Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] util-linux-2.41.3/disk-utils/mkfs.cramfs.c:851:12: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ util-linux-2.41.3/disk-utils/mkfs.cramfs.c:696:5: enter_function: entry to ‘main’ util-linux-2.41.3/disk-utils/mkfs.cramfs.c:793:12: branch_false: following ‘false’ branch... util-linux-2.41.3/disk-utils/mkfs.cramfs.c:797:23: branch_false: ...to here util-linux-2.41.3/disk-utils/mkfs.cramfs.c:803:12: branch_false: following ‘false’ branch... util-linux-2.41.3/disk-utils/mkfs.cramfs.c:805:14: branch_false: ...to here util-linux-2.41.3/disk-utils/mkfs.cramfs.c:806:12: branch_false: following ‘false’ branch... util-linux-2.41.3/disk-utils/mkfs.cramfs.c:809:13: branch_false: ...to here util-linux-2.41.3/disk-utils/mkfs.cramfs.c:809:12: branch_false: following ‘false’ branch... util-linux-2.41.3/disk-utils/mkfs.cramfs.c:812:22: branch_false: ...to here util-linux-2.41.3/disk-utils/mkfs.cramfs.c:812:22: call_function: calling ‘xcalloc’ from ‘main’ util-linux-2.41.3/disk-utils/mkfs.cramfs.c:812:22: return_function: returning to ‘main’ from ‘xcalloc’ util-linux-2.41.3/disk-utils/mkfs.cramfs.c:817:28: call_function: calling ‘parse_directory’ from ‘main’ util-linux-2.41.3/disk-utils/mkfs.cramfs.c:817:28: return_function: returning to ‘main’ from ‘parse_directory’ util-linux-2.41.3/disk-utils/mkfs.cramfs.c:820:9: call_function: calling ‘eliminate_doubles’ from ‘main’ util-linux-2.41.3/disk-utils/mkfs.cramfs.c:820:9: return_function: returning to ‘main’ from ‘eliminate_doubles’ util-linux-2.41.3/disk-utils/mkfs.cramfs.c:851:12: danger: ‘<unknown>’ leaks here; was allocated at [(30)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/29) # 849| -1, 0); # 850| # 851|-> if (-1 == (int) (long) rom_image) # 852| err(MKFS_EX_ERROR, _("ROM image map")); # 853| Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] util-linux-2.41.3/include/xalloc.h:68:13: warning[-Wanalyzer-malloc-leak]: leak of ‘open_pidfds(n_pids, parse_pids(n_pids, argv + (long unsigned int)parse_options(argc, argv) * 8))’ util-linux-2.41.3/misc-utils/waitpid.c:223:5: enter_function: entry to ‘main’ util-linux-2.41.3/misc-utils/waitpid.c:234:12: branch_false: following ‘false’ branch (when ‘n_pids != 0’)... util-linux-2.41.3/misc-utils/waitpid.c:237:13: branch_false: ...to here util-linux-2.41.3/misc-utils/waitpid.c:241:23: call_function: calling ‘parse_pids’ from ‘main’ util-linux-2.41.3/misc-utils/waitpid.c:241:23: return_function: returning to ‘main’ from ‘parse_pids’ util-linux-2.41.3/misc-utils/waitpid.c:243:18: call_function: calling ‘open_pidfds’ from ‘main’ util-linux-2.41.3/misc-utils/waitpid.c:243:18: return_function: returning to ‘main’ from ‘open_pidfds’ util-linux-2.41.3/include/xalloc.h:68:13: danger: ‘open_pidfds(n_pids, parse_pids(n_pids, argv + (long unsigned int)parse_options(argc, argv) * 8))’ leaks here; was allocated at [(18)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/17) # 66| void *ret = calloc(nelems, size); # 67| # 68|-> if (!ret && size && nelems) # 69| err(XALLOC_EXIT_CODE, "cannot allocate %zu bytes", size); # 70| return ret; Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] util-linux-2.41.3/include/xalloc.h:68:13: warning[-Wanalyzer-malloc-leak]: leak of ‘parse_pids(n_pids, argv + (long unsigned int)parse_options(argc, argv) * 8)’ util-linux-2.41.3/misc-utils/waitpid.c:223:5: enter_function: entry to ‘main’ util-linux-2.41.3/misc-utils/waitpid.c:234:12: branch_false: following ‘false’ branch (when ‘n_pids != 0’)... util-linux-2.41.3/misc-utils/waitpid.c:237:13: branch_false: ...to here util-linux-2.41.3/misc-utils/waitpid.c:241:23: call_function: calling ‘parse_pids’ from ‘main’ util-linux-2.41.3/misc-utils/waitpid.c:241:23: return_function: returning to ‘main’ from ‘parse_pids’ util-linux-2.41.3/misc-utils/waitpid.c:243:18: call_function: calling ‘open_pidfds’ from ‘main’ util-linux-2.41.3/misc-utils/waitpid.c:243:18: return_function: returning to ‘main’ from ‘open_pidfds’ util-linux-2.41.3/include/xalloc.h:68:13: danger: ‘parse_pids(n_pids, argv + (long unsigned int)parse_options(argc, argv) * 8)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/7) # 66| void *ret = calloc(nelems, size); # 67| # 68|-> if (!ret && size && nelems) # 69| err(XALLOC_EXIT_CODE, "cannot allocate %zu bytes", size); # 70| return ret; Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] util-linux-2.41.3/include/xalloc.h:68:13: warning[-Wanalyzer-malloc-leak]: leak of ‘xcalloc(n_pids, 4)’ util-linux-2.41.3/misc-utils/waitpid.c:223:5: enter_function: entry to ‘main’ util-linux-2.41.3/misc-utils/waitpid.c:234:12: branch_false: following ‘false’ branch (when ‘n_pids != 0’)... util-linux-2.41.3/misc-utils/waitpid.c:237:13: branch_false: ...to here util-linux-2.41.3/misc-utils/waitpid.c:241:23: call_function: calling ‘parse_pids’ from ‘main’ util-linux-2.41.3/misc-utils/waitpid.c:241:23: return_function: returning to ‘main’ from ‘parse_pids’ util-linux-2.41.3/misc-utils/waitpid.c:243:18: call_function: calling ‘open_pidfds’ from ‘main’ # 66| void *ret = calloc(nelems, size); # 67| # 68|-> if (!ret && size && nelems) # 69| err(XALLOC_EXIT_CODE, "cannot allocate %zu bytes", size); # 70| return ret; Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] util-linux-2.41.3/include/xalloc.h:96:16: warning[-Wanalyzer-malloc-leak]: leak of ‘special’ util-linux-2.41.3/sys-utils/swapoff.c:228:5: enter_function: entry to ‘main’ util-linux-2.41.3/sys-utils/swapoff.c:289:16: branch_true: following ‘true’ branch... util-linux-2.41.3/sys-utils/swapoff.c:290:39: branch_true: ...to here util-linux-2.41.3/sys-utils/swapoff.c:290:27: call_function: calling ‘do_swapoff’ from ‘main’ # 94| if (!ret) # 95| err(XALLOC_EXIT_CODE, "cannot duplicate string"); # 96|-> return ret; # 97| } # 98| Error: GCC_ANALYZER_WARNING (CWE-457): [#def6] util-linux-2.41.3/liblastlog2/src/lastlog2.c:527:23: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'pam_service' util-linux-2.41.3/liblastlog2/src/lastlog2.c:509:1: enter_function: entry to 'll2_rename_user' util-linux-2.41.3/liblastlog2/src/lastlog2.c:519:12: branch_false: following 'false' branch... util-linux-2.41.3/liblastlog2/src/lastlog2.c:522:23: branch_false: ...to here util-linux-2.41.3/liblastlog2/src/lastlog2.c:522:23: call_function: calling 'read_entry' from 'll2_rename_user' util-linux-2.41.3/liblastlog2/src/lastlog2.c:522:23: return_function: returning to 'll2_rename_user' from 'read_entry' util-linux-2.41.3/liblastlog2/src/lastlog2.c:522:12: branch_false: following 'false' branch... util-linux-2.41.3/liblastlog2/src/lastlog2.c:527:23: branch_false: ...to here util-linux-2.41.3/liblastlog2/src/lastlog2.c:527:23: danger: use of uninitialized value 'pam_service' here # 525| } # 526| # 527|-> if ((retval = write_entry(db, newname, ll_time, tty, rhost, pam_service, error)) != 0) { # 528| sqlite3_close(db); # 529| free(tty); Error: GCC_ANALYZER_WARNING (CWE-457): [#def7] util-linux-2.41.3/liblastlog2/src/lastlog2.c:527:23: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'rhost' util-linux-2.41.3/liblastlog2/src/lastlog2.c:509:1: enter_function: entry to 'll2_rename_user' util-linux-2.41.3/liblastlog2/src/lastlog2.c:519:12: branch_false: following 'false' branch... util-linux-2.41.3/liblastlog2/src/lastlog2.c:522:23: branch_false: ...to here util-linux-2.41.3/liblastlog2/src/lastlog2.c:522:23: call_function: calling 'read_entry' from 'll2_rename_user' util-linux-2.41.3/liblastlog2/src/lastlog2.c:522:23: return_function: returning to 'll2_rename_user' from 'read_entry' util-linux-2.41.3/liblastlog2/src/lastlog2.c:522:12: branch_false: following 'false' branch... util-linux-2.41.3/liblastlog2/src/lastlog2.c:527:23: branch_false: ...to here util-linux-2.41.3/liblastlog2/src/lastlog2.c:527:23: danger: use of uninitialized value 'rhost' here # 525| } # 526| # 527|-> if ((retval = write_entry(db, newname, ll_time, tty, rhost, pam_service, error)) != 0) { # 528| sqlite3_close(db); # 529| free(tty); Error: GCC_ANALYZER_WARNING (CWE-476): [#def8] util-linux-2.41.3/lsfd-cmd/lsfd.c:750:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘xcalloc(1, readlink_error_class.size)’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1947:13: enter_function: entry to ‘read_process’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1956:16: call_function: calling ‘new_proc’ from ‘read_process’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1956:16: return_function: returning to ‘read_process’ from ‘new_proc’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1958:25: call_function: calling ‘xstrdup’ from ‘read_process’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1958:25: return_function: returning to ‘read_process’ from ‘xstrdup’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1961:12: branch_false: following ‘false’ branch... util-linux-2.41.3/lsfd-cmd/lsfd.c:1979:13: branch_false: ...to here util-linux-2.41.3/lsfd-cmd/lsfd.c:1984:9: call_function: calling ‘collect_execve_file’ from ‘read_process’ # 748| # 749| file = xcalloc(1, readlink_error_class.size); # 750|-> file->class = &readlink_error_class; # 751| # 752| file->proc = proc; Error: GCC_ANALYZER_WARNING (CWE-476): [#def9] util-linux-2.41.3/lsfd-cmd/lsfd.c:770:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘xcalloc(1, stat_error_class.size)’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1947:13: enter_function: entry to ‘read_process’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1956:16: call_function: calling ‘new_proc’ from ‘read_process’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1956:16: return_function: returning to ‘read_process’ from ‘new_proc’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1958:25: call_function: calling ‘xstrdup’ from ‘read_process’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1958:25: return_function: returning to ‘read_process’ from ‘xstrdup’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1961:12: branch_false: following ‘false’ branch... util-linux-2.41.3/lsfd-cmd/lsfd.c:1979:13: branch_false: ...to here util-linux-2.41.3/lsfd-cmd/lsfd.c:1984:9: call_function: calling ‘collect_execve_file’ from ‘read_process’ # 768| # 769| file = xcalloc(1, stat_error_class.size); # 770|-> file->class = &stat_error_class; # 771| # 772| file->proc = proc; Error: GCC_ANALYZER_WARNING (CWE-476): [#def10] util-linux-2.41.3/lsfd-cmd/lsfd.c:790:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘xcalloc(1, *old_9(D)->class.size)’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1947:13: enter_function: entry to ‘read_process’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1956:16: call_function: calling ‘new_proc’ from ‘read_process’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1956:16: return_function: returning to ‘read_process’ from ‘new_proc’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1958:25: call_function: calling ‘xstrdup’ from ‘read_process’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1958:25: return_function: returning to ‘read_process’ from ‘xstrdup’ util-linux-2.41.3/lsfd-cmd/lsfd.c:1961:12: branch_false: following ‘false’ branch... util-linux-2.41.3/lsfd-cmd/lsfd.c:1979:13: branch_false: ...to here util-linux-2.41.3/lsfd-cmd/lsfd.c:1984:9: call_function: calling ‘collect_execve_file’ from ‘read_process’ # 788| # 789| INIT_LIST_HEAD(&file->files); # 790|-> file->proc = old->proc; # 791| list_add_tail(&file->files, &old->proc->files); # 792| Error: GCC_ANALYZER_WARNING (CWE-476): [#def11] util-linux-2.41.3/misc-utils/blkid.c:889:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘xcalloc((long unsigned int)(argc - optind), 8) + (long unsigned int)numdev * 8’ util-linux-2.41.3/misc-utils/blkid.c:689:5: enter_function: entry to ‘main’ util-linux-2.41.3/misc-utils/blkid.c:862:12: branch_false: following ‘false’ branch... util-linux-2.41.3/misc-utils/blkid.c:866:12: branch_true: following ‘true’ branch... util-linux-2.41.3/misc-utils/blkid.c:867:35: branch_true: ...to here util-linux-2.41.3/misc-utils/blkid.c:867:27: call_function: calling ‘xcalloc’ from ‘main’ util-linux-2.41.3/misc-utils/blkid.c:867:27: return_function: returning to ‘main’ from ‘xcalloc’ util-linux-2.41.3/misc-utils/blkid.c:868:24: branch_true: following ‘true’ branch... util-linux-2.41.3/misc-utils/blkid.c:869:42: branch_true: ...to here util-linux-2.41.3/misc-utils/blkid.c:872:28: branch_false: following ‘false’ branch... util-linux-2.41.3/misc-utils/blkid.c:874:34: branch_false: ...to here util-linux-2.41.3/misc-utils/blkid.c:889:25: danger: dereference of NULL ‘xcalloc((long unsigned int)(argc - optind), 8) + (long unsigned int)numdev * 8’ # 887| continue; # 888| # 889|-> devices[numdev++] = dev; # 890| } # 891| Error: GCC_ANALYZER_WARNING (CWE-476): [#def12] util-linux-2.41.3/misc-utils/cal.c:1085:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘xcalloc((long unsigned int)*ctl.months_in_row, 208)’ util-linux-2.41.3/misc-utils/cal.c:1116:13: enter_function: entry to ‘yearly’ util-linux-2.41.3/misc-utils/cal.c:1130:9: call_function: calling ‘monthly’ from ‘yearly’ # 1083| # 1084| for (i = 0; i < ctl->months_in_row - 1; i++) # 1085|-> ms[i].next = &ms[i + 1]; # 1086| # 1087| rows = (ctl->num_months - 1) / ctl->months_in_row; Error: GCC_ANALYZER_WARNING (CWE-476): [#def13] util-linux-2.41.3/misc-utils/waitpid.c:54:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘xcalloc(n_strings, 4)’ util-linux-2.41.3/misc-utils/waitpid.c:223:5: enter_function: entry to ‘main’ util-linux-2.41.3/misc-utils/waitpid.c:234:12: branch_false: following ‘false’ branch (when ‘n_pids != 0’)... util-linux-2.41.3/misc-utils/waitpid.c:237:13: branch_false: ...to here util-linux-2.41.3/misc-utils/waitpid.c:241:23: call_function: calling ‘parse_pids’ from ‘main’ # 52| # 53| for (size_t i = 0; i < n_strings; i++) # 54|-> pids[i] = strtopid_or_err(strings[i], _("failed to parse pid")); # 55| # 56| return pids; Error: GCC_ANALYZER_WARNING (CWE-401): [#def14] util-linux-2.41.3/sys-utils/swapoff.c:82:35: warning[-Wanalyzer-malloc-leak]: leak of ‘swapoff_resolve_tag(name, value, mntcache)’ util-linux-2.41.3/sys-utils/swapoff.c:228:5: enter_function: entry to ‘main’ util-linux-2.41.3/sys-utils/swapoff.c:283:21: branch_true: following ‘true’ branch... util-linux-2.41.3/sys-utils/swapoff.c:284:27: branch_true: ...to here util-linux-2.41.3/sys-utils/swapoff.c:284:27: call_function: calling ‘swapoff_by’ from ‘main’ # 80| while (tb && mnt_table_next_fs(tb, itr, &fs) == 0) { # 81| blkid_probe pr = NULL; # 82|-> const char *src = mnt_fs_get_source(fs); # 83| const char *type = mnt_fs_get_swaptype(fs); # 84| const char *data = NULL;
| analyzer-version-clippy | 1.95.0 |
| analyzer-version-cppcheck | 2.20.0 |
| analyzer-version-gcc | 16.1.1 |
| analyzer-version-gcc-analyzer | 16.1.1 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.95.0 |
| diffbase-analyzer-version-cppcheck | 2.20.0 |
| diffbase-analyzer-version-gcc | 16.1.1 |
| diffbase-analyzer-version-gcc-analyzer | 16.1.1 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-145.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20260524.213755.g3c6d0be.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | util-linux-2.42.1-4.fc45 |
| diffbase-store-results-to | /tmp/tmp1q10cz8h/util-linux-2.42.1-4.fc45.tar.xz |
| diffbase-time-created | 2026-06-01 17:19:32 |
| diffbase-time-finished | 2026-06-01 17:27:28 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'shellcheck,cppcheck,clippy,unicontrol,gcc' '-o' '/tmp/tmp1q10cz8h/util-linux-2.42.1-4.fc45.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp1q10cz8h/util-linux-2.42.1-4.fc45.src.rpm' |
| diffbase-tool-version | csmock-3.8.5.20260529.133039.g6f3b5c6-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-145.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20260524.213755.g3c6d0be.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | util-linux-2.41.3-12.fc44 |
| store-results-to | /tmp/tmpqrfeez3j/util-linux-2.41.3-12.fc44.tar.xz |
| time-created | 2026-06-01 17:11:59 |
| time-finished | 2026-06-01 17:18:58 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'shellcheck,cppcheck,clippy,unicontrol,gcc' '-o' '/tmp/tmpqrfeez3j/util-linux-2.41.3-12.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpqrfeez3j/util-linux-2.41.3-12.fc44.src.rpm' |
| tool-version | csmock-3.8.5.20260529.133039.g6f3b5c6-1.el9 |