Newly introduced findings

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c: scope_hint: In function 'read_pids_cgroup'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c:308:13: warning[-Wanalyzer-malloc-leak]: leak of 'fdopendir(dfd)'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c: scope_hint: In function 'read_pids_cgroup'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c: scope_hint: In function 'read_pids_cgroup'
#  306|         struct dirent *de;
#  307|   
#  308|->       dir = fdopendir (dfd);
#  309|         if (UNLIKELY (dir == NULL))
#  310|           return crun_make_error (err, errno, "open cgroup sub-directory");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def2]
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c: scope_hint: In function 'libcrun_cgroup_read_pids_from_path'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c:444:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open(cgroup_path, 589824)'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c:646:12: note: in expansion of macro 'crun_make_error'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c:646:12: note: in expansion of macro 'crun_make_error'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c:646:12: note: in expansion of macro 'crun_make_error'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c: scope_hint: In function 'libcrun_cgroup_read_pids_from_path'
#  442|       }
#  443|   
#  444|->   dirfd = open (cgroup_path, O_DIRECTORY | O_CLOEXEC);
#  445|     if (dirfd < 0)
#  446|       return crun_make_error (err, errno, "open `%s`", cgroup_path);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-internal.h:22: included_from: Included from here.
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c:23: included_from: Included from here.
crun-1.20-build/crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'read_pids_cgroup'
crun-1.20-build/crun-HEAD/src/libcrun/utils.h:83:21: warning[-Wanalyzer-malloc-leak]: leak of 'xrealloc(*pids, (*n_pids + n_new_pids + 1) * 4)'
crun-1.20-build/crun-HEAD/src/libcrun/utils.h:57:40: note: in definition of macro 'UNLIKELY'
crun-1.20-build/crun-HEAD/src/libcrun/container.h:24: included_from: Included from here.
crun-1.20-build/crun-HEAD/src/libcrun/cgroup.h:21: included_from: Included from here.
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c:22: included_from: Included from here.
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c:646:12: note: in expansion of macro 'crun_make_error'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c:646:12: note: in expansion of macro 'crun_make_error'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c:646:12: note: in expansion of macro 'crun_make_error'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c: scope_hint: In function 'read_pids_cgroup'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c: scope_hint: In function 'read_pids_cgroup'
crun-1.20-build/crun-HEAD/src/libcrun/utils.h:57:40: note: in definition of macro 'UNLIKELY'
#   81|   {
#   82|     void *res = realloc (ptr, size);
#   83|->   if (UNLIKELY (res == NULL))
#   84|       OOM ();
#   85|     return res;

Error: GCC_ANALYZER_WARNING (CWE-1341): [#def4]
crun-1.20-build/crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'tasksfd'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c: scope_hint: In function 'cleanup_closep.part.0'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c: scope_hint: In function 'cleanup_closep.part.0'
crun-1.20-build/crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0'
#  106|     int *pp = (int *) p;
#  107|     if (*pp >= 0)
#  108|->     TEMP_FAILURE_RETRY (close (*pp));
#  109|   }
#  110|   

Error: GCC_ANALYZER_WARNING (CWE-1341): [#def5]
crun-1.20-build/crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'close_and_reset'
crun-1.20-build/crun-HEAD/src/libcrun/utils.h:210:33: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor '*fd'
#  208|     if (*fd >= 0)
#  209|       {
#  210|->       ret = TEMP_FAILURE_RETRY (close (*fd));
#  211|         if (LIKELY (ret == 0))
#  212|           *fd = -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
crun-1.20-build/crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'get_cgroup_dirfd_path'
crun-1.20-build/crun-HEAD/src/libcrun/utils.h:225:6: warning[-Wanalyzer-malloc-leak]: leak of 'xstrdup(cgroup_path + 14)'
crun-1.20-build/crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'get_cgroup_dirfd_path'
crun-1.20-build/crun-HEAD/src/libcrun/cgroup-utils.c: scope_hint: In function 'get_cgroup_dirfd_path'
#  223|   
#  224|     ret = strdup (str);
#  225|->   if (ret == NULL)
#  226|       OOM ();
#  227|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
crun-1.20-build/crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'restore_proxy_process'
crun-1.20-build/crun-HEAD/src/libcrun/utils.h:225:6: warning[-Wanalyzer-malloc-leak]: leak of 'xstrdup(own_cgroup)'
#  223|   
#  224|     ret = strdup (str);
#  225|->   if (ret == NULL)
#  226|       OOM ();
#  227|

Scan Properties

analyzer-version-clippy	1.85.0
analyzer-version-cppcheck	2.17 dev
analyzer-version-gcc	15.0.1
analyzer-version-gcc-analyzer	15.0.1
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
diffbase-analyzer-version-clippy	1.85.0
diffbase-analyzer-version-cppcheck	2.17 dev
diffbase-analyzer-version-gcc	15.0.1
diffbase-analyzer-version-gcc-analyzer	15.0.1
diffbase-analyzer-version-shellcheck	0.10.0
diffbase-analyzer-version-unicontrol	0.0.2
diffbase-enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code	0
diffbase-host	ip-172-16-1-57.us-west-2.compute.internal
diffbase-mock-config	fedora-rawhide-x86_64
diffbase-project-name	crun-1.20-1.20250225075436779197.main.45.ga1652fd6
diffbase-store-results-to	/tmp/tmpdxuumec4/crun-1.20-1.20250225075436779197.main.45.ga1652fd6.tar.xz
diffbase-time-created	2025-02-27 09:09:11
diffbase-time-finished	2025-02-27 09:17:30
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'shellcheck,unicontrol,clippy,gcc,cppcheck' '-o' '/tmp/tmpdxuumec4/crun-1.20-1.20250225075436779197.main.45.ga1652fd6.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmpdxuumec4/crun-1.20-1.20250225075436779197.main.45.ga1652fd6.src.rpm'
diffbase-tool-version	csmock-3.8.0-1.el9
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-57.us-west-2.compute.internal
mock-config	fedora-rawhide-x86_64
project-name	crun-1.20-1.20250227085532004409.pr1679.49.gd45e3874
store-results-to	/tmp/tmpf1is64sz/crun-1.20-1.20250227085532004409.pr1679.49.gd45e3874.tar.xz
time-created	2025-02-27 09:17:59
time-finished	2025-02-27 09:25:49
title	Newly introduced findings
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'shellcheck,unicontrol,clippy,gcc,cppcheck' '-o' '/tmp/tmpf1is64sz/crun-1.20-1.20250227085532004409.pr1679.49.gd45e3874.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmpf1is64sz/crun-1.20-1.20250227085532004409.pr1679.49.gd45e3874.src.rpm'
tool-version	csmock-3.8.0-1.el9