:5: enter_function: entry to ‘boot_config_load_auto’
systemd-259.5/src/shared/bootspec.c:1540:30: release_memory: ‘esp_where’ is NULL
systemd-259.5/src/shared/bootspec.c:1540:49: release_memory: ‘esp_where’ is NULL
systemd-259.5/src/shared/bootspec.c:1544:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/bootspec.c:1553:13: branch_false: ...to here
systemd-259.5/src/shared/bootspec.c:1553:12: branch_true: following ‘true’ branch...
systemd-259.5/src/shared/bootspec.c:1554:21: branch_true: ...to here
systemd-259.5/src/shared/bootspec.c:1554:20: branch_true: following ‘true’ branch...
systemd-259.5/src/shared/bootspec.c:1555:32: branch_true: ...to here
systemd-259.5/src/shared/bootspec.c:1555:32: call_function: calling ‘boot_config_load’ from ‘boot_config_load_auto’
# 345| return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid loader entry file suffix: %s", fname);
# 346|
# 347|-> tmp.id_old = strndup(tmp.id, c - tmp.id); /* Without .conf suffix */
# 348| if (!tmp.id_old)
# 349| return log_oom();
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/shared/bootspec.c:1159:21: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(path_extend_internal(0, full, &*de.d_name, 18446744073709551615))’
systemd-259.5/src/shared/bootspec.c:1535:5: enter_function: entry to ‘boot_config_load_auto’
systemd-259.5/src/shared/bootspec.c:1544:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/bootspec.c:1553:13: branch_false: ...to here
systemd-259.5/src/shared/bootspec.c:1553:12: branch_true: following ‘true’ branch...
systemd-259.5/src/shared/bootspec.c:1554:21: branch_true: ...to here
systemd-259.5/src/shared/bootspec.c:1554:20: branch_true: following ‘true’ branch...
systemd-259.5/src/shared/bootspec.c:1555:32: branch_true: ...to here
systemd-259.5/src/shared/bootspec.c:1555:32: call_function: calling ‘boot_config_load’ from ‘boot_config_load_auto’
# 1157| return log_oom();
# 1158|
# 1159|-> r = insert_boot_entry_addon(&addons, location, cmdline);
# 1160| if (r < 0)
# 1161| return r;
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/shared/bootspec.c:1617:17: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(*__unique_prefix_i36)’
systemd-259.5/src/shared/bootspec.c:1577:5: enter_function: entry to ‘boot_config_augment_from_loader’
systemd-259.5/src/shared/bootspec.c:1595:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/bootspec.c:1595:9: branch_false: ...to here
systemd-259.5/src/shared/bootspec.c:1600:9: branch_true: following ‘true’ branch...
systemd-259.5/src/shared/bootspec.c:1604:28: call_function: calling ‘boot_config_find_entry’ from ‘boot_config_augment_from_loader’
systemd-259.5/src/shared/bootspec.c:1604:28: return_function: returning to ‘boot_config_augment_from_loader’ from ‘boot_config_find_entry’
systemd-259.5/src/shared/bootspec.c:1605:20: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/bootspec.c:1610:20: branch_false: ...to here
systemd-259.5/src/shared/bootspec.c:1613:21: acquire_memory: allocated here
systemd-259.5/src/shared/bootspec.c:1614:20: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/bootspec.c:1614:20: branch_false: ...to here
systemd-259.5/src/shared/bootspec.c:1617:17: branch_true: following ‘true’ branch...
systemd-259.5/src/shared/bootspec.c:1620:36: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/bootspec.c:1625:21: branch_false: ...to here
systemd-259.5/src/shared/bootspec.c:1626:20: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/bootspec.c:1629:22: branch_false: ...to here
systemd-259.5/src/shared/bootspec.c:1629:20: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/bootspec.c:1632:17: branch_false: ...to here
systemd-259.5/src/shared/bootspec.c:1617:17: danger: ‘strdup(*__unique_prefix_i36)’ leaks here; was allocated at [(15)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/14)
# 1615| return log_oom();
# 1616|
# 1617|-> STRV_FOREACH_PAIR(a, b, title_table)
# 1618| if (streq(*a, *i)) {
# 1619| t = strdup(*b);
Error: GCC_ANALYZER_WARNING (CWE-476):
systemd-259.5/src/shared/discover-image.c:1130:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
systemd-259.5/src/shared/discover-image.c:937:5: enter_function: entry to ‘image_discover’
systemd-259.5/src/shared/discover-image.c:948:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:949:9: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:949:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:950:9: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:950:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:951:9: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:951:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:953:36: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:954:13: call_function: calling ‘pick_image_search_path’ from ‘image_discover’
systemd-259.5/src/shared/discover-image.c:954:13: return_function: returning to ‘image_discover’ from ‘pick_image_search_path’
systemd-259.5/src/shared/discover-image.c:955:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:958:9: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:1118:12: branch_true: following ‘true’ branch...
systemd-259.5/src/shared/discover-image.c:1118:73: branch_true: ...to here
systemd-259.5/src/shared/discover-image.c:1118:13: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:1119:48: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:1119:48: release_memory: ‘image’ is NULL
systemd-259.5/src/shared/discover-image.c:1121:21: call_function: calling ‘image_make’ from ‘image_discover’
systemd-259.5/src/shared/discover-image.c:1121:21: return_function: returning to ‘image_discover’ from ‘image_make’
systemd-259.5/src/shared/discover-image.c:1127:20: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:1130:22: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:1130:22: release_memory: ‘image’ is NULL
systemd-259.5/src/shared/discover-image.c:1130:17: danger: dereference of NULL ‘image’
# 1128| return r;
# 1129|
# 1130|-> image->discoverable = true;
# 1131|
# 1132| r = hashmap_ensure_put(images, &image_hash_ops, image->name, image);
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/shared/discover-image.c:1140:1: warning[-Wanalyzer-malloc-leak]: leak of ‘suffix’
systemd-259.5/src/shared/discover-image.c:937:5: enter_function: entry to ‘image_discover’
systemd-259.5/src/shared/discover-image.c:948:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:949:9: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:949:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:950:9: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:950:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:951:9: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:951:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:953:36: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:954:13: call_function: calling ‘pick_image_search_path’ from ‘image_discover’
systemd-259.5/src/shared/discover-image.c:954:13: return_function: returning to ‘image_discover’ from ‘pick_image_search_path’
systemd-259.5/src/shared/discover-image.c:955:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:958:9: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:958:9: branch_true: following ‘true’ branch...
systemd-259.5/src/shared/discover-image.c:965:20: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:968:17: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:968:17: branch_false: following ‘false’ branch (when ‘de’ is non-NULL)...
systemd-259.5/src/shared/discover-image.c:969:46: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:977:28: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:984:37: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:985:28: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:988:29: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:988:28: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:999:35: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:999:35: branch_true: following ‘true’ branch...
systemd-259.5/src/shared/discover-image.c:1002:37: branch_true: ...to here
systemd-259.5/src/shared/discover-image.c:1003:36: branch_true: following ‘true’ branch...
systemd-259.5/src/shared/discover-image.c:1004:62: branch_true: ...to here
systemd-259.5/src/shared/discover-image.c:1007:44: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:1013:57: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:1010:45: call_function: calling ‘extract_image_basename’ from ‘image_discover’
systemd-259.5/src/shared/discover-image.c:1010:45: return_function: returning to ‘image_discover’ from ‘extract_image_basename’
systemd-259.5/src/shared/discover-image.c:1016:44: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/discover-image.c:1021:67: branch_false: ...to here
systemd-259.5/src/shared/discover-image.c:1022:44: branch_true: following ‘true’ branch...
systemd-259.5/src/shared/discover-image.c:1021:62: call_function: inlined call to ‘freep’ from ‘image_discover’
systemd-259.5/src/shared/discover-image.c:1140:1: danger: ‘suffix’ leaks here; was allocated at [(62)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/61)
# 1138|
# 1139| return 0;
# 1140|-> }
# 1141|
# 1142| static int unprivileged_remove(Image *i) {
Error: CPPCHECK_WARNING (CWE-401):
systemd-259.5/src/shared/format-table.c:450: error[memleak]: Memory leak: d
# 448| d->strv = strv_copy(data);
# 449| if (!d->strv)
# 450|-> return NULL;
# 451| } else
# 452| memcpy_safe(d->data, data, data_size);
Error: GCC_ANALYZER_WARNING (CWE-476):
systemd-259.5/src/shared/libfido2-util.c:1164:81: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘ret_has_always_uv’
systemd-259.5/src/shared/libfido2-util.c:1269:5: enter_function: entry to ‘fido2_find_device_auto’
systemd-259.5/src/shared/libfido2-util.c:1279:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/libfido2-util.c:1282:14: branch_false: ...to here
systemd-259.5/src/shared/libfido2-util.c:1283:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/libfido2-util.c:1286:13: branch_false: ...to here
systemd-259.5/src/shared/libfido2-util.c:1287:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/libfido2-util.c:1287:13: branch_false: ...to here
systemd-259.5/src/shared/libfido2-util.c:1287:13: branch_true: following ‘true’ branch...
systemd-259.5/src/shared/libfido2-util.c:1287:56: branch_true: ...to here
systemd-259.5/src/shared/libfido2-util.c:1287:39: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/libfido2-util.c:1296:12: branch_false: ...to here
systemd-259.5/src/shared/libfido2-util.c:1296:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/libfido2-util.c:1301:17: branch_false: ...to here
systemd-259.5/src/shared/libfido2-util.c:1302:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/libfido2-util.c:1308:13: branch_false: ...to here
systemd-259.5/src/shared/libfido2-util.c:1308:13: call_function: calling ‘check_device_is_fido2_with_hmac_secret’ from ‘fido2_find_device_auto’
# 1162| r = verify_features(d, path, LOG_DEBUG, ret_has_rk, ret_has_client_pin, ret_has_up, ret_has_uv, ret_has_always_uv);
# 1163| if (r == -ENODEV) { /* Not a FIDO2 device, or not implementing 'hmac-secret' */
# 1164|-> *ret_has_rk = *ret_has_client_pin = *ret_has_up = *ret_has_uv = *ret_has_always_uv = false;
# 1165| return false;
# 1166| }
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/shared/openssl-util.c:164:36: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘digest_size’
systemd-259.5/src/shared/openssl-util.c:125:5: enter_function: entry to ‘openssl_digest_many’
systemd-259.5/src/shared/openssl-util.c:134:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:135:9: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:135:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:136:9: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:136:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:140:46: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:144:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:148:55: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:149:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:152:14: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:152:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:152:12: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:160:13: call_function: calling ‘openssl_digest_size’ from ‘openssl_digest_many’
systemd-259.5/src/shared/openssl-util.c:160:13: return_function: returning to ‘openssl_digest_many’ from ‘openssl_digest_size’
systemd-259.5/src/shared/openssl-util.c:161:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:164:36: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:164:36: danger: use of uninitialized value ‘digest_size’ here
# 162| return r;
# 163|
# 164|-> _cleanup_free_ void *buf = malloc(digest_size);
# 165| if (!buf)
# 166| return log_oom_debug();
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/shared/openssl-util.c:1231:15: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘hash_size’
systemd-259.5/src/shared/openssl-util.c:1212:5: enter_function: entry to ‘string_hashsum’
systemd-259.5/src/shared/openssl-util.c:1223:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:1224:9: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:1224:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:1225:9: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:1225:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:1227:13: call_function: inlined call to ‘openssl_digest’ from ‘string_hashsum’
systemd-259.5/src/shared/openssl-util.c:1227:13: call_function: inlined call to ‘openssl_digest’ from ‘string_hashsum’
systemd-259.5/src/shared/openssl-util.c:1228:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:1231:15: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:1231:15: danger: use of uninitialized value ‘hash_size’ here
# 1229| return r;
# 1230|
# 1231|-> enc = hexmem(hash, hash_size);
# 1232| if (!enc)
# 1233| return -ENOMEM;
Error: GCC_ANALYZER_WARNING (CWE-457):
systemd-259.5/src/shared/openssl-util.c:1361:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘saved_key_size’
systemd-259.5/src/shared/openssl-util.c:1328:12: enter_function: entry to ‘rsa_pkey_generate_volume_keys’
systemd-259.5/src/shared/openssl-util.c:1340:13: call_function: calling ‘rsa_pkey_to_suitable_key_size’ from ‘rsa_pkey_generate_volume_keys’
systemd-259.5/src/shared/openssl-util.c:1340:13: return_function: returning to ‘rsa_pkey_generate_volume_keys’ from ‘rsa_pkey_to_suitable_key_size’
systemd-259.5/src/shared/openssl-util.c:1341:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:1344:9: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:1347:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:1350:13: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:1351:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:1354:13: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:1354:13: call_function: calling ‘rsa_encrypt_bytes’ from ‘rsa_pkey_generate_volume_keys’
systemd-259.5/src/shared/openssl-util.c:1354:13: return_function: returning to ‘rsa_pkey_generate_volume_keys’ from ‘rsa_encrypt_bytes’
systemd-259.5/src/shared/openssl-util.c:1355:12: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:1358:9: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:1361:9: danger: use of uninitialized value ‘saved_key_size’ here
# 1359| *ret_decrypted_key_size = decrypted_key_size;
# 1360| *ret_saved_key = TAKE_PTR(saved_key);
# 1361|-> *ret_saved_key_size = saved_key_size;
# 1362| return 0;
# 1363| }
Error: GCC_ANALYZER_WARNING (CWE-476):
systemd-259.5/src/shared/openssl-util.c:1735:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘ui’
systemd-259.5/src/shared/openssl-util.c:1706:5: enter_function: entry to ‘openssl_load_private_key’
systemd-259.5/src/shared/openssl-util.c:1716:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:1717:9: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:1717:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:1718:9: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:1718:9: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:1720:12: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:1720:12: branch_false: following ‘false’ branch (when ‘private_key_source_type != 0’)...
systemd-259.5/src/shared/openssl-util.c:1728:80: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:1728:80: release_memory: ‘ui’ is NULL
systemd-259.5/src/shared/openssl-util.c:1729:21: call_function: calling ‘openssl_ask_password_ui_new’ from ‘openssl_load_private_key’
systemd-259.5/src/shared/openssl-util.c:1729:21: return_function: returning to ‘openssl_load_private_key’ from ‘openssl_ask_password_ui_new’
systemd-259.5/src/shared/openssl-util.c:1730:20: branch_false: following ‘false’ branch...
systemd-259.5/src/shared/openssl-util.c:1735:31: branch_false: ...to here
systemd-259.5/src/shared/openssl-util.c:1735:31: release_memory: ‘ui’ is NULL
systemd-259.5/src/shared/openssl-util.c:1735:17: danger: dereference of NULL ‘ui’
# 1733| UI_METHOD *ui_method = NULL;
# 1734| #ifndef OPENSSL_NO_UI_CONSOLE
# 1735|-> ui_method = ui->method;
# 1736| #endif
# 1737|
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/socket-proxy/socket-proxyd.c:479:13: warning[-Wanalyzer-malloc-leak]: leak of ‘malloc(88)’
systemd-259.5/src/socket-proxy/socket-proxyd.c:442:12: enter_function: entry to ‘context_add_connection’
systemd-259.5/src/socket-proxy/socket-proxyd.c:445:9: branch_false: following ‘false’ branch...
systemd-259.5/src/socket-proxy/socket-proxyd.c:447:35: branch_false: ...to here
systemd-259.5/src/socket-proxy/socket-proxyd.c:448:12: branch_false: following ‘false’ branch...
systemd-259.5/src/socket-proxy/socket-proxyd.c:455:13: branch_false: ...to here
systemd-259.5/src/socket-proxy/socket-proxyd.c:461:12: branch_false: following ‘false’ branch...
systemd-259.5/src/socket-proxy/socket-proxyd.c:464:13: branch_false: ...to here
systemd-259.5/src/socket-proxy/socket-proxyd.c:468:53: call_function: inlined call to ‘malloc_multiply’ from ‘context_add_connection’
systemd-259.5/src/socket-proxy/socket-proxyd.c:469:12: branch_false: following ‘false’ branch...
systemd-259.5/src/socket-proxy/socket-proxyd.c:472:9: branch_false: ...to here
systemd-259.5/src/socket-proxy/socket-proxyd.c:480:12: branch_false: following ‘false’ branch...
systemd-259.5/src/socket-proxy/socket-proxyd.c:483:9: branch_false: ...to here
systemd-259.5/src/socket-proxy/socket-proxyd.c:485:13: call_function: calling ‘resolve_remote’ from ‘context_add_connection’
systemd-259.5/src/socket-proxy/socket-proxyd.c:485:13: return_function: returning to ‘context_add_connection’ from ‘resolve_remote’
systemd-259.5/src/socket-proxy/socket-proxyd.c:479:13: danger: ‘malloc(88)’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
# 477| };
# 478|
# 479|-> r = set_ensure_put(&context->connections, &connection_hash_ops, c);
# 480| if (r < 0)
# 481| return log_oom();
Error: GCC_ANALYZER_WARNING (CWE-775):
systemd-259.5/src/test/test-fd-util.c:154:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup(fcntl(0, 0, 3))’
systemd-259.5/src/test/test-fd-util.c:145:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-fd-util.c:146:9: branch_false: ...to here
systemd-259.5/src/test/test-fd-util.c:146:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-fd-util.c:148:18: branch_false: ...to here
systemd-259.5/src/test/test-fd-util.c:149:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-fd-util.c:151:18: branch_false: ...to here
systemd-259.5/src/test/test-fd-util.c:152:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-fd-util.c:154:9: branch_false: ...to here
systemd-259.5/src/test/test-fd-util.c:154:9: acquire_resource: opened here
systemd-259.5/src/test/test-fd-util.c:154:9: danger: ‘dup(fcntl(0, 0, 3))’ leaks here; was opened at [(9)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/8)
# 152| assert_se(new_fd >= 3);
# 153|
# 154|-> assert_se(dup(original_stdin) == 0);
# 155| assert_se(close_nointr(original_stdin) != EBADF);
# 156| assert_se(close_nointr(new_fd) != EBADF);
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/test/test-json.c:448:1: warning[-Wanalyzer-malloc-leak]: leak of ‘__unique_prefix__expr_22’
systemd-259.5/src/test/test-json.c:297:1: enter_function: entry to ‘test_build’
systemd-259.5/src/test/test-json.c:301:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:302:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:302:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:303:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:303:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:305:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:307:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:308:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:308:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:310:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:311:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:312:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:312:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:314:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:317:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:323:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:323:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:329:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:329:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:331:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:335:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:346:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:346:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:347:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:348:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:349:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:349:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:351:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:354:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:356:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:357:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:358:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:359:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:360:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:360:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:361:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:363:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:365:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:368:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:374:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:374:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:382:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:382:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:384:60: branch_false: ...to here
systemd-259.5/src/test/test-json.c:385:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:388:26: branch_false: ...to here
systemd-259.5/src/test/test-json.c:391:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:393:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:393:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:394:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:394:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:395:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:395:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:396:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:396:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:397:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:397:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:398:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:398:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:399:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:399:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:400:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:400:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:402:60: branch_false: ...to here
systemd-259.5/src/test/test-json.c:403:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:406:30: branch_false: ...to here
systemd-259.5/src/test/test-json.c:407:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:409:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:409:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:410:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:410:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:412:60: branch_false: ...to here
systemd-259.5/src/test/test-json.c:413:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:414:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:414:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:415:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:417:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:419:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:419:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:420:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:420:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:422:33: branch_false: ...to here
systemd-259.5/src/test/test-json.c:423:9: acquire_memory: allocated here
systemd-259.5/src/test/test-json.c:423:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:424:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:425:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:428:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:429:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:429:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:431:60: branch_false: ...to here
systemd-259.5/src/test/test-json.c:432:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:434:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:434:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:436:48: branch_false: ...to here
systemd-259.5/src/test/test-json.c:437:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:438:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:439:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:442:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:444:60: branch_false: ...to here
systemd-259.5/src/test/test-json.c:445:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:447:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:447:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:444:60: call_function: inlined call to ‘sd_json_variant_unrefp’ from ‘test_build’
systemd-259.5/src/test/test-json.c:436:48: call_function: calling ‘ordered_set_freep’ from ‘test_build’
systemd-259.5/src/test/test-json.c:436:48: return_function: returning to ‘test_build’ from ‘ordered_set_freep’
systemd-259.5/src/test/test-json.c:422:33: call_function: calling ‘set_freep’ from ‘test_build’
systemd-259.5/src/test/test-json.c:422:33: return_function: returning to ‘test_build’ from ‘set_freep’
systemd-259.5/src/test/test-json.c:412:60: call_function: inlined call to ‘sd_json_variant_unrefp’ from ‘test_build’
systemd-259.5/src/test/test-json.c:406:42: call_function: inlined call to ‘freep’ from ‘test_build’
systemd-259.5/src/test/test-json.c:448:1: danger: ‘__unique_prefix__expr_22’ leaks here; was allocated at [(84)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/83)
# 446|
# 447| assert_se(sd_json_variant_equal(ossv, ossv2));
# 448|-> }
# 449|
# 450| TEST(json_buildo) {
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/test/test-json.c:448:1: warning[-Wanalyzer-malloc-leak]: leak of ‘__unique_prefix__expr_23’
systemd-259.5/src/test/test-json.c:297:1: enter_function: entry to ‘test_build’
systemd-259.5/src/test/test-json.c:301:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:302:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:302:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:303:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:303:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:305:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:307:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:308:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:308:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:310:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:311:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:312:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:312:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:314:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:317:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:323:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:323:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:329:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:329:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:331:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:335:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:346:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:346:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:347:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:348:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:349:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:349:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:351:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:354:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:356:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:357:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:358:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:359:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:360:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:360:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:361:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:363:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:365:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:368:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:374:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:374:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:382:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:382:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:384:60: branch_false: ...to here
systemd-259.5/src/test/test-json.c:385:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:388:26: branch_false: ...to here
systemd-259.5/src/test/test-json.c:391:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:393:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:393:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:394:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:394:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:395:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:395:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:396:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:396:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:397:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:397:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:398:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:398:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:399:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:399:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:400:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:400:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:402:60: branch_false: ...to here
systemd-259.5/src/test/test-json.c:403:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:406:30: branch_false: ...to here
systemd-259.5/src/test/test-json.c:407:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:409:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:409:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:410:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:410:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:412:60: branch_false: ...to here
systemd-259.5/src/test/test-json.c:413:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:414:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:414:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:415:13: branch_false: ...to here
systemd-259.5/src/test/test-json.c:417:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:419:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:419:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:420:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:420:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:422:33: branch_false: ...to here
systemd-259.5/src/test/test-json.c:423:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:424:9: acquire_memory: allocated here
systemd-259.5/src/test/test-json.c:424:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:425:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:428:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:429:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:429:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:431:60: branch_false: ...to here
systemd-259.5/src/test/test-json.c:432:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:434:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:434:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:436:48: branch_false: ...to here
systemd-259.5/src/test/test-json.c:437:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:438:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:439:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:442:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:444:60: branch_false: ...to here
systemd-259.5/src/test/test-json.c:445:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:447:9: branch_false: ...to here
systemd-259.5/src/test/test-json.c:447:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-json.c:444:60: call_function: inlined call to ‘sd_json_variant_unrefp’ from ‘test_build’
systemd-259.5/src/test/test-json.c:436:48: call_function: calling ‘ordered_set_freep’ from ‘test_build’
systemd-259.5/src/test/test-json.c:436:48: return_function: returning to ‘test_build’ from ‘ordered_set_freep’
systemd-259.5/src/test/test-json.c:422:33: call_function: calling ‘set_freep’ from ‘test_build’
systemd-259.5/src/test/test-json.c:422:33: return_function: returning to ‘test_build’ from ‘set_freep’
systemd-259.5/src/test/test-json.c:412:60: call_function: inlined call to ‘sd_json_variant_unrefp’ from ‘test_build’
systemd-259.5/src/test/test-json.c:406:42: call_function: inlined call to ‘freep’ from ‘test_build’
systemd-259.5/src/test/test-json.c:448:1: danger: ‘__unique_prefix__expr_23’ leaks here; was allocated at [(86)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/85)
# 446|
# 447| assert_se(sd_json_variant_equal(ossv, ossv2));
# 448|-> }
# 449|
# 450| TEST(json_buildo) {
Error: GCC_ANALYZER_WARNING (CWE-476):
systemd-259.5/src/test/test-mempress.c:287:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘malloc(8192)’
systemd-259.5/src/test/test-mempress.c:190:1: enter_function: entry to ‘test_real_pressure’
systemd-259.5/src/test/test-mempress.c:204:12: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:207:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:207:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:209:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:209:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:210:9: call_function: inlined call to ‘random_u64’ from ‘test_real_pressure’
systemd-259.5/src/test/test-mempress.c:210:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:211:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:211:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:212:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:212:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:213:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:213:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:214:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:214:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:215:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:215:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:216:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:216:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:218:13: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:219:12: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:222:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:222:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:224:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:224:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:226:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:226:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:228:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:228:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:230:13: call_function: inlined call to ‘safe_fork’ from ‘test_real_pressure’
systemd-259.5/src/test/test-mempress.c:231:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:232:12: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:232:12: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:237:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:237:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:238:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:238:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:239:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:239:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:241:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:241:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:242:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:242:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:244:38: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:249:12: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:252:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:252:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:253:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:253:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:254:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:254:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:255:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:255:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:256:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:256:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:257:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:257:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:258:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:258:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:259:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:259:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:260:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:260:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:263:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:263:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:265:18: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:266:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:268:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:269:12: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:272:13: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:274:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:275:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:275:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:276:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:276:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:277:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:277:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:278:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:278:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:279:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:279:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:281:9: branch_false: ...to here
systemd-259.5/src/test/test-mempress.c:281:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-mempress.c:285:23: call_function: inlined call to ‘malloc_multiply’ from ‘test_real_pressure’
systemd-259.5/src/test/test-mempress.c:286:25: branch_true: following ‘true’ branch (when ‘i != 1024’)...
systemd-259.5/src/test/test-mempress.c:287:18: branch_true: ...to here
systemd-259.5/src/test/test-mempress.c:287:17: danger: ‘malloc(8192) + (long unsigned int)i * 8’ could be NULL: unchecked value from [(90)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/89)
# 285| Hashmap **h = new(Hashmap*, NN);
# 286| for (int i = 0; i < NN; i++)
# 287|-> h[i] = hashmap_new(NULL);
# 288| for (int i = 0; i < NN; i++)
# 289| hashmap_free(h[i]);
Error: GCC_ANALYZER_WARNING (CWE-476):
systemd-259.5/src/test/test-path-util.c:706:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘absolute_dirs’
systemd-259.5/src/test/test-path-util.c:693:36: release_memory: ‘search_dirs’ is NULL
systemd-259.5/src/test/test-path-util.c:694:36: release_memory: ‘search_dirs’ is NULL
systemd-259.5/src/test/test-path-util.c:696:9: branch_false: following ‘false’ branch (when ‘_result’ is non-NULL)...
systemd-259.5/src/test/test-path-util.c:698:23: branch_false: ...to here
systemd-259.5/src/test/test-path-util.c:699:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-path-util.c:699:9: branch_false: ...to here
systemd-259.5/src/test/test-path-util.c:700:9: branch_false: following ‘false’ branch...
systemd-259.5/src/test/test-path-util.c:706:9: branch_false: ...to here
systemd-259.5/src/test/test-path-util.c:706:9: release_memory: ‘absolute_dirs’ is NULL
systemd-259.5/src/test/test-path-util.c:706:9: danger: dereference of NULL ‘absolute_dirs’
# 704| }
# 705|
# 706|-> assert_se(mkdir(absolute_dirs[0], 0700) == 0);
# 707| assert_se(mkdir(absolute_dirs[1], 0700) == 0);
# 708| assert_se(symlink("dir2", absolute_dirs[2]) == 0);
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/udev/udevadm-monitor.c:149:48: warning[-Wanalyzer-malloc-leak]: leak of ‘subsystem’
systemd-259.5/src/udev/udevadm-monitor.c:190:5: enter_function: entry to ‘monitor_main’
systemd-259.5/src/udev/udevadm-monitor.c:195:13: call_function: calling ‘parse_argv’ from ‘monitor_main’
# 147| devtype = strdup(slash + 1);
# 148| if (!devtype)
# 149|-> return log_oom();
# 150|
# 151| subsystem = strndup(optarg, slash - optarg);
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/udev/udevadm-monitor.c:151:45: warning[-Wanalyzer-malloc-leak]: leak of ‘subsystem’
systemd-259.5/src/udev/udevadm-monitor.c:190:5: enter_function: entry to ‘monitor_main’
systemd-259.5/src/udev/udevadm-monitor.c:195:13: call_function: calling ‘parse_argv’ from ‘monitor_main’
# 149| return log_oom();
# 150|
# 151|-> subsystem = strndup(optarg, slash - optarg);
# 152| } else
# 153| subsystem = strdup(optarg);
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/udev/udevadm-monitor.c:153:45: warning[-Wanalyzer-malloc-leak]: leak of ‘subsystem’
systemd-259.5/src/udev/udevadm-monitor.c:190:5: enter_function: entry to ‘monitor_main’
systemd-259.5/src/udev/udevadm-monitor.c:195:13: call_function: calling ‘parse_argv’ from ‘monitor_main’
# 151| subsystem = strndup(optarg, slash - optarg);
# 152| } else
# 153|-> subsystem = strdup(optarg);
# 154|
# 155| if (!subsystem)
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/udev/udevadm-monitor.c:169:40: warning[-Wanalyzer-malloc-leak]: leak of ‘subsystem’
systemd-259.5/src/udev/udevadm-monitor.c:190:5: enter_function: entry to ‘monitor_main’
systemd-259.5/src/udev/udevadm-monitor.c:195:13: call_function: calling ‘parse_argv’ from ‘monitor_main’
# 167| r = set_put_strdup(&arg_tag_filter, optarg);
# 168| if (r < 0)
# 169|-> return log_oom();
# 170| break;
# 171|
Error: GCC_ANALYZER_WARNING (CWE-401):
systemd-259.5/src/udev/udevadm-monitor.c:188:1: warning[-Wanalyzer-malloc-leak]: leak of ‘subsystem’
systemd-259.5/src/udev/udevadm-monitor.c:190:5: enter_function: entry to ‘monitor_main’
systemd-259.5/src/udev/udevadm-monitor.c:195:13: call_function: calling ‘parse_argv’ from ‘monitor_main’
# 186|
# 187| return 1;
# 188|-> }
# 189|
# 190| int monitor_main(int argc, char *argv[], void *userdata) {
Error: GCC_ANALYZER_WARNING (CWE-775):
systemd-259.5/src/varlinkctl/varlinkctl.c:270:1: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘add_fd’
systemd-259.5/src/varlinkctl/varlinkctl.c:149:9: branch_false: following ‘false’ branch...
systemd-259.5/src/varlinkctl/varlinkctl.c:150:9: branch_false: ...to here
systemd-259.5/src/varlinkctl/varlinkctl.c:150:9: branch_false: following ‘false’ branch...
systemd-259.5/src/varlinkctl/varlinkctl.c:150:9: branch_false: ...to here
systemd-259.5/src/varlinkctl/varlinkctl.c:152:16: branch_true: following ‘true’ branch (when ‘c >= 0’)...
systemd-259.5/src/varlinkctl/varlinkctl.c:154:17: branch_true: ...to here
systemd-259.5/src/varlinkctl/varlinkctl.c:229:28: branch_false: following ‘false’ branch...
systemd-259.5/src/varlinkctl/varlinkctl.c:233:29: branch_false: ...to here
systemd-259.5/src/varlinkctl/varlinkctl.c:233:28: branch_true: following ‘true’ branch...
systemd-259.5/src/varlinkctl/varlinkctl.c:237:42: branch_true: ...to here
systemd-259.5/src/varlinkctl/varlinkctl.c:237:42: acquire_resource: opened here
systemd-259.5/src/varlinkctl/varlinkctl.c:238:36: branch_false: following ‘false’ branch...
systemd-259.5/src/varlinkctl/varlinkctl.c:270:1: branch_false: ...to here
systemd-259.5/src/varlinkctl/varlinkctl.c:270:1: danger: ‘add_fd’ leaks here; was opened at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
# 268|
# 269| return 1;
# 270|-> }
# 271|
# 272| static int varlink_connect_auto(sd_varlink **ret, const char *where) {
Error: CPPCHECK_WARNING (CWE-457):
systemd-259.5/src/vmspawn/vmspawn-util.c:186: error[uninitvar]: Uninitialized variable: e
# 184| _cleanup_free_ char *arch = NULL;
# 185|
# 186|-> r = sd_json_dispatch(e, table, flags, &arch);
# 187| if (r < 0)
# 188| return r;