Newly introduced findings

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-476): [#def1]
openscap-1.4.3-build/openscap-1.4.3/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_xccdf_session_get_oval_from_model’
openscap-1.4.3-build/openscap-1.4.3/src/XCCDF/xccdf_session.c:1056:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘resources’
# 1054|   
# 1055|   	resources = malloc(sizeof(struct oval_content_resource *));
# 1056|-> 	resources[idx] = NULL;
# 1057|   
# 1058|   	files = xccdf_policy_model_get_systems_and_files(session->xccdf.policy_model);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def2]
openscap-1.4.3-build/openscap-1.4.3/src/XCCDF/xccdf_session.c:1097:46: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*<unknown>’
openscap-1.4.3-build/openscap-1.4.3/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_xccdf_session_get_oval_from_model’
# 1095|   		if (source != NULL) {
# 1096|   			resources[idx] = malloc(sizeof(struct oval_content_resource));
# 1097|-> 			resources[idx]->href = oscap_strdup(oscap_file_entry_get_file(file_entry));
# 1098|   			resources[idx]->source_owned = source_owned;
# 1099|   			resources[idx]->source = source;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def3]
openscap-1.4.3-build/openscap-1.4.3/src/XCCDF/xccdf_session.c:1127:70: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘malloc(24)’
openscap-1.4.3-build/openscap-1.4.3/src/XCCDF/xccdf_session.c: scope_hint: In function ‘_xccdf_session_get_oval_from_model’
# 1125|   
# 1126|   						resources[idx] = malloc(sizeof(struct oval_content_resource));
# 1127|-> 						resources[idx]->href = oscap_strdup(printable_path);
# 1128|   						resources[idx]->source = oscap_source_new_take_memory(data, data_size, printable_path);
# 1129|   						resources[idx]->source_owned = true;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def4]
openscap-1.4.3-build/openscap-1.4.3/utils/oscap-cpe.c: scope_hint: In function ‘getopt_cpe’
openscap-1.4.3-build/openscap-1.4.3/utils/oscap-cpe.c:134:42: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*action.cpe_action’
#  132|   	action->cpe_action = malloc(sizeof(struct cpe_action));
#  133|   	if (action->module == &CPE_MATCH_MODULE) {
#  134|-> 		action->cpe_action->name = argv[optind];
#  135|   		action->cpe_action->dict = argv[optind + 1];
#  136|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def5]
openscap-1.4.3-build/openscap-1.4.3/utils/oscap-cpe.c:138:42: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*action.cpe_action’
#  136|   	}
#  137|   	if (action->module == &CPE_CHECK_MODULE) {
#  138|-> 		action->cpe_action->name = argv[optind];
#  139|   	}
#  140|   	if (action->module == &CPE_VALIDATE) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def6]
openscap-1.4.3-build/openscap-1.4.3/utils/oscap-cpe.c:141:42: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘*action.cpe_action’
#  139|   	}
#  140|   	if (action->module == &CPE_VALIDATE) {
#  141|-> 		action->cpe_action->dict = argv[optind];
#  142|   	}
#  143|   	return true;

Scan Properties